Defending inimitable attacking Hostin web-proxy based traffic

A novel server side defense system is proposed to resist web proxy based attack. A proxy server is a server that may be a computer system or an application that acts as an intermediary for requests from clients seeking resources from other servers. A client unite with the proxy server, appealing some service, such as a file, connectivity, web page accessing, or other appropriate resources available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. A web proxy can be used as an attacker tool, by an attacker sends attack requests to a Web proxy and forces it to forward the attack requests to the origin server. Resisting such an attack by the mid Web proxies is not a practical approach, due to the lack of cooperation mechanisms between server and proxies, in particular those uncontrollable private proxies. In the final aggregated proxy-to-server traffic, there is no obvious difference between the normal traffic and the attack traffic except their underlying purposes. In the existing methodology a server denies services for a proxy server as a whole, In the above cases, Here along with an attacking client the legitimate users also need to suffer with DoS. But here we implement an enhanced HTTP protocol in this proxy server. So proxy server doesn’t hide application id from web server. So web server got client identity of each request. So server can group requests based on this application ID's and provides DoS accordingly. So By the revised system a server can serve maximum legitimate users in the way they are meant too.