Title: Defenses Against DDoS Attacks With Multiple IDSs Using Network Stream Splitting

Abastract:
Distributed Denial of Service (DDoS) attacks is one of the most widely used attack methods 
these days. DDoS is difficult to detect and defend because it involves thousands of 
machines in a single attack action. In 2003, John D. Judd and John C. McEachen introduced 
in a new approach called “network stream splitting” which allows multiple IDSs protecting 
a single server parallel and distributes network traffic streams among them. This paper 
will discuss the possibility that use multiple IDSs to protect a server from DDoS attacks 
by using network stream splitting to dispatch traffic to different IDS.

References:
1. S.D. Crocker, (2004) “Protecting the Internet from distributed denial-of-service 
   attacks: a proposal”. Proceedings of the IEEE , Volume: 92 , Issue: 9 , Sept. 2004, 
   Pages:1375 – 1381
2. P. Ferguson and D. Senie, “RFC 2267: Network ingress filtering: defeating denial of 
   service attacks which employ IP source address spoofing,” Jan. 1998
3. John D. Judd, John C. McEachen, (2003) “An architecture for network stream splitting in 
   support of intrusion detection”. Information, Communications and Signal Processing, 
   2003 and the Fourth Pacific Rim Conference on Multimedia. Proceedings of the 2003 Joint 
   Conference of the Fourth International Conference on  ,Volume: 3 , 15-18 Dec. 2003, 
   Pages:1717 - 1721 vol.3
4. F. Lau, S.H. Rubin, M.H. Smith, L. Trajkovic, (2000) “Distributed denial of service 
   attacks” Systems, Man, and Cybernetics, 2000 IEEE International Conference on , 
   Volume: 3 , 8-11 Oct. 2000 Pages:2275 - 2280 vol.3
5. D. Moore, G. Voelker, S. Savage, “Inferring Internet Denial of Service Activity”, 
   Proceedings of the 2001 USENIX Security Symposium Washington D.C., August 2001
6. Andrian Piskozub, (2002) “Denial of service and distributed denial of service attacks”. 
   Modern Problems of Radio Engineering, Telecommunications and Computer Science, 2002. 
   Proceedings of the International Conference , 18-23 Feb. 2002, Pages:303 – 304
7. Bao-Tung Wang, Henning Schulzrinne, (2003) “Analysis of denial-of-service attacks on 
   denial-of-service defensive measures”. Global Telecommunications Conference, 2003. 
   GLOBECOM '03. IEEE , Volume: 3 , 1-5 Dec. 2003, Pages:1339 - 1343 vol.3