Real-Time Protection against DDoS Attacks Using Active Gateways

Columbus, Ohio, USA June 06-June 10

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICDCSW.2005.118

Second International Workshop on Secu ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Onur Demir Articles by Kanad Ghose

	ASCII Text	x
	Onur Demir, Kanad Ghose, "Real-Time Protection against DDoS Attacks Using Active Gateways," Distributed Computing Systems Workshops, International Conference on, vol. 2, pp. 224-231, Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05), 2005.

	BibTex	x
	@article{ 10.1109/ICDCSW.2005.118, author = {Onur Demir and Kanad Ghose}, title = {Real-Time Protection against DDoS Attacks Using Active Gateways}, journal ={Distributed Computing Systems Workshops, International Conference on}, volume = {2}, year = {2005}, issn = {1545-0678}, pages = {224-231}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICDCSW.2005.118}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Distributed Computing Systems Workshops, International Conference on TI - Real-Time Protection against DDoS Attacks Using Active Gateways SN - 1545-0678 SP224 EP231 A1 - Onur Demir, A1 - Kanad Ghose, PY - 2005 KW - null VL - 2 JA - Distributed Computing Systems Workshops, International Conference on ER -

Onur Demir, State University of New York at Binghamton

Kanad Ghose, State University of New York at Binghamton

This paper presents solutions for protecting servers against Distributed Denial-of-Service (DDoS) attacks that inundate the system with file download and script execution requests. Our solution uses a dynamic packet filtering on dual-ported active NIC based gateways to drop attacking packets based on locally measured request rates and information from the server (such as server loading, number of incomplete connections). A variety of techniques for performing such packet filtering in real-time are discussed. A prototype implementation using a testbed of several clients, attacking machines and servers indicates that considerable improvements in the response times to legitimate requests and overall improvements in the performance of the servers are realized by the proposed scheme. As a sustained high-volume attack is started, the intelligent gateway is successful in detecting and filtering out apparently malicious traffic in only a few 10s of seconds.

Citation:

Onur Demir, Kanad Ghose, "Real-Time Protection against DDoS Attacks Using Active Gateways," icdcsw, vol. 2, pp.224-231, Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.