Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2017, Vol. 40 ›› Issue (s1): 77-80.doi: 10.13190/j.jbupt.2017.s.017

• Papers • Previous Articles     Next Articles

Research on Defense of Slow DDoS Attack on Web Server Application Layer

ZHOU Chun-ru1, LIU Xiao-ming2, LEI Min1, WU Xu-dong3, DENG Shi-qi1   

  1. 1. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China;
    2. National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing 100029, China;
    3. Sichuan Kerui Software Co. Ltd, Sichuan Mianyang 621000, China
  • Received:2016-05-26 Online:2017-09-28 Published:2017-09-28

PDF

172

Abstract: Web server can't provide normal service for users under DDoS attack. DDoS attack on application layer is different from DDoS attack on network layer, and each request sent by DDoS attack on application layer is legal. Slow DDoS attack mainly uses thread-based architecture characteristics of Web server. Web server of this type will open a new thread for every new connection. After the attacker has built a normal HTTP connection with Web server successfully, he will hold this connection through all kinds of methods to take up a lot of resources of Web server. The principle of slow DDoS on application layer is analyzed and related defense methods are proposed, which can improve ability to resist DDoS attack of Web server and safety performance.

Key words: Web server, slow DDoS attack, security defense

CLC Number: 

Copyright © 2018 Journal of Beijing University of Posts and Telecommunications 京ICP备14033833号

Adress: BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS    Post Code: 100876    Tel: (010)62281995    QQ: 307514248    weibo    Message    E-mail: byxb@bupt.edu.cn