IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account

Close category search window
Author Searchbeta |  Advanced Search  |  Preferences |  Search Tips  |  More Search Options  
 
Browse Conference Publications > Computer Communications and N ... Help

Sentinel: Hardware-Accelerated Mitigation of Bot-Based DDoS Attacks

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing! close button
puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Djalaliev, P. ; Dept. of Comput. Sci., Pittsburgh Univ., Pittsburgh, PA ; Jamshed, M. ; Farnan, N. ; Brustoloni, J.

Effective defenses against DDoS attacks that deplete resources at the network and transport layers have been deployed commercially. Therefore, DDoS attacks increasingly use normal- looking application-layer requests to waste server CPU or disk capacity. CAPTCHAs attempt to distinguish bots from human clients and are often used to avoid such attacks. However, CAPTCHAs themselves consume resources and frequently are defeated. Kill-Bots reduces CAPTCHA overhead by pushing client authentication into the kernel. However, Kill-Bots requires kernel modifications, which can be infeasible. We describe the design, implementation, and performance evaluation of Sentinel, a network device that overcomes several limitations in Kill-Bots. Sentinel can be easily deployed as a bridge in front of server farms, modularly accepts a variety of present and future authentication schemes, and can use network processors to accelerate authentication. Experiments show that Sentinel greatly reduces the impact of DDoS attacks on the response time experienced by legitimate clients.

Published in:
Computer Communications and Networks, 2008. ICCCN '08. Proceedings of 17th International Conference on

Date of Conference: 3-7 Aug. 2008

Page(s):
1 - 8
ISSN :
1095-2055
E-ISBN :
978-1-4244-2390-3
Print ISBN:
978-1-4244-2389-7
INSPEC Accession Number:
10311953
Conference Location :
St. Thomas, US Virgin Islands
Digital Object Identifier :
10.1109/ICCCN.2008.ECP.123

IEEE Account

Purchase Details

Profile Information

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.