Abstract
Denial of Service (DoS) attacks represent a major threat to network security, especially in today's networked world. There has been significant research in this area, primarily focused on mitigating and preventing DoS attacks affecting transport layer services. This paper addresses issues arising from a new variation of a DoS attack, namely the SlowPOST attack that affects Application Layer services. In SlowPOST, the malicious clients send data at a slow rate after the connection is established, and the server is left waiting for the data to arrive. These attacks are particularly devastating due to their ability to resist detection due to their protocol compliance. In addition, such attacks do not require the massive resources that DoS attacks normally require, making them easier to launch. Some solutions for this issue have already been deployed in some commercial servers. These solutions are based on either monitoring traffic or enforcing a time limit on the transmission of the protocol headers. In order to achieve reliable detection, the detection parameters need to adapt to the constantly changing traffic. This paper proposes a novel algorithm that uses the data rate of connections to evolve a threshold for determining potential attackers in SlowPOST. This proposed method is tested by subjecting a server to an attack, and it was observed that in the absence of this method, the servicing of legitimate requests is not completed.
- ImadAad, Jean-Pierre Hubaux, and Edward W. Knightly. 2008. "Impact of Denial of Service Attacks on Ad Hoc Networks", IEEE/ACM Transactions On Networking, August 2008, Vol. 16, NO. 4, pp. 791--802. Google ScholarDigital Library
- T. Peng, K. R. Mohanarao, and C. Leckie. 2003. "Protection from distributed denial of service attacks using history-based IP filtering," in Proc. IEEE International Conference on Communications, May 2003, Vol. 1, pp. 482--486Google Scholar
- S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly. 2006. "DDoS Resilient scheduling to counter application layer attacks under imperfect detection", in Proc. IEEE INFOCOM, Apr. 2006Google Scholar
- V. D. Gligor. 1984. "A note on denial-of-service in operating systems," IEEE Transactions on Software Engineering, vol. 10, 1984, pp. 320--324 Google ScholarDigital Library
- VeronikaDurcekova, Ladislav Schwartz and Nahid Shahmehri. 2012. "Sophisticated Denial of Service Attacks aimed at Application Layer", 2012 IEEE pp. 55--60Google Scholar
- Hsia-Hsiang Chen, WuuYang. 2010."The Design and Implementation of a Practical Meta-Heuristic for the Detection and Identification of Denial-of-Service Attack Using Hybrid Approach" IEEESecond International Conference on Machine Learning and Computing, 2010, pp. 47--51 Google ScholarDigital Library
- Chengxu Ye, Kesong Zheng. 2011. "Detection of Application Layer Distributed Denial of Service", IEEE International Conference on Computer Science and Network Technology, 2011, pp. 310--314Google Scholar
- Yi Xie, Shun-Zheng Yu. 2006. "A Novel Model for Detecting Application Layer DDoS Attacks", IEEE Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences, 2006 Google ScholarDigital Library
- S. B. Ankali, D. V. Ashoka. 2011. "Detection Architecture of Application Layer DDoS Attack for Internet." Int. J. Advanced Networking and Applications, Vol. 03, Issue 1, 2011, pp. 84--9Google Scholar
Index Terms
- Data rate based adaptive thread assignment solution for combating the SlowPOST denial of service attack
Recommendations
Denial of service attacks, defences and research challenges
This paper presents a review of current denial of service (DoS) attack and defence concepts, from a theoretical ad practical point of view. Seriousness of DoS attacks is tangible and they present one of the most significant threats to assurance of ...
IP trace back techniques to ferret out denial of service attack source
ISP'07: Proceedings of the 6th WSEAS international conference on Information security and privacyToday's life has been revolutionized by Internet. Future of Internet is even more promising because of emerging technologies like ubiquitous computing, context sensitive, adaptive and reconfigurable applications. Security is the most important issue ...
A Comparative Study of Distributed Denial of Service Attacks, Intrusion Tolerance and Mitigation Techniques
EISIC '11: Proceedings of the 2011 European Intelligence and Security Informatics ConferenceDisruption of service caused by distributed denial of services (DDoS) attacks is an increasing problem in the Internet world. At the present time, to attack the victim's system, the attacker uses sophisticated automated attacking tools for DDoS attack, ...
Comments