Proactive server roaming for mitigating Denial-of-Service attacks

Sherif M. Khattab; Chatree Sangpachatanaruk; Rami Melhem; Daniel Mossé; Taieb Znati

doi:10.1109/ITRE.2003.1270623

Proactive server roaming for mitigating Denial-of-Service attacks

Sherif M. Khattab, Chatree Sangpachatanaruk, Rami Melhem, Daniel Mossé, Taieb Znati

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

28 Citations (Scopus)

Abstract

We propose a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time.

Original language	English
Title of host publication	Proceedings, ITRE 2003 - International Conference on Information Technology
Subtitle of host publication	Research and Education
Pages	286-290
Number of pages	5
DOIs	https://doi.org/10.1109/ITRE.2003.1270623
Publication status	Published - 2003
Externally published	Yes
Event	2003 International Conference on Information Technology: Research and Education, ITRE 2003 - Newark, NJ, United States Duration: Aug 11 2003 → Aug 13 2003

Publication series

Name	Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education

Conference

Conference	2003 International Conference on Information Technology: Research and Education, ITRE 2003
Country/Territory	United States
City	Newark, NJ
Period	8/11/03 → 8/13/03

Keywords

DoS attack mitigation
Network security

ASJC Scopus subject areas

Information Systems
Education

Access to Document

10.1109/ITRE.2003.1270623

Cite this

Khattab, S. M., Sangpachatanaruk, C., Melhem, R., Mossé, D., & Znati, T. (2003). Proactive server roaming for mitigating Denial-of-Service attacks. In Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education (pp. 286-290). Article 1270623 (Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education). https://doi.org/10.1109/ITRE.2003.1270623

Proactive server roaming for mitigating Denial-of-Service attacks. / Khattab, Sherif M.; Sangpachatanaruk, Chatree; Melhem, Rami et al.
Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education. 2003. p. 286-290 1270623 (Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Khattab, SM, Sangpachatanaruk, C, Melhem, R, Mossé, D & Znati, T 2003, Proactive server roaming for mitigating Denial-of-Service attacks. in Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education., 1270623, Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education, pp. 286-290, 2003 International Conference on Information Technology: Research and Education, ITRE 2003, Newark, NJ, United States, 8/11/03. https://doi.org/10.1109/ITRE.2003.1270623

Khattab SM, Sangpachatanaruk C, Melhem R, Mossé D, Znati T. Proactive server roaming for mitigating Denial-of-Service attacks. In Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education. 2003. p. 286-290. 1270623. (Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education). doi: 10.1109/ITRE.2003.1270623

@inproceedings{dd7c57065dbd4af598c8c471ccd01a5c,

title = "Proactive server roaming for mitigating Denial-of-Service attacks",

abstract = "We propose a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time.",

keywords = "DoS attack mitigation, Network security",

author = "Khattab, {Sherif M.} and Chatree Sangpachatanaruk and Rami Melhem and Daniel Moss{\'e} and Taieb Znati",

year = "2003",

doi = "10.1109/ITRE.2003.1270623",

language = "English",

isbn = "0780377249",

series = "Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education",

pages = "286--290",

booktitle = "Proceedings, ITRE 2003 - International Conference on Information Technology",

note = "2003 International Conference on Information Technology: Research and Education, ITRE 2003 ; Conference date: 11-08-2003 Through 13-08-2003",

}

TY - GEN

T1 - Proactive server roaming for mitigating Denial-of-Service attacks

AU - Khattab, Sherif M.

AU - Sangpachatanaruk, Chatree

AU - Melhem, Rami

AU - Mossé, Daniel

AU - Znati, Taieb

PY - 2003

Y1 - 2003

N2 - We propose a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time.

AB - We propose a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time.

KW - DoS attack mitigation

KW - Network security

UR - http://www.scopus.com/inward/record.url?scp=84893960790&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893960790&partnerID=8YFLogxK

U2 - 10.1109/ITRE.2003.1270623

DO - 10.1109/ITRE.2003.1270623

M3 - Conference contribution

AN - SCOPUS:84893960790

SN - 0780377249

SN - 9780780377240

T3 - Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education

SP - 286

EP - 290

BT - Proceedings, ITRE 2003 - International Conference on Information Technology

T2 - 2003 International Conference on Information Technology: Research and Education, ITRE 2003

Y2 - 11 August 2003 through 13 August 2003

ER -

Proactive server roaming for mitigating Denial-of-Service attacks

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this