Optimal Sensor Placement for Detection against Distributed Denial of Service Attacks
Abstract
Distributed denial of service (DDoS) attacks have become a major threat to organizations and especially to internet and intranet. In DDoS attacks targets are overwhelmed by sending an enormous amount of traffic from a number of attack sites. The major task of any defense system is to detect these attacks accurately and quickly, before it causes an unrecoverable loss. Most of the research in this regard has been focused on the detection techniques without exploiting spatial placement of detection system in a network. The ideal way to completely eliminate the DDoS threat is to run detection mechanism on every node in the network, which is not a practical solution. In this paper, we focus on the optimized placement of detection nodes in a network for distributed detection of DDoS attacks which not only minimize the number of these node required but also reduce the cost, processing overheads and larger delays in identifying an attack. We examine the placement problem of finding a minimum cardinality set of nodes to detect DDoS attacks such that no attack traffic can reach the target without being monitored by these sensors. The placement problem is first formulated as set packing and then as set covering. The solution to both of these formulations is NP hard; therefore, two efficient heuristic algorithms are presented and compared for minimizing the number of detection nodes and finding the optimal placement in a network, thus preventing the impact of distributed attacks. Both algorithms give a near optimal number of detection nodes.References
Heiler, S. B. Zdonik; Proc. IEEE International Conference on Data Engineering, (1990), 86-93.
Kuno and E. A. Rundensteiner; The MultiView OODB view system: Design and implementation, Technical Report CSE-TR-246-95, University of Michigan, (Jul 1995).
H. Scholl, C. Laasch, M. Tresch; Proc. The Second DOOD Conference, page 113-119 (Dec 1991).
A. Rundensteiner; Proc. 18th VLDB Conference, (1992), 187-198.
Atkinson, F. Bancilhon, D. DeWitt, K. Dittrich, D. Maier, S. Zdonic; In Building an ObjectOriented Database System: The Story of O2, Publisher Morgan Kaufmann Pub., (1992).
C. J. Harrison and Majid Naeem; ACM Symposium on Applied Computing Page 1118- 1121 Como, Italy (2000).
C. J. Harrison and Majid Naeem A ModelOriented Programming Support Environment for Understanding Object-Oriented Concepts, Lecture Notes in Computer Science, SpringerVerlag Heidelberg, Vol. 1964/2000, ISSN: 0302-9743.
Sun Microsystems; Remote Procedure Call Protocol Specification, Networking on the Sun Workstation, Sun Microsystems, Mountain View, CA. (1985).
Tay B.H., Ananda A.L.; Operating Systems Review, 24(1990) 68-79.
Bacon J.M., Hamilton K.G.; Distributed Computing with RPC, The Cambridge Approach. Technical Report No. 117. Computer Laboratory, University of Cambridge, England (1987).
Tofte M.; Information and Computation, 89(1990) 1-34.
Palsberg J.; Proc. 9Th Annual IEEE symposium on Logic in Computer Science, (1994), 186-195.
Mitchell J.C.; Proc. 11Th Annual ACM Symposium on Principles of Programming Languages, (1984), 175-185.
Aiken A., E. L. Wimmers; Proc. ACM Conference on Functional Programming and Computer Architecture, (1993), 31-41.
A. Kuno, E. A. Rundensteiner; Implementation experience with building an object-oriented view management system, Technical Report CSE-TR- 191-93, University of Michigan (1993).
C. J. Harrison and Majid Naeem, Proc. IEEE INMIC 2004, 8th International (IEEE) Multitopic Conference, Lahore, Pakistan, (2005), 133- 139.
C. J. Harrison and Majid Naeem, Proc. IEEE INMIC 2004, 8th International (IEEE) Multitopic Conference, Lahore, Pakistan, (2004), 737- 742.
