Detection, traceback and filtering of denial of service attacks in networked embedded systems

Andreas Papalambrou, Kyriakos Stefanidis, John Gialelis, Dimitrios Serpanos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

This work presents a composite scheme for detection, traceback and filtering of distributed denial of service (DDoS) attacks in networked embedded systems. A method based on algorithmic analysis of various node and network parameters is used to detect attacks while a packet marking method is used to mitigate the effects of the attack by filtering the incoming traffic that is part of this attack and trace back to the origin of the attack. The combination of the detection and mitigation methods provide an increased level of security in comparison to approaches based on a single method. Furthermore, the scheme is developed in a way to comply with the novel SHIELD secure architecture being developed, which aims at providing interoperability with other secure components as well as metrics to quantify their security properties. Copyright is held by the owner/author(s).

Original languageEnglish
Title of host publicationProceedings of the 9th Workshop on Embedded Systems Security, WESS 2014
PublisherAssociation for Computing Machinery, Inc
ISBN (Print)9781450329323
DOIs
Publication statusPublished - 1 Jan 2014
Event9th Workshop on Embedded Systems Security, WESS 2014 - New Delhi, India
Duration: 12 Oct 201417 Oct 2014

Other

Other9th Workshop on Embedded Systems Security, WESS 2014
CountryIndia
CityNew Delhi
Period12/10/1417/10/14

Fingerprint

Embedded systems
Interoperability
Composite materials
Denial-of-service attack

Keywords

  • Denial of Service attacks
  • Embedded systems security

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Control and Systems Engineering
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

Papalambrou, A., Stefanidis, K., Gialelis, J., & Serpanos, D. (2014). Detection, traceback and filtering of denial of service attacks in networked embedded systems. In Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014 [2668327] Association for Computing Machinery, Inc. https://doi.org/10.1145/2668322.2668327

Detection, traceback and filtering of denial of service attacks in networked embedded systems. / Papalambrou, Andreas; Stefanidis, Kyriakos; Gialelis, John; Serpanos, Dimitrios.

Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014. Association for Computing Machinery, Inc, 2014. 2668327.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Papalambrou, A, Stefanidis, K, Gialelis, J & Serpanos, D 2014, Detection, traceback and filtering of denial of service attacks in networked embedded systems. in Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014., 2668327, Association for Computing Machinery, Inc, 9th Workshop on Embedded Systems Security, WESS 2014, New Delhi, India, 12/10/14. https://doi.org/10.1145/2668322.2668327
Papalambrou A, Stefanidis K, Gialelis J, Serpanos D. Detection, traceback and filtering of denial of service attacks in networked embedded systems. In Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014. Association for Computing Machinery, Inc. 2014. 2668327 https://doi.org/10.1145/2668322.2668327
Papalambrou, Andreas ; Stefanidis, Kyriakos ; Gialelis, John ; Serpanos, Dimitrios. / Detection, traceback and filtering of denial of service attacks in networked embedded systems. Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014. Association for Computing Machinery, Inc, 2014.
@inproceedings{1c513a4cfaae47e5953466d3a60fe32f,
title = "Detection, traceback and filtering of denial of service attacks in networked embedded systems",
abstract = "This work presents a composite scheme for detection, traceback and filtering of distributed denial of service (DDoS) attacks in networked embedded systems. A method based on algorithmic analysis of various node and network parameters is used to detect attacks while a packet marking method is used to mitigate the effects of the attack by filtering the incoming traffic that is part of this attack and trace back to the origin of the attack. The combination of the detection and mitigation methods provide an increased level of security in comparison to approaches based on a single method. Furthermore, the scheme is developed in a way to comply with the novel SHIELD secure architecture being developed, which aims at providing interoperability with other secure components as well as metrics to quantify their security properties. Copyright is held by the owner/author(s).",
keywords = "Denial of Service attacks, Embedded systems security",
author = "Andreas Papalambrou and Kyriakos Stefanidis and John Gialelis and Dimitrios Serpanos",
year = "2014",
month = "1",
day = "1",
doi = "10.1145/2668322.2668327",
language = "English",
isbn = "9781450329323",
booktitle = "Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Detection, traceback and filtering of denial of service attacks in networked embedded systems

AU - Papalambrou, Andreas

AU - Stefanidis, Kyriakos

AU - Gialelis, John

AU - Serpanos, Dimitrios

PY - 2014/1/1

Y1 - 2014/1/1

N2 - This work presents a composite scheme for detection, traceback and filtering of distributed denial of service (DDoS) attacks in networked embedded systems. A method based on algorithmic analysis of various node and network parameters is used to detect attacks while a packet marking method is used to mitigate the effects of the attack by filtering the incoming traffic that is part of this attack and trace back to the origin of the attack. The combination of the detection and mitigation methods provide an increased level of security in comparison to approaches based on a single method. Furthermore, the scheme is developed in a way to comply with the novel SHIELD secure architecture being developed, which aims at providing interoperability with other secure components as well as metrics to quantify their security properties. Copyright is held by the owner/author(s).

AB - This work presents a composite scheme for detection, traceback and filtering of distributed denial of service (DDoS) attacks in networked embedded systems. A method based on algorithmic analysis of various node and network parameters is used to detect attacks while a packet marking method is used to mitigate the effects of the attack by filtering the incoming traffic that is part of this attack and trace back to the origin of the attack. The combination of the detection and mitigation methods provide an increased level of security in comparison to approaches based on a single method. Furthermore, the scheme is developed in a way to comply with the novel SHIELD secure architecture being developed, which aims at providing interoperability with other secure components as well as metrics to quantify their security properties. Copyright is held by the owner/author(s).

KW - Denial of Service attacks

KW - Embedded systems security

UR - http://www.scopus.com/inward/record.url?scp=84912096308&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84912096308&partnerID=8YFLogxK

U2 - 10.1145/2668322.2668327

DO - 10.1145/2668322.2668327

M3 - Conference contribution

AN - SCOPUS:84912096308

SN - 9781450329323

BT - Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014

PB - Association for Computing Machinery, Inc

ER -