To search, Click below search items.

 

All Published Papers Search Service

Title

Detection of DDoS and IDS Evasion Attacks in a High-Speed Networks Environment

Author

Jin-Tae Oh, Sang-Kil Park, Jong-Soo Jang, Yong-Hee Jeon

Citation

Vol. 7  No. 6  pp. 124-131

Abstract

BcN(Broadband convergence Networks) is being deployed in order to support a variety of network applications such as E-Commerce, DMB(Digital Multimedia Broadcasting), Home Network, VoIP(Voice over IP), and other services. As network bandwidth is growing rapidly and services are converged, the opportunity and severity of network intrusions are growing as well. This paper presents a novel Intrusion Detection System (IDS) architecture named ‘Security Gateway System (SGS)’ designed to perform intrusion detection and prevention on high-speed network links. Among several other features in the system, we focus on the detection of DDoS(Distributed Denial of Service) and IDS evasion attacks. We implemented both the mechanisms for handling the bandwidth consuming attack and the detection engine against IDS evasion attack in FPGA(Field Programmable Gate Array). We present some experimental results in a gigabit test bed. The results show that the real-time detection against both attacks is possible with 2 gigabits throughput in each security board.

Keywords

IDS(Intrusion Detection System), DoS(Denial of Service) attack, Bandwidth Control, IDS evasion attack

URL

http://paper.ijcsns.org/07_book/200706/20070617.pdf