Professional Documents
Culture Documents
Server
Legitimate Client
They also consume
server resources, such
as interrupt processing
capacity, operating
system structures,
processing time, etc.
DoS
DoSAttacks
Attacks
Resource
Resource Resource
Resource
Destruction
Destruction Exhaustion
Exhaustion
Brute-force
Brute-force Vulnerability
Vulnerability
Flooding
Flooding Exploitation
Exploitation
Service-level
Service-level Network-level
Network-level
Primary metrics
Legitimate Response Time
Legitimate Throughput
Honeypots are:
decoy resources to trap attackers
useful in detecting worm-infected hosts
However, honeypots are
at fixed locations
separate from real servers
Proxy Server
Firewall •White-list:
• allow packets from
? certain users/Ips.
? • Not Scalable,
because list grows
with number of users
• Black list:
• do not allow certain
IPs or users.
• More Scalable:
# attackers << # users