Text Size
- Home
-
News
Advanced computing news from Communications of the ACM, other ACM resources, and from around the Web.
- Blogs
- Opinion
-
Browse by Subject
Recent articles from Communications organized into categories that encompass the broad scope of computing.
-
Magazine Archive
-
Careers
Jump-start your career with information on trends, opportunities and jobs – in both industry and academia.
- ACM Resources
-
Subscribe
Receive the benefits of ACM membership with a subscription to its flagship publication, Communications of the ACM.
This Article
ACM TechNews
Prototype Security Software Blocks DDoS Attacks
Auburn University researchers have developed a software filter that protects computers against distributed denial-of-service (DDoS) attacks without bogging down the computer's CPU and memory. The identity-based privacy-protected access control filter (IPCAF) also wards against session hijacking, dictionary attacks, and man-in-the-middle attacks.
Instead of warding against IP addresses, which can be faked by hijackers, IPCAF sends a user ID and password to computer users and the Web site they are attempting to access. Then the two parties create fake IDs and values for each packet so that each one is double-checked. Computers check the value in each packet and choose whether to accept it or not. Only then are more memory and CPU resources used to deal with them.
The researchers say that IPCAF also is useful because it does not rely on separate and expensive applications that bog down memory. Instead it uses servers and client machines without affecting computer use.
IPCAF uses hash-based message authentication code to create the value it will use to confirm every single packet, which saves CPU power, says Auburn's Chwan-Hwa "John" Wu. When testing IPCAF, Wu found that the computer network was only stalled by 30 nanoseconds during an attack through a 10-Gbit/second connection. "For humans, there is no difference," he says. Meanwhile, security teams can possibly track the source of the original attack.
From Network World
View Full Article
Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA 
Sign In To Comment On This Article
Create A Web Account
If you are an ACM member, Communications subscriber, Digital Library subscriber, or use your institution's subscription, please set up a web account to access comments, premium content and additional site features.
If you are a SIG member or member of the general public, you may set up a web account to comment on free articles and sign up for email alerts.
Tools For Readers
Related ACM Resources
Conferences:
- 8th International Heinz Nixdorf Symposium - April 21, 2010 – April 22, 2010; Paderborn, Germany
Books:
- LINQ in Action - Fabrice Marguerie, Steve Eichert, Jim Wooley
Courses:
- Windows XP Professional: An Introduction - In this course, you will examine the Windows XP Professional environment, observe how to organize files and folders, and discover how to manage and customize …
About Communications |
Join ACM 
|
Renew |
Subscribe |
Sign In |
For Authors |
For Advertisers |
Privacy |
Site Map |
Help |
Contact Us
Copyright © 2009 by the ACM. All rights reserved.