Defending against Denial of Service Attacks using a Modified Priority Queue: Bouncer

Author

Safko, Gregory

Author_Institution

Nova Southeastern Univ., Dania, FL

fYear

2005

fDate

March 31 2005-April 2 2005

Firstpage

114

Lastpage

119

Abstract

A denial of service (DoS) attack and a distributed denial of service (DDoS) attack are two forms of attacks that can be launched against a commercial server. Their mode of attack is a hit-and-run attack since the payload of a DoS/DDoS attack is not smart enough to bypass bastions and firewalls. Rather, a DoS/DDoS attack sends a barrage of requests to a server, confusing the server into thinking that legitimate requests are coming into the server, and overloading the server along with its ability to process legitimate requests. Although data is not damaged, the server is nonetheless brought down, which could cascade into a series of other problems, the least of which is downtime for the server if it is an eCommerce (electronic commerce) server. This paper examines a front-end software object named "bouncer" written in Java that analyzes packets and places them in a priority queue based on their frequency of requests and their originating source

Keywords

Internet; Java; electronic commerce; network servers; queueing theory; security of data; telecommunication security; Java; bouncer; commercial server; denial of service attacks; distributed denial of service; eCommerce; electronic commerce; firewalls; front-end software object; hit-and-run attack; modified priority queue; Computer crime; Computer hacking; Distributed computing; Electronic commerce; Floods; Java; Network servers; Payloads; Queueing analysis; Software performance;

fLanguage

English

Publisher

ieee

Conference_Titel

SoutheastCon, 2006. Proceedings of the IEEE

Conference_Location

Memphis, TN

Print_ISBN

1-4244-0168-2

Type

conf

DOI

10.1109/second.2006.1629334

Filename

1629334