TY - GEN
T1 - Characterizing the Impacts of Application Layer DDoS Attacks
AU - Jiang, Muhui
AU - Wang, Chenxu
AU - Luo, Xiapu
AU - Miu, Miu Tung
AU - Chen, Ting
PY - 2017/9/7
Y1 - 2017/9/7
N2 - Distributed Denial of Service (DDoS) attacks are still among the most urgent threats to the modern Internet. Recently, application layer DDoS attacks against web servers are becoming popular, resulting in great revenue losses to victims. A systematic evaluation on the impacts of different DDoS attack methods is vital for the protection of web servers. In this paper, we examine the impacts of application layer DDoS attacks, including existing attacks against HTTP/1.1 and the new attacks proposed by us against HTTP/2.0. Moreover, to better understand attackers' capabilities of launching severe application layer DDoS attacks, we design a new measurement method to remotely infer the performance of web servers and a method to differentiate dynamic and static URLs. We have collected and tailored 4 existing tools to launch 5 different DDoS attacks against HTTP/1.1 and developed a new DDoS tool to perform 5 different DDoS attacks against HTTP/2.0. By conducting extensive experiments in a testbed with two e-commercial websites running Apache and Nginx, we carefully evaluate the impacts of different DDoS attacks. The results show that the new remote measurement method is able to detect the effects caused by different DDoS attacks. Moreover, the attack impacts are affected by URLs, server architectures, and attack methods.
AB - Distributed Denial of Service (DDoS) attacks are still among the most urgent threats to the modern Internet. Recently, application layer DDoS attacks against web servers are becoming popular, resulting in great revenue losses to victims. A systematic evaluation on the impacts of different DDoS attack methods is vital for the protection of web servers. In this paper, we examine the impacts of application layer DDoS attacks, including existing attacks against HTTP/1.1 and the new attacks proposed by us against HTTP/2.0. Moreover, to better understand attackers' capabilities of launching severe application layer DDoS attacks, we design a new measurement method to remotely infer the performance of web servers and a method to differentiate dynamic and static URLs. We have collected and tailored 4 existing tools to launch 5 different DDoS attacks against HTTP/1.1 and developed a new DDoS tool to perform 5 different DDoS attacks against HTTP/2.0. By conducting extensive experiments in a testbed with two e-commercial websites running Apache and Nginx, we carefully evaluate the impacts of different DDoS attacks. The results show that the new remote measurement method is able to detect the effects caused by different DDoS attacks. Moreover, the attack impacts are affected by URLs, server architectures, and attack methods.
UR - http://www.scopus.com/inward/record.url?scp=85032386583&partnerID=8YFLogxK
U2 - 10.1109/ICWS.2017.58
DO - 10.1109/ICWS.2017.58
M3 - Conference article published in proceeding or book
AN - SCOPUS:85032386583
T3 - Proceedings - 2017 IEEE 24th International Conference on Web Services, ICWS 2017
SP - 500
EP - 507
BT - Proceedings - 2017 IEEE 24th International Conference on Web Services, ICWS 2017
A2 - Chen, Shiping
A2 - Altintas, Ilkay
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 24th IEEE International Conference on Web Services, ICWS 2017
Y2 - 25 June 2017 through 30 June 2017
ER -