WebSOS is an implementation of the Secure Overlay Services framework. The goal of WebSOS is to protect a web server against denial of service attacks.
As a specific implementation of the SOS algorithm, WebSOS access points use a CAPTCHA graphical Turing test, displaying an image with some distorted alpanumeric string, and making the user type the string in a box, to tell between humans and scripts, and to filter out all scripted requests to the target web server, effectively making a DoS attack impossible.
After the user's request to the server has been authorized, it is forwarded using the Chord routing algorithm to the beacon, which knows the IP address of the secret servlet, and so passes it on. The secret servlet then delivers the request to the target server. The latter then sends a response to the user.
A prototype of WebSOS has been implemented using a mix of PHP, Java and C. The code of the prototype is available for public download. The prototype requires at least one Linux server to operate, and it can be used in a complete SOS setup, or to communicate with unrelated and unprotected public servers in order to test its performance. Ideally, however, the full WebSOS setup would have several separate secure overlay access points (SOAPs), multiple regular overlay nodes used for internal routing (on the order of ten), several beacons, several secret servlets, and a target server with all of its inbound traffic blocked by surrounding routers.
Reference:
D. L. Cook, W. G. Morein, A. D. Keromytis, V. Misra, and D. Rubenstein. “WebSOS: Protecting Web Servers From DDoS Attacks,” in Proceedings of the IEEE International Conference on Networks (ICON), September/October 2003
|
