Security

Identifying Legitimate Clients Under Distributed Denial-of-Service Attacks

Download Now Free registration required

Executive Summary

Distributed Denial of Service (DDoS) attacks are a persistent, current, and very real threat to networks. Expanding upon a flexible distributed framework for network remediation utilising multiple strategies, the authors examine a novel fusion of methods to maximise throughput from legitimate clients and minimise the impact from attackers. The basic approach is to build up a whitelist of likely legitimate clients by observing outgoing traffic, presenting a challenge though proof-of-work, and providing flow cookies. Traffic that does not match the expected profile is likely attack traffic, and can be heavily filtered during attack conditions. After they incrementally develop this approach, they explore the positive and negative impact of this approach upon the network and analyze potential countermeasures.

  • Format: PDF
  • Size: 138.3 KB