Resistance is not futile: Detecting DDoS attacks without packet inspection

Arjun P. Athreya, Xiao Wang, Yu Seung Kim, Yuan Tian, Patrick Tague

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Packets in anonymous networks are fully protected. Therefore, traditional methods relying on packet header and higher layer information do not work to detect Distributed-Denial-of-Service (DDoS) attacks in anonymous networks. In this paper we propose to use observable statistics at routers that need no packet inspection to infer the presence of an attack. We propose packet resistance as a metric to detect the presence of attacks which reduce the availability of channel bandwidth for wireless routers in the core network. Our proposed detection framework is distributed, wherein each router in the network core monitors and reports its findings to an intermediate router. These intermediate routers form a hierarchical overlay to eventually reach a centralized attack monitoring center. The alarm messages are used to construct an attack path and determine the origin of the attack. We present simulation results to demonstrate the effectiveness of our proposed metric.

Original languageEnglish (US)
Title of host publicationInformation Security Applications - 14th International Workshop, WISA 2013, Revised Selected Papers
PublisherSpringer Verlag
Number of pages15
ISBN (Print)9783319051482
StatePublished - 2014
Event14th International Workshop on Information Security Applications, WISA 2013 - Jeju Island, Korea, Republic of
Duration: Aug 19 2013Aug 21 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8267 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference14th International Workshop on Information Security Applications, WISA 2013
Country/TerritoryKorea, Republic of
CityJeju Island


  • Anonymous networks
  • DDoS
  • Intrusion detection

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Resistance is not futile: Detecting DDoS attacks without packet inspection'. Together they form a unique fingerprint.

Cite this