Detecting and Surviving Large-Scale Network Infrastructure Attacks

Abstract

This report summarizes our work on detecting and surviving large-scale network infrastructure attacks. This work investigated several different areas of infrastructure attacks including routing protocol analysis and denial of service attacks. This work produced many significant results including several patent applications as well as the commercialization of the denial of service survival tool by Arbor Networks in 2001. In addition, we have published a number of technical research reports and presented our results in public research community venues as well as in private briefings to several government organizations. This report presents the results of our analysis in the following areas: "The development and use of an innovative protocol monitoring tool," The development and demonstration of an in-line protocol scrubber designed to remove attacks from malicious network streams," The design, development, and commercialization of a tool designed to detect and mitigate denial of service attacks," Analysis of routing protocol stability and reliability including real-world analysis of both BGP and OSPF running on production networks, " Design and testing of an overlay network system designed to minimize network unavailability.

Document Details

Document Type

Technical Report

Publication Date

Apr 01, 2005

Accession Number

ADA433781

Entities

Tags