Browse > Article

Operation Policy for Enhancing Availability of a Web Server against DoS Attacks  

Baik, Nam-Kyun (숭실대학교 정보통신전자공학부 통신망보안 연구실)
Jung, Sou-Hwan (숭실대학교 정보통신전자공학부 통신망보안 연구실)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.33, no.8B, 2008 , pp. 735-744 More about this Journal
Abstract
This paper proposes a 'secure node' to be robust against network-based DoS attacks. The secure node selectively accepts new sessions based on the Zipf's law while a link is in the overload state. Our scheme calculates a threshold value for overload state, and provides a dynamic service mechanism for enhancing availability of a web server. The simulation results show performance improvement of the proposed scheme in terms of completion/connection ratios.
Keywords
DoS; Zipf's Law;
Citations & Related Records
연도 인용수 순위
  • Reference
1 BlackHole Route Server and Tracking Traffic on an IP Network, http://www.ietf.org/rfc/ rfc2616
2 Unicast Reverse Path Forwarding (uRPF) Enhancements for the ISP-ISP Edge, .ftp://ftp-eng.cisco.com/cons/isp/security/ URPF-ISP.pdf.
3 Hypertext Transfer Protocol - HTTP/1.0 : RFC 1945, http://www.ietf.org/rfc/rfc1945
4 David Moore, "Inferring Internet Denial-of-Service Activity," http://www.caida.org/outreach/papers/ 2001/BackScatter/usenixsecurity01.pdf
5 Hypertext Transfer Protocol - HTTP/1.1 : RFC 2616, http://www.ietf.org/rfc/rfc2616
6 Jin Cao et al., "Internet Traffic Tends To Poisson and Independent as the Load Increases," Bell Labs. Technical Report, Murray Hill, 2001
7 2007 국가정보보호백서, 국가정보원/정보통신부, 2007
8 Symantec 인터넷 보안 위협보고서 제10권, 2006.
9 (CC v2.3)국가기관용 침입차단시스템 보호 프로파일 V1.2, IT보안인증사무국, 2006
10 Mikael Andersson, Anders Bengtsson, Martin Host, and Christian Nyberg, "Web Server Traffic in Crisis Conditions," http://www.lu. se/upload/LUCRAM/Andersson-web_server_traffic. pdf.
11 Transmission Control Protocol : RFC 793, http://www.ietf.org/rfc/rfc793
12 How to Get Rid of Denial of Service Attacks, http://www.bgpexpert.com/antidos.php
13 QPM Command Reference, http://www.cisco. com/en/US/products/sw/cscowork/ps2064/ products_user_guide_chaper09186a00800807a9. html#10134
14 S. Uhlig and O. Bonaventure, "Understanding the Long-Term Self-similarity of Internet Traffic," QOFIS2001, Portugal, pp.286-298, Sep. 2001
15 Adepele, Martin Arlitt, Carey Williamson, and Ken Barker, "Web Workload Characterization: Ten Years Later," International World Wide Web Conference(WWW2005), Canada, 200
16 Stefan Saroiu, Krishna P. Gummadi, Richard J, Dunn, Steven D. Gribble, and Henry M. Levy, "An Analysis of Internet Content Delivery Systems," Proceedings of the Fifth Symposium on Operating Systems Disign and Implementation (OSDI2002), Boston, MA, Dec 2002
17 Alexandre Gerber, Joseph Houle, Han Nguyen, Matthew Roughan, and Subhabrata Sen, "P2P The Gorilla in the Cable," National Cable & Telecommunications Association(NCTA) 2003 National Show, Chicago, IL, Jun, 2003
18 Internet Protocol : RFC 791, http://www.ietf.org/ rfc/rfc791