Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms
Autor: | Marin Litoiu, Michael Smit, Cornel Barna, Mark Shtern, Vassilios Tzerpos |
---|---|
Rok vydání: | 2014 |
Předmět: |
Decision support system
Computer science business.industry End user 020207 software engineering Denial-of-service attack 02 engineering and technology Filter (signal processing) Computer security computer.software_genre Firewall (construction) Control and Systems Engineering Scalability 0202 electrical engineering electronic engineering information engineering Computer Science (miscellaneous) False positive paradox 020201 artificial intelligence & image processing business computer Algorithm Software Adaptive architecture Computer network |
Zdroj: | ACM Transactions on Autonomous and Adaptive Systems. 9:1-26 |
ISSN: | 1556-4703 1556-4665 |
DOI: | 10.1145/2567926 |
Popis: | Denial of Service (DoS) attacks overwhelm online services, preventing legitimate users from accessing a service, often with impact on revenue or consumer trust. Approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the firewall. Filtering at this level can be computationally expensive and difficult to scale, while still producing false positives that block legitimate users. This article presents a model-based adaptive architecture and algorithm for detecting DoS attacks at the web application level and mitigating them. Using a performance model to predict the impact of arriving requests, a decision engine adaptively generates rules for filtering traffic and sending suspicious traffic for further review, where the end user is given the opportunity to demonstrate they are a legitimate user. If no legitimate user responds to the challenge, the request is dropped. Experiments performed on a scalable implementation demonstrate effective mitigation of attacks launched using a real-world DoS attack tool. |
Databáze: | OpenAIRE |
Externí odkaz: |