Throttling DDoS Attacks using Subset Sum Problem


Recently many prominent web sites face so called Distributed Denial of Service Attacks (DDoS). While former security threats could be faced by a tight security policy and active measures like using firewalls, vendor patches etc. These DDoS are new in such way that there is no completely satisfying protection yet. A DDoS attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying services of the target system to legitimate users. Many techniques have been proposed till now to stop this attack. Our proposed solution is to reduce the impact of the attack on the web server by throttling the clients CPU. This scheme is based on the concept of source throttling where the client pays a resource stamp fee which is negligible when the client makes a limited number of requests but becomes a limiting restriction when a large number of requests are sent. This prevents an attacker from consuming a large portion of the server resources. We prevent an attacker from sending large number of requests by engaging it to solve Subset Sum, NP-Complete, problem. The proposed solution makes use of this Subset sum problem to generate the CPU stamps.

Technical Guidance

Project Member:

Kondra Shushanth Kumar

  • Software        


    Content with URLs that have the current URL as a prefix has been hosted in accordance with fair use principles, for academic and non-profit purposes. By downloading the contents of this page, you agree to bring possible violation of fair use to my notice before taking legal recourse.