https://scholars.lib.ntu.edu.tw/handle/123456789/488587
標題: | STRIDE: sanctuary trail - refuge from internet DDoS entrapment. | 作者: | HSU-CHUN HSIAO Kim, Tiffany Hyun-Jin Yoo, Sangjae Zhang, Xin Lee, Soo Bum Gligor, Virgil D. |
關鍵字: | bandwidth allocation; bandwidth guarantees; ddos defense; ddos-resilient internet architecture | 公開日期: | 2013 | 起(迄)頁: | 415-426 | 來源出版物: | 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '13, Hangzhou, China - May 08 - 10, 2013 | 摘要: | We propose STRIDE, a new DDoS-resilient Internet architecture that isolates attack traffic through viable bandwidth allocation, preventing a botnet from crowding out legitimate flows. This new architecture presents several novel concepts including tree-based bandwidth allocation and long-term static paths with guaranteed bandwidth. In concert, these mechanisms provide domain-based bandwidth guarantees within a trust domain - administrative domains grouped within a legal jurisdiction with enforceable accountability; each administrative domain in the trust domain can then internally split such guarantees among its endhosts to provide (1) connection establishment with high probability, and (2) precise bandwidth guarantees for established flows, regardless of the size or distribution of the botnet outside the source and the destination domains. Moreover, STRIDE maintains no per-flow state on backbone routers and requires no key establishment across administrative domains. We demonstrate that STRIDE achieves these DDoS defense properties through formal analysis and simulation. We also show that STRIDE mitigates emerging DDoS threats such as Denial-of-Capability (DoC) [6] and N2 attacks [22] based on these properties that none of the existing DDoS defense mechanisms can achieve. © 2013 ACM. |
URI: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-84877964891&doi=10.1145%2f2484313.2484367&partnerID=40&md5=d31d59e3805138729a4eaea7a4ba58c1 | DOI: | 10.1145/2484313.2484367 |
顯示於: | 資訊工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。