The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

Operation Policy for Enhancing Availability of a Web Server against DoS Attacks

서비스 거부 공격에 대응한 웹서버 가용성 향상을 위한 운용 정책 방안

  • 백남균 (숭실대학교 정보통신전자공학부 통신망보안 연구실) ;
  • 정수환 (숭실대학교 정보통신전자공학부 통신망보안 연구실)
  • Published : 2008.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

This paper proposes a 'secure node' to be robust against network-based DoS attacks. The secure node selectively accepts new sessions based on the Zipf's law while a link is in the overload state. Our scheme calculates a threshold value for overload state, and provides a dynamic service mechanism for enhancing availability of a web server. The simulation results show performance improvement of the proposed scheme in terms of completion/connection ratios.

본 연구에서는 네트워크 기반 서비스거부공격에 대응하여 웹서버의 가용성을 향상 시킬 수 있는 보안노드를 설계하고자, 과부하 상태에서 문서의 인기도에 기반 하여 신규 세션 허용을 제어할 수 있는 동적 서비스 메커니즘을 품질 향상방안으로 제안하였다. 그 결과, 과부하가 지속될수록 기존 방식에 비해 웹서비스 요청 세션에 대한 연결접속률과 연결완성률이 크게 향상됨을 알 수 있었다.

Keywords

References

  1. 2007 국가정보보호백서, 국가정보원/정보통신부, 2007
  2. Symantec 인터넷 보안 위협보고서 제10권, 2006.
  3. How to Get Rid of Denial of Service Attacks, http://www.bgpexpert.com/antidos.php
  4. BlackHole Route Server and Tracking Traffic on an IP Network, http://www.ietf.org/rfc/ rfc2616
  5. Unicast Reverse Path Forwarding (uRPF) Enhancements for the ISP-ISP Edge, .ftp://ftp-eng.cisco.com/cons/isp/security/ URPF-ISP.pdf.
  6. Internet Protocol : RFC 791, http://www.ietf.org/ rfc/rfc791
  7. Transmission Control Protocol : RFC 793, http://www.ietf.org/rfc/rfc793
  8. QPM Command Reference, http://www.cisco. com/en/US/products/sw/cscowork/ps2064/ products_user_guide_chaper09186a00800807a9. html#10134
  9. Hypertext Transfer Protocol - HTTP/1.0 : RFC 1945, http://www.ietf.org/rfc/rfc1945
  10. Hypertext Transfer Protocol - HTTP/1.1 : RFC 2616, http://www.ietf.org/rfc/rfc2616
  11. S. Uhlig and O. Bonaventure, "Understanding the Long-Term Self-similarity of Internet Traffic," QOFIS2001, Portugal, pp.286-298, Sep. 2001
  12. Jin Cao et al., "Internet Traffic Tends To Poisson and Independent as the Load Increases," Bell Labs. Technical Report, Murray Hill, 2001
  13. Mikael Andersson, Anders Bengtsson, Martin Host, and Christian Nyberg, "Web Server Traffic in Crisis Conditions," http://www.lu. se/upload/LUCRAM/Andersson-web_server_traffic. pdf.
  14. Stefan Saroiu, Krishna P. Gummadi, Richard J, Dunn, Steven D. Gribble, and Henry M. Levy, "An Analysis of Internet Content Delivery Systems," Proceedings of the Fifth Symposium on Operating Systems Disign and Implementation (OSDI2002), Boston, MA, Dec 2002
  15. Alexandre Gerber, Joseph Houle, Han Nguyen, Matthew Roughan, and Subhabrata Sen, "P2P The Gorilla in the Cable," National Cable & Telecommunications Association(NCTA) 2003 National Show, Chicago, IL, Jun, 2003
  16. Adepele, Martin Arlitt, Carey Williamson, and Ken Barker, "Web Workload Characterization: Ten Years Later," International World Wide Web Conference(WWW2005), Canada, 200
  17. (CC v2.3)국가기관용 침입차단시스템 보호 프로파일 V1.2, IT보안인증사무국, 2006
  18. David Moore, "Inferring Internet Denial-of-Service Activity," http://www.caida.org/outreach/papers/ 2001/BackScatter/usenixsecurity01.pdf