An active defense model for Web Accessing DoS attacks

Author

Zhao, Jianpeng ; Guo, Shize ; Zheng, Kangfeng ; Niu, Xinxin ; Jiang, Yao

Author_Institution

Key Lab. of Network & Inf. Attack & Defense Technol. of MOE, Beijing Univ. of Posts & Telecommun., Beijing, China

fYear

2010

fDate

17-19 Dec. 2010

Firstpage

314

Lastpage

318

Abstract

This paper analyses the characteristics of the Web Accessing DoS attacks, then proposes an active defense model. Based on the differences of data and time between the Web Accessing DoS attacks and the normal users´ browsing behavior, the active defense model will divide the web accessing traffic into three types: the normal browsing traffic, the actual attacking traffic, the dubitable attacking traffic. The policies for accessing traffic are different: the normal browsing traffic is permitted to access the web site; the actual attacking traffic is forbidden to access the web site; the dubitable attacking traffic will be led into the deception web site, then the active defense model will determine whether to permit the traffic to access the web site or not according to the observing result. The experimental results show that the model is effective in detecting and preventing the Web Accessing DoS attacks.

Keywords

Web sites; computer network security; telecommunication traffic; Denial of Service attacks; Web accessing Dos attacks; active defense model; actual attacking traffic; dubitable attacking traffic; normal browsing traffic; users´ browsing behavior; web accessing traffic; web site; Analytical models; Computer crime; Computers; Data processing; IP networks; Web server; Web sites; DoS; active defense; dubitable attack recognizing; network security; web access;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-6942-0

Type

conf

DOI

10.1109/ICITIS.2010.5689469

Filename

5689469