Title :
Using whitelisting to mitigate DDoS attacks on critical Internet sites
Author_Institution :
Dept. of Electr. Eng. & Comput. Sci., Kookmin Univ., Seoul, South Korea
fDate :
7/1/2010 12:00:00 AM
Abstract :
As DDoS attackers pursue monetary profit, critical Internet sites (CISs) become a good target. These attacks will be more difficult to defend because the botnet size continuously increases, and the attackers spare no pains in preparing the attacks. Under this new paradigm, current anti-DDoS systems may be fooled; we need a new survival strategy. We propose a novel DDoS mitigation scheme for CISs. We observe that CISs can continue their main businesses if most important clients can access the services. This motivates us to build a whitelist, called a VIP list in this article, and the source addresses in the list are given higher priority when the CIS is under attack. The VIP list is built from the previous login logs of authentication processes at the application layer. The experimental results show that the proposed scheme effectively mitigates DDoS attacks.
Keywords :
Internet; security of data; DDoS attackers; VIP list; authentication processes; botnet size; critical internet sites; login logs; monetary profit; source addresses; whitelist; Bandwidth; Computer crime; Computer vision; Floods; Internet; Network servers; Personal communication networks; System testing; Telecommunication traffic; Web server;
Journal_Title :
Communications Magazine, IEEE
DOI :
10.1109/MCOM.2010.5496886
