Change search
ReferencesLink to record
Permanent link

Direct link
Detectability of Low-Rate HTTP Server DoS Attacks using Spectral Analysis
KTH, School of Computer Science and Communication (CSC), Media Technology and Interaction Design, MID. FOI, Sweden.ORCID iD: 0000-0002-2677-9759
KTH.
2015 (English)In: PROCEEDINGS OF THE 2015 IEEE/ACM INTERNATIONAL CONFERENCE ON ADVANCES IN SOCIAL NETWORKS ANALYSIS AND MINING (ASONAM 2015), Association for Computing Machinery (ACM), 2015, 954-961 p.Conference paper (Refereed)Text
Abstract [en]

Denial-of-Service (DoS) attacks pose a threat to any service provider on the internet. While traditional DoS flooding attacks require the attacker to control at least as much resources as the service provider in order to be effective, so-called low-rate DoS attacks can exploit weaknesses in careless design to effectively deny a service using minimal amounts of network traffic. This paper investigates one such weakness found within version 2.2 of the popular Apache HTTP Server software. The weakness concerns how the server handles the persistent connection feature in HTTP 1.1. An attack simulator exploiting this weakness has been developed and shown to be effective. The attack was then studied with spectral analysis for the purpose of examining how well the attack could be detected. Similar to other papers on spectral analysis of low-rate DoS attacks, the results show that disproportionate amounts of energy in the lower frequencies can be detected when the attack is present. However, by randomizing the attack pattern, an attacker can efficiently reduce this disproportion to a degree where it might be impossible to correctly identify an attack in a real world scenario.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2015. 954-961 p.
Keyword [en]
Low-rate DoS attack, attack simulator, Apache HTTP Server, attack detection, spectral analysis
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:kth:diva-185413DOI: 10.1145/2808797.2808810ISI: 000371793500146ScopusID: 2-s2.0-84962601415ISBN: 978-1-4503-3854-7OAI: oai:DiVA.org:kth-185413DiVA: diva2:920263
Conference
IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), AUG 25-28, 2015, Paris, FRANCE
Note

QC 20160418

Available from: 2016-04-18 Created: 2016-04-18 Last updated: 2016-04-18Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Brynielsson, JoelSharma, Rishie
By organisation
Media Technology and Interaction Design, MIDKTH
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 5 hits
ReferencesLink to record
Permanent link

Direct link