Defending systems Against Tilt DDoS attacks

Author

Liu, Huey-Ing ; Chang, Kuo-Chao

Author_Institution

Dept. of Electron. Eng., Fu Jen Catholic Univ., Taipei, Taiwan

fYear

2011

fDate

20-21 Oct. 2011

Firstpage

22

Lastpage

27

Abstract

How to effectively resist DoS/DDoS (Distributed Denial of Service) attacks is one of the primary issues for Internet security. This paper studies non-invasive types of DoS/DDoS attacks, which attacks against servers via protocol-compliant and legitimate application-layer requests. Attackers use some special service requests, which require high processing complexity, to overwhelm the servers´ resources. This paper presents an effective defense system namely DAT: Defense system Against Tilt DDoS attacks. Through analyzing each client´s features, such instant traffic volume, session behavior, and so on. DAT schedules requests and decides whether to activate the defense mechanisms or not. The DAT is capable of effectively suppressing DoS/DDoS attacks, so that the protected server cluster is able to operate normally even under attacking. Simulation results show that DAT concentrates to serve legitimate users instead of wasting resources on malicious users.

Keywords

Internet; protocols; security of data; DoS/DDoS attack; Internet security; defense system; distributed denial of service attack; high processing complexity; instant traffic volume; layer request; malicious user; noninvasive type; protocol-compliant; server cluster; service request; session behavior; tilt DDoS attack; Bandwidth; Barium; Computer crime; Filtering; Servers; Throughput; Time factors; denial of service; distributed denial of service; network security;

fLanguage

English

Publisher

ieee

Conference_Titel

Telecommunication Systems, Services, and Applications (TSSA), 2011 6th International Conference on

Conference_Location

Bali

Print_ISBN

978-1-4577-1441-2

Type

conf

DOI

10.1109/TSSA.2011.6095400

Filename

6095400