Protecting web servers from distributed denial of service attack

This thesis developed a novel architecture and adaptive methods to detect and block Distributed Denial of Service attacks with minimal punishment to legitimate users. A real time scoring algorithm differentiated attackers from legitimate users. This architecture reduces the power consumption of a web server farm thus reducing the carbon footprint

Feasibility of eliminating IDPS devices from a web server farm

Current web security systems need Intrusion Detection and Prevention Systems (IDPS), web proxies and rewalls to protect the websites from malicious network trac. All these functions come at a cost for a web farm and add to power costs. Our previous work has concluded that the web server detection of application layer DDoS attacks is far more power ecient than an equivalent IDPS. This paper shows that all remaining IDPS functionality can be split between the rewall and the web server allowing the removal of the traditional IDPS and so substantially reducing the CPU load and total electrical power bill of a web farm