Towards Mitigation of Low and Slow Application DDoS Attacks

Author

Shtern, Mark ; Sandel, Roni ; Litoiu, Marin ; Bachalo, Chris ; Theodorou, Vasileios

Author_Institution

York Univ., Toronto, ON, Canada

fYear

2014

fDate

11-14 March 2014

Firstpage

604

Lastpage

609

Abstract

Distributed Denial of Service attacks are a growing threat to organizations and, as defense mechanisms are becoming more advanced, hackers are aiming at the application layer. For example, application layer Low and Slow Distributed Denial of Service attacks are becoming a serious issue because, due to low resource consumption, they are hard to detect. In this position paper, we propose a reference architecture that mitigates the Low and Slow Distributed Denial of Service attacks by utilizing Software Defined Infrastructure capabilities. We also propose two concrete architectures based on the reference architecture: a Performance Model-Based and Off-The-Shelf Components based architecture, respectively. We introduce the Shark Tank concept, a cluster under detailed monitoring that has full application capabilities and where suspicious requests are redirected for further filtering.

Keywords

computer network security; Shark Tank concept; application layer; defense mechanisms; distributed denial of service attacks; low application DDoS attack mitigation; off-the-shelf components based architecture; performance model-based architecture; reference architecture; resource consumption; slow application DDoS attack mitigation; software defined infrastructure capabilities; Automation; Computer architecture; Computer crime; Control systems; IP networks; Measurement; Monitoring; Application Layer; Cloud; Low and Slow Distributed Denial of Service (LSDDoS); Software Defined Network;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud Engineering (IC2E), 2014 IEEE International Conference on

Conference_Location

Boston, MA

Type

conf

DOI

10.1109/IC2E.2014.38

Filename

6903536