A hybrid defense technique for ISP against the distributed denial of service attacks

Young Hoon Moon, Suk Bong Choi, Huy Kang Kim, Changsok Yoo

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

As malicious traffic from botnets now threatens the network infrastructure of Internet Service Providers (ISPs), the importance of controlling botnets is greater than ever before. However, it is not easy to handle rapidly evolving botnets efficiently because of the highly evolved detection avoidance techniques used by botnet makers. Further, nowadays, Distributed Denial of Service (DDoS) attacks can compromise not only specific target sites but also the entire network infrastructure, as high-bandwidth Internet services are now being provided. Thus, ISPs are deploying their own defense systems to prevent DDoS attacks and protect their network infrastructure. However, the new problem ISPs confront is that botnet masters also try to destroy their defense systems to make their attack successful. ISPs can mitigate DDoS through botnet-specific management by taking preemptive measures, such as the proactive reverse engineering of suspicious code and the use of honeypots. This paper illustrates an advanced DDoS defense technique for the use of ISPs with a real case study of the technique's implementation. This technique was proven very effective method for controlling botnets, and we could confirm this effectiveness in a real ISP environment.

Original languageEnglish
Pages (from-to)2347-2359
Number of pages13
JournalApplied Mathematics and Information Sciences
Volume8
Issue number5
DOIs
Publication statusPublished - 2014 Sep 1

Fingerprint

Internet service providers
Denial of Service
Attack
Infrastructure
Honeypot
Reverse engineering
Reverse Engineering
Denial-of-service attack
Botnet
Telecommunication traffic
Bandwidth
Traffic
Entire
Internet
Target

Keywords

  • Botnet
  • Distributed denial of service attack
  • Internet service provider
  • Security

ASJC Scopus subject areas

  • Applied Mathematics
  • Numerical Analysis
  • Analysis
  • Computer Science Applications
  • Computational Theory and Mathematics

Cite this

A hybrid defense technique for ISP against the distributed denial of service attacks. / Moon, Young Hoon; Choi, Suk Bong; Kim, Huy Kang; Yoo, Changsok.

In: Applied Mathematics and Information Sciences, Vol. 8, No. 5, 01.09.2014, p. 2347-2359.

Research output: Contribution to journalArticle

Moon, Young Hoon ; Choi, Suk Bong ; Kim, Huy Kang ; Yoo, Changsok. / A hybrid defense technique for ISP against the distributed denial of service attacks. In: Applied Mathematics and Information Sciences. 2014 ; Vol. 8, No. 5. pp. 2347-2359.
@article{409e08541c2c4afdb289f1ae29421a0f,
title = "A hybrid defense technique for ISP against the distributed denial of service attacks",
abstract = "As malicious traffic from botnets now threatens the network infrastructure of Internet Service Providers (ISPs), the importance of controlling botnets is greater than ever before. However, it is not easy to handle rapidly evolving botnets efficiently because of the highly evolved detection avoidance techniques used by botnet makers. Further, nowadays, Distributed Denial of Service (DDoS) attacks can compromise not only specific target sites but also the entire network infrastructure, as high-bandwidth Internet services are now being provided. Thus, ISPs are deploying their own defense systems to prevent DDoS attacks and protect their network infrastructure. However, the new problem ISPs confront is that botnet masters also try to destroy their defense systems to make their attack successful. ISPs can mitigate DDoS through botnet-specific management by taking preemptive measures, such as the proactive reverse engineering of suspicious code and the use of honeypots. This paper illustrates an advanced DDoS defense technique for the use of ISPs with a real case study of the technique's implementation. This technique was proven very effective method for controlling botnets, and we could confirm this effectiveness in a real ISP environment.",
keywords = "Botnet, Distributed denial of service attack, Internet service provider, Security",
author = "Moon, {Young Hoon} and Choi, {Suk Bong} and Kim, {Huy Kang} and Changsok Yoo",
year = "2014",
month = "9",
day = "1",
doi = "10.12785/amis/080530",
language = "English",
volume = "8",
pages = "2347--2359",
journal = "Applied Mathematics and Information Sciences",
issn = "1935-0090",
publisher = "Natural Sciences Publishing Corporation",
number = "5",

}

TY - JOUR

T1 - A hybrid defense technique for ISP against the distributed denial of service attacks

AU - Moon, Young Hoon

AU - Choi, Suk Bong

AU - Kim, Huy Kang

AU - Yoo, Changsok

PY - 2014/9/1

Y1 - 2014/9/1

N2 - As malicious traffic from botnets now threatens the network infrastructure of Internet Service Providers (ISPs), the importance of controlling botnets is greater than ever before. However, it is not easy to handle rapidly evolving botnets efficiently because of the highly evolved detection avoidance techniques used by botnet makers. Further, nowadays, Distributed Denial of Service (DDoS) attacks can compromise not only specific target sites but also the entire network infrastructure, as high-bandwidth Internet services are now being provided. Thus, ISPs are deploying their own defense systems to prevent DDoS attacks and protect their network infrastructure. However, the new problem ISPs confront is that botnet masters also try to destroy their defense systems to make their attack successful. ISPs can mitigate DDoS through botnet-specific management by taking preemptive measures, such as the proactive reverse engineering of suspicious code and the use of honeypots. This paper illustrates an advanced DDoS defense technique for the use of ISPs with a real case study of the technique's implementation. This technique was proven very effective method for controlling botnets, and we could confirm this effectiveness in a real ISP environment.

AB - As malicious traffic from botnets now threatens the network infrastructure of Internet Service Providers (ISPs), the importance of controlling botnets is greater than ever before. However, it is not easy to handle rapidly evolving botnets efficiently because of the highly evolved detection avoidance techniques used by botnet makers. Further, nowadays, Distributed Denial of Service (DDoS) attacks can compromise not only specific target sites but also the entire network infrastructure, as high-bandwidth Internet services are now being provided. Thus, ISPs are deploying their own defense systems to prevent DDoS attacks and protect their network infrastructure. However, the new problem ISPs confront is that botnet masters also try to destroy their defense systems to make their attack successful. ISPs can mitigate DDoS through botnet-specific management by taking preemptive measures, such as the proactive reverse engineering of suspicious code and the use of honeypots. This paper illustrates an advanced DDoS defense technique for the use of ISPs with a real case study of the technique's implementation. This technique was proven very effective method for controlling botnets, and we could confirm this effectiveness in a real ISP environment.

KW - Botnet

KW - Distributed denial of service attack

KW - Internet service provider

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84896880773&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84896880773&partnerID=8YFLogxK

U2 - 10.12785/amis/080530

DO - 10.12785/amis/080530

M3 - Article

AN - SCOPUS:84896880773

VL - 8

SP - 2347

EP - 2359

JO - Applied Mathematics and Information Sciences

JF - Applied Mathematics and Information Sciences

SN - 1935-0090

IS - 5

ER -