Sentinel: Hardware-Accelerated Mitigation of Bot-Based DDoS Attacks

Djalaliev, Peter; Jamshed, Muhammad Asim; Farnan, Nicholas L.; Brustoloni, José Carlos

doi:10.1109/icccn.2008.ecp.123

Cited by 7 publications

(2 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sentinel, a network device for mitigating bot based application layer request flooding DDoS attacks is proposed in [4]. It uses CAPTCHA service for authenticating clients, which is performed by a hardware accelerator based on network processors.…”

Section: Introductionmentioning

confidence: 99%

Transparent FPGA based device for SQL DDoS mitigation

Pandiyarajan¹,

Haridas²,

Varghese

2013

2013 International Conference on Field-Programmable Technology (FPT)

View full text Add to dashboard Cite

A Distributed Denial-of-Service attack is an attempt to make a computer resource unavailable to its intended users. Typically, a large number of bots are triggered by an attacker simultaneously to create a huge load on a web server and bring it down. However, when processing SQL queries on a web server, owing to huge resource requirements, even a small number of queries from smaller set of bots can create huge load on the server. Such sophisticated application layer attacks go undetected by network security solutions under deployment today. Therefore, we propose an SQL DDoS Mitigator device that focuses on preventing such attacks targeting SQL database resources. It can parse packets at line speed, with a maximum latency of 20µs for detecting HTTP GET packets with embedded SQL queries. The query pattern information for requester IP addresses are stored in a red-black tree data structure. Clients crossing the limit of server load, dynamically set on the basis of server state, will be re-directed to a CAPTCHA server for identification of bots. The IPs confirmed as bots are black-listed for a configurable timeout period. The complete system, except the CAPTCHA server, is built on "Xilinx Virtex-II Pro 50" FPGA based NetFPGA-1G platform. The device achieved a throughput of 400 Kilo Packets/s in a 1 Gbps network.

show abstract

Section: Introductionmentioning

confidence: 99%

Transparent FPGA based device for SQL DDoS mitigation

Pandiyarajan¹,

Haridas²,

Varghese

2013

2013 International Conference on Field-Programmable Technology (FPT)

View full text Add to dashboard Cite

show abstract

“…According to the implementation results in Djalaliev et al (2008), the sentinel greatly reduces the impact of DDoS attacks on the response time. For more implementation details of the sentinel, the reader is referred to Djalaliev et al (2008).…”

Section: N-hop Sentinelsmentioning

confidence: 99%

DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis

Tseng

Yang

et al. 2009

2009 Third International Conference on Multimedia and Ubiquitous Engineering

View full text Add to dashboard Cite

Abstract:In Distributed Denial-of-Service (DDoS) Attack, an attacker breaks into many innocent computers (called zombies). Then, the attacker sends a large number of packets from zombies to a server, to prevent the server from conducting normal business operations. We design a DDoS-detection system based on a decision-tree technique and, after detecting an attack, to trace back to the attacker's locations with a traffic-flow pattern-matching technique. Our system could detect DDoS attacks with the false positive ratio about 1.2-2.4%, false negative ratio about 2-10%, and find the attack paths in traceback with the false negative rate 8-12% and false positive rate 12-14%.

show abstract

Anatomy of botnet on application layer: Mechanism and mitigation

Garg

Sharma

2017

2017 2nd International Conference for Convergence in Technology (I2CT)

View full text Add to dashboard Cite

Sentinel: Hardware-Accelerated Mitigation of Bot-Based DDoS Attacks

Cited by 7 publications

References 13 publications

Transparent FPGA based device for SQL DDoS mitigation

Transparent FPGA based device for SQL DDoS mitigation

DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis

Anatomy of botnet on application layer: Mechanism and mitigation

Contact Info

Product

Resources

About