Distributed denial-of-service attacks against HTTP/2 services

Adi, Erwin; Baig, Zubair A.; Hingston, Philip; Lam, Chiou-Peng

doi:10.1007/s10586-015-0528-7

Cited by 27 publications

(14 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Failures were detected in certain versions of the broker software and in client applications. A similar MQTT fuzzer tool known as F-secure Singh et al (2017), Adi et al (2016) and Ranjan et al (2009). b Shan et al (2017).…”

Section: Literature Reviewmentioning

confidence: 99%

Denial of service attack detection through machine learning for the IoT

Syed

Baig

Ibrahim

et al. 2020

Journal of Information and Telecommunication

View full text Add to dashboard Cite

Sustained Internet of Things (IoT) deployment and functioning are heavily reliant on the use of effective data communication protocols. In the IoT landscape, the publish/subscribe-based Message Queuing Telemetry Transport (MQTT) protocol is popular. Cyber security threats against the MQTT protocol are anticipated to increase at par with its increasing use by IoT manufacturers. In particular, IoT is vulnerable to protocol-based Application layer Denial of Service (DoS) attacks, which have been known to cause widespread service disruption in legacy systems. In this paper, we propose an Application layer DoS attack detection framework for the MQTT protocol and test the scheme on legitimate and protocol compliant DoS attack scenarios. To protect the MQTT message brokers from such attacks, we propose a machine learning-based detection framework developed for the MQTT protocol. Through experiments, we demonstrate the impact of such attacks on various MQTT brokers and evaluate the effectiveness of the proposed framework to detect these malicious attacks. The results obtained indicate that the attackers can overwhelm the server resources even when legitimate access was denied to MQTT brokers and resources have been restricted. In addition, the MQTT features we have identified showed high attack detection accuracy. The field size and length-based features drastically reduced the false-positive rates and are suitable in detecting IoT based attacks.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Denial of service attack detection through machine learning for the IoT

Syed

Baig

Ibrahim

et al. 2020

Journal of Information and Telecommunication

View full text Add to dashboard Cite

show abstract

“…They investigated HTTP/1.1 attacks including request flooding, asymmetric workload and repeat one shot attacks. E Adi et al [9] [10] were the first to analyse the implications of DDoS on HTTP/2. They looked at the flow mechanisms introduced to the application layer and demonstrated attacks relating to the abuse of window sizes to overload the web server due to the management of flows.…”

Section: Http/2 Potential Vulnerabilitiesmentioning

confidence: 99%

“…Extensive research has been carried out on previous HTTP versions however currently, the only published work directly relating to HTTP/2 DDoS has been performed by E Adi et al [9][10] and the security vendor Imperva [11] and do not provide a complete coverage of potential attack vectors.…”

Section: Rationale For Current Researchmentioning

confidence: 99%

HTTP/2 Cannon: Experimental analysis on HTTP/1 and HTTP/2 request flood DDoS attacks

Beckett¹,

Sezer²

2017

2017 Seventh International Conference on Emerging Security Technologies (EST)

View full text Add to dashboard Cite

“…They discovered a amplification factor of 60x which could generate a large amount of attack traffic for DDoS. E Adi et al [10] [11] analysed HTTP/2 and it's risk from DDoS. Their research focused on exploiting the flow mechanisms and setting frames.…”

Section: Http/2 Potential Vulnerabilitiesmentioning

confidence: 99%

“…Currently the only published work on HTTP/2 is by E Adi et al [10][11] and the security vendor Imperva [12], however these do not provide complete coverage of the potential attack vectors of HTTP/2.…”

Section: Rationale For Current Researchmentioning

confidence: 99%