Litcius/Paper detail

An Overview on Detection and Prevention of Application Layer DDoS Attacks

Samuel Black, Yoohwan Kim

20222022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC)19 citationsDOI

Abstract

Distributed Denial-of-Service (DDoS) attacks aim to cause downtime or a lack of responsiveness for web services. DDoS attacks targeting the application layer are amongst the hardest to catch as they generally appear legitimate at lower layers and attempt to take advantage of common application functionality or aspects of the HTTP protocol, rather than simply send large amounts of traffic like with volumetric flooding. Attacks can focus on functionality such as database operations, file retrieval, or just general backend code. In this paper, we examine common forms of application layer attacks, preventative and detection measures, and take a closer look specifically at HTTP Flooding attacks by the High Orbit Ion Cannon (HOIC) and “low and slow” attacks through slowloris.

Topics & Concepts

Denial-of-service attackComputer scienceApplication layer DDoS attackApplication layerLayer (electronics)TrinooComputer securityComputer networkThe InternetOperating systemMaterials scienceSoftwareComposite materialNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesInformation and Cyber Security