• DocumentCode
    175342
  • Title

    A Selective Defense for Application Layer DDoS Attacks

  • Author

    Dantas, Yuri Gil ; Nigam, Vivek ; Fonseca, Iguatemi E.

  • Author_Institution
    Fed. Univ. of Paraiba, Joao Pessoa, Brazil
  • fYear
    2014
  • fDate
    24-26 Sept. 2014
  • Firstpage
    75
  • Lastpage
    82
  • Abstract
    Distributed Denial of Service (DDoS) attacks remain among the most dangerous and noticeable attacks on the Internet. Differently from previous attacks, many recent DDoS attacks have not been carried out over the network layer, but over the application layer. The main difference is that in the latter, an attacker can target a particular application of the server, while leaving the remaining applications still available, thus generating less traffic and being harder to detect. Such attacks are possible by exploiting application layer protocols used by the target application. This paper proposes a novel defense for Application Layer DDoS attacks (ADDoS) based on the Adaptive Selective Verification (ASV) defense used for mitigating Network Layer DDoS attacks. We formalize our defense mechanism in the computational system Maude and demonstrate by using the statistical model checker PVeStA that it can be used to prevent ADDoS. In particular, we show that even in the presence of a great number of attackers, an application running our defense still has high levels of availability. Moreover, we compare our results to a defense based on traffic monitoring proposed in the literature and show that our defense is more robust and also leads to less traffic.
  • Keywords
    Internet; computer network security; formal verification; reliability; system monitoring; ADDoS prevention; ASV defense; Internet; Maude; PVeStA; adaptive selective verification; application layer DDoS attacks; availability; computational system; distributed denial of service; network layer DDoS attacks; statistical model checker; traffic monitoring; Availability; Computer crime; Internet; Probability distribution; Protocols; Servers; Simulation; ASV; Application Layer; DDoS; Defense;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
  • Conference_Location
    The Hague
  • Print_ISBN
    978-1-4799-6363-8
  • Type

    conf

  • DOI
    10.1109/JISIC.2014.21
  • Filename
    6975557