FRADE: Flash cRowd Attack DEfense

Members

Overview

Flash Crowd attack(FCA) is a type of distributed denial of service attack(DDoS) which floods the application server with requests generated from the bots. Its name originate from a legitimate phenomenon, known as a "flash-crowd", where many users access the server because of some popular event. Attackers mimic this by delploying a large, distributed bot network and generate legitimate application requests that overwhelm the application server. Flash-crowd attacks are extremly challenging because they requests legitimate content and at a slow rate to avoid detection. These features makes the existing defenses approaches like rate-based detection and malicious content-based detection, ineffective against Flash Crowd Attacks.

Our Solution

FRADE is a defense scheme to mitigate Flash Crowd Attack by distinguising humans from bots. The goal of the FRADE is to raise the bar for the number of bots needed for a succesfull Flash Crowd Attack. FRADE achieves this by three novel approaches which models the human behaviour to distinguish human users from flash-crowd bots.




FRADE Design

Software

FRADE is in active development, and its beta release will be available soon.

Publications


This material is based upon work supported by the National Science Foundation under Grant No. 1319215. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.