{"title":"wrap:通过Web引用进行拒绝服务防御","authors":"Xiaofeng Wang, M. Reiter","doi":"10.1109/SRDS.2006.48","DOIUrl":null,"url":null,"abstract":"The Web is a complicated graph, with millions of Web sites interlinked together. In this paper, we propose to use this Web sitegraph structure to mitigate flooding attacks on a Web site, using a new Web referral architecture for privileged service (\"WRAPS\"). WRAPS allows a legitimate client to obtain a privilege URL through a click on a referral hypher-link, from a Web site trusted by the target Web site. Using that URL, the client can get privileged access to the target Web site in a manner that is far less vulnerable to a DDoS flooding attack. WRAPS does not require changes to Web client software and is extremely lightweight for referrer Web sites, which eases its deployment. The massive scale of the Web sitegraph could deter attempts to isolate a Web site through blocking all referrers. We present the design of WRAPS, and the implementation of a prototype system used to evaluate our proposal. Our empirical study demonstrates that WRAPS enables legitimate clients to connect to a Web site smoothly in spite of an intensive flooding attack, at the cost of small overheads on the Web site's ISP's edge routers","PeriodicalId":164765,"journal":{"name":"2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)","volume":"274 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"WRAPS: Denial-of-Service Defense through Web Referrals\",\"authors\":\"Xiaofeng Wang, M. Reiter\",\"doi\":\"10.1109/SRDS.2006.48\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Web is a complicated graph, with millions of Web sites interlinked together. In this paper, we propose to use this Web sitegraph structure to mitigate flooding attacks on a Web site, using a new Web referral architecture for privileged service (\\\"WRAPS\\\"). WRAPS allows a legitimate client to obtain a privilege URL through a click on a referral hypher-link, from a Web site trusted by the target Web site. Using that URL, the client can get privileged access to the target Web site in a manner that is far less vulnerable to a DDoS flooding attack. WRAPS does not require changes to Web client software and is extremely lightweight for referrer Web sites, which eases its deployment. The massive scale of the Web sitegraph could deter attempts to isolate a Web site through blocking all referrers. We present the design of WRAPS, and the implementation of a prototype system used to evaluate our proposal. Our empirical study demonstrates that WRAPS enables legitimate clients to connect to a Web site smoothly in spite of an intensive flooding attack, at the cost of small overheads on the Web site's ISP's edge routers\",\"PeriodicalId\":164765,\"journal\":{\"name\":\"2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)\",\"volume\":\"274 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SRDS.2006.48\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SRDS.2006.48","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
WRAPS: Denial-of-Service Defense through Web Referrals
The Web is a complicated graph, with millions of Web sites interlinked together. In this paper, we propose to use this Web sitegraph structure to mitigate flooding attacks on a Web site, using a new Web referral architecture for privileged service ("WRAPS"). WRAPS allows a legitimate client to obtain a privilege URL through a click on a referral hypher-link, from a Web site trusted by the target Web site. Using that URL, the client can get privileged access to the target Web site in a manner that is far less vulnerable to a DDoS flooding attack. WRAPS does not require changes to Web client software and is extremely lightweight for referrer Web sites, which eases its deployment. The massive scale of the Web sitegraph could deter attempts to isolate a Web site through blocking all referrers. We present the design of WRAPS, and the implementation of a prototype system used to evaluate our proposal. Our empirical study demonstrates that WRAPS enables legitimate clients to connect to a Web site smoothly in spite of an intensive flooding attack, at the cost of small overheads on the Web site's ISP's edge routers
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
