Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICNS
2007
IEEE
2007
IEEE
A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks
—Application layer DDoS attacks, which are legitimate in packets and protocols, gradually become a pressing problem for commerce, politics and military. We build an attack model and characterize layer-7 attacks into three classes: session flooding attacks, request flooding attacks and asymmetric attacks. We proposed a mechanism named as DOW (Defense and Offense Wall), which defends against layer-7 attacks using combination of detection technology and currency technology. An anomaly detection method based on K-means clustering is introduced to detect and filter request flooding attacks and asymmetric attacks. To defend against session-flooding attacks, we propose an encouragement model that uses client’s session rate as currency. Detection model drops suspicious sessions, while currency model encourages more legitimate sessions. By collaboration of these two models, normal clients could gain higher service rate and lower delay of response time. Keywords- DDoS Attacks; Detection; K-m...
Real-time Traffic| Added | 03 Jun 2010 |
| Updated | 03 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ICNS |
| Authors | Jie Yu, Zhoujun Li, Huowang Chen, Xiaoming Chen |
Comments (0)
Researcher Info
|
