Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information Security Applications

WISA 2012: Information Security Applications pp 285–295Cite as

Implementation of GESNIC for Web Server Protection against HTTP GET Flooding Attacks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7690))

Abstract

Distributed Denial-of-Service (DDoS) attacks are made in such a way that a plurality of zombie computers infected with malicious code simultaneously makes Denial-of-Service (DoS) attacks. These DDoS attacks still dominate the ranking of cyber threats. It is a great challenge to accurately detect and intercept the DDoS attacks on high speed network. Most of all, HTTP GET flooding attacks increase day by day. Therefore, we propose the web server protection scheme against HTTP GET flooding attacks. The proposed technique easily can detect HTTP GET flooding attacks. Most of all, it was implemented in our Gigabit Ethernet Secure Network Interface Controller (GESNIC) for the high performance DDoS prevention. Our GESNIC let IT administrators protect their Internet servers against various DDoS attacks. GESNIC provides the high performance secure logics, which is a kind of security offload engine against TCP and HTTP related DDoS attacks on network interface card. Besides, the secure offload engine has robustness against various DDoS attacks itself and it is independent on server’s OS and external network configuration. Its performance is almost a carrier-class level as latency time of 7x106 seconds. In summary, installing our GESNIC can make the more secure, highly available, and easier to manage - which is exactly the kind of innovation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zade, A.R., Patil, S.H.: A Survey On Various Defense Mechanisms Against Application Layer DDoS Attack. International Journal on Computer Science and Engi-neering (IJCSE) 3(11), 3558–3563 (2011)

    Google Scholar 

  2. Wu, Z., Wang, C., Zeng, H.: Research on the comparison of Flood DDoS and Low-rate DDoS. In: 2011 International Conference on Mul-timedia Technology (ICMT), pp. 5503–5506 (July 2011)

    Google Scholar 

  3. Choi, Y.-S., Oh, J.-T., Jang, J.-S., Ryou, J.-C.: Integrated DDoS Attack Defense Infrastructure for Effective Attack Prevention. In: 2nd International Conference on Information Technology Convergence and Services, pp. 1–6 (August 2010)

    Google Scholar 

  4. Xie, Y., Yu, S.: Monitoring the Application-Layer DDoS Attacks for Popular Websites. IEEE/ACM Transactions on Networking (2009)

    Google Scholar 

  5. Han, K., Im, E.: A Study on the Analysis of Netbot and Design of Detection Framework. In: JWIS 2009 (2009)

    Google Scholar 

  6. Ranjan, S., Swaminathan, R., Uysal, M., et al.: DDoS-Shield: DDoSResilient Scheduling to Counter Application Layer Atttacks. IEEE/ACM Transactions on Networking 7(1), 26–39 (2009)

    Article  Google Scholar 

  7. Yu, J., Fang, C., Lu, L., Li, Z.: A Lightweight Mechanism to Mitigate Application Layer DDoS Attacks. In: Mueller, P., Cao, J.-N., Wang, C.-L. (eds.) INFOSCALE 2009. LNICST, vol. 18, pp. 175–191. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Yatagai, T., Isohara, T., Sasase, I.: Detection of HTTP-GET flood Attack Based on Analysis of Page Access Behavior. In: 2007 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 232–235 (August 2007)

    Google Scholar 

  9. Yu, J., Li, Z., Chen, H., Chen, X.: A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks. In: Third International Conference on Networking and Services(ICNS 2007), pp. 54–59 (2007)

    Google Scholar 

  10. Lu, W.Z., Yu, S.Z.: A HTTP Flooding Detection Method Based on Browser Behavior. In: 2006 International Conference on IEEE Computational Intelligence and Security, vol. 2, pp. 1151–1154 (November 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Internet Management Technology Laboratory, Department of Electronic and Computer Engineering, Sungkyunkwan University, 300 Chenchen-dong, Jangan-gu, Suwon, Gyeonggi-do, 440-746, Republic of Korea

    Hyunjoo Kim & Tai-Myoung Chung

  2. Network System Security Research Team, Electronics and Telecommunications Research Institute, 218 Gajeongno, Yuseong-gu, Daejeon, 305-700, Republic of Korea

    Byoungkoo Kim, Daewon Kim & Ik-Kyun Kim

Authors
  1. Hyunjoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Byoungkoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daewon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ik-Kyun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tai-Myoung Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Information Security Technologies, Korea University, Anam-dong 5(o)-ga, 136-713, Seoul, Korea

    Dong Hoon Lee

  2. Computer Science Department, Columbia University, Amsterdam Avenue 1214, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, H., Kim, B., Kim, D., Kim, IK., Chung, TM. (2012). Implementation of GESNIC for Web Server Protection against HTTP GET Flooding Attacks. In: Lee, D.H., Yung, M. (eds) Information Security Applications. WISA 2012. Lecture Notes in Computer Science, vol 7690. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35416-8_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35416-8_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35415-1

  • Online ISBN: 978-3-642-35416-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation