2003 Articles
WebSOS: Protecting Web Servers From DDoS Attacks
We present the WebSOS architecture, a mechanism for countering denial of service (DoS) attacks against web servers. WebSOS uses a combination of overlay networking, content-based routing, and aggressive packet filtering to guarantee access to a service that is targeted by a DoS attack. Our approach requires no modifications to servers or browsers, and makes use of the web proxy feature and TLS client authentication supported by modern browsers. We use a WebSOS prototype to conduct a preliminary performance evaluation both on the local area network and over the Internet using PlanetLab, a testbed for experimentation with network overlays. We determine the end-to-end latency imposed by the architecture to increase by a factor of 5 on average. We conclude that this overhead is reasonable in the context of a determined DoS attack.
Subjects
Files
-
WebSOS.pdf application/pdf 71.8 KB Download File
Also Published In
- Title
- ICON 2003 the 11th IEEE International Conference on Networks: Sydney, Australia, September 28-October 1, 2003
- Publisher
- IEEE
- DOI
- https://doi.org/10.1109/ICON.2003.1266234
More About This Work
- Academic Units
- Computer Science
- Published Here
- July 5, 2012