![[Defense against Denial of Service Attacks]](img/jpg/ddos%20defense.jpg)
![[typical DDoS attack]](img/jpg/ddos_attack.jpg)
The continued growth of the Internet, coupled with recent advances in Grid computing will make research collaboration far easier than ever before. This ease-of-use will lead to increased (if not complete) dependence on the underlying information infrastructure -- an infrastructure which is currently vulnerable to a wide variety of attacks. Among these attacks are Denial of Service attacks, aimed at exhausting resource availability.
Current protection methods include firewalls, selective applications, and proxies, all of which hinder collaboration by placing obstacles in the path of the collaborators, and are often antithetical to the mission of the institutions employing such measures.
Other methods include Intrusion Detection Systems, host-based or network-based, which are simply not designed to cope with extremely challenging environments. Most IDS systems are reactive in nature, and are not suitable for dynamic environments, relying instead on off-line decisions and resource-marshalling -- a scheme with potentially prohibitive overhead.
We are addressing this problem by developing a dynamic, collaborative defense infrastructure for detecting and responding to attacks. This framework will make use of sentinel machines sharing an Intrusion Assessment Information Base to collect and analyze data about the attack pattern, and to respond to the attack in real-time. Working together, these sentinels can marshall the necessary resources to contain the attack, minimizing damage and recovery costs.