WebSOS: Protecting web servers from DDoS attacks

IEEE International Conference on Networks, ICON

Volumn , Issue , 2003, Pages 461-466

  Cook, Debra L ^a   Morein, William G ^a   Keromytis, Angelos D ^a   Misra, Vishal ^a   Rubenstein, Daniel ^a  

^a Columbia University ^*  (United States)

Author keywords

Consistent hashing; Denial of Service; Distributed hash tables; Overlay networks; Packet filtering; Web proxies

Indexed keywords

NETWORK ARCHITECTURE; OVERLAY NETWORKS; PACKET NETWORKS; WEB SERVICES;

CONSISTENT HASHING; CONTENT BASED ROUTING; DDOS ATTACK; DENIAL OF SERVICE; DENIALOF- SERVICE ATTACKS; DISTRIBUTED HASH TABLE; OVERLAY NETWORKING; PACKET FILTERING; WEB PROXY; WEB SERVERS;

DENIAL-OF-SERVICE ATTACK;

EID: 66249131125     PISSN: 15566463     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/icon.2003.1266234     Document Type: Conference Paper

References (19)

1. T. Dierks and C. Allen, "The TLS protocol version 1.0," RFC 2246, January 1999. [Online]. Available: ftp://ftp.isi.edu/in-notes/rfc2246.txt
2. R. S. Sandhu and J. S. Park, "Decentralized user-role assignment for web-based intranets," in ACM Workshop on Role-Based Access Control, 1998, pp. 1-12. [Online]. Available: citeseer.nj.nec.com/sandhu98decentralized.html
3. L. Gong and R. Schemers, "Implementing Protection Domains in the Java Development Kit 1.2," in Proceedings of Network and Distributed System Security Symposium (NDSS), March 1998, pp. 125-134.
4. D. Goldschlag, M. Reed, and P. Syverson, "Onion routing for anonymous and private internet connections," Communications of the ACM (USA), vol. 42, no. 2, pp. 39-41, 1999. [Online]. Available: citeseer.nj.nec.com/goldschlag99onion.html
5. L. Cranor, M. Langheinrich, M. Massimo, M. Presler-Marshall, and J. Reagle, "The Platform for Privacy Preferences 1.0 (P3P1.0) Specification," World Wide Web Consortium (W3C), Tech. Rep., 2002.
6. J. Ioannidis and S. M. Bellovin, "Implementing Pushback: Router-Based Defense Against DDoS Attacks," in Proceedings of the Network and Distributed System Security Symposium (NDSS), February 2002.
7. D. Dean, M. Franklin, and A. Stubblefield, "An Algebraic Approach to IP Traceback," in Proc. of the Network and Dsitributed System Security Symposium (NDSS), February 2001, pp. 3-12.
8. S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Network Support for IP Traceback," ACM/IEEE Transactions on Networking, vol. 9, no. 3, pp. 226-237, June 2001.
9. A. D. Keromytis, V. Misra, and D. Rubenstein, "SOS: Secure Overlay Services," in Proceedings of ACM SIGCOMM, August 2002, pp. 61-72.
10. I. Stoica, R. Morris, D. Karger, F. Kaashoek, and H. Balakrishnan, "Chord: A scalable peer-to-peer lookup service for internet applications," in Proceedings of ACM SIGCOMM, San Diego, CA, August 2001.
11. L. Peterson, D. Culler, T. Anderson, and T. Roscoe, "A Blueprint for Introducing Disruptive Technology into the Internet," in Proceedings of the 1st Workshop on Hot Topics in Networks (HotNets-I), October 2002. [Online]. Available: citeseer.nj.nec.com/peterson02blueprint.html
12. S. Ioannidis, A. Keromytis, S. Bellovin, and J. Smith, "Implementing a Distributed Firewall," in Proceedings of Computer and Communications Security (CCS), November 2000, pp. 190-199.
13. D. Karger, B. Lehman, F. Leighton, R. Panigrahy, M. Levine, and D. Lewin, "Consistent Hashing and Random Trees: Distributed Caching Protocols for Relievig Hot Spots on the World Wide Web," in Proceedings of ACM Symposium on Theory of Computing (STOC), May 1997, pp. 654-663. [Online]. Available: citeseer.nj.nec.com/karger97consistent.html
14. D. Farinacci, T. Li, S. Hanks, D. Meyer, and P. Traina, "Generic Routing Encapsulation (GRE)," RFC 2784, March 2000. [Online]. Available: http://www.rfc-editor.org/rfc/rfc2784.txt
15. G. Dommety, "Key and Sequence Number Extensions to GRE," RFC 2890, September 2000. [Online]. Available: http://www.rfc-editor.org/rfc/ rfc2890.txt
16. CCITT, X.509: The Directory Authentication Framework, International Telecommunications Union, Geneva, 1989.
17. S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker, "A Scalable Content-Addressable Network," in Proceedings of ACM SIGCOMM, San Diego, CA, August 2001.
18. S. Miltchev, S. Ioannidis, and A. Keromytis, "A Study of the Relative Costs of Network Security Protocols," in Proceedings of USENIX Annual Technical Conference (Freenix track), June 2002, pp. 41-48.
19. F. Kargl, J. Maier, and M. Weber, "Protecting web servers from distributed denial of service attacks," in Proceedings of the World Wide Web Conference, 2001, pp. 514-524. [Online]. Available: citeseer.nj.nec.com/ 444367.html