Network DDoS Layer 3/4/7 Mitigation via Dynamic Web Redirection
Number of Authors: 2
2016 (English)In: Future Network Systems and Security: Second International Conference, FNSS 2016, Paris, France, November 23-25, 2016, Proceedings / [ed] Robin Doss, Selwyn Piramuthu, Wei Zhou, New York: Springer, 2016, 111-125 p.Conference paper (Refereed)
Layer 3, 4 and 7 DDoS attacks are common and very difficult to defend against. The academic community has published hundreds of well thought out algorithms, which require changes in computer networking equipment, to better detect and mitigate these attacks. The problem with these solutions, is that they require computer networking manufacturers to make changes to their hardware and/or software. On the other hand, with our solution, absolutely no hardware or software changes are required. We only require the use of BGP4 Flow-Spec, which has already been widely deployed many years ago. Further the customers’ own ISP does not require Flow-Spec. Our algorithm protects groups of over sixty-five thousand different customers, via the aggregation into one very small Flow-Spec rule. In this paper, we propose our novel, low cost and efficient solution, to both detect and greatly mitigate any and all types of L347 DDoS Web attacks.
Place, publisher, year, edition, pages
New York: Springer, 2016. 111-125 p.
Communications in Computer and Information Science, ISSN 1865-0929 ; 670
Information Systems, Social aspects
Research subject Information systems
IdentifiersURN: urn:nbn:se:ltu:diva-59787DOI: 10.1007/978-3-319-48021-3_8ScopusID: 2-s2.0-84994091865ISBN: 978-3-319-48020-6ISBN: 978-3-319-48021-3OAI: oai:DiVA.org:ltu-59787DiVA: diva2:1037568
2nd International Conference, FNSS 2016, Paris, France, November 23-25, 2016