Learning DFA representations of HTTP for protecting web applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDoS attacks detection model and its application
WSEAS Transactions on Computers
| Hi-index | 0.00 |
A denial of service attack is a dominating conversation with a network resource designed to preclude other conversations with that resource. This type of attack can cost millions of dollars when the target is a critical resource such as a Web server or domain name server. Traditional methods, such as firewalls and intrusion detection systems have failed to provide adequate protection from this type of attack. This paper presents a new protection method called a nozzle. The nozzle is based upon favorable aspects of firewalls and network pumps. It is deployed similar to a firewall such that all conversations from an untrusted user to a critical resource are monitored. The main advantage of the nozzle is the ability to provide a threshold for trusted traffic thus precluding new attacks. A nozzle consists of a series of rings. Each of which has a trusted and untrusted buffer, rules for packet placement, and rules for communication with the next level. Rings are placed in the protocol stack so they can protect particular protocols.