MULTILEVEL INTELLECTUAL APPROACH TO HTTP-REQUESTS LEGITIMACY VALIDATION

Kononenko V. M. , Kravchuk S. O., Ivlev Yu. V. ,Kononenko L. A.

Національний технічний університет України “КПІ”, Київ, Україна

In the paper a multilevel intellectual approach to HTTP-requests legitimacy validation is proposed. The approach is devised for HTTP-flood DDoS-attacks detection and prevention in telecommunication networks with a web-server as the target attack object. The analysis of HTTP-requests attributes and their signatures is provided. On the basis of the analysis the attributes are separated into several levels that allow us to design a flow analyzer in a form of the multilevel block. Due to a multilevel structure of the flow analyzer a minimization of resources, spent for a request handling, is achieved.

Рік видання: 2013
Номер: 1
УДК: 621.391
С. 27—32. Іл. 5. табл. 3. Бібліогр.: 11 назв.

Література:
1. RFC4732: Internet Denial-of-Service Considerations:http://tools.ietf.org/html/rfc4732
2. RFC2616: Hypertext Transfer Protocol – HTTP/1.1:http://tools.ietf.org/html/rfc2616
3. Kononenko V.M. A defense model from failure attacks in HTTP-flood servicing / V. M. Kononenko, S. O. Kravchuk
// Modern problems of radio engineering and telecommunications “RT–2012”: Materials of the 8th
international youth scientific conference, Sevastopil’, April 23-27, 2012 / Sevastopil’ national technical university; ed. J.B. Himpilevych. — Sevastopil’: Sev NTU, 2012. – p. 118. [in Ukrainian]
4. ISO 3166-1 decoding table: http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_...
5. Nginx documentation: http://nginx.org/en/docs
6. Lighttpd documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki#Documentation
7. GeoIP databases and web services: http://www.maxmind.com/en/geolocation_landing
8. Stephen M. Specht, Ruby B. Lee “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures”:
http://palms.ee.princeton.edu/PALMSopen/DDoS%20Final%20PDCS%20Paper.pdf
10. Jelena Mirkovic, Peter Reiher “A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms”:
http://www.eecis.udel.edu/~sunshine/publications/ccr.pdf
11. Jelena Mirkovic “Distributed Defense Against DDoS Attacks”: http://www.isi.edu/~mirkovic/publications/udel_
tech_report_2005-02.pdf

Українська
Documents: