Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Spamming botnets: signatures and characteristics
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
DDoS-shield: DDoS-resilient scheduling to counter application layer attacks
IEEE/ACM Transactions on Networking (TON)
A Survey of Botnet Technology and Defenses
CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
NSS'12 Proceedings of the 6th international conference on Network and System Security
Hi-index | 0.25 |
As DDoS attackers pursue monetary profit, critical Internet sites (CISs) become a good target. These attacks will be more difficult to defend because the botnet size continuously increases, and the attackers spare no pains in preparing the attacks. Under this new paradigm, current anti-DDoS systems may be fooled; we need a new survival strategy. We propose a novel DDoS mitigation scheme for CISs. We observe that CISs can continue their main businesses if most important clients can access the services. This motivates us to build a whitelist, called a VIP list in this article, and the source addresses in the list are given higher priority when the CIS is under attack. The VIP list is built from the previous login logs of authentication processes at the application layer. The experimental results show that the proposed scheme effectively mitigates DDoS attacks.