Sophisticated Denial of Service attacks aimed at application layer

2012 ELEKTRO Pub Date : 2012-05-21 DOI:10.1109/ELEKTRO.2012.6225571

Veronika Durcekova, Ladislav Schwartz, N. Shahmehri

{"title":"Sophisticated Denial of Service attacks aimed at application layer","authors":"Veronika Durcekova, Ladislav Schwartz, N. Shahmehri","doi":"10.1109/ELEKTRO.2012.6225571","DOIUrl":null,"url":null,"abstract":"Popularity of application services offered by Internet has grown a lot in recent years. Basically, Internet was built with the focus on its functionality and not with the focus on the security tasks. This has led to discovering embedded weaknesses in Internet architecture, which can be misused by attackers with malicious purposes. This paper focuses on application layer Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks detection, because these attacks present a continuous critical threat to the Internet services. DDoS attacks are typically carried out at the network layer. However, there is evidence to suggest that application layer DDoS attacks can be more effective than the traditional ones. Over some period of time, researchers proposed many solutions to prevent the DoS/DDoS attacks from different OSI layers, but there has been done only a very small research on application layer. In this paper, we consider sophisticated attacks that utilize legitimate application layer requests from legitimately connected network machines to overwhelm Web server. Since the attack signature of each application layer DDoS is represented in abnormal user behavior, we propose several mechanisms, which can be used for application DoS/DDoS attack detection.","PeriodicalId":343071,"journal":{"name":"2012 ELEKTRO","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"67","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 ELEKTRO","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ELEKTRO.2012.6225571","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 67

Abstract

Popularity of application services offered by Internet has grown a lot in recent years. Basically, Internet was built with the focus on its functionality and not with the focus on the security tasks. This has led to discovering embedded weaknesses in Internet architecture, which can be misused by attackers with malicious purposes. This paper focuses on application layer Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks detection, because these attacks present a continuous critical threat to the Internet services. DDoS attacks are typically carried out at the network layer. However, there is evidence to suggest that application layer DDoS attacks can be more effective than the traditional ones. Over some period of time, researchers proposed many solutions to prevent the DoS/DDoS attacks from different OSI layers, but there has been done only a very small research on application layer. In this paper, we consider sophisticated attacks that utilize legitimate application layer requests from legitimately connected network machines to overwhelm Web server. Since the attack signature of each application layer DDoS is represented in abnormal user behavior, we propose several mechanisms, which can be used for application DoS/DDoS attack detection.

查看原文本刊更多论文

针对应用层的复杂拒绝服务攻击

近年来，互联网提供的应用服务越来越受欢迎。从根本上说，互联网的构建重点是其功能，而不是安全任务。这导致发现了Internet体系结构中的嵌入式弱点，这些弱点可能被恶意攻击者滥用。由于应用层拒绝服务(DoS)和分布式拒绝服务(DDoS)攻击对互联网服务构成持续的严重威胁，因此本文主要研究应用层拒绝服务(DoS)和分布式拒绝服务(DDoS)攻击的检测。DDoS攻击通常在网络层进行。然而，有证据表明，应用层DDoS攻击可能比传统的DDoS攻击更有效。一段时间以来，研究人员提出了许多防止来自OSI不同层的DoS/DDoS攻击的解决方案，但对应用层的研究很少。在本文中，我们考虑利用来自合法连接的网络机器的合法应用层请求来压倒Web服务器的复杂攻击。由于应用层DDoS的攻击特征表现为用户异常行为，本文提出了几种应用DoS/DDoS攻击检测机制。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 ELEKTRO

自引率

0.00%

发文量