Proactive Server Roaming for Mitigating Denial-of-Service Attacks
نویسندگان
چکیده
We propose a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time. Index Terms — Network Security, DoS Attack Mitigation
منابع مشابه
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks q
The paper proposes a scheme, referred to as proactive server roaming, to mitigate the effects of denial of service (DoS) attacks. The scheme is based on the concept of ‘‘replicated elusive service’’, which through server roaming, causes the service to physically migrate from one physical location to another. Furthermore, the proactiveness of the scheme makes it difficult for attackers to guess ...
متن کاملAn Integrated Framework for Proactive Mitigation, Characterization and Traceback of DDoS Attacks
Denial of Service (DoS) attacks pose a severe security threat to the steady functioning of any network. These attacks aim at depleting the resources of a server or an administrative network by overwhelming it with enormous and useless traffic. The outcome of this is the fact that legitimate users are denied service. Though an array of schemes has been proposed for the detection of the presence ...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملImplementation of a Secured system with Roaming Server and Roaming Ports
The main goal of this paper is to design and implement a secured system against Server hijacking, which leads to Denial of Service (DoS) [5] attacks. This system uses more than one server for providing security. But only one server will be active at a time. The inactive servers act as Roaming Honeypots[9]. The source address of any request that hits a honeypot is recorded and all its future req...
متن کاملCluB : A Cluster Based Proactive Method for Mitigating Distributed Denial of Service Attacks
Distributed Denial of Service (DDoS) attacks are threats not only for the direct targets but also for the core of the network. They are also hard to detect in advance, hence methods to deal with them need to be proactive. By building on earlier work and improving on distribution of control aspects, we propose a proactive method, which is called CluB, to mitigate DDoS attacks; the method balance...
متن کامل