Journal Article (Refereed)
Distributing defence intelligence across active routers to defeat denial of service attacks in networks
A, E F & Linge, N & Hope, M D 2007, 'Distributing defence intelligence across active routers to defeat denial of service attacks in networks', IEE Proceedings on Communications, 1(1), pp.55-63.
Denial of Service Attacks represent a major threat to modern organisations who are increasing dependent upon the integrity of their computer networks. Techniques have been developed to combat such attacks and the deployment of firewall technology and intrusion detection systems are now commonplace, if not essential. However, current solutions do exhibit weaknesses. This paper presents a new approach to defeat denial of service attacks through the development of a network architecture constructed using active routers. Using the principles of active networking, our approach provides the functionality required to defeat the most common types of attack and overcomes many of the weaknesses of alternative approaches. The basic operation of our scheme is presented and its ability to defeat both a SYN and SMURF attack is demonstrated through protocol simulation.
IEE Proceedings on Communications