Research on Defense of Slow DDoS Attack on Web Server Application Layer

被引:0
|
作者
Zhou C.-R. [1 ]
Liu X.-M. [2 ]
Lei M. [1 ]
Wu X.-D. [3 ]
Deng S.-Q. [1 ]
机构
[1] Information Security Center, Beijing University of Posts and Telecommunications, Beijing
[2] National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing
[3] Sichuan Kerui Software Co. Ltd, Mianyang, 621000, Sichuan
来源
| 1600年 / Beijing University of Posts and Telecommunications卷 / 40期
关键词
Security defense; Slow DDoS attack; Web server;
D O I
10.13190/j.jbupt.2017.s.017
中图分类号
学科分类号
摘要
Web server can't provide normal service for users under DDoS attack. DDoS attack on application layer is different from DDoS attack on network layer, and each request sent by DDoS attack on application layer is legal. Slow DDoS attack mainly uses thread-based architecture characteristics of Web server. Web server of this type will open a new thread for every new connection. After the attacker has built a normal HTTP connection with Web server successfully, he will hold this connection through all kinds of methods to take up a lot of resources of Web server. The principle of slow DDoS on application layer is analyzed and related defense methods are proposed, which can improve ability to resist DDoS attack of Web server and safety performance. © 2017, Editorial Department of Journal of Beijing University of Posts and Telecommunications. All right reserved.
引用
收藏
页码:77 / 80
页数:3
相关论文
共 3 条
  • [1] Zhang Y., Xiao J., Yun X., Et al., DDoS attacks detection and control mechanisms, Journal of Software, 23, 8, pp. 2058-2072, (2012)
  • [2] Wang H., Low-rate TCP-targeted DDos analysis and defense Policy, Computer Engineering, 35, 13, pp. 122-124, (2009)
  • [3] Tian C., Using Nging to implement web load distribution based on URI, Modern Computer, 7, pp. 187-191, (2009)
1