Summary
The 2018 International Symposium on Information Theory and Its Applications (ISITA2018)
2018
Session Number:Tu-AM-1-2
Session:
Number:Tu-AM-1-2.3
An Analysis of a Defence Method against Slow HTTP DoS Attack
Tetsuya Hirakawa, Kanayo Ogura, Bhed Bahadur Bista, Toyoo Takata,
pp.316-320
Publication Date:2018/10/18
Online ISSN:2188-5079
DOI:10.34385/proc.55.Tu-AM-1-2.3
PDF download
Summary:
The threat of Distributed Denial of Service (DDoS) attack, that attempts to make a machine or network resource unavailable by multiple attacker is getting serious. Slow HTTP DoS attack is one of the DoS attack methods that targets HTTP servers. This method obstructs the service by saturating the processing requests with slow and many requests. It is known that Slow HTTP DoS attack by just one attacker can be prevented effectively by limiting the number of simultaneous requests for each IP address. On the other hand, it is also known that it is difficult to defend from Slow HTTP DoS attack performed by multiple attackers (i.e. Distributed Slow HTTP DoS attack). Therefore, the authors already proposed a defense method against Distributed Slow HTTP DoS attack. This method prevents to saturate the processing requests by disconnecting the clients holding the most connections that are established longer than a threshold t. However, the method to decide the thresholds used in our method appropriately is not known yet. We need its decision method to apply our defence method in real environments. In this paper, we discuss a method to decide the appropriate threshold t of our defence method.