Using graphic turing tests to counter automated DDoS attacks against web servers

Morein, William G.; Stavrou, Angelos; Cook, Debra L.; Keromytis, Angelos D.; Misra, Vishal; Rubenstein, Dan

doi:10.1145/948109.948114

Cited by 121 publications

(78 citation statements)

References 27 publications

(25 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, Reverse Turing tests have also been suggested to counter DDoS attacks against webservers [11]. The option of using our detection mechanisms to detect suspicious traffic and then try to actively distinguish between human-generated and computergenerated traffic may be more widely useful, since it does not depend on the statistical properties of the flash-crowd, which an attacker can easily mimic.…”

Section: Discussion On Flash-crowdsmentioning

confidence: 99%

A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network

Öke

Loukas

2007

The Computer Journal

View full text Add to dashboard Cite

Citation for this version held on GALA:Oke, Gulay and Loukas, George (2007) AbstractIn spite of extensive research in defence against Denial of Service (DoS), such attacks remain a predominant threat in today's networks. Due to the simplicity of the concept and the availability of the relevant attack tools, launching a DoS attack is relatively easy, while defending a network resource against it is disproportionately difficult. The first step of any comprehensive protection scheme against DoS is the detection of its existence, ideally long before the destructive traffic build-up. In this paper we propose a generic approach for DoS detection which uses multiple Bayesian classifiers and random neural networks (RNN). Our method is based on measuring various instantaneous and statistical variables describing the incoming network traffic, acquiring a likelihood estimation and fusing the information gathered from the individual input features using likelihood averaging and different architectures of RNNs. We present and compare seven different implementations of it and evaluate our experimental results obtained in a large networking testbed.

show abstract

Section: Discussion On Flash-crowdsmentioning

confidence: 99%

A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network

Öke

Loukas

2007

The Computer Journal

View full text Add to dashboard Cite

show abstract

“…MULTOPS [12] is a heuristic and a data-structure that network devices (e.g., routers) at the source subnet can use to detect and filter DDoS flooding attacks. A Graphic Turing test [13] could be a suitable approach to defend DoS attacks for a high traffic web server to distinguish between human interaction and automated attack zombies. In another study, cloud security was ensured by increasing virtual machine security [14].…”

Section: Related Workmentioning

confidence: 99%

SYN Flood Attack Prevention using Particle Swarm Optimization in Cloud Computing Environment

Ahmed¹,

Mahbub²

2017

IJCA

View full text Add to dashboard Cite

Security issues in Cloud Computing is growing as it continues to offer innovative business model and collaboration capabilities for organizations to boost productivity. There are numerous security issues for cloud computing as it encompasses many technologies including networks, virtualization, resource scheduling, load balancing, concurrency control and memory management. A Cloud infrastructure that comprises the vulnerability of Denial of Service (DoS) attacks denies legitimate users from accessing information or services. A DoS attack can be launched in the transport layer using the very old, but still effective, SYN Flood technique. In a SYN flood attack the attacker sends a flood of TCP SYN requests that gets the server busy without actually completing the three-way handshake procedure used in the setup of TCP sessions. This paper presents a Particle Swarm Optimization (PSO) based approach to enhance the defence mechanism of the system against such attacks. The theoretical analysis and simulations show that the proposed optimization model analyses the situation of under attack server and based on the intensity of the attack situation, it provides the best solution to the server. The server can tune itself dynamically to the optimized solution which increases its chance against SYN Flood attacks.

show abstract

“…[4,12] for a taxonomy of these DoS attacks). Several authors have explored the use of DHTs to prevent DoS attacks from outsiders (e.g., [8,6,13]). Secure Overlay Services (SOS) [8], for example, uses a proxy approach based on the Chord network to protect applications against flooding DoS attacks.…”

Section: Related Workmentioning

confidence: 99%

A Denial-of-Service Resistant DHT

Awerbuch¹,

Scheideler²

2007

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We consider the problem of designing scalable and robust information systems based on multiple servers that can survive even massive denial-of-service (DoS) attacks. More precisely, we are focusing on designing a scalable distributed hash table (DHT) that is robust against so-called past insider attacks. In a past insider attack, an adversary knows everything about the system up to some time point t 0 not known to the system. After t0, the adversary can attack the system with a massive DoS attack in which it can block a constant fraction of the servers of its choice. Yet, the system should be able to survive such an attack in a sense that for any set of lookup requests, one per non-blocked (i.e., non-DoS attacked) server, every lookup request to a data item that was last updated after t0 can be served by the system, and processing all the requests just needs polylogarithmic time and work at every server. We show that such a system can be designed.

show abstract

Using graphic turing tests to counter automated DDoS attacks against web servers

Cited by 121 publications

References 27 publications

A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network

A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network

SYN Flood Attack Prevention using Particle Swarm Optimization in Cloud Computing Environment

A Denial-of-Service Resistant DHT

Contact Info

Product

Resources

About