Credibility-Based Countermeasure Against Slow HTTP DoS Attacks by Using SDN

被引:11
|
作者
Wang, You-Chiun [1 ]
Ye, Ren-Xuan [1 ]
机构
[1] Natl Sun Yat Sen Univ, Dept Comp Sci & Engn, Kaohsiung, Taiwan
来源
2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC) | 2021年
关键词
credibility; denial of service; slow HTTP DoS attack; software-defined networking (SDN); web service;
D O I
10.1109/CCWC51732.2021.9375911
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In slow HTTP DoS (SHD) attacks, the attacker sends HTTP requests in pieces slowly, one at a time to a web server to exhaust its resource and achieve denial of service. Such attacks are easy to launch but hard to defend by conventional solutions like firewall. By exploiting the software-defined networking (SDN) technique, the paper proposes a credibility-based countermeasure against SHD attacks (CCSA), which appraises each client by its connections and the frequency that it sends fragmented requests. The connections of low-credibility clients will be blocked to avoid them depleting resource. When the server is short of resource, suspicious connections are then suspended to ensure the server's availability. Simulation results verify that CCSA can efficiently stop SHD attacks and keep low memory usage for the controller.
引用
收藏
页码:890 / 895
页数:6
相关论文
共 50 条
  • [1] HTTPScout: A Machine Learning based Countermeasure for HTTP Flood Attacks in SDN
    Mohammadi, Reza
    Lal, Chhagan
    Conti, Mauro
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2023, 22 (02) : 367 - 379
  • [2] HTTPScout: A Machine Learning based Countermeasure for HTTP Flood Attacks in SDN
    Reza Mohammadi
    Chhagan Lal
    Mauro Conti
    International Journal of Information Security, 2023, 22 : 367 - 379
  • [3] Mitigating DoS Attacks against SDN Controller Using Information Hiding
    Abdullaziz, Osamah Ibrahiem
    Wang, Li-Chun
    2019 IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE (WCNC), 2019,
  • [4] Impact of class distribution on the detection of slow HTTP DoS attacks using Big Data
    Calvert, Chad L.
    Khoshgoftaar, Taghi M.
    JOURNAL OF BIG DATA, 2019, 6 (01)
  • [5] Impact of class distribution on the detection of slow HTTP DoS attacks using Big Data
    Chad L. Calvert
    Taghi M. Khoshgoftaar
    Journal of Big Data, 6
  • [6] An Entropy-based Countermeasure against Intelligent DoS Attacks Targeting Firewalls
    Al-Haidari, F.
    Sqalli, M.
    Salah, K.
    Hamodi, J.
    2009 IEEE INTERNATIONAL SYMPOSIUM ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, 2009, : 41 - 44
  • [7] Analysis of the Impact of the Slow HTTP DOS and DDOS Attacks on the Cloud Environment
    Yevsieieva, Oksana
    Helalat, Seyed Milad
    2017 4TH INTERNATIONAL SCIENTIFIC-PRACTICAL CONFERENCE PROBLEMS OF INFOCOMMUNICATIONS-SCIENCE AND TECHNOLOGY (PIC S&T), 2017, : 519 - 523
  • [8] Securing Distributed SDN Controllers Against DoS Attacks
    Etaiwi, Wael
    Biltawi, Mariam
    Almajali, Sufyan
    2017 INTERNATIONAL CONFERENCE ON NEW TRENDS IN COMPUTING SCIENCES (ICTCS), 2017, : 203 - 206
  • [9] An Analysis of a Defence Method against Slow HTTP DoS Attack
    Hirakawa, Tetsuya
    Ogura, Kanayo
    Bista, Bhed Bahadur
    Takata, Toyoo
    PROCEEDINGS OF 2018 INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY AND ITS APPLICATIONS (ISITA2018), 2018, : 316 - 320
  • [10] A Defense Method against Distributed Slow HTTP DoS Attack
    Hirakawa, Tetsuya
    Ogura, Kanayo
    Bista, Bhed Bahadur
    Takata, Toyoo
    PROCEEDINGS OF 2016 19TH INTERNATIONAL CONFERENCE ON NETWORK-BASED INFORMATION SYSTEMS (NBIS), 2016, : 152 - +
12345