Title :
A novel framework to detect and block DDoS attack at the application layer
Author :
Sivabalan, S. ; Radcliffe, P.J.
Author_Institution :
Electr. & Comput. Eng., RMIT Univ., Melbourne, VIC, Australia
Abstract :
Detection and prevention of DDoS is still an area of ongoing research. A carefully crafted DDoS attack can fool present methodologies and overwhelm a server; such attacks may be the next wave of cyber warfare and cyber crime. It can be shown that only application level methods are capable of differentiating legitimate flash traffic from DDoS. In this paper we explain why existing application layer methodologies cannot work and propose a novel set of algorithms that are capable of detecting and blocking DDoS attacks whilst allowing through legitimate user traffic, including flash traffic. The required functionality can be added to existing web servers with a minimum of interference with the application code, or implemented in a separate network device.
Keywords :
Internet; computer network security; file servers; DDoS attack blocking; DDoS attack detection; Web servers; application code; application layer; cyber crime; cyber warfare; distributed denial of service; flash traffic; interference; legitimate user traffic; Computer crime; IP networks; Monitoring; Servers; Testing; Web pages; Application-layer; Website; distributed denial of service (DDoS);
Conference_Titel :
TENCON Spring Conference, 2013 IEEE
Conference_Location :
Sydney, NSW
Print_ISBN :
978-1-4673-6347-1
DOI :
10.1109/TENCONSpring.2013.6584511
