Paper Abstract and Keywords |
Presentation |
2011-12-16 12:50
Overlay Based, Distributed Defense-Framework against DDoS Attacks Mohamad Eid, Hitoshi Aida (Univ. of Tokyo) IA2011-51 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The World Wide Web plays vital roles in our daily lives. But cyber-attackers abuse this vitality by threatening web servers. DDoS attacks (distributed denial of service) remain as one of the major threats for web servers despite of the continuous protection efforts. Recently, high level DDoS attacks (targeting the application level) could successfully affect several high profile web services. A defense framework that can stop all levels of DDoS attacks is required. High level DDoS attack traffic can稚 be easily detected, since the request comes from a real host and asks for a real resource from the server痴 application. In this paper, possible high level attack scenarios are classified into; preventable, detectable, and non-detectable. Afterwards, our previously proposed overlay based, distributed defense-framework against DDoS Attacks is presented. The proposed framework is capable of preventing low level attacks from affecting the server. Additional countermeasures are also introduced that can help eliminate a large portion of the possible high level attack strategies. Preliminary tests on the implemented prototype under high level attacks show that the new AN countermeasures serves as a practical response mechanism to the detectable category, besides its facilitating their detection. Even for the non-detectable attacks class, the introduced countermeasures throttles down the attackers achievable rate given the same resources thus raise the bar on them. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Denial-of-service-attacks / high level attacks / information security / intrusion detection / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 111, no. 347, IA2011-51, pp. 37-42, Dec. 2011. |
Paper # |
IA2011-51 |
Date of Issue |
2011-12-08 (IA) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
IA2011-51 |
Conference Information |
Committee |
IN IA |
Conference Date |
2011-12-15 - 2011-12-16 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Hiroshima City University |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Internet Measurement, Network Management, Network Security, Traffic Theory, etc |
Paper Information |
Registration To |
IA |
Conference Code |
2011-12-IN-IA |
Language |
English |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Overlay Based, Distributed Defense-Framework against DDoS Attacks |
Sub Title (in English) |
|
Keyword(1) |
Denial-of-service-attacks |
Keyword(2) |
high level attacks |
Keyword(3) |
information security |
Keyword(4) |
intrusion detection |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Mohamad Eid |
1st Author's Affiliation |
The University of Tokyo (Univ. of Tokyo) |
2nd Author's Name |
Hitoshi Aida |
2nd Author's Affiliation |
The University of Tokyo (Univ. of Tokyo) |
3rd Author's Name |
|
3rd Author's Affiliation |
() |
4th Author's Name |
|
4th Author's Affiliation |
() |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2011-12-16 12:50:00 |
Presentation Time |
25 minutes |
Registration for |
IA |
Paper # |
IA2011-51 |
Volume (vol) |
vol.111 |
Number (no) |
no.347 |
Page |
pp.37-42 |
#Pages |
6 |
Date of Issue |
2011-12-08 (IA) |
|