Protecting Web servers from octopus attacks

Denial-of-service (DoS) attacks are a major threat to the Internet and have not been completely solved in spite of much research effort. This paper deals with an important class of DoS attacks, called octopus attacks, which establish a flood of connections to a victim Web server and prevent legitima...

Full description

Saved in:
Bibliographic Details
Main Authors: Kobayashi, Y., Chen, E.Y., Oyama, Y., Yonezawa, A.
Format: Conference Proceeding
Language:English
Subjects:
Computer crime
Degradation
Floods
Internet
Joining processes
Monitoring
Network servers
Protection
Telecommunication traffic
Web server
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 85
container_issue
container_start_page 4 pp.
container_title
container_volume
creator Kobayashi, Y.
Chen, E.Y.
Oyama, Y.
Yonezawa, A.
description Denial-of-service (DoS) attacks are a major threat to the Internet and have not been completely solved in spite of much research effort. This paper deals with an important class of DoS attacks, called octopus attacks, which establish a flood of connections to a victim Web server and prevent legitimate users from connecting to the server. Octopus attacks cause serious performance degradation of the targeted server. In this paper, we propose an approach for protecting Web servers against octopus attacks. Our approach deploys an active monitor that monitors the network traffic arriving at a protected server. When there are an excessive number of connections to the server, this monitor resets the connection that is most likely to be an attacker's. We implemented this monitor on a Linux platform. Through experiments, we confirmed that our monitor enabled a Web server to provide service to legitimate users even when octopus attacks were made against the server
doi_str_mv 10.1109/SAINT.2006.52
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1581315</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1581315</ieee_id><sourcerecordid>1581315</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-14f3293bc7ff217ca607e9bbdb10c88a1995596a6be6d9d0922a4765d084e39a3</originalsourceid><addsrcrecordid>eNotzEtLAzEUQOGACGrt0pWb2cuM9yaTx12W4qNQVLDisiSZGxm1Tkmi4L9X0LP5dkeIM4QOEejycbG623QSwHRaHogTsIa01ODUkZiX8gq_KVLGqWNx8ZCnyrGOHy_NM4emcP7iXJqUp10zxTrtP0vja_XxrZyKw-TfC8__nYmn66vN8rZd39-slot1O6LVtcU-KUkqRJuSRBu9AcsUwhAQonMeibQm401gM9AAJKXvrdEDuJ4VeTUT53_fkZm3-zzufP7eonaoUKsfuk8_Ng</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Protecting Web servers from octopus attacks</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Kobayashi, Y. ; Chen, E.Y. ; Oyama, Y. ; Yonezawa, A.</creator><creatorcontrib>Kobayashi, Y. ; Chen, E.Y. ; Oyama, Y. ; Yonezawa, A.</creatorcontrib><description>Denial-of-service (DoS) attacks are a major threat to the Internet and have not been completely solved in spite of much research effort. This paper deals with an important class of DoS attacks, called octopus attacks, which establish a flood of connections to a victim Web server and prevent legitimate users from connecting to the server. Octopus attacks cause serious performance degradation of the targeted server. In this paper, we propose an approach for protecting Web servers against octopus attacks. Our approach deploys an active monitor that monitors the network traffic arriving at a protected server. When there are an excessive number of connections to the server, this monitor resets the connection that is most likely to be an attacker's. We implemented this monitor on a Linux platform. Through experiments, we confirmed that our monitor enabled a Web server to provide service to legitimate users even when octopus attacks were made against the server</description><identifier>ISBN: 0769525083</identifier><identifier>ISBN: 9780769525082</identifier><identifier>DOI: 10.1109/SAINT.2006.52</identifier><language>eng</language><publisher>IEEE</publisher><subject>Computer crime ; Degradation ; Floods ; Internet ; Joining processes ; Monitoring ; Network servers ; Protection ; Telecommunication traffic ; Web server</subject><ispartof>International Symposium on Applications and the Internet (SAINT'06), 2006, p.4 pp.-85</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1581315$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2056,4048,4049,27924,54919</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1581315$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Kobayashi, Y.</creatorcontrib><creatorcontrib>Chen, E.Y.</creatorcontrib><creatorcontrib>Oyama, Y.</creatorcontrib><creatorcontrib>Yonezawa, A.</creatorcontrib><title>Protecting Web servers from octopus attacks</title><title>International Symposium on Applications and the Internet (SAINT'06)</title><addtitle>SAINT</addtitle><description>Denial-of-service (DoS) attacks are a major threat to the Internet and have not been completely solved in spite of much research effort. This paper deals with an important class of DoS attacks, called octopus attacks, which establish a flood of connections to a victim Web server and prevent legitimate users from connecting to the server. Octopus attacks cause serious performance degradation of the targeted server. In this paper, we propose an approach for protecting Web servers against octopus attacks. Our approach deploys an active monitor that monitors the network traffic arriving at a protected server. When there are an excessive number of connections to the server, this monitor resets the connection that is most likely to be an attacker's. We implemented this monitor on a Linux platform. Through experiments, we confirmed that our monitor enabled a Web server to provide service to legitimate users even when octopus attacks were made against the server</description><subject>Computer crime</subject><subject>Degradation</subject><subject>Floods</subject><subject>Internet</subject><subject>Joining processes</subject><subject>Monitoring</subject><subject>Network servers</subject><subject>Protection</subject><subject>Telecommunication traffic</subject><subject>Web server</subject><isbn>0769525083</isbn><isbn>9780769525082</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2006</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotzEtLAzEUQOGACGrt0pWb2cuM9yaTx12W4qNQVLDisiSZGxm1Tkmi4L9X0LP5dkeIM4QOEejycbG623QSwHRaHogTsIa01ODUkZiX8gq_KVLGqWNx8ZCnyrGOHy_NM4emcP7iXJqUp10zxTrtP0vja_XxrZyKw-TfC8__nYmn66vN8rZd39-slot1O6LVtcU-KUkqRJuSRBu9AcsUwhAQonMeibQm401gM9AAJKXvrdEDuJ4VeTUT53_fkZm3-zzufP7eonaoUKsfuk8_Ng</recordid><startdate>2006</startdate><enddate>2006</enddate><creator>Kobayashi, Y.</creator><creator>Chen, E.Y.</creator><creator>Oyama, Y.</creator><creator>Yonezawa, A.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2006</creationdate><title>Protecting Web servers from octopus attacks</title><author>Kobayashi, Y. ; Chen, E.Y. ; Oyama, Y. ; Yonezawa, A.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-14f3293bc7ff217ca607e9bbdb10c88a1995596a6be6d9d0922a4765d084e39a3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Computer crime</topic><topic>Degradation</topic><topic>Floods</topic><topic>Internet</topic><topic>Joining processes</topic><topic>Monitoring</topic><topic>Network servers</topic><topic>Protection</topic><topic>Telecommunication traffic</topic><topic>Web server</topic><toplevel>online_resources</toplevel><creatorcontrib>Kobayashi, Y.</creatorcontrib><creatorcontrib>Chen, E.Y.</creatorcontrib><creatorcontrib>Oyama, Y.</creatorcontrib><creatorcontrib>Yonezawa, A.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Kobayashi, Y.</au><au>Chen, E.Y.</au><au>Oyama, Y.</au><au>Yonezawa, A.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Protecting Web servers from octopus attacks</atitle><btitle>International Symposium on Applications and the Internet (SAINT'06)</btitle><stitle>SAINT</stitle><date>2006</date><risdate>2006</risdate><spage>4 pp.</spage><epage>85</epage><pages>4 pp.-85</pages><isbn>0769525083</isbn><isbn>9780769525082</isbn><abstract>Denial-of-service (DoS) attacks are a major threat to the Internet and have not been completely solved in spite of much research effort. This paper deals with an important class of DoS attacks, called octopus attacks, which establish a flood of connections to a victim Web server and prevent legitimate users from connecting to the server. Octopus attacks cause serious performance degradation of the targeted server. In this paper, we propose an approach for protecting Web servers against octopus attacks. Our approach deploys an active monitor that monitors the network traffic arriving at a protected server. When there are an excessive number of connections to the server, this monitor resets the connection that is most likely to be an attacker's. We implemented this monitor on a Linux platform. Through experiments, we confirmed that our monitor enabled a Web server to provide service to legitimate users even when octopus attacks were made against the server</abstract><pub>IEEE</pub><doi>10.1109/SAINT.2006.52</doi></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 0769525083
ispartof International Symposium on Applications and the Internet (SAINT'06), 2006, p.4 pp.-85
issn
language eng
recordid cdi_ieee_primary_1581315
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Computer crime
Degradation
Floods
Internet
Joining processes
Monitoring
Network servers
Protection
Telecommunication traffic
Web server
title Protecting Web servers from octopus attacks
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-12T19%3A14%3A49IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Protecting%20Web%20servers%20from%20octopus%20attacks&rft.btitle=International%20Symposium%20on%20Applications%20and%20the%20Internet%20(SAINT'06)&rft.au=Kobayashi,%20Y.&rft.date=2006&rft.spage=4%20pp.&rft.epage=85&rft.pages=4%20pp.-85&rft.isbn=0769525083&rft.isbn_list=9780769525082&rft_id=info:doi/10.1109/SAINT.2006.52&rft_dat=%3Cieee_6IE%3E1581315%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-14f3293bc7ff217ca607e9bbdb10c88a1995596a6be6d9d0922a4765d084e39a3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1581315&rfr_iscdi=true