@inproceedings{2008-IUPR-23Apr_1825,
author = {Markus Goldstein and Christoph Lampert and Matthias Reif and Armin Stahl and Thomas M. Breuel},
title = {Bayes Optimal DDoS Mitigation by Adaptive History-Based IP Filtering},
booktitle = {Proceedings of the Seventh International Conference on Networking (icn 2008)},
year = {2008},
pages = {174-179},
pdf = {2008-IUPR-23Apr_1825.pdf},
abstract = {Distributed Denial of Service (DDoS) attacks are today the most destabilizing factor in the global internet and there is
a strong need for sophisticated solutions. We introduce a formal statistical framework and derive a Bayes optimal packet
classifier from it. Our proposed practical algorithm "Adaptive History-Based IP Filtering" (AHIF) mitigates DDoS attacks
near the victim and outperforms existing methods by at least 32% in terms of collateral damage. Furthermore, it adjusts
to the strength of an ongoing attack and ensures availability of the attacked server. In contrast to other adaptive
solutions, firewall rulesets used to resist an attack can be precalculated before an attack takes place. This ensures an
immediate response in a DDoS emergency. For evaluation, simulated DDoS attacks and two real-world user traffic datasets
are used.},
category = {machine learning;classification;intelligent systems software;network security}
}