| 講演名 | 2011-12-16 Overlay Based, Distributed Defense-Framework against DDoS Attacks , |
|---|---|
| PDFダウンロードページ |  PDFダウンロードページへ |
| 抄録(和) | |
| 抄録(英) | The World Wide Web plays vital roles in our daily lives. But cyber-attackers abuse this vitality by threatening web servers. DDoS attacks (distributed denial of service) remain as one of the major threats for web servers despite of the continuous protection efforts. Recently, high level DDoS attacks (targeting the application level) could successfully affect several high profile web services. A defense framework that can stop all levels of DDoS attacks is required. High level DDoS attack traffic can't be easily detected, since the request comes from a real host and asks for a real resource from the server's application. In this paper, possible high level attack scenarios are classified into; preventable, detectable, and non-detectable. Afterwards, our previously proposed overlay based, distributed defense-framework against DDoS Attacks is presented. The proposed framework is capable of preventing low level attacks from affecting the server. Additional countermeasures are also introduced that can help eliminate a large portion of the possible high level attack strategies. Preliminary tests on the implemented prototype under high level attacks show that the new AN countermeasures serves as a practical response mechanism to the detectable category, besides its facilitating their detection. Even for the non-detectable attacks class, the introduced countermeasures throttles down the attackers' achievable rate given the same resources thus raise the bar on them. |
| キーワード(和) | |
| キーワード(英) | Denial-of-service-attacks / high level attacks / information security / intrusion detection |
| 資料番号 | IA2011-51 |
| 発行日 |
| 研究会情報 | |
| 研究会 | IA |
|---|---|
| 開催期間 | 2011/12/8(から1日開催) |
| 開催地(和) | |
| 開催地(英) | |
| テーマ(和) | |
| テーマ(英) | |
| 委員長氏名(和) | |
| 委員長氏名(英) | |
| 副委員長氏名(和) | |
| 副委員長氏名(英) | |
| 幹事氏名(和) | |
| 幹事氏名(英) | |
| 幹事補佐氏名(和) | |
| 幹事補佐氏名(英) | |
| 講演論文情報詳細 | |
| 申込み研究会 | Internet Architecture(IA) |
|---|---|
| 本文の言語 | ENG |
| タイトル(和) | |
| サブタイトル(和) | |
| タイトル(英) | Overlay Based, Distributed Defense-Framework against DDoS Attacks |
| サブタイトル(和) | |
| キーワード(1)(和/英) | / Denial-of-service-attacks |
| 第 1 著者 氏名(和/英) | / Mohamad EID |
| 第 1 著者 所属(和/英) | Graduate School of Engineering, The University of Tokyo |
| 発表年月日 | 2011-12-16 |
| 資料番号 | IA2011-51 |
| 巻番号(vol) | vol.111 |
| 号番号(no) | 347 |
| ページ範囲 | pp.- |
| ページ数 | 6 |
| 発行日 | |