Title :
Evaluating security controls against HTTP-based DDoS attacks
Author :
Moustis, Dimitrios ; Kotzanikolaou, P.
Author_Institution :
Inf. Security Group, Univ. of London, London, UK
Abstract :
Distributed Denial of Service attacks generally require a botmaster controlling a large number of infected systems (bots) in order to take down a target service. However, more recent DDoS attacks targeting at the HTTP layer can be very effective even with a small number of infected bots. In this paper we analyze DDoS attacks which require only a small number of bots to render a web server unavailable. In order to study their behavior, we implement a Botnet system in a test environment. We simulate bots by using both Linux and Windows-based systems infected with Slowloris, an HTTP syn-flooder, targeting to a vulnerable Apache web server. We apply several security controls in order to test their effectiveness against such attacks. Our results show that only a combination of carefully selected anti-DDoS controls can significantly reduce the exposure to such attacks without affecting the provided service.
Keywords :
IP networks; Linux; Web services; computer network security; invasive software; transport protocols; Botnet system; HTTP synflooder; HTTP-based DDoS attack; Linux; Slowloris; Web server rendering; Windows-based system; anti-DDoS control; botmaster control; distributed denial of service; infected bots; infected system; security control evaluation; vulnerable Apache Web server; Computer crime; Electronic mail; IP networks; Protocols; Web servers; Distributed Denial of Service; botnet; http flooding;
Conference_Titel :
Information, Intelligence, Systems and Applications (IISA), 2013 Fourth International Conference on
Conference_Location :
Piraeus
Print_ISBN :
978-1-4799-0770-0
DOI :
10.1109/IISA.2013.6623707
