A source identification scheme against DDoS attacks in cluster interconnects Conference Paper uri icon

abstract

  • Designing secure clusters has recently become a critical issue to make these systems robust to attacks from the Internet. The Distributed Denial of Service (DDoS) attack is one of the most serious problems in the current Internet. To defend against DDoS attacks, clusters usually depend on firewalls or Intrusion Detection Systems (IDS). However, once firewall and IDS are breached, the impact of DDoS attack within a cluster can be severe. That is because one infected system or one malicious user, which is believed to be trustworthy, may instantly paralyze the whole cluster through the high speed network. In this paper, we present a deterministic distance packet marking (DDPM) scheme to identify the source nodes generating spoofed IP packets in cluster interconnects. The scheme can be applied to many cluster interconnects such as mesh, torus and hypercube, which are popular in many commercial systems. Our scheme is practically attractive since it is scalable to large networks and does not incur much processing overhead on both switches and nodes.

name of conference

  • Workshops on Mobile and Wireless Networking/High Performance Scientific, Engineering Computing/Network Design and Architecture/Optical Networks Control and Management/Ad Hoc and Sensor Networks/Compile and Run Time Techniques for Parallel Computing ICPP 2004

published proceedings

  • 2004 INTERNATIONAL CONFERENCE ON PARALLEL PROCESSING WORKSHOPS, PROCEEDINGS

author list (cited authors)

  • Lee, M., Kim, E. J., & Lee, C. W.

citation count

  • 3

complete list of authors

  • Lee, M||Kim, EJ||Lee, CW

publication date

  • January 2004