1. IDR@IIT Indore
  2. IITI Scholarly Publications
  3. Department of Computer Science and Engineering
Please use this identifier to cite or link to this item: https://dspace.iiti.ac.in/handle/123456789/4658
Title: How Secure are Web Servers? An empirical study of Slow HTTP DoS attacks and detection
Authors: Hubballi, Neminath
Singh, Yogendra
Keywords: Computer crime;Denial-of-service attack;HTTP;Probability;Web services;Anomaly detection systems;Application layers;Denial of Service;Detection performance;Empirical studies;Hellinger distance;Slow HTTP attack;Training and testing;Probability distributions
Issue Date: 2016
Publisher: Institute of Electrical and Electronics Engineers Inc.
Citation: Tripathi, N., Hubballi, N., & Singh, Y. (2016). How secure are web servers? an empirical study of slow HTTP DoS attacks and detection. Paper presented at the Proceedings - 2016 11th International Conference on Availability, Reliability and Security, ARES 2016, 454-463. doi:10.1109/ARES.2016.20
Abstract: Slow HTTP Denial of Service (DoS) is an application layer DoS attack in which large number of incomplete HTTP requests are sent. If number of such open connections in the server exhaust a preset threshold, server does not accept any new connections thus creating DoS. In this paper we make twofold contributions. We do an empirical study on different HTTP servers for their vulnerability against slow HTTP DoS attacks. Subsequently we propose a method to detect Slow HTTP Dos attack. The proposed detection system is an anomaly detection system which measures the Hellinger distance between two probability distributions generated in training and testing phases. In the training phase it creates a normal profile as a probability distribution comprising of complete and incomplete HTTP requests. In case of Slow HTTP attack the proportion of incomplete messages is increased in the overall traffic and detection system leverages this for detection by generating another probability distribution and finding difference between two probability distributions. We experiment by collecting data from a real web server and report the detection performance of proposed detection system. © 2016 IEEE.
URI: https://doi.org/10.1109/ARES.2016.20
https://dspace.iiti.ac.in/handle/123456789/4658
ISBN: 9781509009909
Type of Material: Conference Paper
Appears in Collections:Department of Computer Science and Engineering

Files in This Item:
There are no files associated with this item.
Show full item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Altmetric Badge: