1. IDR@IIT Indore
  2. IITI Scholarly Publications
  3. Department of Computer Science and Engineering
Please use this identifier to cite or link to this item: https://dspace.iiti.ac.in/handle/123456789/4658
Full metadata record
DC FieldValueLanguage
dc.contributor.authorHubballi, Neminathen_US
dc.contributor.authorSingh, Yogendraen_US
dc.date.accessioned2022-03-17T01:00:00Z-
dc.date.accessioned2022-03-17T15:35:05Z-
dc.date.available2022-03-17T01:00:00Z-
dc.date.available2022-03-17T15:35:05Z-
dc.date.issued2016-
dc.identifier.citationTripathi, N., Hubballi, N., & Singh, Y. (2016). How secure are web servers? an empirical study of slow HTTP DoS attacks and detection. Paper presented at the Proceedings - 2016 11th International Conference on Availability, Reliability and Security, ARES 2016, 454-463. doi:10.1109/ARES.2016.20en_US
dc.identifier.isbn9781509009909-
dc.identifier.otherEID(2-s2.0-85015347395)-
dc.identifier.urihttps://doi.org/10.1109/ARES.2016.20-
dc.identifier.urihttps://dspace.iiti.ac.in/handle/123456789/4658-
dc.description.abstractSlow HTTP Denial of Service (DoS) is an application layer DoS attack in which large number of incomplete HTTP requests are sent. If number of such open connections in the server exhaust a preset threshold, server does not accept any new connections thus creating DoS. In this paper we make twofold contributions. We do an empirical study on different HTTP servers for their vulnerability against slow HTTP DoS attacks. Subsequently we propose a method to detect Slow HTTP Dos attack. The proposed detection system is an anomaly detection system which measures the Hellinger distance between two probability distributions generated in training and testing phases. In the training phase it creates a normal profile as a probability distribution comprising of complete and incomplete HTTP requests. In case of Slow HTTP attack the proportion of incomplete messages is increased in the overall traffic and detection system leverages this for detection by generating another probability distribution and finding difference between two probability distributions. We experiment by collecting data from a real web server and report the detection performance of proposed detection system. © 2016 IEEE.en_US
dc.language.isoenen_US
dc.publisherInstitute of Electrical and Electronics Engineers Inc.en_US
dc.sourceProceedings - 2016 11th International Conference on Availability, Reliability and Security, ARES 2016en_US
dc.subjectComputer crimeen_US
dc.subjectDenial-of-service attacken_US
dc.subjectHTTPen_US
dc.subjectProbabilityen_US
dc.subjectWeb servicesen_US
dc.subjectAnomaly detection systemsen_US
dc.subjectApplication layersen_US
dc.subjectDenial of Serviceen_US
dc.subjectDetection performanceen_US
dc.subjectEmpirical studiesen_US
dc.subjectHellinger distanceen_US
dc.subjectSlow HTTP attacken_US
dc.subjectTraining and testingen_US
dc.subjectProbability distributionsen_US
dc.titleHow Secure are Web Servers? An empirical study of Slow HTTP DoS attacks and detectionen_US
dc.typeConference Paperen_US
Appears in Collections:Department of Computer Science and Engineering

Files in This Item:
There are no files associated with this item.
Show simple item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Altmetric Badge: