Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking

Frank Yeong Sung Lin, Pei-yu Chen, Chun Wei Fan Chiang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In the paper, the DDoS scenario is modelled as a mathematical programming problem. The defender strategically utilizes the limited resources to maximize the legitimate traffic, and he can adopt packet marking to observe the network status. The information extracts from the marking field can help the defender develop a defense strategy which combines packet filtering and packet blocking. A Lagrangean relaxation-based algorithm is proposed to optimally solve the problem.

Original languageEnglish (US)
Title of host publicationPACIS 2010 - 14th Pacific Asia Conference on Information Systems
Pages1703-1710
Number of pages8
StatePublished - 2010
Externally publishedYes
Event14th Pacific Asia Conference on Information Systems, PACIS 2010 - Taipei, Taiwan, Province of China
Duration: Jul 9 2010Jul 12 2010

Other

Other14th Pacific Asia Conference on Information Systems, PACIS 2010
CountryTaiwan, Province of China
CityTaipei
Period7/9/107/12/10

Fingerprint

Mathematical programming

Keywords

  • Blocking
  • Distributed-denial-of-service (DDoS)
  • Filtering
  • Mathematical programming
  • Optimization and lagrangean relaxation
  • Packet marking

ASJC Scopus subject areas

  • Information Systems

Cite this

Lin, F. Y. S., Chen, P., & Chiang, C. W. F. (2010). Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking. In PACIS 2010 - 14th Pacific Asia Conference on Information Systems (pp. 1703-1710)

Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking. / Lin, Frank Yeong Sung; Chen, Pei-yu; Chiang, Chun Wei Fan.

PACIS 2010 - 14th Pacific Asia Conference on Information Systems. 2010. p. 1703-1710.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lin, FYS, Chen, P & Chiang, CWF 2010, Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking. in PACIS 2010 - 14th Pacific Asia Conference on Information Systems. pp. 1703-1710, 14th Pacific Asia Conference on Information Systems, PACIS 2010, Taipei, Taiwan, Province of China, 7/9/10.
Lin FYS, Chen P, Chiang CWF. Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking. In PACIS 2010 - 14th Pacific Asia Conference on Information Systems. 2010. p. 1703-1710
Lin, Frank Yeong Sung ; Chen, Pei-yu ; Chiang, Chun Wei Fan. / Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking. PACIS 2010 - 14th Pacific Asia Conference on Information Systems. 2010. pp. 1703-1710
@inproceedings{efa7964f72534538842e45ab6dff54f2,
title = "Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking",
abstract = "In the paper, the DDoS scenario is modelled as a mathematical programming problem. The defender strategically utilizes the limited resources to maximize the legitimate traffic, and he can adopt packet marking to observe the network status. The information extracts from the marking field can help the defender develop a defense strategy which combines packet filtering and packet blocking. A Lagrangean relaxation-based algorithm is proposed to optimally solve the problem.",
keywords = "Blocking, Distributed-denial-of-service (DDoS), Filtering, Mathematical programming, Optimization and lagrangean relaxation, Packet marking",
author = "Lin, {Frank Yeong Sung} and Pei-yu Chen and Chiang, {Chun Wei Fan}",
year = "2010",
language = "English (US)",
pages = "1703--1710",
booktitle = "PACIS 2010 - 14th Pacific Asia Conference on Information Systems",

}

TY - GEN

T1 - Near-optimal defense strategies against DDoS attacks based upon packet filtering and blocking enabled by packet marking

AU - Lin, Frank Yeong Sung

AU - Chen, Pei-yu

AU - Chiang, Chun Wei Fan

PY - 2010

Y1 - 2010

N2 - In the paper, the DDoS scenario is modelled as a mathematical programming problem. The defender strategically utilizes the limited resources to maximize the legitimate traffic, and he can adopt packet marking to observe the network status. The information extracts from the marking field can help the defender develop a defense strategy which combines packet filtering and packet blocking. A Lagrangean relaxation-based algorithm is proposed to optimally solve the problem.

AB - In the paper, the DDoS scenario is modelled as a mathematical programming problem. The defender strategically utilizes the limited resources to maximize the legitimate traffic, and he can adopt packet marking to observe the network status. The information extracts from the marking field can help the defender develop a defense strategy which combines packet filtering and packet blocking. A Lagrangean relaxation-based algorithm is proposed to optimally solve the problem.

KW - Blocking

KW - Distributed-denial-of-service (DDoS)

KW - Filtering

KW - Mathematical programming

KW - Optimization and lagrangean relaxation

KW - Packet marking

UR - http://www.scopus.com/inward/record.url?scp=84863394500&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863394500&partnerID=8YFLogxK

M3 - Conference contribution

SP - 1703

EP - 1710

BT - PACIS 2010 - 14th Pacific Asia Conference on Information Systems

ER -