Skip to main content
Article thumbnail
Location of Repository

Diadem Firewall: Web Server Overload Attack Detection and Response

By Gerhard Münz, Ali Fessi, Georg Carle, Oliver Paul, Dušan Gabrijelčič, Yannick Carlinet, France Telecom, Jan Van Lunteren, Patricia Sagmeister and Gero Dittmann

Abstract

High-profile web servers often become the victim of web server overload Distributed Denial-of-Service (DDoS) attacks. Motivations of such attacks range from technical challenge (e.g. script kiddies) to financial profit (e.g. blackmailing the web server’s owner). This paper presents the DIADEM Firewall architecture that allows an ISP to protect its customers from being the target of a DDoS attack. Additionally, it provides protection against usage of customer hosts for attacks. Furthermore, the use-case of the web server overload attack detection and response mechanism will be explained in more details. Finally, we outline the integration an FPGA based highspeed classifier engine integrated into the Linux Netfilter firewall as well as its deployment during a response action against the DDoS attack. 1

Year: 2005
OAI identifier: oai:CiteSeerX.psu:10.1.1.352.5963
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://pubs.doc.ic.ac.uk/BBEur... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.