Title :
Defending systems Against Tilt DDoS attacks
Author :
Liu, Huey-Ing ; Chang, Kuo-Chao
Author_Institution :
Dept. of Electron. Eng., Fu Jen Catholic Univ., Taipei, Taiwan
Abstract :
How to effectively resist DoS/DDoS (Distributed Denial of Service) attacks is one of the primary issues for Internet security. This paper studies non-invasive types of DoS/DDoS attacks, which attacks against servers via protocol-compliant and legitimate application-layer requests. Attackers use some special service requests, which require high processing complexity, to overwhelm the servers´ resources. This paper presents an effective defense system namely DAT: Defense system Against Tilt DDoS attacks. Through analyzing each client´s features, such instant traffic volume, session behavior, and so on. DAT schedules requests and decides whether to activate the defense mechanisms or not. The DAT is capable of effectively suppressing DoS/DDoS attacks, so that the protected server cluster is able to operate normally even under attacking. Simulation results show that DAT concentrates to serve legitimate users instead of wasting resources on malicious users.
Keywords :
Internet; protocols; security of data; DoS/DDoS attack; Internet security; defense system; distributed denial of service attack; high processing complexity; instant traffic volume; layer request; malicious user; noninvasive type; protocol-compliant; server cluster; service request; session behavior; tilt DDoS attack; Bandwidth; Barium; Computer crime; Filtering; Servers; Throughput; Time factors; denial of service; distributed denial of service; network security;
Conference_Titel :
Telecommunication Systems, Services, and Applications (TSSA), 2011 6th International Conference on
Conference_Location :
Bali
Print_ISBN :
978-1-4577-1441-2
DOI :
10.1109/TSSA.2011.6095400
