| Publisher | Washington University in St. Louis | ||
|---|---|---|---|
| Format | 318.1KB PDF | Date added | 01 Jul 2008 |
| Topics | Security Management, Denial of Service | ||
| Downloads | 2 | ||
A high profile internet server is always a target of denial-of-service attacks. This paper proposes a novel technique for protecting an internet server from distributed denial-of-service attacks. The defense mechanism is based on a distributed algorithm that performs weight-fair throttling at the upstream routers. The throttling is weight-fair because the traffics destined for the server are controlled increased or decreased) by the leaky-buckets at the routers based on the number of users connected, directly or through other routers, to each router. To the best of the knowledge, this is the first weight-fair technique for saving an internet server from denial-of-service attacks.
Did you find this white paper useful?
1 out of 2 users found this white paper useful
Related white papers
Why Your Standard IPS Leaves You Open to DDoS Attacks
Off late Distributed Denial of Service (DDoS) attacks are specifically designed to leverage the weaknesses of a standard Intrusion Prevention System (IPS), which is not able to defend against a...
Pushing Security to the Perimeter: Trusted Computing Technology Adapts to Changing Enterprise Needs
Security concerns, identity theft and regulatory compliance requirements are converging to drive the enterprise's need for strong identity and access management (IAM) solutions. These solutions can include enterprise single sign-on...
The dirty dozen: preventing common application-level hack attacks
As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Such attacks can bring a business to a standstill, cost...
DDoS Defense Mechanism by Applying Stamps
In current trend, internet plays a vital role in the life and distributed computing structure grows dramatically in size, functionality and complexity and has become the integral part of the...
Using NetFlow Auditor to Assist in Identifying Distributed Denial-of-Service (DDoS) Attacks and Other Network Behavior Anomalies
This Paper covers how Denial of Service Attacks (DoS) and Distributed Denial of Service Attacks (DDos) can be identified early to mitigate and attack. The paper will reflect a method...
Empirical Study of Tolerating Denial-of-Service Attacks With the Fosel Architecture
Filtering techniques are one of the main approaches to protect applications from Denial of Service Attacks (DoS). However filtering techniques suffer from two main challenges: the accuracy detection of DoS...
Scraping, Denial of Service, and Brute Force Attacks! Oh My!: Identifying and Controlling Automated Clients
Anti-Automation defenses are critical in today's web application security landscape. Breach Security's product line is uniquely positioned to help organizations address these automated types of attacks. Only through the combination...
