Paper Info
Title
Maintaining useful server throughput under load attacks using active NIC portals
Abstract
The paper presents a solution to denial-of-service (DoS) attacks on servers where. the server resources are saturated by repeated request for execution of scripts or download requests for large files. Existing solutions for coping with DoS attacks, which are primarily based on limiting the traffic rates, are incapable of providing any protection against load attacks, as these attacks do not manifest themselves as heavy bursts of traffic. We present an intelligent gateway based solution for maintaining the useful throughput of the servers under load attacks that uses specific information from the servers to perform dynamic load balancing and dynamic packet filtering. The intelligent gateway is implemented using a dual-ported active network card (NIC). Clients are classified according to their request history, and rate limits are imposed at the gateway for each class according to the level and duration of the attack. Results for a prototype implementation indicate our solution to be an effective deterrent against load attacks.
Year
DOI
Venue
2004
10.1109/GLOCOM.2004.1378389
Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE
Keywords
Field
DocType
internetworking,network interfaces,network servers,portals,resource allocation,security of data,telecommunication security,telecommunication traffic,DoS attacks,active network card portals,denial-of-service attacks,dual-ported active network card,dynamic load balancing,dynamic packet filtering,gateway,intelligent gateway,load attacks,network security,server throughput
Denial-of-service attack,Computer science,Server,Computer network,Active networking,Internetworking,Resource allocation,Default gateway,Throughput,Operating system,Network interface
Conference
Volume
ISSN
ISBN
4
1930-529X
0-7803-8794-5
Citations 
PageRank 
References 
0
0.34
9
Authors
2
Name
Order
Citations
PageRank
Onur Demir102.70
Kanad Ghose21220113.50