Recent outages on Web sites like Facebook and Twitter are a problem for users.
Computer engineers at Auburn may have the solution.
John Wu, Tong Liu, Andy Huang and David Irwin are engineers who have created software for computer systems called Identity-Based Privacy-Protected Access Control Filter (IPACF).
"Denial of Service (DoS) and distributed Denial of Service (DDoS) attacks involve an attempt to make a computer resource unavailable to its intended users," Liu said in a written introduction to the team's research. "A DoS attack can be used to affect a complete network or even a whole section of the Internet."
In the case of commercial Web sites, Liu said, these attacks are simply for malicious purposes.
They exist only to disrupt busy networks and generally cause problems for problems' own sake.
However, DDoS and DoS attacks can also be used to exploit a system's response and break through firewalls, often accessing private networks and resources.
"Methods for configuring a network to filter out known DoS attack software and to recognize some of the traffic patterns associated with a mounting DoS attack are available," Liu said. "However, current filters usually rely on the computer being attacked to check whether or not incoming information requests are legitimate or not."
IPACF protocol filters out threats while still allowing users with legitimate passwords to access protected resources.
A filter value is presented with a pseudo-ID only one time, making it close to impossible for attackers to forge these numbers and get through the system.
The program uses lightweight hashing to create the coding values used to filter attacks. These measures keep the program from slowing down processing power on computers.
Wu said users don't sense that attacks are under way on their computers, making it possible for the network security teams to keep them active and trace them to their control centers.
"For humans, there is no difference," Wu said.
A stumbling block projected for the software is that the transfer of information may add to resources needed by the server.
Tests have been positive, however, proving that servers sustain minimal degradation, extra processor usage or information transfer delay.
In fact, it takes a mere six nanoseconds for the IPACF to screen information packets commonly identified with DoS attacks.
Wu said this research, once able to effectively trace attackers, will hopefully result in a commercial software that can be used in business networks.
Do you like this story? The Plainsman doesn't accept money from tuition or student fees, and we don't charge a subscription fee. But you can donate to support The Plainsman.
