A technology is provided for mitigating an attack against a host service. Receive a connection from a client using a first cipher suite to authenticate the client. Identify that a distributed denial-of-service (DDoS) attack is occurring from a plurality of clients. Change the first cipher suite to a second cipher suite wherein the second cipher suite is more computationally intensive than the first cipher suite. Disconnect with the client and causing the client to reconnect using the second cipher suite.
展开▼