Evaluating security controls against HTTP-based DDoS attacks
暂无分享,去创建一个
Distributed Denial of Service attacks generally require a botmaster controlling a large number of infected systems (bots) in order to take down a target service. However, more recent DDoS attacks targeting at the HTTP layer can be very effective even with a small number of infected bots. In this paper we analyze DDoS attacks which require only a small number of bots to render a web server unavailable. In order to study their behavior, we implement a Botnet system in a test environment. We simulate bots by using both Linux and Windows-based systems infected with Slowloris, an HTTP syn-flooder, targeting to a vulnerable Apache web server. We apply several security controls in order to test their effectiveness against such attacks. Our results show that only a combination of carefully selected anti-DDoS controls can significantly reduce the exposure to such attacks without affecting the provided service.
[1] Aikaterini Mitrokotsa,et al. DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.
[2] Jens Mache,et al. Hands-on denial of service lab exercises using SlowLoris and RUDY , 2012, InfoSecCD.