File Download
  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: MAFIC: adaptive packet dropping for cutting malicious flows to push back DDoS attacks

TitleMAFIC: adaptive packet dropping for cutting malicious flows to push back DDoS attacks
Authors
Chen, YKwok, YKHwang, K
KeywordsPacket dropping policy
DDoS defense
Malicious flows
Probing
Duplicated ACKs
Issue Date2005
PublisherIEEE.
Citation
The 25th International Conference on Distributed Computing Systems Workshop Proceedings, Columbus, Ohio, USA, 6-10 June 2005, p. 123-129 How to Cite?
DOI: http://dx.doi.org/10.1109/ICDCSW.2005.84
AbstractIn this paper, we propose a new approach called MAFIC (malicious flow identification and cutoff) to support adaptive packet dropping to fend off DDoS attacks. MAFIC works by judiciously issuing lightweight probes to flow sources to check if they are legitimate. Through such probing, MAFIC would drop malicious attack packets with high accuracy while minimizes the loss on legitimate traffic flows. Our NS-2 based simulation indicates that MAFIC algorithm drops packets from unresponsive potential attack flows with an accuracy as high as 99% and reduces the loss of legitimate flows to less than 3%. Furthermore, the false positive and negative rates are low-only around 1% for a majority of the cases.
Persistent Identifierhttp://hdl.handle.net/10722/45821
ISSN
1533-9610

 

DC FieldValueLanguage
dc.contributor.authorChen, Yen_HK
dc.contributor.authorKwok, YKen_HK
dc.contributor.authorHwang, Ken_HK
dc.date.accessioned2007-10-30T06:36:17Z-
dc.date.available2007-10-30T06:36:17Z-
dc.date.issued2005en_HK
dc.identifier.citationThe 25th International Conference on Distributed Computing Systems Workshop Proceedings, Columbus, Ohio, USA, 6-10 June 2005, p. 123-129en_HK
dc.identifier.issn1533-9610en_HK
dc.identifier.urihttp://hdl.handle.net/10722/45821-
dc.description.abstractIn this paper, we propose a new approach called MAFIC (malicious flow identification and cutoff) to support adaptive packet dropping to fend off DDoS attacks. MAFIC works by judiciously issuing lightweight probes to flow sources to check if they are legitimate. Through such probing, MAFIC would drop malicious attack packets with high accuracy while minimizes the loss on legitimate traffic flows. Our NS-2 based simulation indicates that MAFIC algorithm drops packets from unresponsive potential attack flows with an accuracy as high as 99% and reduces the loss of legitimate flows to less than 3%. Furthermore, the false positive and negative rates are low-only around 1% for a majority of the cases.en_HK
dc.format.extent163269 bytes-
dc.format.extent3564 bytes-
dc.format.mimetypeapplication/pdf-
dc.format.mimetypetext/plain-
dc.languageengen_HK
dc.publisherIEEE.en_HK
dc.relation.ispartofInternational Conference on Distributed Computing Systems Workshop Proceedings-
dc.rights©2005 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.-
dc.subjectPacket dropping policyen_HK
dc.subjectDDoS defenseen_HK
dc.subjectMalicious flowsen_HK
dc.subjectProbingen_HK
dc.subjectDuplicated ACKsen_HK
dc.titleMAFIC: adaptive packet dropping for cutting malicious flows to push back DDoS attacksen_HK
dc.typeConference_Paperen_HK
dc.identifier.openurlhttp://library.hku.hk:4550/resserv?sid=HKU:IR&issn=1533-9610&volume=&spage=123&epage=129&date=2005&atitle=MAFIC:+adaptive+packet+dropping+for+cutting+malicious+flows+to+push+back+DDoS+attacksen_HK
dc.description.naturepublished_or_final_versionen_HK
dc.identifier.doi10.1109/ICDCSW.2005.84en_HK
dc.identifier.scopuseid_2-s2.0-80052201538-
dc.identifier.hkuros105760-

Export via OAI-PMH Interface in XML Formats

OR

Export to Other Non-XML Formats