• DocumentCode
    632009
  • Title

    A novel framework to detect and block DDoS attack at the application layer

  • Author

    Sivabalan, S. ; Radcliffe, P.J.

  • Author_Institution
    Electr. & Comput. Eng., RMIT Univ., Melbourne, VIC, Australia
  • fYear
    2013
  • fDate
    17-19 April 2013
  • Firstpage
    578
  • Lastpage
    582
  • Abstract
    Detection and prevention of DDoS is still an area of ongoing research. A carefully crafted DDoS attack can fool present methodologies and overwhelm a server; such attacks may be the next wave of cyber warfare and cyber crime. It can be shown that only application level methods are capable of differentiating legitimate flash traffic from DDoS. In this paper we explain why existing application layer methodologies cannot work and propose a novel set of algorithms that are capable of detecting and blocking DDoS attacks whilst allowing through legitimate user traffic, including flash traffic. The required functionality can be added to existing web servers with a minimum of interference with the application code, or implemented in a separate network device.
  • Keywords
    Internet; computer network security; file servers; DDoS attack blocking; DDoS attack detection; Web servers; application code; application layer; cyber crime; cyber warfare; distributed denial of service; flash traffic; interference; legitimate user traffic; Computer crime; IP networks; Monitoring; Servers; Testing; Web pages; Application-layer; Website; distributed denial of service (DDoS);
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    TENCON Spring Conference, 2013 IEEE
  • Conference_Location
    Sydney, NSW
  • Print_ISBN
    978-1-4673-6347-1
  • Type

    conf

  • DOI
    10.1109/TENCONSpring.2013.6584511
  • Filename
    6584511
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=632009