MAfIc: Adaptive packet dropping for cutting malicious flows to push back DDoS attacks

Yu Chen, Yu Kwong Kwok, Kai Hwang

Research output: Contribution to conferencePaperpeer-review

13 Citations (Scopus)

Abstract

In this paper, we propose a new approach called MAFIC (MAlicious Flow Identification and Cutoff) to support adaptive packet dropping to fend off DDoS attacks. MAFIC works by judiciously issuing lightweight probes to flow sources to check if they are legitimate. Through such probing, MAFIC would drop malicious attack packets with high accuracy while minimizes the loss on legitimate traffic flows. Our NS-2 based simulation indicates that MAFIC algorithm drops packets from unresponsive potental attack flows with an accuracy as high as 99% and reduces the loss of legitimate flows to less than 3%. Furthermore, the false positive and negative rates are low-only around 1% for a majority of the cases.

Original languageEnglish
DOIs
Publication statusPublished - 2005
Externally publishedYes
Event25th IEEE International Conference on Distributed Computing Systems Workshops, ICDCS 2005 - Columbus, OH, United States
Duration: 6 Jun 200510 Jun 2005

Conference

Conference25th IEEE International Conference on Distributed Computing Systems Workshops, ICDCS 2005
Country/TerritoryUnited States
CityColumbus, OH
Period6/06/0510/06/05

Keywords

  • DDoS defense
  • Duplicated ACKs
  • Malicious flows
  • Packet dropping policy
  • Probing

Fingerprint

Dive into the research topics of 'MAfIc: Adaptive packet dropping for cutting malicious flows to push back DDoS attacks'. Together they form a unique fingerprint.

Cite this