Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Detection of Low-Rate DoS Attacks againstHTTP Servers using Spectral Analysis
KTH, School of Computer Science and Communication (CSC).
2014 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Denial-of-Service (DoS) attacks pose a serious threat to any service provider on the Internet. While traditional DoS flooding attacks require the attacker to control at least as much resources as the service provider in order to be effective, so called lowrate DoS attacks can exploit weaknesses in careless design to effectively deny a service using minimal amounts of network traffic.This thesis investigates one such weakness in version 2.2 of the popular Apache HTTP Server software. The weakness regards how the server handles the persistent connection feature in HTTP 1.1. An attack simulator exploiting this weakness has been developed and shown to be effective. The attack was then studied with spectral analysis with the purpose of examining how well the attack could be detected.In line with other papers on spectral analysis of lowrate DoS attacks,the results show that there are disproportionate amounts of energyin the lower frequencies when the attack is present. However, by randomising the attack pattern, an attacker can reduce the disproportionto a degree where it might be impossible to correctly identify an attack in a real world scenario.

Place, publisher, year, edition, pages
2014.
National Category
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-155895OAI: oai:DiVA.org:kth-155895DiVA: diva2:763254
Examiners
Available from: 2014-11-19 Created: 2014-11-14 Last updated: 2014-11-19Bibliographically approved

Open Access in DiVA

fulltext(1304 kB)251 downloads
File information
File name FULLTEXT01.pdfFile size 1304 kBChecksum SHA-512
2cd98378f8653124b66f79e957627650432e466f291c8ea5057af5554d2ec6c9ceb7e0106d3379e7c9b3411057306efb65f88a646ef3e8d1881cdb9e709984a8
Type fulltextMimetype application/pdf

By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 251 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 254 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf