Defending systems Against Tilt DDoS attacks
作者: Huey-Ing Liu , Kuo-Chao Chang
DOI: 10.1109/TSSA.2011.6095400
关键词:
摘要: How to effectively resist DoS/DDoS (Distributed Denial of Service) attacks is one the primary issues for Internet security. This paper studies non-invasive types attacks, which against servers via protocol-compliant and legitimate application-layer requests. Attackers use some special service requests, require high processing complexity, overwhelm servers' resources. presents an effective defense system namely DAT: Defense Against Tilt DDoS attacks. Through analyzing each client's features, such instant traffic volume, session behavior, so on. DAT schedules requests decides whether activate mechanisms or not. The capable suppressing that protected server cluster able operate normally even under attacking. Simulation results show concentrates serve users instead wasting resources on malicious users.
sci-hub.se 参考文章(6)
Jelena Mirkovic, Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms acm special interest group on data communication. ,vol. 34, pp. 39- 53 ,(2004) , 10.1145/997150.997156
S. Ranjan, R. Swaminathan, M. Uysal, A. Nucci, E. Knightly, DDoS-shield: DDoS-resilient scheduling to counter application layer attacks IEEE ACM Transactions on Networking. ,vol. 17, pp. 26- 39 ,(2009) , 10.1109/TNET.2008.926503
Judith Worell, SOS Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '02. ,vol. 32, pp. 61- 72 ,(2002) , 10.1145/633025.633032
Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, Scott Shenker, Controlling high bandwidth aggregates in the network acm special interest group on data communication. ,vol. 32, pp. 62- 73 ,(2002) , 10.1145/571697.571724
S. Ranjan, R. Swaminathan, M. Uysal, E. Knightly, DDoS-Resilient Scheduling to Counter Application Layer Attacks Under Imperfect Detection ieee international conference computer and communications. pp. 1- 13 ,(2006) , 10.1109/INFOCOM.2006.127
A.D. Keromytis, V. Misra, D. Rubenstein, SOS: an architecture for mitigating DDoS attacks IEEE Journal on Selected Areas in Communications. ,vol. 22, pp. 176- 188 ,(2004) , 10.1109/JSAC.2003.818807