Application Layer DoS

How to prevent it

Hdiv actively protects applications against DoS using configurable rules that allow attackers to be rejected if a condition is matched. Those rules can be modified in Web Console and are deployed in all Hdiv protected nodes. Detailed information on how to set up these rules can be found here

Hdiv DoS protection

The key benefits of Hdiv DoS protection are:

  • Scalable: Every single node is responsible for detecting an preventing DoS, which makes it completely scalable
  • Customizable: Customizable rules can be included to detect DoS attack patterns as well as the standard ones
  • Distributed feedback: All Hdiv nodes create a network which provides information to distribute attack feedback and improve overall protection

Improving DoS detection/protection (HVN)

Actions

Hdiv virtual network is a network of Hdiv protected nodes that are connected to an Hdiv Web Console. Thanks to this virtual network, Hdiv protected nodes are able to actively improve their protection with the aid of real time data sharing, using information on attackers gathered from other nodes. This helps to protect all nodes of the system against that particular attacker, protecting the virtual network of nodes effectively.

The virtual network protection works in this way:

One or more of the nodes detects suspicious activity coming from a source (there might be multiple types of suspicious behaviour such as DoS attacks, SQL Injection or data tampering). In this case, the node that detected the attack attempt activates protection against the attacker by banning its requests.

At the same time, Hdiv Console, which receives all the attack data from the nodes, consolidates its data and based on its protection algorithm, decides whether any source is an attacker. If an attacker is found, the Web Console proactively spreads attack protection against that attacker to all the nodes connected to it, effectively protecting the whole network from the malicious source.