SEEK: Salford Environment for Expertise and Knowledge

Journal Article (Refereed)
February 2007

Distributing defence intelligence across active routers to defeat denial of service attacks in networks

A, E F & Linge, N & Hope, M D 2007, 'Distributing defence intelligence across active routers to defeat denial of service attacks in networks', IEE Proceedings on Communications, 1(1), pp.55-63.

Abstract

Denial of Service Attacks represent a major threat to modern organisations who are increasing dependent upon the integrity of their computer networks. Techniques have been developed to combat such attacks and the deployment of firewall technology and intrusion detection systems are now commonplace, if not essential. However, current solutions do exhibit weaknesses. This paper presents a new approach to defeat denial of service attacks through the development of a network architecture constructed using active routers. Using the principles of active networking, our approach provides the functionality required to defeat the most common types of attack and overcomes many of the weaknesses of alternative approaches. The basic operation of our scheme is presented and its ability to defeat both a SYN and SMURF attack is demonstrated through protocol simulation.

Notes

-

Authors

SEEK Members

External Authors

El-Moussa, F A

Publication Details

Journal Name
IEE Proceedings on Communications

Volume
1(1)

Pagination
55-63.