A novel framework to detect and block DDoS attack at the application layer

Detection and prevention of DDoS is still an area of ongoing research. A carefully crafted DDoS attack can fool present methodologies and overwhelm a server; such attacks may be the next wave of cyber warfare and cyber crime. It can be shown that only application level methods are capable of differe...

Full description

Saved in:
Bibliographic Details
Main Authors: Sivabalan, Sujatha, Radcliffe, P. J.
Format: Conference Proceeding
Language:English
Subjects:
Application-layer
Computer crime
distributed denial of service (DDoS)
IP networks
Monitoring
Servers
Testing
Web pages
Website
Citations: Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Detection and prevention of DDoS is still an area of ongoing research. A carefully crafted DDoS attack can fool present methodologies and overwhelm a server; such attacks may be the next wave of cyber warfare and cyber crime. It can be shown that only application level methods are capable of differentiating legitimate flash traffic from DDoS. In this paper we explain why existing application layer methodologies cannot work and propose a novel set of algorithms that are capable of detecting and blocking DDoS attacks whilst allowing through legitimate user traffic, including flash traffic. The required functionality can be added to existing web servers with a minimum of interference with the application code, or implemented in a separate network device.
DOI:10.1109/TENCONSpring.2013.6584511