Filtering criminal dDOS attacks

Jun 23, 2014

A new hybrid filtering system to protect cloud computing services from distributed denial of service (dDOS) attacks has been developed by US and Indian researchers. They provide details in the latest issue of the International Journal of Grid and Utility Computing.

A distributed (dDOS) attack usually involves a network of computers infected with malware (a botnet) sending repeated data requests en masse to a single server. The botnet is usually controlled by activists intent on protesting against a particular company or organization, by hackers intent on breaching the security of the target system and opening a back door to allow them access to private or proprietary information. According to tech news site Crunchbase, numerous sites have succumbed to dDOS and been thrown offline for various reasons, they include local networking site Meetup, project management tool Basecamp, video site Vimeo, link shortener Bit.ly, blogging system SAY Media/TypePad, internet domain registrar Namecheap, online dating site Plenty of Fish and search engine optimization company Moz, there are many others and many smaller companies are attacked on a daily basis. Many recent dDOS attacks have exploited unpatched security loopholes in networking protocols.

Recently, however, various cloud-based internet services including newsreader website, Feedly, online notebook and bookmarking tool Evernote were taken offline by criminals intent on extorting money from them in exchange for halting the attack. Both companies and others that were attacked this week responded by bravely refusing to give in to the criminals and fought against the dDOS by various means, switching servers, putting up additional filters and firewalls. The attack is still under way at the time of writing.

Meanwhile, Ajith Abraham, Director of Machine Intelligence Research Labs (MIR Labs) in Auburn, Washington, USA and colleagues in India, are developing what they refer to as a "multilevel thrust filtration defending mechanism" to protect cloud computing environments against dDOS attacks. Their approach authenticates incoming requests and detects the different types of dDOS attacks at different levels to spot the most intensive attacks at an early stage and to then block unwanted traffic reaching the cloud service's data centers.

They reckon the total overhead costs to the server of integrating this would be a quarter of the cost of the overheads and downtime due to the dDOS if the tracking reaching the system is unfiltered. This, of course, does not take into account the loss of business revenues as customers and users are precluded from using the system effectively when a dDOS attack is under way.

Explore further: Google announces 'Project Shield' help small sites ward off DDoS attacks

More information: Iyengar, N.Ch.S.N., Ganapathy, G., Mogan Kumar, P.C and Abraham, A. (2014) 'A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment', Int. J. Grid and Utility Computing, Vol. 5, No. 4, pp.236–248.

add to favorites email to friend print save as pdf

Related Stories

Attackers use Network Time Protocol for denial exploit

Feb 12, 2014

(Phys.org) —Reports are calling it the world's most massive distributed denial-of-service (DDoS) attack ever, referring to this week's report about a massive exploit making use of the Network Time Protocol ...

Hackers attack top Czech news websites

Mar 04, 2013

Hackers attacked several top Czech news websites on Monday, overloading them with hundreds of thousands of requests per second to make them inaccessible, publishers said.

DOS Extortion Fading

May 01, 2007

The economics of Denial Of Service blackmailing isn't working out, and botnet owners are shifting to other, less risky crimes.

Answers to your questions about massive cyberattack

Mar 29, 2013

Here are some answers to questions about perhaps the biggest cyberattack ever, which recently targeted Spamhaus, an anti-spam group based in Geneva and London. It ended up slowing down or blocking access to numerous Interne ...

Recommended for you

CloudFlare tackles lost SSL key risk with Keyless SSL

19 hours ago

Organizations looking for and concerned about optimal security protection are the targets of a new service announced by San Francisco-based CloudFlare. The offering is called Keyless SSL. CloudFlare explained ...

When does Google hand over your data to governments?

22 hours ago

Governments around the world want to know a lot about who we are and what we're doing online and they want communications companies to help them find it. We don't know a lot about when companies hand over ...

User comments : 0