Sciweavers

INFOCOM
2006
IEEE

DDoS-Resilient Scheduling to Counter Application Layer Attacks Under Imperfect Detection

14 years 6 months ago
DDoS-Resilient Scheduling to Counter Application Layer Attacks Under Imperfect Detection
— Countering Distributed Denial of Service (DDoS) attacks is becoming ever more challenging with the vast resources and techniques increasingly available to attackers. In this paper, we consider sophisticated attacks that are protocol-compliant, non-intrusive, and utilize legitimate application-layer requests to overwhelm system resources. We characterize applicationlayer resource attacks as either request flooding, asymmetric, or repeated one-shot, on the basis of the application workload parameters that they exploit. To protect servers from these attacks, we propose a counter-mechanism that consists of a suspicion assignment mechanism and a DDoS-resilient scheduler, DDoS Shield. In contrast to prior work, our suspicion mechanism assigns a continuous value as opposed to a binary measure to each client session, and the scheduler utilizes these values to determine if and when to schedule a session’s requests. Using testbed experiments on a web application, we demonstrate the potenc...
Supranamaya Ranjan, Ram Swaminathan, Mustafa Uysal
Added 11 Jun 2010
Updated 11 Jun 2010
Type Conference
Year 2006
Where INFOCOM
Authors Supranamaya Ranjan, Ram Swaminathan, Mustafa Uysal, Edward W. Knightly
Comments (0)