Credibility-Based Countermeasure Against Slow HTTP DoS Attacks by Using SDN

被引:11
|
作者
Wang, You-Chiun [1 ]
Ye, Ren-Xuan [1 ]
机构
[1] Natl Sun Yat Sen Univ, Dept Comp Sci & Engn, Kaohsiung, Taiwan
来源
2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC) | 2021年
关键词
credibility; denial of service; slow HTTP DoS attack; software-defined networking (SDN); web service;
D O I
10.1109/CCWC51732.2021.9375911
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In slow HTTP DoS (SHD) attacks, the attacker sends HTTP requests in pieces slowly, one at a time to a web server to exhaust its resource and achieve denial of service. Such attacks are easy to launch but hard to defend by conventional solutions like firewall. By exploiting the software-defined networking (SDN) technique, the paper proposes a credibility-based countermeasure against SHD attacks (CCSA), which appraises each client by its connections and the frequency that it sends fragmented requests. The connections of low-credibility clients will be blocked to avoid them depleting resource. When the server is short of resource, suspicious connections are then suspended to ensure the server's availability. Simulation results verify that CCSA can efficiently stop SHD attacks and keep low memory usage for the controller.
引用
收藏
页码:890 / 895
页数:6
相关论文
共 50 条
  • [31] Using MISR as Countermeasure Against Scan-based Side-channel Attacks
    Ahlawat, Satyadev
    Vaghani, Darshit
    Bazardt, Naveen
    Singh, Virendra
    PROCEEDINGS OF 2018 IEEE EAST-WEST DESIGN & TEST SYMPOSIUM (EWDTS 2018), 2018,
  • [32] SECOD: SDN sEcure COntrol and Data Plane Algorithm for Detecting and Defending against DoS Attacks
    Wang, Song
    Chandrasekharan, Sathyanarayanan
    Gomez, Karina
    Kandeepan, Sithamparanathan
    Al-Hourani, Akram
    Asghar, Muhammad Rizwan
    Russello, Giovanni
    Zanna, Paul
    NOMS 2018 - 2018 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, 2018,
  • [33] A countermeasure against DDOS attacks using active networks technologies
    Kashiwa, D
    Chen, EY
    Fuji, H
    ANNALS OF TELECOMMUNICATIONS, 2003, 58 (3-4) : 605 - 629
  • [34] Using Model Optimization as Countermeasure against Model Recovery Attacks
    Jap, Dirmanto
    Bhasin, Shivam
    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, ACNS 2023 SATELLITE WORKSHOPS, ADSC 2023, AIBLOCK 2023, AIHWS 2023, AIOTS 2023, CIMSS 2023, CLOUD S&P 2023, SCI 2023, SECMT 2023, SIMLA 2023, 2023, 13907 : 196 - 209
  • [35] Scrambler Based AES for Countermeasure Against Power Analysis Attacks
    Kang, Young-Jin
    Kim, Ki-Hwan
    Lee, HoonJae
    ADVANCED MULTIMEDIA AND UBIQUITOUS ENGINEERING, 2020, 590 : 152 - 157
  • [36] Delays Have Dangerous Ends: Slow HTTP/2 DoS Attacks Into the Wild and Their Real-Time Detection Using Event Sequence Analysis
    Tripathi, Nikhil
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (03) : 1244 - 1256
  • [37] A cluster-based countermeasure against blackhole attacks in MANETs
    Shi, Fei
    Liu, Weijie
    Jin, Dongxu
    Song, Jooseok
    TELECOMMUNICATION SYSTEMS, 2014, 57 (02) : 119 - 136
  • [38] A cluster-based countermeasure against blackhole attacks in MANETs
    Fei Shi
    Weijie Liu
    Dongxu Jin
    Jooseok Song
    Telecommunication Systems, 2014, 57 : 119 - 136
  • [39] Detection of DoS/DDoS attack against HTTP Servers using Naive Bayesian
    Katkar, Vijay
    Zinjade, Amol
    Dalvi, Suyed
    Bafna, Tejal
    Mahajan, Rashmi
    1ST INTERNATIONAL CONFERENCE ON COMPUTING COMMUNICATION CONTROL AND AUTOMATION ICCUBEA 2015, 2015, : 280 - 285
  • [40] Credibility-based secure distributed load frequency control for power systems under false data injection attacks
    Hu, Zhijian
    Liu, Shichao
    Luo, Wensheng
    Wu, Ligang
    IET GENERATION TRANSMISSION & DISTRIBUTION, 2020, 14 (17) : 3498 - 3507
12345