Protecting web servers from distributed denial of service attacks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Protecting web servers from distributed denial of service attacks

Full text

Pdf (390 KB)

Source

International World Wide Web Conference archive
Proceedings of the 10th international conference on World Wide Web table of contents

Hong Kong, Hong Kong

Pages: 514 - 524

Year of Publication: 2001

ISBN:1-58113-348-0

Authors

Frank Kargl	Department of Multimedia, Computing, University of Ulm, Germany
Joern Maier	Department of Multimedia, Computing, University of Ulm, Germany
Michael Weber	Department of Multimedia, Computing, University of Ulm, Germany

Sponsors

SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web
SIGLINK: Hypertext, Hypermedia, and Web
IW3C2 : International World Wide Web Conference Committee

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 30, Downloads (12 Months): 301, Citation Count: 16

Additional Information:

references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/371920.372148 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Katie Hafner , Matthew Lyon, Where Wizards Stay up Late: The Origins of the Internet, Simon & Schuster, 1996
	2	E.H. Spafford. The internet worm program: An analysis. Purdue Technical Report CSD-TR-823, Deoartment of Computer Sciences Purdue University, West Lafayette, IN. 1988.
	3	D. Seeley. A tour of the worm. Department of Computer Science, University of Utah, 1988.
	4	M. Eichin, J. Rochlis. With microscope and tweezers: An analysis of the internet virus of november 1988. Massachusetts Institute of Technology, 1988.
	5	M. Williams. Ebay, amazon, buy.com hit by attacks, 02/09/00. IDG News Service, 02/09/00, http://www.nwfusion.com/news/2000/0209attack.html - visited 18.10.2000.
	6	L. Stein. The world wide web security faq, version 2.0.1. http://www.w3.org/Security/Faq/ - visited 04.10.2000.
	7	William R. Cheswick , Steven M. Bellovin, Firewalls and Internet security: repelling the wily hacker, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1994
	8	Attrition mirrored sites. http://Attrition.org/mirror/attrition/ - visited 03.11.2000.
	9	John Douglas Howard, An analysis of security incidents on the Internet 1989-1995, Carnegie Mellon University, Pittsburgh, PA, 1998
	10	John Elliott, Distributed Denial of Service Attacks and the Zombie Ant Effect, IT Professional, v.2 n.2, p.55-57, March 2000 [doi>10.1109/MITP.2000.839372]
	11	K.T. Fithen. em Internet Denial of Service Attacks and the Federal Response. Testimony before the Subcommittee on Crime of the House Committee on the Judiciary and the Subcommittee on Criminal Justice Oversight of the Senate Committee on the Judiciary, February 29, 2000, http://www.cert.org/congressional testimony/ Fithen testimony Feb29.html - visited 10.11.2000.
	12	Results of the Distributed-Systems Intruder Tools Workshop Pittsburgh, Pensilvania USA, November 2-4 1999, CERT Coordination Center, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, http://www.cert.org/reports/dsit workshop.pdf - visited 12.11.2000.
	13	Field Notice: 7xx Router Password Buffer Over ow Revision 1: December 15 1997, http://www.cisco.com/warp/public/770/pwbufpub.shtml - visited 18.10.2000.
	14	Microsoft Security Bulletin (MS00-029): Patch available for 'IP Fragment Reassembly' Vulnerability. May 19, 2000, http://www.microsoft.com/technet/security/bulletin/ ms00-029.asp - visited 18.10.2000.
	15	Microsoft Security Bulletin (MS00-23): Patch available for 'Myriad Escaped Characters' Vulnerability. April 12, 2000, http://www.microsoft.com/technet/security/bulletin/ ms00-023.asp - visited 18.10.2000.
	16	K. Wooding. Magnification Attacks - Smurf, Fraggle, and Others. http://www.codetalker.com/whitepapers/dossmurf.html - visited 19.10.2000.
	17	C.A. Huegen. The Latest in Denial of Service Attacks: 'Smuring'; Description and Information to Minimize Effects. http://www.pentics.net/denial-ofservice/white-papers/smurf.cgi - visited 19.10.2000.
	18	CERT Advisory CA-98.01 'smurf' IP Denial-of-Service-Attacks. January 5, 1998, http://www.cert.org/advisories/CA-1998-01.html - visited 23.10.2000.
	19	daemon9. route infinity, TCP SYN Flooding Attacks. Phrack magazine, Vol. 7, Issue 48, File 13 of 18, July 1996.
	20	C.L.Schuba et.al. Analysis of a Denial of Service Attack on TCP. Coast Laboratory, Department of Computer Science, Purdue University.
	21	CERT Advisory CA-96.21, TCP SYN Flooding and IP Spooning Attacks. September 19, 1996, http://www.cert.org/advisories/CA-1996-21.html - visited 23.10.2000.
	22	Web servers / possible DOS Attack / mime header ooding (archive). http://www.securityfocus.com/archive/1/ f10516\|10520\|10521\|10525\|10526g - visited 23.10.2000.
	23	YA Apache DoS attack (archive). http://www.securityfocus.com/archive/1/10228 - visited 23.10.2000.
	24	Rootshell.com. http://www.rootshell.com/ - visited 08.02.2001.
	25	D. Dittrich. The DoS Project's "trinoo" distributed denial of service attack tool. October 21, 1999, http://staff.washington.edu/dittrich/misc/ trinoo.analysis.txt - visited 13.11.2000.
	26	Project Loki. Phrack Magazine, Volume Seven, Issue Forty-Nine, File 06 of 16, http://www.phrack.com/search.phtml?view &article=p49-6 - visited 23.10.2000.
	27	L O K I 2 (the implementation). Phrack Magazine Volume 7, Issue 51 September 01, 1997, article 06 of 17, http://www.phrack.com/search.phtml?view &article=p51-6 - visisted 23.10.2000.
	28	D. Dittrich. The 'Tribe Flood Network' distributed denial of service attack tool. October 21, 1999, http://staff.washington.edu/dittrich/misc/ tfn.analysis.txt - visited 13.11.2000.
	29	J. Barlow, W. Thrower. TFN2K - An Analysis. AXENT Security Team, February 10, 2000 (Updated March 7, 2000) Revision: 1.3, http://packetstorm.securify.com/distributed/ TFN2k Analysis-1.3.txt - visited 13.11.2000.
	30	D. Dittrich. The 'stacheldraht' distributed denial of service attack tool. December 31, 1999, http://staff.washington.edu/dittrich/misc/ tfn.analysis.txt - visited 13.11.2000.
	31	P. Ferguson, D. Senie. RFC 2267, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spooning. Cisco Systems Inc., BlazeNet Inc., January 1998.
	32	D.J. Bernstein. SYN Cookies. ftp://koobera.math.uic.edu/syncookies.html - visited 13.11.2000.
	33	Xianjun Geng , Andrew B. Whinston, Defeating Distributed Denial of Service Attacks, IT Professional, v.2 n.4, p.36-41, July 2000 [doi>10.1109/6294.869381]
	34	Submissions to the Paketstorm DDOS paper constest. http://packetstorm.securify.com/papers/contest/ - visited 13.11.2000.
	35	Linux Virtual Server. http://www.linuxvirtualserver.org/ - visisted 13.11.2000.
	36	Linux Advanced Routing HOWTO. http://www.linuxdoc.org/ - visited 14.02.2001.
	37	Jef Poskanzer. http load. http://www.acme.com/software/ - visited 10.02.2001.
	38	Arrowpoint. Whitepaper: Web Site Security and Denial of Service Protection. http://www.arrowpoint.com/solutions/white papers/ printer/Web Site Security.html - visited 12.11.2000.
	39	F5. Whitepaper: A Defense To Denial of Service Attacks and Other Cyber Threats. http://secure.f5.com/solutions/whitepapers/ defense.html - visited 12.11.2000.

CITED BY 16

	Wu-chang Feng, The case for TCP/IP puzzles, ACM SIGCOMM Computer Communication Review, v.33 n.4, October 2003
	William G. Morein , Angelos Stavrou , Debra L. Cook , Angelos D. Keromytis , Vishal Misra , Dan Rubenstein, Using graphic turing tests to counter automated DDoS attacks against web servers, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
	Christos Douligeris , Aikaterini Mitrokotsa, DDoS attacks and defense mechanisms: classification and state-of-the-art, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.44 n.5, p.643-666, 5 April 2004
	Jelena Mirkovic , Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, v.34 n.2, April 2004
	Vinay Manivel , Mustaque Ahamad , H. Venkateswaran, Attack resistant cache replacement for survivable services, Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security, p.64-71, October 31-31, 2003, Fairfax, VA
	Angelos Stavrou , Debra L. Cook , William G. Morein , Angelos D. Keromytis , Vishal Misra , Dan Rubenstein, WebSOS: an overlay-based system for protecting web servers from denial of service attacks, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.48 n.5, p.781-807, 5 August 2005
	Jun Xu , Wooyong Lee, Sustaining Availability of Web Services under Distributed Denial of Service Attacks, IEEE Transactions on Computers, v.52 n.2, p.195-208, February 2003
	Kang-Won Lee , Suresh Chari , Anees Shaikh , Sambit Sahu , Pau-Chen Cheng, Improving the resilience of content distribution networks to large scale distributed denial of service attacks, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.10, p.2753-2770, July, 2007
	Sanguk Noh , Gihyun Jung , Kyunghee Choi , Cheolho Lee, Compiling network traffic into rules using soft computing methods for the detection of flooding attacks, Applied Soft Computing, v.8 n.3, p.1200-1210, June, 2008
	Abbass Asosheh, Dr. , Naghmeh Ramezani, A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification, WSEAS Transactions on Computers, v.7 n.4, p.281-290, April 2008
	Josep L. Berral , Nicolas Poggi , Javier Alonso , Ricard Gavaldà , Jordi Torres , Manish Parashar, Adaptive distributed mechanism against flooding network attacks based on machine learning, Proceedings of the 1st ACM workshop on Workshop on AISec, October 27-27, 2008, Alexandria, Virginia, USA
	Haidar Safa , Mohamad Chouman , Hassan Artail , Marcel Karam, A collaborative defense mechanism against SYN flooding attacks in IP networks, Journal of Network and Computer Applications, v.31 n.4, p.509-534, November, 2008
	Minho Sung , Jun Xu , Jun Li , Li Li, Large-scale IP traceback in high-speed internet: practical techniques and information-theoretic foundation, IEEE/ACM Transactions on Networking (TON), v.16 n.6, p.1253-1266, December 2008
	Supranamaya Ranjan , Ram Swaminathan , Mustafa Uysal , Antonio Nucci , Edward Knightly, DDoS-shield: DDoS-resilient scheduling to counter application layer attacks, IEEE/ACM Transactions on Networking (TON), v.17 n.1, p.26-39, February 2009
	Tao Peng , Christopher Leckie , Kotagiri Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Computing Surveys (CSUR), v.39 n.1, p.3-es, 2007
	Matthias Baumgart , Christian Scheideler , Stefan Schmid, A DoS-resilient information system for dynamic data management, Proceedings of the twenty-first annual symposium on Parallelism in algorithms and architectures, August 11-13, 2009, Calgary, AB, Canada