Instead of sitting still while a distributed denial of service (DDoS) attack is occurring, why not be a moving target?
At least that is what researchers at George Mason University say.
The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.
Denial-of-service attacks, which work by overwhelming a target system thereby forcing it to shut down and deny service to legitimate users, are increasing in severity as assault methods become more sophisticated and attackers’ goals more sinister.
These types of attacks hit a record high in 2015 increasing by as much as 132 percent over the previous year according to Digital Trends.
“Our research is vital as a real-world solution to these attacks, which are one of the most critical cyber security threats today, crippling online businesses with downed websites, financial losses and damaged client relationships,” said Angelos Stavrou who helped conduct the research and teaches in Mason’s MS in Management of Secure Information Systems program.
The research on this cyber security defense is starting to get industry recognition.
The protected system has two servers for normal operation, and each is under attack by a malicious client blended with legitimate clients (C1-C4). The “moving target” defense introduces two additional servers and repeatedly shuffles clients until only one server is being attacked.
Eventually, in a process that involves multiple servers and multiple rounds of shuffling, it is possible to identify and segregate the attackers. The system, even when under attack, will be available to most legitimate clients — preserving the organization’s reputation, productivity and revenue.