By Topic

Mitigating application layer distributed denial of service attacks via effective trust management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $31
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Yu, J. ; Dept. of Comput. Sci., Nat. Univ. of Defense Technol., China ; Fang, C. ; Lu, L. ; Li, Z.

Nowadays, web servers are suffering from application layer distributed denial of service (DDoS) attacks, to which network layer solutions is not applicable as attackers are indistinguishable based on packets or protocols. In this study, the authors propose trust management helmet (TMH) as a partial solution to this problem, which is a lightweight mitigation mechanism that uses trust to differentiate legitimate users from attackers. Its key insight is that a server should give priority to protecting the connectivity of good users during application layer DDoS attacks, instead of identifying all the attack requests. The trust to clients is evaluated based on their visiting history and used to schedule the service to their requests. The authors introduce license, for user identification (even beyond NATs) and storing the trust information at clients. The license is cryptographically secured against forgery or replay attacks. The authors realise this mitigation mechanism and implement it as a Java package and use it for evaluation. The simulation results show that TMH is effective in mitigating session flooding attack: even with 20 times number of attackers, more than 99% of the sessions from legitimate users are accepted with TMH; whereas less than 18% are accepted without it. Moreover, we found that the additional computation cost on the deployed server is neglectable and the bandwidth overhead is acceptable.

Published in:

Communications, IET  (Volume:4 ,  Issue: 16 )