A Review of Defense Against Slow HTTP Attack

Suroto Suroto - Batam University, Batam, Indonesia


Citation Format:



DOI: http://dx.doi.org/10.30630/joiv.1.4.51

Abstract


Every web server poses a risk to network security threats. One of them is a threat of Slow HTTP Attack. Slow HTTP Attack exploits the working methods of the HTTP protocol, where it requires that every request from the client be fully accepted by the server before it is processed. If the HTTP request is incomplete, or if the transfer rate is very low, the server remains busy waiting for the rest of the data. If the server is storing too many busy resources, there is a denial of service. Internet users can exploit such vulnerabilities,  send incomplete data packets deliberately and requests repeatedly. When a web server is in a public network or the Internet, then protecting computer and network security is an important issue. After identifying and analyzing how the Slow HTTP attack works, as well as its attack detection, this paper describes portfolio of the work system , how to detect and how to defence against the Slow HTTP attack.

Keywords— Slow HTTP Attack, Web Server Exploit, Denial of Service, DoS

Keywords


Defense Against Slow HTTP Attack;Slow HTTP Attack; Web Server Exploit; Denial of Service; DoS

Full Text:

PDF

References


A. Nicolic. (2013) The nmap website. [Online]. Available: https://nmap.org/nsedoc/scripts/http-slowloris-check.html

T. Mansoor. (2012). The admin-ahead website. [Online]. Available: https://admin-ahead.com/blog/analyzing-the-anatomy-of-a-dos-attack-using-slowloris/

S. Kumar. (2012). The Geeks website. [Online]. Available: http://www.geeksforgeeks.org/slow-http-can-knock-server/

I. Muscat. (2013). The Acuanetix website. [Online]. Available: http://www.acunetix.com/blog/articles/slow-http-dos-attacks-mitigate-apache-http-server/

S. Ramanauskaite, A.Cenys "Taxonomy of DoS attacks and their countermeasures " Central European Journal of Computer Science. Vol 1, Issue 3, pp. 355-366, Sept. 2011

D Sai Krishna et al,â€Application Denial of Service Attacks Detection using Group Testing Based Approach“. International Journal of Computer Science & Communication Networks,Vol 2(2), pp. 167-171, Feb. 2012

I. Sommerville, Software Engineering, 10nd ed. Essex – England: Pearson, 2015

N. Tripathi, et al. “How Secure are Web Servers? An Empirical Study of Slow HTTP DoS Attacks and Detectionâ€, in Reliability and Security (ARES), 2016, pp. 454–463

I. Muscat. (2017) The Acuanetix homepage. [Online]. Available: https://www.acunetix.com/blog/docs/http-sniffer/

B. Gussel. (2009) The tutsplus homeepage. [Online]. Available: https://code.tutsplus.com/tutorials/http-headers-for-dummies--net-8039

(2017) The W3 website. [Online]. Available: https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html

Tayama S., Tanaka H, “Analysis of Slow Read DoS Attack and Communication Environmentâ€, in International Conference on Mobile and Wireless Technology, ICMWT, 2017, p. 350-359.

E. Cambiaso, G. Papaleo, G. Chiola, et al, "Slow DoS attacks: definition and categorisation", International Journal of Trust Management in Computing and Communications (IJTMCC), Vol. 1, pp. 300-319, Sept 2013.

J. Park, K. Iwai, H. Tanaka and T. Kurokawa, "Analysis of Slow Read DoS Attack and Countermeasures on Web servers", International Journal of Cyber-Security and Digital Forensics (IJCSDF) Vol. 4(2): pp. 339-353, Sept 2015.

T. Hirakawa, K. Ogura, B. Bahadur and T. Takata, "A Defense Method against Distributed Slow HTTP DoS Attack", in NBiS, 2016, p. 152-158.

E. Cambiaso, G. Papaleo, G. Chiola and M. Aiello, "Mobile executions of Slow DoS Attacks", Logic Journal of the IGPL, Vol. 24, Issue 1, pp. 54–67, Feb 2016.

I. Duravkin, A. Loktionova and A. Carlsson, "Method of slow-attack detection", in Problems of Infocommunications Science and Technology, 2014, p. 102-106.