On the application of anomaly detection in reliable server pooling systems for improved robustness against denial of service attacks
Schöttle P., Dreibholz T., Rathgeb E.P.
Zusammenfassung
The Reliable Server Pooling (RSerPool) architecture is the IETF's upcoming standard of a light-weight server redundancy and session failover framework for availability-critical applications. RSerPool combines the ideas from different research areas into a single, resource-efficient and unified architecture. Although there have already been a number of research papers on the pool management, load distribution and failover handling performance of RSerPool, the robustness against intentional attacks has not been intensively addressed yet. Therefore, the first goal of this paper is to provide a robustness analysis in order to outline the attack bandwidth necessary for a significant impact on RSerPool-based services. After that, we present our anomaly detection approach that has been designed to protect RSerPool systems against attacks. We also show the effectiveness of this approach by simulations.1 ©2008 IEEE.
Schlüsselwörter
Anomaly detection; Attacks; Denial of service; Reliable server pooling; Robustness