{"title":"通过进程资源隔离缓解分叉炸弹攻击","authors":"Gaku Nakagawa, S. Oikawa","doi":"10.1109/CANDAR.2016.0124","DOIUrl":null,"url":null,"abstract":"A fork bomb attack is a denial of service attack. An attacker generates many processes rapidly, exhausting the resources of the target computer systems. There are several previous work to detect and remove the processes that cause fork bomb attacks. However, the operating system with the previous methods have the risks to terminate inappropriate processes that do not fork bomb processes. In this paper, we propose a new method that named process resource quarantine. With the proposed method, the operating systems don't terminate the detected fork bomb processes. Instead of the termination, the operating systems make resource limitations for the detected processes and inspect them periodically. We implemented the proposed method on Linux kernel and executed several evaluation experiments. The results show that the proposed method is effective for fork bomb attacks mitigation.","PeriodicalId":322499,"journal":{"name":"2016 Fourth International Symposium on Computing and Networking (CANDAR)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Fork Bomb Attack Mitigation by Process Resource Quarantine\",\"authors\":\"Gaku Nakagawa, S. Oikawa\",\"doi\":\"10.1109/CANDAR.2016.0124\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A fork bomb attack is a denial of service attack. An attacker generates many processes rapidly, exhausting the resources of the target computer systems. There are several previous work to detect and remove the processes that cause fork bomb attacks. However, the operating system with the previous methods have the risks to terminate inappropriate processes that do not fork bomb processes. In this paper, we propose a new method that named process resource quarantine. With the proposed method, the operating systems don't terminate the detected fork bomb processes. Instead of the termination, the operating systems make resource limitations for the detected processes and inspect them periodically. We implemented the proposed method on Linux kernel and executed several evaluation experiments. The results show that the proposed method is effective for fork bomb attacks mitigation.\",\"PeriodicalId\":322499,\"journal\":{\"name\":\"2016 Fourth International Symposium on Computing and Networking (CANDAR)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 Fourth International Symposium on Computing and Networking (CANDAR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CANDAR.2016.0124\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Fourth International Symposium on Computing and Networking (CANDAR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CANDAR.2016.0124","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Fork Bomb Attack Mitigation by Process Resource Quarantine
A fork bomb attack is a denial of service attack. An attacker generates many processes rapidly, exhausting the resources of the target computer systems. There are several previous work to detect and remove the processes that cause fork bomb attacks. However, the operating system with the previous methods have the risks to terminate inappropriate processes that do not fork bomb processes. In this paper, we propose a new method that named process resource quarantine. With the proposed method, the operating systems don't terminate the detected fork bomb processes. Instead of the termination, the operating systems make resource limitations for the detected processes and inspect them periodically. We implemented the proposed method on Linux kernel and executed several evaluation experiments. The results show that the proposed method is effective for fork bomb attacks mitigation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
