通过分析客户端响应模式检测DDoS攻击

2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops) Pub Date : 2005-01-31 DOI:10.1109/SAINTW.2005.56

Y. Soejima, E. Chen, H. Fuji

{"title":"通过分析客户端响应模式检测DDoS攻击","authors":"Y. Soejima, E. Chen, H. Fuji","doi":"10.1109/SAINTW.2005.56","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks is becoming a serious threat on the Internet. Not only network professionals but also end users are now aware of the attacks. Most of these attacks simply flood a massive amount of packets towards a target. In this paper, we propose to detect DDoS attacks by analyzing client response patterns after the reply packets from the server are intentionally delayed. While legitimate clients would react to such delay by decreasing their sending rates, malicious clients would simply keep on flooding the server. The effectiveness of this proposal is evaluated using our prototype.","PeriodicalId":220913,"journal":{"name":"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Detecting DDoS Attacks by Analyzing Client Response Patterns\",\"authors\":\"Y. Soejima, E. Chen, H. Fuji\",\"doi\":\"10.1109/SAINTW.2005.56\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks is becoming a serious threat on the Internet. Not only network professionals but also end users are now aware of the attacks. Most of these attacks simply flood a massive amount of packets towards a target. In this paper, we propose to detect DDoS attacks by analyzing client response patterns after the reply packets from the server are intentionally delayed. While legitimate clients would react to such delay by decreasing their sending rates, malicious clients would simply keep on flooding the server. The effectiveness of this proposal is evaluated using our prototype.\",\"PeriodicalId\":220913,\"journal\":{\"name\":\"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-01-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINTW.2005.56\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINTW.2005.56","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

分布式拒绝服务(DDoS)攻击正在成为互联网上一个严重的威胁。现在，不仅网络专业人员，终端用户也意识到了这些攻击。这些攻击中的大多数只是向目标发送大量数据包。在本文中，我们提出通过分析客户端响应模式来检测DDoS攻击，当来自服务器的应答数据包被故意延迟后。正当客户端会通过降低发送速率来应对这种延迟，而恶意客户端则会继续向服务器发送大量信息。使用我们的原型评估了该建议的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting DDoS Attacks by Analyzing Client Response Patterns

Distributed Denial of Service (DDoS) attacks is becoming a serious threat on the Internet. Not only network professionals but also end users are now aware of the attacks. Most of these attacks simply flood a massive amount of packets towards a target. In this paper, we propose to detect DDoS attacks by analyzing client response patterns after the reply packets from the server are intentionally delayed. While legitimate clients would react to such delay by decreasing their sending rates, malicious clients would simply keep on flooding the server. The effectiveness of this proposal is evaluated using our prototype.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)

自引率

0.00%

发文量