Web Application DDOS Attacks Mitigation Using Resources Monitoring / (Record no. 8859)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 08905nam a22002537a 4500 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 210119b2017 a|||f mb|| 00| 0 eng d |
| 040 ## - CATALOGING SOURCE | |
| Original cataloging agency | EG-CaNU |
| Transcribing agency | EG-CaNU |
| 041 0# - Language Code | |
| Language code of text | eng |
| Language code of abstract | eng |
| 082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER | |
| Classification number | 658 |
| 100 0# - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Mohamed Aly Mohamed |
| 245 1# - TITLE STATEMENT | |
| Title | Web Application DDOS Attacks Mitigation Using Resources Monitoring / |
| Statement of responsibility, etc. | Mohamed Aly Mohamed |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. | |
| Date of publication, distribution, etc. | 2017 |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 107 p. |
| Other physical details | ill. |
| Dimensions | 21 cm. |
| 500 ## - GENERAL NOTE | |
| Materials specified | Supervisor: Nashwa Abd El-Baki |
| 502 ## - Dissertation Note | |
| Dissertation type | Thesis (M.A.)—Nile University, Egypt, 2017 . |
| 504 ## - Bibliography | |
| Bibliography | "Includes bibliographical references" |
| 505 0# - Contents | |
| Formatted contents note | Contents:<br/>1 Introduction........................................................................................................1<br/>1.1 Research Motivation.........................................................................................2<br/>1.2 Thesis Outline and Structure............................................................................3<br/>1.3 Approach and Methods.....................................................................................5<br/>2 DDoS Background.............................................................................................7<br/>2.1 Network Based DoS Attack...............................................................................8<br/>2.1.1 TCP Syn Flood Attack............................................................................8<br/>2.1.2 ICMP Attacks.........................................................................................9<br/>2.1.3 UDP Flooding-Based DoS Attack..........................................................9<br/>2.2 Application Layer Attacks................................................................................10<br/>2.2.1 Difference Between Layer 3-4 and Layer 7 Attacks............................11<br/>2.2.2 Application Layer Attack Vulnerable Systems.....................................12<br/>2.2.3 Application Layer Attack Types............................................................12<br/>2.2.4 Application Layer Attack Methods........................................................13<br/>v<br/>Slowloris HTTP Attack...............................................................................................13<br/>Slow HTTP Post Attack.............................................................................................14<br/>Servers Vulnerability.................................................................................................14<br/>Slow Read DoS Attack..............................................................................................14<br/>General Mitigation for Slow Attacks...........................................................................14<br/>Apache Specific Rules..............................................................................................16<br/>HTTP Flood Attack....................................................................................................16<br/>Server Vulnerability...................................................................................................17<br/>Attack Mitigation........................................................................................................17<br/>2.3 Diversionary DoS Attacks...............................................................................18<br/>3 Related Wًork....................................................................................................19<br/>4 Analysis of Attack Effects on Server Resources..........................................25<br/>4.1 Effects on Server Resources..........................................................................25<br/>4.1.1 Effects of DDoS on CPU Usage..........................................................25<br/>4.1.2 Effects of DoS Attack on Memory Usage............................................26<br/>4.1.3 Effects of DDoS Attack on Number of Concurrent Connections<br/>..........................................................................................................27<br/>4.1.4 Effects of DDoS Attack on Server Response Time.............................29<br/>4.1.5 Results.................................................................................................30<br/>4.2 Creating Attack Profile Based on The Attack Effects......................................30<br/>4.2.1 HTTP Flood - HTTP Slowloris Attack CPU Effects..............................31<br/>4.2.2 HTTP Flood - HTTP Slowloris Attack Memory Effects........................32<br/>4.2.3 HTTP Flood - HTTP Slowloris Number of Concurrent<br/>Connection Effects...........................................................................33<br/>4.2.4 HTTP Flood - HTTP Slowloris Response Time Effects.......................34<br/>4.2.5 Results.................................................................................................34<br/>4.3 Testing Current Mitigation Techniques............................................................35<br/>4.3.1 Testing Mod_Requirements.................................................................36<br/>4.3.2 Testing Mod _Security.........................................................................40<br/>4.3.3 Results.................................................................................................41<br/>4.4 Summary.........................................................................................................42<br/>5Using Resource Monitoring Concept in The Proposed Approaches<br/>..........................................................................................................45<br/>5.1 Apache Multi Processing Module....................................................................45<br/>5.2 Server Concurrent Connections.....................................................................46<br/>5.3 Server Memory...............................................................................................47<br/>5.4 Server Backlog................................................................................................48<br/>5.5 Monitor Server CPU and Response Time......................................................48<br/>vi<br/>6 Proposed Mitigation Approaches..................................................................49<br/>6.1 Reduced Database Version of The Web Application Technique....................49<br/>6.1.1 System Implementation and Lab Setup..............................................50<br/>6.1.2 Testing..................................................................................................51<br/>6.2 Smart Load Balancing Technique...................................................................53<br/>6.2.1 System Implementation and Lab Setup..............................................54<br/>6.2.2 Testing..................................................................................................55<br/>7 Results and Discussion..................................................................................57<br/>8 Conclusions and Future Work........................................................................61<br/>8.1 Conclusions....................................................................................................61<br/>8.2 Future Work....................................................................................................62<br/>References................................................ |
| 520 3# - Abstract | |
| Abstract | Abstract:<br/>Denial of Service attacks are one of the most annoying day to day challenges for<br/>any security expert and IT professional. This is according to the attack nature.<br/>The attacks can be run against any kind of network resources, whether exposed<br/>to the Internet or internally in a corporate network, regardless of the type of<br/>service it provides and its role in the network.<br/>There is no one complete solution or unified framework method against this type<br/>of attack. The most dangerous type of DoS attack is the DDoS type. The attack<br/>flows from many sources at the same time. In the context of mitigation from<br/>DDoS attack, the detection mechanisms are the first step in the way.<br/>Mechanisms like IPS and firewall are not effective because of the current<br/>challenging DDoS attack methods against Application Layer. The attackers use<br/>vulnerability in the application itself to disrupt the service it provides. Current<br/>mitigation techniques depend on preventing the attack traffic from reaching web<br/>servers.<br/>In this thesis, we focus on the HTTP Application Layer DDoS attacks against web<br/>servers. We analyze and demonstrate the effects of the DDoS attacks on the<br/>server resources that is related to the web service and how it can interrupt or<br/>disable the service. We propose new approach for mitigation that depends on<br/>absorbing the attack effects on the web server and increases server’s resistance<br/>against DDoS attacks. |
| 546 ## - Language Note | |
| Language Note | Text in English, abstracts in English . |
| 650 #4 - Subject | |
| Subject | Information Security |
| 655 #7 - Index Term-Genre/Form | |
| Source of term | NULIB |
| focus term | Dissertation, Academic |
| 690 ## - Subject | |
| School | Information Security |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Source of classification or shelving scheme | Dewey Decimal Classification |
| Koha item type | Thesis |
| 650 #4 - Subject | |
| -- | 294 |
| 655 #7 - Index Term-Genre/Form | |
| -- | 187 |
| 690 ## - Subject | |
| -- | 294 |
| Withdrawn status | Lost status | Source of classification or shelving scheme | Damaged status | Not for loan | Home library | Current library | Date acquired | Total Checkouts | Full call number | Date last seen | Price effective from | Koha item type |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dewey Decimal Classification | Not For Loan | Main library | Main library | 01/19/2021 | 658/ M.M.W 2017 | 01/19/2021 | 01/19/2021 | Thesis |