Open AccessUsing selective, short‐term memory to improve resilience against DDoS exhaustion attacks
Author(s) -
Liao Qi,
Cieslak David A.,
Striegel Aaron D.,
Chawla Nitesh V.
Publication year - 2008
Publication title -
security and communication networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.446
H-Index - 43
eISSN - 1939-0122
pISSN - 1939-0114
DOI - 10.1002/sec.22
Subject(s) - denial of service attack , computer science , botnet , application layer ddos attack , computer security , resilience (materials science) , trinoo , term (time) , honeypot , service (business) , computer network , the internet , world wide web , physics , economy , quantum mechanics , economics , thermodynamics
Distributed denial of service (DDoS) attacks originating from botnets can quickly bring normally effective web services to a screeching halt. This paper presents SESRAA (selective short‐term randomized acceptance algorithms), an adaptive scheme for maintaining web service despite the presence of multifaceted attacks in a noisy environment. In contrast to existing solutions that rely upon ‘clean’ training data, we presume that a live web service environment makes finding such training data difficult if not impossible. SESRAA functions much like a battlefield surgeon's triage: focusing on quickly and efficiently salvaging good connections with the realization that the chaotic nature of the live environment implicitly limits the accuracy of such detections. SESRAA employs an adaptive k ‐means clustering approach using short‐term extraction and limited centroid evolution to defend the legitimate connections in a mixed attack environment. We present the SESRAA approach and evaluate its performance through experimental studies in a diverse attack environment. The results show significant improvements against a wide variety of DDoS configurations and input traffic patterns. Copyright © 2008 John Wiley & Sons, Ltd.