Now, a novel filtering system to protect computer networks from zombies
Washington, October 1 (ANI): Auburn University experts in Alabama say that security on government, commercial, and educational systems can be significantly improved by using a novel system to filter out denial of service attacks on computer networks, including cloud computing systems.
Reporting about such a filter in the Int. J. Information and Computer Security, the researchers have pointed out that denial of Service (DoS) and distributed Denial of Service (DDoS) attacks involve an attempt to make a computer resource unavailable to its intended users.
This may simply be for malicious purposes as is often the case when big commercial or famous web sites undergo a DDoS attack, they say.
However, according to the researchers, it is also possible to exploit the system's response to such an attack to break system firewalls, access virtual private networks, and to access other private resources.
They say that a DoS attack can also be used to affect a complete network or even a whole section of the Internet.
The existing methods for configuring a network to filter out known DoS attack software, and to recognize some of the traffic patterns associated with a mounting DoS attack usually rely on the computer being attacked to check whether or not incoming information requests are legitimate or not.
This consumes its resources, and can compound the problem in the case of a massive DDoS.
Now, computer engineers John Wu, Tong Liu, Andy Huang, and David Irwin have devised a filter to protect systems against DoS attacks that circumvents this problem by developing a new passive protocol that must be in place at each end of the connection: user and resource.
Dubbed Identity-Based Privacy-Protected Access Control Filter (IPACF), the new technology blocks threats to the gatekeeping computers, the Authentication Servers (AS), and so allows legitimate users with valid passwords to access private resources.
The user's computer has to present a filter value for the server to do a quick check. The filter value is a one-time secret that needs to be presented with the pseudo ID. The pseudo ID is also one-time use. Attackers cannot forge either of these values correctly and so attack packets are filtered out.
Testing how well IPACF copes in the face of a massive DDoS attacks simulated on a network consisting of 1000 nodes with 10 gigabits per second bandwidth, the researchers have found that the server suffers little degradation, negligible added information transfer delay (latency) and minimal extra processor usage even when the 10 Gbps pipe to the authentication server is filled with DoS packets.
Indeed, the IPACF takes just 6 nanoseconds to reject a non-legitimate information packet associated with the DoS attack. (ANI)
-
India vs New Zealand T20 World Cup 2026 Final: Five Positive Signs Favouring India Before Title Clash -
IND vs NZ Final Live: When and Where to Watch India vs New Zealand T20 World Cup 2026 Title Clash -
Ind vs NZ T20 World Cup 2026: New Zealand Needs 256 Runs To Beat India And Win The World Cup -
UAE Attacks Iran, Becomes 5th Nation To Enter War; Reports Suggest Strike On Iranian Facility -
ICC T20 World Cup 2026 Final: Ricky Martin, Falguni Pathak To Perform At Closing Ceremony, How To Watch -
Who Is Nishant Kumar: Education, Personal Life and Possible Political Role -
IND vs NZ T20 WC Final: New Zealand Win Toss, Opt To Chase; Why Batting First Could Be A Tough Call For India -
Gold Rate Today 8 March 2026: IBJA Issues Fresh Gold Rates; Tanishq, Malabar, Kalyan, Joyalukkas Prices -
From Kerala Boy To World Cup Hero: Sanju Samson’s 89-Run Blitz, His Birth, Religion, Wife And Inspiring Story -
Hyderabad Gold Silver Rate Today, 8 March, 2026: Latest Gold Prices And Silver Rate In Nizam City -
Panauti Stadium? Is Narendra Modi Stadium an Unlucky Venue for India National Cricket Team? -
Storm Over West Bengal Govt's 'Snub' To President Droupadi Murmu
Click it and Unblock the Notifications
Sign in with Google