One-time Session Key based HTTP DDoS Defense Mechanisms

최상용; 강익선; Yong-Min Kim

Journal of The Korea Society of Computer and Information

Abbr : JKSCI
2013, 18(8), pp.95-104
Publisher : The Korean Society Of Computer And Information
Research Area : Computer Science

최상용 ¹ , 강익선 ² , Yong-Min Kim ³

¹ 한국과학기술원 사이버보안연구센터
² 한국과학기술원 사이어보안연구센터
³ 전남대학교

ABSTRACT

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can’t be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.
KEYWORDS

DDoS Attack , Cookie , Defense , Authentication
REFERENCES (19)

[thesis] Changbaek Jang / 2010 / Using CDN Technique Smart DNS of DDoS Attack Protection / 석사 / Soongsil University

[thesis] Jungmin Choi / 2011 / Design of dynamic load balancing algorithm for anti-DDoS system / 석사 / Konkuk University

[thesis] SungSoo Park / 2010 / A Study on CAPTCHA-Based Mitigation of DDoS Attacks / 석사 / Dongguk University

[journal] Jelena Mirkovic / 2004 / A Taxonomy of DDoS Attack and DdoS Defense Mechanisms / ACM SIGCOMM computer Communitions Review 34 (2) : 39~54

[journal] Jahyun Koo / 2008 / Type and Response for Denial of Service / Weekly Technical Trends / Institute for Information Technology Advancement 1377

[journal] 서진원 / 2012 / The Design of Anti-DDoS System using Defense on Depth / 정보보호학회논문지 / 한국정보보호학회 22 (3) : 679~689

[confproc] Kelly jackson Higgins / 2010 / Researchers To Demonstrate New Attack That Exploits HTTP / 2010 OWASP AppSec Conference

[web] / Slowloris HTTP DoS / http://ha.ckers.org/slowloris/

[web] / Slow Read DDoS / https://community.qualys.com/blogs/securitylabs/2012/01/05/slow-read

[web] / secunuews / http://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?menu_dist=2&seq=16316

[web] / Ahnlab ASEC Report / http://download.ahnlab.com/asecReport/ASEC_Report_200907.pdf

[web] / 3.4 DDoS Analysis Report / http://www.ahnlab.com

[confproc] Laura Feinstein / 2003 / Statistial Approaches to DDoS Attack Detection and Response / DARPA Information Survivability conference and Exposition : 303~314

[thesis] Namgyun Baek / 2011 / A Study on Efficient DDoS Attack Defense Scheme Using Performance Measurement Metrics based on Web Protocol's Features / Soongsil University

[journal] 이대섭 / 2012 / Analysis of Defense Method for HTTP POST DDoS Attack base on Content-Length Control / 정보보호학회논문지 / 한국정보보호학회 22 (4) : 809~817

[thesis] Dongmaeng Kim / 2012 / A Study of Information System Optimization for DDoS Attaks resopnse / 석사 / Konkuk University

[thesis] Jonggap Jeung / 2012 / A client-based DDoS attack defense mechanism through user authentication / 석사 / Korea University

[other] / RFC 2109 - HTTP State Management Mechanism

[other] / RFC 2616 - Hypertext Transfer Protocol — HTTP/1.1
KCI Citation (1)

KJC Korea
Journal Central

Statistics

Tools