Empirical Study of Tolerating Denial-of-Service Attacks with the Fosel Architecture

Author

Beitollahi, Hakem ; Deconinck, Geert

Author_Institution

Electr. Eng. Dept., Katholieke Univ. Leuven, Leuven, Belgium

fYear

2009

fDate

9-11 July 2009

Firstpage

258

Lastpage

261

Abstract

Filtering techniques are one of the main approaches to protect applications from denial of service attacks (DoS).However filtering techniques suffer from two main challenges: a) the accuracy detection of DoS traffic and b) processing time. Fosel (filtering with the help of an overlay security layer) has been proposed to protect application sites from denial-of-service attacks. The Fosel architecture addresses how an efficient and well-suited filter can be designed to improve the filtering challenges. This paper explores the effectiveness of the Fosel architecture by implementing an experimental testbed. Experimental study shows that by employing the Fosel architecture, DoS attacks have a negligible chance to saturate the target by malicious packets. These results confirm simulation study of Fosel and provide an empirical evidence that Fosel can be used to tolerate DoS attacks.

Keywords

information filtering; security of data; DoS traffic accuracy detection; Fosel architecture; denial-of-service attacks; filtering techniques; malicious packets; overlay security layer; Access control; Application software; Authentication; Computer applications; Computer architecture; Computer crime; Information filtering; Information filters; Protection; Testing; DoS attacks; Empirical study; overlay networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Computing and Applications, 2009. NCA 2009. Eighth IEEE International Symposium on

Conference_Location

Cambridge, MA

Print_ISBN

978-0-7695-3698-9

Electronic_ISBN

978-0-7695-3698-9

Type

conf

DOI

10.1109/NCA.2009.22

Filename

5190380