research-article

Implementing a "moving target" system to protect servers

Authors:

Curtis Taylor,

Craig ShueAuthors Info & Claims

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research

Article No.: 81, Page 1

https://doi.org/10.1145/2179298.2179390

Published: 12 October 2011 Publication History

Get Access

Abstract

On the Internet, attackers often compromise systems owned by other people and group these systems into a "botnet" to launch attacks automatically. Current methods to prevent such automated attacks are either are application-specific or use signatures that can that can miss some attacks. We take a different approach by making a key observation: while attackers have a low success rate, they often compensate for it by launching more attacks. To have high throughput, attackers take shortcuts and break protocols. We address these issues by implementing a system that can detect malicious activity and block attacks. We tested this system on a small network and found that it is effective, requires no administrative overhead, and has low performance overheads.

Supplementary Material

Supplemental material. (a81-taylor_slide.pdf)

Download
277.24 KB

Recommendations

Dynamic Binary User-Splits to Protect Cloud Servers from DDoS Attacks
ICCC '13: Proceedings of the Second International Conference on Innovative Computing and Cloud Computing

Several overlay-based solutions have been proposed to protect network servers from DoS/DDoS attacks. The common objective in the existing solutions is to prevent the attacking traffic from reaching the servers by hiding the location of target server ...
Moving Target Defense II: Application of Game Theory and Adversarial Modeling
Moving Target Defense II: Application of Game Theory and Adversarial Modeling

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research

October 2011

18 pages

ISBN:9781450309455

DOI:10.1145/2179298

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

CSIIRW '11

Sponsor:

Eurosis
University of Tennessee

CSIIRW '11: Cyber Security and Information Intelligence Research Workshop

October 12 - 14, 2011

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
136
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Recommendations

Dynamic Binary User-Splits to Protect Cloud Servers from DDoS Attacks

Moving Target Defense II: Application of Game Theory and Adversarial Modeling

Moving Target Defense II: Application of Game Theory and Adversarial Modeling