Unified rate limiting in broadband access networks for defeating Internet worms and DDoS attacks

Keun Park, Dongwon Seo, Jaewon Yoo, Heejo Lee, Hyogon Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Internet worms and DDoS attacks are considered the two most menacing attacks on today's Internet. The traditional wisdom is that they are different beasts, and they should be dealt with independently. In this paper, however, we show that a unified rate limiting algorithm is possible, which effectively works on both Internet worms and DDoS attacks. The unified approach leads to higher worm traffic reduction performance than that of existing rate limiting schemes geared toward worm mitigation, in addition to the added advantage of dropping most DDoS attack packets. In our experiments with attack traffics generated by attacking tools, the unified rate limiting scheme drops 80.7% worm packets and 93% DDoS packets, while 69.2% worms and 3.4% DDoS packets are dropped at maximum by previous worm scan rate limiting schemes. Also, the proposed scheme requires less computing resources, and has higher accuracy for dropping attack packets but not dropping legitimate packets.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages176-187
Number of pages12
Volume4991 LNCS
DOIs
Publication statusPublished - 2008 Apr 7
Event4th Information Security Practice and Experience Conference, ISPEC 2008 - Sydney, NSW, Australia
Duration: 2008 Apr 212008 Apr 23

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4991 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other4th Information Security Practice and Experience Conference, ISPEC 2008
CountryAustralia
CitySydney, NSW
Period08/4/2108/4/23

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Fingerprint Dive into the research topics of 'Unified rate limiting in broadband access networks for defeating Internet worms and DDoS attacks'. Together they form a unique fingerprint.

  • Cite this

    Park, K., Seo, D., Yoo, J., Lee, H., & Kim, H. (2008). Unified rate limiting in broadband access networks for defeating Internet worms and DDoS attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4991 LNCS, pp. 176-187). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4991 LNCS). https://doi.org/10.1007/978-3-540-79104-1_13