Load Balancing.
For network providers, there
are a number of techniques used to mitigate the effects of a DDoS attack. Providers can increase bandwidth on critical
connections to prevent them from going down in the event of an attack. Replicating servers can help provide
additional failsafe protection in the event some go down during a DDoS
attack. Balancing the load to each
server in a multiple-server architecture can improve both normal performance as
well as mitigate the effect of a DDoS attack.
Throttling.
One proposed method to prevent
servers from going down is to use Max-min Fair server-centric router throttles. This method sets up routers that access a
server with logic to adjust (throttle) incoming traffic to levels that will be
safe for the server to process. This
will prevent flood damage to servers.
Additionally, this method can be extended to throttle DDoS attacking
traffic versus legitimate user traffic for better results. This method is still
in the experimental stage, however similar techniques to throttling are being
implemented by network operators. The
difficulty with implementing throttling is that it is still hard to decipher
legitimate traffic from malicious traffic.
In the process of throttling, legitimate traffic may sometimes be
dropped or delayed and malicious traffic may be allowed to pass to the servers.
Another method is to simply drop requests when the load increases. This can be done by the router or the server. Alternatively, the requester may be induced to drop the request by making the requester system solve a hard puzzle that takes a lot of compute power or memory space, before continuing with the request. This causes the users of zombie systems to detect performance degradation, and could possibly stop their participation in sending DDoS attack traffic.
No comments:
Post a Comment