Litcius/Paper detail

Credibility-Based Countermeasure Against Slow HTTP DoS Attacks by Using SDN

You‐Chiun Wang, Ren-Xuan Ye

202112 citationsDOI

Abstract

In slow HTTP DoS (SHD) attacks, the attacker sends HTTP requests in pieces slowly, one at a time to a web server to exhaust its resource and achieve denial of service. Such attacks are easy to launch but hard to defend by conventional solutions like firewall. By exploiting the software-defined networking (SDN) technique, the paper proposes a credibility-based countermeasure against SHD attacks (CCSA), which appraises each client by its connections and the frequency that it sends fragmented requests. The connections of low-credibility clients will be blocked to avoid them depleting resource. When the server is short of resource, suspicious connections are then suspended to ensure the server's availability. Simulation results verify that CCSA can efficiently stop SHD attacks and keep low memory usage for the controller.

Topics & Concepts

Denial-of-service attackFirewall (physics)Computer scienceCredibilityComputer securityCountermeasureComputer networkWeb serverResource (disambiguation)ServerThe InternetOperating systemEngineeringBusinessFinanceAccretion (finance)Political scienceSchwarzschild radiusAerospace engineeringCharged black holeLawNetwork Security and Intrusion DetectionSoftware-Defined Networks and 5GInternet Traffic Analysis and Secure E-voting
Credibility-Based Countermeasure Against Slow HTTP DoS Attacks by Using SDN | Litcius