tailieunhanh - Minimize distributed denial of service attack using web farm attentuator
This paper introduces a method using smart filter for network traffics to reduce bandwidth DDoS attacks. The key point of the method is the use of dynamic thresholds evaluated unusual access from zombie computers as well as an active queue mechanism to aid the process of the legitimate users’ traffic. The results showed that service clusters can sustain DDoS attacks with the performance of legitimate access is much better and consequently to cause the attacker to increase his botnet size as much as possible or costs much more to compensate for the filter installed. | Nguyễn Văn Linh và Đtg Tạp chí KHOA HỌC & CÔNG NGHỆ 135(05): 45 - 48 MINIMIZE DISTRIBUTED DENIAL OF SERVICE ATTACK USING WEB FARM ATTENTUATOR Nguyen Van Linh1*, Nguyen Lan Huong2 College of Information and Communication Technology - TNU SUMMARY After the first DDoS attacks on Web server of the University of Minnesota in the early 90s of last century, people have realized that this is extremely dangerous tools of hackers, so far with no preventing effective botnets to disguise assault with a user's access level to cause great difficulties for administrators to detect and fend off the attacks are taking place. This paper introduces a method using smart filter for network traffics to reduce bandwidth DDoS attacks. The key point of the method is the use of dynamic thresholds evaluated unusual access from zombie computers as well as an active queue mechanism to aid the process of the legitimate users’ traffic. The results showed that service clusters can sustain DDoS attacks with the performance of legitimate access is much better and consequently to cause the attacker to increase his botnet size as much as possible or costs much more to compensate for the filter installed. Keywords: Distributed Denial Of Service, Network Security INTRODUCTION* Although the web is only over a quarter of a century,DistributedDenial of Service attacks were and will still be and the tool of choice for criminals since the dawn of the are easy, very effective and no solution to prevent absolutely. Denial of Service is a logically crude tactic to use when target systems are bombarded with traffic, which chokes the targeted networks and renders them unavailable to users. According toArbor Networks reports6, in the First Half of 2014saw the most volumetric DDoS attacks ever, with more than 100 events over 100GB/sec recent years, the botnettool has came out to be a popular contributor to unwanted and malicious Internet army of zombie hosts
đang nạp các trang xem trước