Srivatsa et al., 2008 - Google Patents
Mitigating application-level denial of service attacks on Web servers: A client-transparent approachSrivatsa et al., 2008
View PDF- Document ID
- 1844693557755085700
- Author
- Srivatsa M
- Iyengar A
- Yin J
- Liu L
- Publication year
- Publication venue
- ACM Transactions on the Web (TWEB)
External Links
Snippet
Recently, we have seen increasing numbers of denial of service (DoS) attacks against online services and Web applications either for extortion reasons or for impairing and even disabling the competition. These DoS attacks have increasingly targeted the application …
- 230000000116 mitigating 0 title description 27
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/1002—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers, e.g. load balancing
- H04L67/1004—Server selection in load balancing
- H04L67/1008—Server selection in load balancing based on parameters of servers, e.g. available memory or workload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/1002—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers, e.g. load balancing
- H04L67/1004—Server selection in load balancing
- H04L67/1014—Server selection in load balancing based on the content of a request
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/19—Flow control or congestion control at layers above network layer
- H04L47/193—Flow control or congestion control at layers above network layer at transport layer, e.g. TCP related
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/1002—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers, e.g. load balancing
- H04L67/1004—Server selection in load balancing
- H04L67/1023—Server selection in load balancing based on other criteria, e.g. hash applied to IP address, specific algorithms or cost
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/16—Transmission control protocol/internet protocol [TCP/IP] or user datagram protocol [UDP]
- H04L69/163—Adaptation of TCP data exchange control procedures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/02—Communication control; Communication processing contains provisionally no documents
- H04L29/06—Communication control; Communication processing contains provisionally no documents characterised by a protocol
- H04L29/0602—Protocols characterised by their application
- H04L29/06047—Protocols for client-server architecture
- H04L2029/06054—Access to distributed or replicated servers, e.g. using brokers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/1002—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers, e.g. load balancing
- H04L67/1034—Reaction to server failures by a load balancer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—High level architectural aspects of 7-layer open systems interconnection [OSI] type protocol stacks
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Srivatsa et al. | Mitigating application-level denial of service attacks on Web servers: A client-transparent approach | |
| US8250631B2 (en) | Protecting against denial of service attacks using trust, quality of service, personalization, and hide port messages | |
| Rothenberger et al. | {ReDMArk}: Bypassing {RDMA} security mechanisms | |
| Król et al. | Rice: Remote method invocation in icn | |
| Radhakrishnan et al. | TCP fast open | |
| Langley et al. | The quic transport protocol: Design and internet-scale deployment | |
| Bittau et al. | The case for ubiquitous {Transport-Level} encryption | |
| Gilad et al. | Off-Path Attacking the Web. | |
| US7299297B2 (en) | Method and apparatus for protecting electronic commerce from distributed denial-of-service attacks | |
| Mittal et al. | Mirage: Towards deployable DDoS defense for Web applications | |
| Gilad et al. | LOT: A defense against IP spoofing and flooding attacks | |
| Mohammadi et al. | SYN‐Guard: An effective counter for SYN flooding attack in software‐defined networking | |
| Huang et al. | An authentication scheme to defend against UDP DrDoS attacks in 5G networks | |
| Cao et al. | 0-rtt attack and defense of quic protocol | |
| Nakatsuka et al. | PDoT: private DNS-over-TLS with TEE support | |
| Barham et al. | Techniques for lightweight concealment and authentication in IP networks | |
| Goldschmidt et al. | Defense against syn flood dos attacksˇ using network-based mitigation techniques | |
| US20180324211A1 (en) | System and method for prevening denial of service attacks | |
| Wang et al. | A multi-layer framework for puzzle-based denial-of-service defense | |
| Srivatsa et al. | A middleware system for protecting against application level denial of service attacks | |
| Goldschmidt | TCP Reset Cookies–a heuristic method for TCP SYN Flood mitigation | |
| Srivatsa et al. | A client-transparent approach to defend against denial of service attacks | |
| Djalaliev et al. | Sentinel: hardware-accelerated mitigation of bot-based DDoS attacks | |
| DeLaughter | Redistributing the Costs of Volumetric Denial-of-Service Mitigation | |
| Smith et al. | Comparison of operating system implementations of SYN flood defenses (cookies) |