Date Added: Aug 2011
In this paper, a lightweight mechanism is proposed to mitigate session flooding and request flooding app-DDoS attacks on web servers. App-DDoS attack is Application layer Distributed Denial of Service attack. This attack prevents legitimate users from accessing services. Numbers of mechanisms are available and can be installed on routers and firewalls to mitigate network layer DDoS attacks like SYN-flood attack, ping of death attack. But Network layer solution is not applicable because App-DDoS attacks are indistinguishable based on packets and protocols. A lightweight mechanism is proposed which uses trust to differentiate legitimate users and attackers.