Skip to Main Content
Botnet-based distributed denial of service (DDoS) attacks represent an emerging and sophisticated threat for today's Internet. Attackers are now able to mimic the behavior of legitimate users to a great extent, making the issue of countering these attacks very challenging. In this paper, we propose a simple yet effective scheme that enables an ISP's edge routers to pass a great percentage of legitimate traffic, that is destined to a Web server under DDoS attack within that ISP, while filtering all other traffic. The proposed scheme, called JUST-Google, is based on the fact that Web search engines (especially Googletrade) represent the entrance for today's Web, thus making it in a strategic position to defend against these attacks. The main idea is that Googletrade can assist in identifying human users from bot programs by directing users who want to access a Web site under attack to a group of nodes that will perform authentication in which users are required to solve a reverse Turing test to obtain access to the Web server. Performance analysis shows that the proposed scheme would enable legitimate clients to access a Web site that is under attack with high probability.