Distributed denial-of-service attacks against HTTP/2 services
- 589 Downloads
HTTP/2 is the second major version of the HTTP protocol published by the internet engineering steering group. The protocol is designed to improve reliability and performance Such enhancements have thus delineated the protocol as being more vulnerable to distributed denial-of-service (DDoS) attacks when compared to its predecessor. Recent phenomenon showed that legitimate traffic or flash crowds could have high-traffic flow characteristics as seen in DDoS attacks. In this paper, we demonstrate that legitimate HTTP/2 flash crowd traffic can be launched to cause denial of service. To the best of our knowledge, no previous study has been conducted to analyse the effect of both DDoS as well as flash crowd traffic against HTTP/2 services. Results obtained prove the effect of such attacks when tested under four varying protocol-dependant attack scenarios.
KeywordsDDoS attacks HTTP/2 attack Modeling
- 1.Agrawal, P., Gupta, B., Jain, S.: SVM based scheme for predicting number of zombies in a DDoS attack. In: Intelligence and Security Informatics Conference (EISIC), 2011 European, pp. 178–182. IEEE (2011)Google Scholar
- 3.Belshe, M., Peon, R., Thomson, M.: Hypertext Transfer Protocol version 2 (HTTP/2). Report RFC 7540, Internet Engineering Task Force (May 2015)Google Scholar
- 4.CERT: Denial of Service attacks (2014). http://www.cert.org/historical/tech_tips/denial_of_service.cfm?
- 7.Crosby, S.A., Wallach, D.S.: Denial of service via algorithmic complexity attacks. In: Usenix Security, vol. 2 (2003)Google Scholar
- 8.Garg, S., Singh, A.K., Sarje, A.K., Peddoju, S.K.: Behaviour analysis of machine learning algorithms for detecting P2P botnets. In: Advanced Computing Technologies (ICACT), 2013 15th International Conference on, pp. 1–4. IEEE (2013)Google Scholar
- 9.Grigorik, I.: High Performance Browser Networking: what Every Web Developer should Know About Networking and Web Performance. ” O’Reilly Media, Inc”., New York (2013)Google Scholar
- 11.Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites. In: Proceedings of the 11th international conference on World Wide Web, pp. 293–304. ACM (2002)Google Scholar
- 12.Liu, H., Zhang, Y., Lin, H., Wu, J., Wu, Z., Zhang, X.: How many zombies around you? In: Data Mining (ICDM), 2013 IEEE 13th International Conference on, pp. 1133–1138. IEEE (2013)Google Scholar
- 13.Malialis, K., Kudenko, D.: Large-scale DDoS response using cooperative reinforcement learning. In: 11th European Workshop on Multi-Agent Systems (EUMAS) (2013)Google Scholar
- 19.Tsujikawa, T.: Nghttp2: HTTP/2 C library (2015). https://nghttp2.org/
- 20.Ye, C., Zheng, K.: Detection of application layer distributed denial of service. In: Computer Science and Network Technology (ICCSNT), 2011 International Conference on, vol. 1, pp. 310–314. IEEE (2011)Google Scholar