Title: Protection system against overload and distributed denial of service attacks
Authors: Ervin Toth, Zoltan Hornak, Gergely Toth
Addresses: Security Evaluation Analysis and Research Laboratory, SEARCH-LAB, 1 Infopark, stny., 1117 Budapest, Hungary. ' Security Evaluation Analysis and Research Laboratory, SEARCH-LAB, 1 Infopark, stny., 1117 Budapest, Hungary. ' Security Evaluation Analysis and Research Laboratory, SEARCH-LAB, 1 Infopark, stny., 1117 Budapest, Hungary.
Abstract: Detection of overload and protection from denial of service attacks is a common problem in information system servers. Such situation may be the result of simple overload, such as increased service request rate during peak hours, or a malicious distributed attack originating from many computers. This article describes a solution to this problem, focusing on protection mechanisms against both natural and malicious overload, based on analysing the queue of requests – which, as described in this paper, is chosen to be unlimited. Furthermore, detection and protection scheme against blocking and crash-bug exploiting attacks is presented.
Keywords: distributed DoS attacks; denial of service attacks; server overload detection; server overload protection; security; information systems; request queues; crash-bug exploiting attacks; blocking attacks.
DOI: 10.1504/IJCCBS.2010.031711
International Journal of Critical Computer-Based Systems, 2010 Vol.1 No.1/2/3, pp.148 - 160
Published online: 21 Feb 2010 *
Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article