High-profile web servers often become the victim of web server overload Distributed Denial-of-Service (DDoS) attacks. Motivations of such attacks range from technical challenge (e.g. script kiddies) to financial profit (e.g. blackmailing the web server’s owner). This paper presents the DIADEM Firewall architecture that allows an ISP to protect its customers from being the target of a DDoS attack. Additionally, it provides protection against usage of customer hosts for attacks. Furthermore, the use-case of the web server overload attack detection and response mechanism will be explained in more details. Finally, we outline the integration an FPGA based highspeed classifier engine integrated into the Linux Netfilter firewall as well as its deployment during a response action against the DDoS attack. 1
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.