Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms

IF 2.2 4区计算机科学 Q3 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE ACM Transactions on Autonomous and Adaptive Systems Pub Date : 2014-03-01 DOI:10.1145/2567926

C. Barna, Mark Shtern, Michael Smit, Vassilios Tzerpos, Marin Litoiu

{"title":"Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms","authors":"C. Barna, Mark Shtern, Michael Smit, Vassilios Tzerpos, Marin Litoiu","doi":"10.1145/2567926","DOIUrl":null,"url":null,"abstract":"Denial of Service (DoS) attacks overwhelm online services, preventing legitimate users from accessing a service, often with impact on revenue or consumer trust. Approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the firewall. Filtering at this level can be computationally expensive and difficult to scale, while still producing false positives that block legitimate users.\n This article presents a model-based adaptive architecture and algorithm for detecting DoS attacks at the web application level and mitigating them. Using a performance model to predict the impact of arriving requests, a decision engine adaptively generates rules for filtering traffic and sending suspicious traffic for further review, where the end user is given the opportunity to demonstrate they are a legitimate user. If no legitimate user responds to the challenge, the request is dropped. Experiments performed on a scalable implementation demonstrate effective mitigation of attacks launched using a real-world DoS attack tool.","PeriodicalId":50919,"journal":{"name":"ACM Transactions on Autonomous and Adaptive Systems","volume":"4 1","pages":"3:1-3:26"},"PeriodicalIF":2.2000,"publicationDate":"2014-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Autonomous and Adaptive Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/2567926","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 10

Abstract

Denial of Service (DoS) attacks overwhelm online services, preventing legitimate users from accessing a service, often with impact on revenue or consumer trust. Approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the firewall. Filtering at this level can be computationally expensive and difficult to scale, while still producing false positives that block legitimate users. This article presents a model-based adaptive architecture and algorithm for detecting DoS attacks at the web application level and mitigating them. Using a performance model to predict the impact of arriving requests, a decision engine adaptively generates rules for filtering traffic and sending suspicious traffic for further review, where the end user is given the opportunity to demonstrate they are a legitimate user. If no legitimate user responds to the challenge, the request is dropped. Experiments performed on a scalable implementation demonstrate effective mitigation of attacks launched using a real-world DoS attack tool.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

使用性能模型驱动的自适应算法减轻DoS攻击

拒绝服务(DoS)攻击使在线服务不堪重负，阻止合法用户访问服务，通常会影响收入或消费者信任。存在过滤网络级攻击的方法，但是在防火墙中很难检测到应用程序级攻击。这种级别的过滤在计算上可能很昂贵，而且难以扩展，同时仍然会产生误报，从而阻止合法用户。本文提出了一种基于模型的自适应架构和算法，用于在web应用程序级别检测并减轻DoS攻击。决策引擎使用性能模型预测到达请求的影响，自适应地生成过滤流量和发送可疑流量以供进一步审查的规则，最终用户有机会证明自己是合法用户。如果没有合法用户响应挑战，请求将被丢弃。在可扩展的实现上进行的实验证明了使用真实的DoS攻击工具发起的攻击的有效缓解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

ACM Transactions on Autonomous and Adaptive Systems 工程技术-计算机：理论方法

CiteScore

4.80

自引率

7.40%

发文量

审稿时长

>12 weeks

期刊介绍： TAAS addresses research on autonomous and adaptive systems being undertaken by an increasingly interdisciplinary research community -- and provides a common platform under which this work can be published and disseminated. TAAS encourages contributions aimed at supporting the understanding, development, and control of such systems and of their behaviors. TAAS addresses research on autonomous and adaptive systems being undertaken by an increasingly interdisciplinary research community - and provides a common platform under which this work can be published and disseminated. TAAS encourages contributions aimed at supporting the understanding, development, and control of such systems and of their behaviors. Contributions are expected to be based on sound and innovative theoretical models, algorithms, engineering and programming techniques, infrastructures and systems, or technological and application experiences.