TY - JOUR
T1 - Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
AU - Sangpachatanaruk, Chatree
AU - Khattab, Sherif M.
AU - Znati, Taieb
AU - Melhem, Rami
AU - Mossé, Daniel
N1 - Funding Information:
The authors were supported in part by NSF under grant ANI-0087609.
PY - 2004/9
Y1 - 2004/9
N2 - The paper proposes a scheme, referred to as proactive server roaming, to mitigate the effects of denial of service (DoS) attacks. The scheme is based on the concept of "replicated elusive service", which through server roaming, causes the service to physically migrate from one physical location to another. Furthermore, the proactiveness of the scheme makes it difficult for attackers to guess when or where servers roam. The combined effect of elusive service replication and proactive roaming makes the scheme resilient to DoS attacks, thereby ensuring a high-level of quality of service. The paper describes the basic components of the scheme and discusses a simulation study to assess the performance of the scheme for different types of DoS attacks. The details of the NS2-based design and implementation of the server roaming strategy to mitigate the DoS attacks are provided, along with a thorough discussion and analysis of the simulation results.
AB - The paper proposes a scheme, referred to as proactive server roaming, to mitigate the effects of denial of service (DoS) attacks. The scheme is based on the concept of "replicated elusive service", which through server roaming, causes the service to physically migrate from one physical location to another. Furthermore, the proactiveness of the scheme makes it difficult for attackers to guess when or where servers roam. The combined effect of elusive service replication and proactive roaming makes the scheme resilient to DoS attacks, thereby ensuring a high-level of quality of service. The paper describes the basic components of the scheme and discusses a simulation study to assess the performance of the scheme for different types of DoS attacks. The details of the NS2-based design and implementation of the server roaming strategy to mitigate the DoS attacks are provided, along with a thorough discussion and analysis of the simulation results.
KW - Denial of service attacks
KW - Elusive servers
KW - Migration
KW - Performance analysis
KW - Replication
KW - Security
KW - Simulation
UR - http://www.scopus.com/inward/record.url?scp=3042823049&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=3042823049&partnerID=8YFLogxK
U2 - 10.1016/j.jss.2003.09.012
DO - 10.1016/j.jss.2003.09.012
M3 - Article
AN - SCOPUS:3042823049
SN - 0164-1212
VL - 73
SP - 15
EP - 29
JO - Journal of Systems and Software
JF - Journal of Systems and Software
IS - 1 SPEC. ISS.
ER -