DocumentCode
175342
Title
A Selective Defense for Application Layer DDoS Attacks
Author
Dantas, Yuri Gil ; Nigam, Vivek ; Fonseca, Iguatemi E.
Author_Institution
Fed. Univ. of Paraiba, Joao Pessoa, Brazil
fYear
2014
fDate
24-26 Sept. 2014
Firstpage
75
Lastpage
82
Abstract
Distributed Denial of Service (DDoS) attacks remain among the most dangerous and noticeable attacks on the Internet. Differently from previous attacks, many recent DDoS attacks have not been carried out over the network layer, but over the application layer. The main difference is that in the latter, an attacker can target a particular application of the server, while leaving the remaining applications still available, thus generating less traffic and being harder to detect. Such attacks are possible by exploiting application layer protocols used by the target application. This paper proposes a novel defense for Application Layer DDoS attacks (ADDoS) based on the Adaptive Selective Verification (ASV) defense used for mitigating Network Layer DDoS attacks. We formalize our defense mechanism in the computational system Maude and demonstrate by using the statistical model checker PVeStA that it can be used to prevent ADDoS. In particular, we show that even in the presence of a great number of attackers, an application running our defense still has high levels of availability. Moreover, we compare our results to a defense based on traffic monitoring proposed in the literature and show that our defense is more robust and also leads to less traffic.
Keywords
Internet; computer network security; formal verification; reliability; system monitoring; ADDoS prevention; ASV defense; Internet; Maude; PVeStA; adaptive selective verification; application layer DDoS attacks; availability; computational system; distributed denial of service; network layer DDoS attacks; statistical model checker; traffic monitoring; Availability; Computer crime; Internet; Probability distribution; Protocols; Servers; Simulation; ASV; Application Layer; DDoS; Defense;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
Conference_Location
The Hague
Print_ISBN
978-1-4799-6363-8
Type
conf
DOI
10.1109/JISIC.2014.21
Filename
6975557
Link To Document