By Topic

A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Jie Yu ; National University of Defense Technology Changsha, China ; Zhoujun Li ; Huowang Chen ; Xiaoming Chen

Application layer DDoS attacks, which are legitimate in packets and protocols, gradually become a pressing problem for commerce, politics and military. We build an attack model and characterize layer-7 attacks into three classes: session flooding attacks, request flooding attacks and asymmetric attacks. We proposed a mechanism named as DOW (defense and offense wall), which defends against layer-7 attacks using combination of detection technology and currency technology. An anomaly dete-ction method based on K-means clustering is introduced to detect and filter request flooding attacks and asymmetric attacks. To defend against session-flooding attacks, we propose an encouragement model that uses client's session rate as currency. Detection model drops suspicious sessions, while currency model encourages more legitimate sessions. By collaboration of these two models, normal clients could gain higher service rate and lower delay of response time.

Published in:

Networking and Services, 2007. ICNS. Third International Conference on

Date of Conference:

19-25 June 2007