Protecting Public Servers from DDoS Attacks Using Drifting Overlays
نویسندگان
چکیده
Drifting Overlays are dynamic partial network-layer overlays with traffic ‘safe houses’ that enterprises can use to control, at fine granularity, the reachability and predictability of paths taken to important hosts. Drifting Overlays enable enterprises a level of control over their own DDoS defenses and routing choices, rather than leaving them at the mercy of their ISPs. KeywordsVPNs, Security, Deployment, Automation
منابع مشابه
WebSOS: protecting web servers from DDoS attacks
We present the WebSOS architecture, a mechanism for countering denial of service (DoS) attacks against web servers. WebSOS uses a combination of overlay networking, contentbased routing, and aggressive packet filtering to guarantee access to a service that is targeted by a DoS attack. Our approach requires no modifications to servers or browsers, and makes use of the web proxy feature and TLS c...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملNetShield: Protocol Anomaly Detection with Datamining Against DDoS Attacks
This article presents a new defense system to protect network servers, network routers, and client hosts from becoming the handlers, Zombies, and victims of distributed denial-of-service (DDoS) flood attacks. The NetShield system was developed at USC to protect any IP-based public network over the Internet. We explore preventive and deterrent controls to remove system vulnerabilities on target ...
متن کاملUsing Overlays to Improve Network Security
As we increase our dependency upon networked communication, the incentive to compromise and degrade network performance increases for those who wish to disrupt the flow of information. Attacks that lead to such compromise and degradation can come in a variety of forms, including distributed denial of service (DDoS) attacks, cutting wires, jamming transmissions, and monitoring/eavesdropping. Use...
متن کاملReview on Ddos Attacks and Various Detection Mechanisms
DDoS attack is a coordinated attack on massive scale and it is a major threat in current computer networks. It is not easy to detect the attack , The seriousness of the DDoS problem and the increased frequency of DDoS attacks have led to the advent of numerous DDoS defense mechanisms. Detection mechanism is the first step to avoid the DDoS attack. Some of these mechanisms address a specific kin...
متن کامل