Sciweavers

INFOSCALE
2009
ACM

A Lightweight Mechanism to Mitigate Application Layer DDoS Attacks

13 years 10 months ago
A Lightweight Mechanism to Mitigate Application Layer DDoS Attacks
Abstract. Application layer DDoS attacks, to which network layer solutions is not applicable as attackers are indistinguishable based on packets or protocols, prevent legitimate users from accessing services. In this paper, we propose Trust Management Helmet (TMH ) as a partial solution to this problem, which is a lightweight mitigation mechanism that uses trust to differentiate legitimate users and attackers. Its key insight is that a server should give priority to protecting the connectivity of good users during application layer DDoS attacks, instead of identifying all the attack requests. The trust to clients is evaluated based on their visiting history, and used to schedule the service to their requests. We introduce license, for user identification (even beyond NATs) and storing the trust information at clients. The license is cryptographically secured against forgery or replay attacks. We realize this mitigation mechanism and implement it as a Java package and use it for simul...
Jie Yu, Chengfang Fang, Liming Lu, Zhoujun Li
Added 28 May 2010
Updated 28 May 2010
Type Conference
Year 2009
Where INFOSCALE
Authors Jie Yu, Chengfang Fang, Liming Lu, Zhoujun Li
Comments (0)