A Middleware System for Protecting Against Application Level Denial of Service Attacks

  • Mudhakar Srivatsa
  • Arun Iyengar
  • Jian Yin
  • Ling Liu
Conference paper

DOI: 10.1007/11925071_14

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4290)
Cite this paper as:
Srivatsa M., Iyengar A., Yin J., Liu L. (2006) A Middleware System for Protecting Against Application Level Denial of Service Attacks. In: van Steen M., Henning M. (eds) Middleware 2006. Middleware 2006. Lecture Notes in Computer Science, vol 4290. Springer, Berlin, Heidelberg

Abstract

Recently, we have seen increasing numbers of denial of service (DoS) attacks against online services and web applications either for extortion reasons, or for impairing and even disabling the competition. These DoS attacks have increasingly targeted the application level. Application level DoS attacks emulate the same request syntax and network level traffic characteristics as those of legitimate clients, thereby making the attacks much harder to be detected and countered. Moreover, such attacks usually target bottleneck resources such as disk bandwidth, database bandwidth, and CPU resources. In this paper we propose server-side middleware to counter application level DoS attacks. The key idea behind our technique is to adaptively vary a client’s priority level, and the relative amount of resources devoted to this client, in response to the client’s past requests in a way that incorporates application level semantics. Application specific knowledge is used to evaluate the cost and the utility of each request and the likelihood that a sequence of requests are sent by a malicious client. Based on the evaluations, a client’s priority level is increased or decreased accordingly. A client’s priority level is used by the server side firewall to throttle the client’s request rate, thereby ensuring that more server side resources are allocated to the legitimate clients. We present a detailed implementation of our approach on the Linux kernel and evaluate it using two sample applications: Apache HTTPD micro-benchmarks and TPCW. Our experiments show that our approach incurs low performance overhead and is resilient to application level DoS attacks.

Download to read the full conference paper text

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Mudhakar Srivatsa
    • 1
  • Arun Iyengar
    • 2
  • Jian Yin
    • 2
  • Ling Liu
    • 1
  1. 1.College of Computing, Georgia Institute of TechnologyAtlantaUSA
  2. 2.IBM T. J. Watson Research CenterYorktown HeightsUSA

Personalised recommendations