题目:Traceback DDoS attacks using entropy variations. 报告人:Dr. Shui Yu School of Engineering and Information Technology Deakin University 时间:8月5日 11:00 - 12:00 地点:蒙民伟楼404会议室 摘要:Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the memory-less feature of the Internet routing mechanisms makes it extremely hard to trace back to the source of these attacks. As a result, there is no effective and efficient method to deal with this issue so far. In this paper, we propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic, which is fundamentally different from commonly used packet marking techniques. In comparison to existing DDoS traceback methods, the proposed strategy possesses a number of advantages - it is memory non-intensive, efficiently scalable, robust against packet pollution and independent of attack traffic patterns. The results of extensive experimental and simulation studies are presented to demonstrate the effectiveness and efficiency of the proposed method. Our experiments show that accurate traceback is possible within 20 seconds (approx.) in a large scale attack network with thousands of zombies. 简历:Shui Yu received his B.Eng (Electronic Engineering) and M.Eng (Computer Science) degree from University of Electronic Science and Technology of China , P. R. China in 1993 and 1999, respectively. He received his PhD (Computer Science) from Deakin University in 2004. He is currently a lecturer in School of Engineering and Information Technology, Deakin University, Melbourne, Australia. Before joining Deakin University, Dr Yu was a lecturer of Computer College in University of Electronic Science and Technology of China. He has a good experience of industry, especially in network design and software development organization and implementation. His research interests include networking theory and network security.
|