Addressing Denial of Service Attacks
Summary of technology
Denial of Service (DoS) attacks have become an increasing threat to the operating capabilities of all organisations that rely on a web presence. As more systems and devices are connected to the internet without proper security, it has become easier to mount such attacks, and current approaches to countering attacks are not effective.
This novel approach to countering DoS attacks uses a proven set of statistical laws to categorise the incoming traffic. It uses a moving time window to model the distribution of packets during ‘normal’ operation, and when it detects a change in this behaviour it moves to a filtering mode which discards the crafted packets. It differentiates between malicious and genuine packets without deep packet inspection, so requires fewer resources than existing methods.
The advantages of this approach are:
- it is resistant to packet crafting/spoofing
- it requires limited resources compared to current methods
- it is fully adaptive to each organisation or service without human-driven analysis or customisation
- it can be implemented as a software agent or a hardware based application, so offers flexibility on how and where it is deployed.
Associate Professor Mihai Lazarescu of the Department of Computing has a research background in network design and reliability. He is leading the research team which includes researchers from Oklahoma State University.
Stage of development
A proof of concept has been developed and has been tested on a DoS attack on a server hosting a networked game as well as an attack on individual players. The approach categorised malicious traffic with 96 per cent accuracy, and normal traffic with 90 per cent accuracy.
Intellectual property is owned by Curtin University. A provisional patent application has been lodged on the overall methodology.
We are looking for a DoS protection services vendor to collaborate on more extensive testing, with a view to licencing the technology to integrate into their product suite.