Distributed Denial-of-Service (DDoS) attacks are one of the most threatening assaults on the Internet today. Servers are flooded with a tremendous number of nonsense requests from thousands of clients in order to cause a server overload or even crash. Usually, a single attacker controls a powerful (bot) network of Trojan horse infected PCs and let them attack a web service simultaneously without the knowledge of the PC owner. DDoS attacks seriously harm e-businesses such as web shops, online auctions, online banking or simply cause an image loss of a company.
The fact, that the requests origin from computers all over the world and might even look like legitimate request messages makes it very hard to filter them or firewall them in a classical way.
Nevertheless, the requests are machine generated and not initiated by a human. Our new approach to detect and prevent DDoS attacks claims now to detect anomaly patterns which are a result of these machine generated packets. Therefore, we use pattern recognition methods to determine and filter the non-legitimate packets based on multiple parameters, such as routing information, origin networks, coherences on document structures and many others.
We aim to build an intelligent system which is able to defend against new DDoS attack methods and tools automatically without adjusting any filter rules.