acm-header
Sign In

Communications of the ACM

Home/News/Smart Servers Spot and Block Botnet Attacks/Full Text
ACM TechNews

Smart Servers Spot and Block Botnet Attacks

By New Scientist
February 8, 2011
Comments
View as: Print Mobile App Share:

New software will enable a computer server to determine when it is under a distributed denial of service attack and block traffic from culpable Internet protocol addresses until the threat subsides.

Consultant Jaydip Sen has developed algorithms that are able to measure how much data a server receives and from which computers. The algorithms compare the data levels with the amount of traffic the computers send on an average day. Another round of statistical analysis is performed on the hosts with an unusual increase in activity to identify exactly which ones are launching the attacks, and the software then blocks the attacks.

Although the technique has been correct in 100 percent of test cases, it requires a level of computing power that is unfeasible. As a result, Sen has simplified the algorithms to reduce the workload of the server, and says this version gets attacks right 91 percent of the time. "If a server is swamped by legitimate traffic, then it will block traffic from some of the legitimate sources," Sen says.

From New Scientist
View Full Article

Abstracts Copyright © 2011 Information Inc. External Link, Bethesda, Maryland, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account