Cargando…
Recent Analysis of Forged Request Headers Constituted by HTTP DDoS
Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an atta...
| Autores principales: | , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7411862/ https://www.ncbi.nlm.nih.gov/pubmed/32650597 http://dx.doi.org/10.3390/s20143820 |
| _version_ | 1783568476882862080 |
|---|---|
| author | Jaafar, Abdul Ghafar Ismail, Saiful Adli Abdullah, Mohd Shahidan Kama, Nazri Azmi, Azri Yusop, Othman Mohd |
| author_facet | Jaafar, Abdul Ghafar Ismail, Saiful Adli Abdullah, Mohd Shahidan Kama, Nazri Azmi, Azri Yusop, Othman Mohd |
| author_sort | Jaafar, Abdul Ghafar |
| collection | PubMed |
| description | Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper. |
| format | Online Article Text |
| id | pubmed-7411862 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-74118622020-08-25 Recent Analysis of Forged Request Headers Constituted by HTTP DDoS Jaafar, Abdul Ghafar Ismail, Saiful Adli Abdullah, Mohd Shahidan Kama, Nazri Azmi, Azri Yusop, Othman Mohd Sensors (Basel) Article Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper. MDPI 2020-07-08 /pmc/articles/PMC7411862/ /pubmed/32650597 http://dx.doi.org/10.3390/s20143820 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Jaafar, Abdul Ghafar Ismail, Saiful Adli Abdullah, Mohd Shahidan Kama, Nazri Azmi, Azri Yusop, Othman Mohd Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title | Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title_full | Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title_fullStr | Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title_full_unstemmed | Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title_short | Recent Analysis of Forged Request Headers Constituted by HTTP DDoS |
| title_sort | recent analysis of forged request headers constituted by http ddos |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7411862/ https://www.ncbi.nlm.nih.gov/pubmed/32650597 http://dx.doi.org/10.3390/s20143820 |
| work_keys_str_mv | AT jaafarabdulghafar recentanalysisofforgedrequestheadersconstitutedbyhttpddos AT ismailsaifuladli recentanalysisofforgedrequestheadersconstitutedbyhttpddos AT abdullahmohdshahidan recentanalysisofforgedrequestheadersconstitutedbyhttpddos AT kamanazri recentanalysisofforgedrequestheadersconstitutedbyhttpddos AT azmiazri recentanalysisofforgedrequestheadersconstitutedbyhttpddos AT yusopothmanmohd recentanalysisofforgedrequestheadersconstitutedbyhttpddos |