SENTRY:A novel approach for mitigating application layer DDoS threats

Zhang, H. and Taha, A. and Trapero, R. and Luna, J. and Suri, Neeraj (2016) SENTRY:A novel approach for mitigating application layer DDoS threats. In: 2016 IEEE Trustcom/BigDataSE/ISPA. IEEE, pp. 465-472. ISBN 9781509032068

Full text not available from this repository.


Cloud services are attractive with their advocated technical and economic advantages of transparent resource access, scalability, elasticity and multiple others. However, Cloud services also suffer from multiple infrastructure and application-level threats, with the application-layer distributed denial of service (DDoS) attack being one of the harder ones to mitigate. These attacks typically block the targeted servers by consuming the available resources to result in performance degradation along with the reduced availability of services. While some existing schemes (e.g., intrusion detection/protection) are effective for selective attacks, the evolving application layer DDoS attacks are often able to bypass them. We address this problem by proposing and validating a novel and efficient methodology, termed SENTRY, that specifically aims to mitigate application-layer DDoS attacks. SENTRY utilizes a challenge-response approach that: (a) analyses the attackers physical bandwidth resources, (b) dynamically adapts to the varied work load scenarios, and (c) blocks suspicious service requests from dishonest clients. © 2016 IEEE.

Item Type:
Contribution in Book/Report/Proceedings
ID Code:
Deposited By:
Deposited On:
14 Oct 2019 14:07
Last Modified:
21 Nov 2022 17:07