МЕХАНІЗМ ТРИШАРОВОГО ЗАХИСТУ НА ОСНОВІ WEB-СЕРВЕРІВ ВІД РОЗПОДІЛЕНОЇ ВІДМОВИ ВІД ОБСЛУГОВУВАННЯ
It is widely recognized that distributed denial of service (DDoS) attacks can disrupt web services and lead to large revenue losses. DDoS attacks restrict and block legitimate users accessing web servers by exhaustion of victimʼs resources. Due to system leaks and a hidden security problem are used,...
Gespeichert in:
| Datum: | 2025 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | English |
| Veröffentlicht: |
V.M. Glushkov Institute of Cybernetics of NAS of Ukraine
2025
|
| Schlagworte: | |
| Online Zugang: | https://jais.net.ua/index.php/files/article/view/681 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Назва журналу: | Problems of Control and Informatics |
Institution
Problems of Control and Informatics| Zusammenfassung: | It is widely recognized that distributed denial of service (DDoS) attacks can disrupt web services and lead to large revenue losses. DDoS attacks restrict and block legitimate users accessing web servers by exhaustion of victimʼs resources. Due to system leaks and a hidden security problem are used, this attack has the characteristics of natural behavior and it is difficult to be blocked. Protection of web services is of paramount importance, since the Internet is the main technology underlying e-commerce — this is the main purpose of DDoS attacks. The article proposed to isolate and protect the correct traffic from the huge volumes of DDoS traffic when an attack occurs. A new DDoS security mechanism has been developed, which is a three-layer protection mechanism based on web servers. Combining the characteristics of web server traffic and aiming at TCP / IP reference model, it uses statistical filtering and traffic restriction in the network layer, transport layer and application layer to filter out illegal traffic to ensure normal traffic passage. Most of the illegitimate traffic is filtered by SHCF (Simplified Filtering of Hopes) algorithm at the network level. The rest of the illegal traffic is filtered according to the SYNProxyFirewall algorithm at the transmission level. Traffic restriction is used at the application level while DDoS attacks using a legitimate IP address. Thanks to the joint protection of the three-layer mechanism, support for the availability of web services can be provided during DDoS attacks. The protection mechanism is implemented and tested inside the Linux kernel. The result shows that a three-layer protection mechanism can effectively protect against DDoS attacks. |
|---|