An OpenStack based cloud testbed framework for evaluating HTTP flooding attacks

Dhanapal, A.; Nithyanandam, P.

doi:10.1007/s11276-019-01937-4

Cited by 12 publications

(8 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The critical analysis conducted in Section 8 extensively elaborate similarities and differences between each script. The usage of these attack scripts are publicly available, and have been mentioned and employed broadly by many earlier studies [ 2 , 35 , 36 , 39 , 40 , 42 , 43 , 44 ]. Although DDoS as services available as noted by Hameed and Ali [ 45 ], the usage of attack scripts to be executed in local area network is preferable as DDoS as services require transmission of attack traffic across the network which increases the possibility of the attack traffic to be detected and blocked by many intermediate networks managed by the internet service provider (ISP).…”

Section: Methodsmentioning

confidence: 99%

“…Sreeram and Vuppala [ 37 ] contend that an excessive search request and login is one of the patterns of HTTP DDoS attacks while Yadav and Selvakumar [ 33 ] noted that HTTP DDoS attacks contain diverse URL and comprise of headers known as user-agent and referrer. The request headers included in HTTP DDoS comprised of an equivalent user-agent including legitimate, incorrect URL and a repeatable request against the equal URL [ 39 ].…”

Section: Http Ddos Request Headersmentioning

confidence: 99%

See 1 more Smart Citation

Recent Analysis of Forged Request Headers Constituted by HTTP DDoS

Jaafar

Ismail

Abdullah

et al. 2020

Sensors

View full text Add to dashboard Cite

Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Http Ddos Request Headersmentioning

confidence: 99%

Recent Analysis of Forged Request Headers Constituted by HTTP DDoS

Jaafar

Ismail

Abdullah

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…A. Dhanapal et al [21] proposed an OpenStack cloud testbed model for evaluating the DDoS attacks in the cloud environment. This work explored various attack possibilities for the application running in the cloud environment.…”

Section: Slow Http Read Attacksmentioning

confidence: 99%

“…The proposed work is enhanced over our previous works in [21] and [22] to detect, mitigate and prevent slow HTTP DDoS attacks in the cloud environment. The novelty contribution of this works to define the multi-stage zonal classification model integrated into the cloud to detect and prevent the slow HTTP DDoS attack.…”

Section: Slow Http Read Attacksmentioning

confidence: 99%

The Slow HTTP DDOS Attacks: Detection, Mitigation and Prevention in the Cloud Environment

Dhanapal

Nithyanandam

2019

SCPE

Self Cite

View full text Add to dashboard Cite

Cloud computing is the latest buzzword and cutting-edge technology. The cost-efficiency, easy to operate, on-demand services, availability, makes the cloud so popular. The online web applications based on the internet such as E-Healthcare, E-Commerce are moving to the cloud to reduce the operating investment cost. These applications are vulnerable to slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. This kind of attacks aims to consume the resources of the application as well as the hosting system so that to bring down the services. The various forms of the slow HTTP DDoS are HTTP header attack, HTTP body attack and HTTP read attack. Due to the nature of mimicking the slow network behaviour, this attack is very challenging to detect. This is even more difficult to identify in the cloud environment as it has multiple attack paths. Theweb applications running in the cloud should have been safeguarded from the slow HTTP DDoS attacks. This paper proposed a novel multi-stage zone-based classification model to identify, mitigate and prevent the slow HTTP DDoS attacks in the cloud environment. The solution is implemented using the OpenStack cloud environment. The open-source slowHTTPTest tool is used to generate different types of slow HTTP DDoS attacks.

show abstract

“…The proposed solution enhanced the OpenStack framework discussed in [15] and implemented the solution to detect the different type of slow HTTP DDoS attacks in the cloud environment. The slowHTTPTest tool is used to generate the variants of slow HTTP DDoS attack to the NGINX web server running in the OpenStack cloud.…”

mentioning

confidence: 99%

The Slow HTTP Distributed Denial of Service Attack Detection in Cloud

Dhanapal

Nithyanandam

2019

SCPE

Self Cite

View full text Add to dashboard Cite

Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.

show abstract

An OpenStack based cloud testbed framework for evaluating HTTP flooding attacks

Cited by 12 publications

References 7 publications

Recent Analysis of Forged Request Headers Constituted by HTTP DDoS

Recent Analysis of Forged Request Headers Constituted by HTTP DDoS

The Slow HTTP DDOS Attacks: Detection, Mitigation and Prevention in the Cloud Environment

The Slow HTTP Distributed Denial of Service Attack Detection in Cloud

Contact Info

Product

Resources

About