25th IEEE Symposium on Reliable Distributed Systems (SRDS'06) WRAPS: Denial-of-Service Defense through Web Referrals Leeds, United Kingdom October 02-October 04 ISBN: 0-7695-2677-2
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SRDS.2006.48
The web is a complicated graph, with millions of websites interlinked together. In this paper, we propose to use this web sitegraph structure to mitigate flooding attacks on a website, using a new web referral architecture for privileged service (?WRAPS?). WRAPS allows a legitimate client to obtain a privilegeURL through a click on a referral hypherlink, from a website trusted by the target website. Using that URL, the client can get privileged access to the target website in a manner that is far less vulnerable to a DDoS flooding attack. WRAPS does not require changes to web client software and is extremely lightweight for referrer websites, which eases its deployment. The massive scale of the web sitegraph could deter attempts to isolate a website through blocking all referrers. We present the design of WRAPS, and the implementation of a prototype system used to evaluate our proposal. Our empirical study demonstrates that WRAPS enables legitimate clients to connect to a website smoothly in spite of an intensive flooding attack, at the cost of small overheads on the website?s ISP?s edge routers.
Citation:
XiaoFeng Wang, Michael K. Reiter, "WRAPS: Denial-of-Service Defense through Web Referrals," srds, pp.51-60, 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06), 2006 Usage of this product signifies your acceptance of the Terms of Use. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb