doi:10.3850/978-981-08-7301-1_1377


Mechanism to Mitigate App-DDoS Attacks on Web Sites


Manisha M. Patil and U. L. Kulkarni

Dr. D. Y. Patil College of Engineering, Kolhapur, Maharashtra, India

ABSTRACT

In this paper, a mechanism is proposed to mitigate session flooding and request flooding app-DDoS attacks on web servers. App-DDoS attack is Application layer Distributed Denial of Service attack. This attack prevents legitimate users from accessing services. As App-DDoS attacks are indistinguishable based on packets and protocols, network layer solution is not applicable. A lightweight mechanism is proposed which uses trust to differentiate legitimate users and attackers. Trust to client is evaluated based on his visiting history and requests are scheduled in decreasing order of trust. Here license is introduced for user identification and it stores trust information at client side. This mitigation mechanism can be implemented as a java package which can run separately and forward valid requests to server. This mechanism mitigates session flooding attacks only. Further this mechanism can be extended to mitigate request flooding attacks by using Client Puzzle Protocol.

Keywords: DDoS attacks, App-DDoS, Trust.



     Back to TOC

FULL TEXT(PDF)