Towards Mitigation of Low and Slow Application DDoS Attacks

被引:36
|
作者
Shtern, Mark [1 ]
Sandel, Roni [1 ]
Litoiu, Marin [1 ]
Bachalo, Chris [2 ]
Theodorou, Vasileios [3 ]
机构
[1] York Univ, Toronto, ON M3J 2R7, Canada
[2] Juniper Networks, Ottawa, ON, Canada
[3] Univ Politecn Cataluna, Barcelona, Spain
来源
2014 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E) | 2014年
关键词
Software Defined Network; Low and Slow Distributed Denial of Service (LSDDoS); Application Layer; Cloud;
D O I
10.1109/IC2E.2014.38
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Distributed Denial of Service attacks are a growing threat to organizations and, as defense mechanisms are becoming more advanced, hackers are aiming at the application layer. For example, application layer Low and Slow Distributed Denial of Service attacks are becoming a serious issue because, due to low resource consumption, they are hard to detect. In this position paper, we propose a reference architecture that mitigates the Low and Slow Distributed Denial of Service attacks by utilizing Software Defined Infrastructure capabilities. We also propose two concrete architectures based on the reference architecture: a Performance Model-Based and Off-The-Shelf Components based architecture, respectively. We introduce the Shark Tank concept, a cluster under detailed monitoring that has full application capabilities and where suspicious requests are redirected for further filtering.
引用
收藏
页码:604 / 609
页数:6
相关论文
共 50 条
  • [21] Efficient DDoS attacks mitigation for stateful forwarding in Internet of Things
    Liu, Gang
    Quan, Wei
    Cheng, Nan
    Zhang, Hongke
    Yu, Shui
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2019, 130 : 1 - 13
  • [22] Accelerated DDoS Attacks Mitigation using Programmable Data Plane
    Kuka, Mario
    Vojanec, Kamil
    Kucera, Jan
    Benacek, Pavel
    2019 ACM/IEEE SYMPOSIUM ON ARCHITECTURES FOR NETWORKING AND COMMUNICATIONS SYSTEMS (ANCS), 2019,
  • [23] A Scheme for DDoS Attacks Mitigation in IdM Systems Through Reorganizations
    Macedo, Ricardo
    Santos, Aldri
    Ghamri-Doudane, Yacine
    Nogueira, Michele
    NOMS 2016 - 2016 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, 2016, : 298 - 305
  • [24] 9-1-1 DDoS: Attacks, Analysis and Mitigation
    Guri, Mordechai
    Mirsky, Yisroel
    Elovici, Yuval
    2017 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P), 2017, : 218 - 232
  • [25] DDoS attacks in VoIP: a brief review of detection and mitigation techniques
    Narayanan, Sambath
    Manickam, Selvakumar
    Leau, Yu-Beng
    INTERNATIONAL JOURNAL OF ADVANCED AND APPLIED SCIENCES, 2016, 3 (09): : 90 - 96
  • [26] A Study on the Impacts of DoS and DDoS Attacks on Cloud and Mitigation Techniques
    Balobaid, Awatef
    Alawad, Wedad
    Aljasim, Hanan
    2016 INTERNATIONAL CONFERENCE ON COMPUTING, ANALYTICS AND SECURITY TRENDS (CAST), 2016, : 416 - 421
  • [27] Prevention and Mitigation of DNS based DDoS attacks in SDN Environment
    Saharan, Shail
    Gupta, Vishal
    2019 11TH INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS & NETWORKS (COMSNETS), 2019, : 606 - 608
  • [28] Towards Securing Cloud Computing from DDOS Attacks
    Ahmed, Ishtiaq
    Ahmed, Sheeraz
    Nawaz, Asif
    Jan, Sadeeq
    Najam, Zeeshan
    Saadat, Muneeb
    Khan, Rehan Ali
    Zaman, Khalid
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2020, 11 (08) : 615 - 622
  • [29] Towards solving DDoS attacks using collaboration scheme
    Sai Sravan, T.
    Devi, T.
    Test Engineering and Management, 2019, 81 (11-12): : 5459 - 5464
  • [30] Characterizing the Impacts of Application Layer DDoS Attacks
    Jiang, Muhui
    Wang, Chenxu
    Luo, Xiapu
    Miu, MiuTung
    Chen, Ting
    2017 IEEE 24TH INTERNATIONAL CONFERENCE ON WEB SERVICES (ICWS 2017), 2017, : 500 - 507
12345