TY - GEN
T1 - Hierarchical defense structure for mitigating DoS attacks
AU - Johnson, H.
AU - Qaisrani, B.
AU - Fiedler, M.
AU - Nilsson, A.
AU - Wu, S. F.
PY - 2006
Y1 - 2006
N2 - This paper provides the contribution of mitigating a Denial-of-Service (DoS) attack via a developed hierarchical defense structure with proactive functionality. An important aspect is the tradeoff between performance and security. This novel hierarchical architecture is presented with lightweight authentication protocols acting as a classifier to deny access to harmful traffic. An empirical test of the proposed structure has been performed and results are reported which display the capability of the structure to filter and separate the attack traffic before reaching the target of an IPSec gateway. Thus, the filtering of traffic is performed without being the target itself for new resource exhaustion attacks. The considered IPSec environment is based on IPSec gateways for the low-end market, i.e., for small businesses or private networks.
AB - This paper provides the contribution of mitigating a Denial-of-Service (DoS) attack via a developed hierarchical defense structure with proactive functionality. An important aspect is the tradeoff between performance and security. This novel hierarchical architecture is presented with lightweight authentication protocols acting as a classifier to deny access to harmful traffic. An empirical test of the proposed structure has been performed and results are reported which display the capability of the structure to filter and separate the attack traffic before reaching the target of an IPSec gateway. Thus, the filtering of traffic is performed without being the target itself for new resource exhaustion attacks. The considered IPSec environment is based on IPSec gateways for the low-end market, i.e., for small businesses or private networks.
UR - https://www.scopus.com/pages/publications/33750948063
UR - https://www.scopus.com/pages/publications/33750948063#tab=citedBy
U2 - 10.1109/ICNICONSMCL.2006.111
DO - 10.1109/ICNICONSMCL.2006.111
M3 - Conference contribution
AN - SCOPUS:33750948063
SN - 0769525520
SN - 9780769525525
T3 - Proceedings of the International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies,ICN/ICONS/MCL'06
BT - Proceedings of the International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies, ICN/ICONS/MCL'06
T2 - International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies, ICN/ICONS/MCL'06
Y2 - 23 April 2006 through 29 April 2006
ER -