A STUDY PROPOSING IMPROVEMENTS TO OVERLAY NETWORK ARCHITECTURE TO MITIGATE THE IMPACT OF DISTRIBUTED DENIAL-OF-SERVICE ATTACKS ON WEBSITE SYSTEMS

Denial-of-service (DoS) attacks on website systems have become increasingly sophisticated. These attacks are evolving at a pace and complexity that outstrips the capabilities of current defensive measures. This paper presents an effective method to enhance the resilience against distributed denial-of- service (DDoS) attacks by implementing an overlay network architecture to protect website systems. This architecture employs a group of Secure Overlay Access Points (SOAP) to authenticate and distinguish legitimate users from malicious attackers, ensuring that valid requests are routed to hidden nodes within the overlay network via Secure Sockets Layer (SSL) connections. These hidden nodes then forward user requests through a filtering region before delivering them to the target server. The study has introduced enhancements to the existing overlay network architecture to promptly detect scenarios where a network node becomes a source of attack and automatically reroute queries to prevent potential damage. After conducting experimental simulations of attack scenarios, the improved architecture has been tested and yielded auspicious and reliable results compared to the original architecture. This approach contributes to mitigating and reducing the impact of DDoS attacks on modern websites. Keywords: Cyber attacks; denial of service attacks; distributed denial of service attacks; website; overlay network