中央研究院  |  資訊科學研究所  |  多媒體網路與系統實驗室
Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter
(NOTE: Sheng-Wei Chen is also known as Kuan-Ta Chen.)

Abstract
With the emergence of active worms, the targets of attacks have been moved from well-known Internet servers to generic Internet hosts, and since the rate at which patches can be applied is always much slower than the spread of a worm, an Internet worm can usually attack or infect millions of hosts in a short time. It is difficult to eliminate Internet attacks globally; thus, protecting client networks from being attacked or infected is a relatively critical issue. In this paper, we propose a method that protects client networks from being attacked by people who try to scan, attack, or infect hosts in local networks via unpatched vulnerabilities. Based on the symmetry of network traffic in both temporal and spatial domains, a bitmap filter is installed at the entry point of a client network to filter out possible attack traffic. Our evaluation shows that with a small amount of memory (less than 1 megabyte), more than 95% of attack traffic can be filtered out in a small- or medium-scale client network.

Materials
Citation
Chun-Ying Huang, Kuan-Ta Chen and Chin-Laung Lei, "Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter," In Proceedings of IEEE DSN 2006, 2006.

BibTex
@INPROCEEDINGS{huang06:bitmap,
  TITLE      = {{Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter}},
  AUTHOR     = {Chun-Ying Huang and Kuan-Ta Chen and Chin-Laung Lei},
  BOOKTITLE  = {Proceedings of IEEE DSN 2006},
  PAGES      = {403--412},
  YEAR       = {2006}
}