{"id":"https://openalex.org/W1965322501","doi":"https://doi.org/10.1145/1971519.1971595","title":"An effective defense mechanism against DoS/DDoS attacks in flow-based routers","display_name":"An effective defense mechanism against DoS/DDoS attacks in flow-based routers","publication_year":2010,"publication_date":"2010-11-08","ids":{"openalex":"https://openalex.org/W1965322501","doi":"https://doi.org/10.1145/1971519.1971595","mag":"1965322501"},"language":"en","primary_location":{"id":"doi:10.1145/1971519.1971595","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1971519.1971595","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021754508","display_name":"PyungKoo Park","orcid":null},"institutions":[{"id":"https://openalex.org/I142401562","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10","country_code":"KR","type":"facility","lineage":["https://openalex.org/I142401562","https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"PyungKoo Park","raw_affiliation_strings":["ETRI","[ETRI]"],"affiliations":[{"raw_affiliation_string":"ETRI","institution_ids":[]},{"raw_affiliation_string":"[ETRI]","institution_ids":["https://openalex.org/I142401562"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033009937","display_name":"HeeKyoung Yi","orcid":null},"institutions":[{"id":"https://openalex.org/I196345858","display_name":"Chungnam National University","ror":"https://ror.org/0227as991","country_code":"KR","type":"education","lineage":["https://openalex.org/I196345858"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"HeeKyoung Yi","raw_affiliation_strings":["Chungnam National University","Chungnam national university"],"affiliations":[{"raw_affiliation_string":"Chungnam National University","institution_ids":["https://openalex.org/I196345858"]},{"raw_affiliation_string":"Chungnam national university","institution_ids":["https://openalex.org/I196345858"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100897433","display_name":"Sangjin Hong","orcid":null},"institutions":[{"id":"https://openalex.org/I142401562","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10","country_code":"KR","type":"facility","lineage":["https://openalex.org/I142401562","https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"SangJin Hong","raw_affiliation_strings":["ETRI","[ETRI]"],"affiliations":[{"raw_affiliation_string":"ETRI","institution_ids":[]},{"raw_affiliation_string":"[ETRI]","institution_ids":["https://openalex.org/I142401562"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084978256","display_name":"JaeCheul Ryu","orcid":null},"institutions":[{"id":"https://openalex.org/I196345858","display_name":"Chungnam National University","ror":"https://ror.org/0227as991","country_code":"KR","type":"education","lineage":["https://openalex.org/I196345858"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"JaeCheul Ryu","raw_affiliation_strings":["Chungnam National University","Chungnam national university"],"affiliations":[{"raw_affiliation_string":"Chungnam National University","institution_ids":["https://openalex.org/I196345858"]},{"raw_affiliation_string":"Chungnam national university","institution_ids":["https://openalex.org/I196345858"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5021754508"],"corresponding_institution_ids":["https://openalex.org/I142401562"],"apc_list":null,"apc_paid":null,"fwci":1.0684,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.7659152,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"442","last_page":"446"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.8725463151931763},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8381578922271729},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.7006540298461914},{"id":"https://openalex.org/keywords/trinoo","display_name":"Trinoo","score":0.6529719829559326},{"id":"https://openalex.org/keywords/ip-address-spoofing","display_name":"IP address spoofing","score":0.6240772008895874},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5811459422111511},{"id":"https://openalex.org/keywords/router","display_name":"Router","score":0.5509787797927856},{"id":"https://openalex.org/keywords/header","display_name":"Header","score":0.5459514856338501},{"id":"https://openalex.org/keywords/packet-processing","display_name":"Packet processing","score":0.5385507345199585},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.535700261592865},{"id":"https://openalex.org/keywords/netflow","display_name":"NetFlow","score":0.4969775974750519},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.47688916325569153},{"id":"https://openalex.org/keywords/loose-source-routing","display_name":"Loose Source Routing","score":0.46269163489341736},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.30730706453323364},{"id":"https://openalex.org/keywords/internet-protocol","display_name":"Internet Protocol","score":0.21634700894355774},{"id":"https://openalex.org/keywords/network-address-translation","display_name":"Network address translation","score":0.21044448018074036},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12273374199867249},{"id":"https://openalex.org/keywords/routing-table","display_name":"Routing table","score":0.11446109414100647},{"id":"https://openalex.org/keywords/routing-protocol","display_name":"Routing protocol","score":0.1018337607383728}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.8725463151931763},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8381578922271729},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.7006540298461914},{"id":"https://openalex.org/C43639116","wikidata":"https://www.wikidata.org/wiki/Q7843050","display_name":"Trinoo","level":5,"score":0.6529719829559326},{"id":"https://openalex.org/C111814575","wikidata":"https://www.wikidata.org/wiki/Q550893","display_name":"IP address spoofing","level":5,"score":0.6240772008895874},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5811459422111511},{"id":"https://openalex.org/C2775896111","wikidata":"https://www.wikidata.org/wiki/Q642560","display_name":"Router","level":2,"score":0.5509787797927856},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.5459514856338501},{"id":"https://openalex.org/C2779581428","wikidata":"https://www.wikidata.org/wiki/Q7122997","display_name":"Packet processing","level":3,"score":0.5385507345199585},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.535700261592865},{"id":"https://openalex.org/C188067584","wikidata":"https://www.wikidata.org/wiki/Q219363","display_name":"NetFlow","level":2,"score":0.4969775974750519},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.47688916325569153},{"id":"https://openalex.org/C39997849","wikidata":"https://www.wikidata.org/wiki/Q6675974","display_name":"Loose Source Routing","level":5,"score":0.46269163489341736},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.30730706453323364},{"id":"https://openalex.org/C35341882","wikidata":"https://www.wikidata.org/wiki/Q8795","display_name":"Internet Protocol","level":3,"score":0.21634700894355774},{"id":"https://openalex.org/C147873670","wikidata":"https://www.wikidata.org/wiki/Q11182","display_name":"Network address translation","level":4,"score":0.21044448018074036},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12273374199867249},{"id":"https://openalex.org/C184896649","wikidata":"https://www.wikidata.org/wiki/Q290066","display_name":"Routing table","level":4,"score":0.11446109414100647},{"id":"https://openalex.org/C104954878","wikidata":"https://www.wikidata.org/wiki/Q1648707","display_name":"Routing protocol","level":3,"score":0.1018337607383728}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1971519.1971595","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1971519.1971595","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1518154917","https://openalex.org/W1520068592","https://openalex.org/W1542356933","https://openalex.org/W1867219652","https://openalex.org/W1967949770","https://openalex.org/W2001968297","https://openalex.org/W2083260439","https://openalex.org/W2102142177","https://openalex.org/W2104692292","https://openalex.org/W2114418170","https://openalex.org/W2124589355","https://openalex.org/W2150228605","https://openalex.org/W2153817899","https://openalex.org/W2154337851","https://openalex.org/W2158673492","https://openalex.org/W2160728365","https://openalex.org/W2162088056","https://openalex.org/W2162133150","https://openalex.org/W2170810185","https://openalex.org/W4250493029","https://openalex.org/W4255970238"],"related_works":["https://openalex.org/W59037818","https://openalex.org/W2808906704","https://openalex.org/W3016013868","https://openalex.org/W2767208794","https://openalex.org/W2185727740","https://openalex.org/W2125366578","https://openalex.org/W3169314715","https://openalex.org/W2509100137","https://openalex.org/W1773428617","https://openalex.org/W1965322501"],"abstract_inverted_index":{"Due":[0],"to":[1,32,54,146],"proliferation":[2],"of":[3,96,106,134,140,153],"diverse":[4],"network":[5,20],"applications,":[6],"DoS/DDoS":[7,65,89,148],"attacks":[8,99,113],"are":[9,40,52,114],"evolving.":[10],"Many":[11],"studies":[12],"have":[13,127],"been":[14],"performed":[15],"and":[16,25,45,81,103,123,164],"implemented":[17,161],"in":[18,43],"on/off-line":[19],"devices":[21],"such":[22,157],"as":[23],"routers":[24,39,51,163],"IDS/IPS.":[26],"While":[27],"IDS/IPS":[28],"is":[29,144,156,160],"powerful":[30],"enough":[31],"handle":[33,55],"deep":[34],"packet":[35,57],"inspection":[36],"(DPI)":[37],"tasks,":[38],"better":[41],"suited":[42],"real-time":[44,82],"line-speed":[46],"processing":[47],"requirements.":[48],"Since":[49],"the":[50,70,79,121],"designed":[53],"IP":[56,109,117],"header":[58],"information,":[59],"if":[60],"one":[61],"can":[62],"devise":[63],"an":[64],"detection/prevention":[66],"methods":[67],"that":[68,92,158],"utilizes":[69],"router":[71],"specific":[72],"features":[73],"it":[74,159],"will":[75],"be":[76],"best":[77],"for":[78],"in-line":[80],"processing.":[83],"We":[84],"introduce":[85],"a":[86],"Flow":[87],"based":[88,115],"detection":[90],"algorithm(FDDA)":[91],"detects":[93],"Distributed":[94],"Denial":[95],"Service":[97],"(DDoS)":[98],"by":[100],"monitoring":[101],"TTL":[102,122],"ID":[104,124],"fields":[105,125,143],"incoming":[107],"packet's":[108],"header.":[110],"As":[111],"DDoS":[112],"on":[116],"source":[118],"address":[119],"spoofing,":[120],"may":[126],"abnormal":[128],"behavior.":[129],"The":[130,138,151],"device":[131],"keeps":[132],"track":[133],"8-tuple":[135],"flow":[136],"table.":[137],"behavior":[139],"these":[141],"two":[142],"monitored":[145],"determine":[147],"attack":[149],"situation.":[150],"effectiveness":[152],"our":[154],"method":[155],"flow-based":[162],"devices.":[165]},"counts_by_year":[{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}