A note on denial-of-service in operating systems
IEEE Transactions on Software Engineering
A Novel Model for Detecting Application Layer DDoS Attacks
IMSCCS '06 Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences - Volume 2 (IMSCCS'06) - Volume 02
Impact of denial of service attacks on ad hoc networks
IEEE/ACM Transactions on Networking (TON)
ICMLC '10 Proceedings of the 2010 Second International Conference on Machine Learning and Computing
| Hi-index | 0.00 |
Denial of Service (DoS) attacks represent a major threat to network security, especially in today's networked world. There has been significant research in this area, primarily focused on mitigating and preventing DoS attacks affecting transport layer services. This paper addresses issues arising from a new variation of a DoS attack, namely the SlowPOST attack that affects Application Layer services. In SlowPOST, the malicious clients send data at a slow rate after the connection is established, and the server is left waiting for the data to arrive. These attacks are particularly devastating due to their ability to resist detection due to their protocol compliance. In addition, such attacks do not require the massive resources that DoS attacks normally require, making them easier to launch. Some solutions for this issue have already been deployed in some commercial servers. These solutions are based on either monitoring traffic or enforcing a time limit on the transmission of the protocol headers. In order to achieve reliable detection, the detection parameters need to adapt to the constantly changing traffic. This paper proposes a novel algorithm that uses the data rate of connections to evolve a threshold for determining potential attackers in SlowPOST. This proposed method is tested by subjecting a server to an attack, and it was observed that in the absence of this method, the servicing of legitimate requests is not completed.