Mirror hopping approach for selective denial of service prevention

Author

Sharma, P. ; Shah, P. ; Bhattacharya, S.

Author_Institution

Dept. of Comput. Sci. & Eng., Arizona State Univ., Tempe, AZ, USA

fYear

2003

fDate

15-17 Jan. 2003

Firstpage

200

Lastpage

208

Abstract

This paper focuses on a category of denial of service (DoS) attacks, a growing concern in the information security arena, namely the selective DoS (S-DoS). We propose an S-DoS prevention approach by extending the well-known mirror sites idea by redirecting different access requests from the same user to different mirror sites. We develop an HTTP (hypertext transfer protocol) parser that fragments the HTTP requests for communication between the client and server. Random assignment of the requests to different mirror sites ensures that the attacker cannot succeed by capturing requests for a single Web server and the high degree of unpredictability in mirror selection makes it computationally and resource intensive for an attacker to predict the next chosen mirror site. A suite of analysis of the proposed scheme is presented as a merit of this approach.

Keywords

Internet; client-server systems; security of data; transport protocols; HTTP parser; Web server; denial of service attack; hypertext transfer protocol; information security; mirror hopping; mirror site; request fragmentation; selective denial; selective denial of service prevention; service prevention; Computer crime; Computer hacking; Computer science; Conferences; Electronic commerce; Information security; Mirrors; Object oriented modeling; Telecommunication network reliability; Web server;

fLanguage

English

Publisher

ieee

Conference_Titel

Object-Oriented Real-Time Dependable Systems, 2003. (WORDS 2003). Proceedings of the Eighth International Workshop on

Print_ISBN

0-7695-1929-6

Type

conf

DOI

10.1109/WORDS.2003.1218084

Filename

1218084