Publication detail

SLOW DOS ATTACKS DETECTION AND MITIGATION

SIKORA, M.

Original Title

SLOW DOS ATTACKS DETECTION AND MITIGATION

English Title

SLOW DOS ATTACKS DETECTION AND MITIGATION

Type

conference paper

Language

en

Original Abstract

This article investigates the detection and mitigation methods against Slow DoS (Demand of Service) attacks. This research is focused on Slowloris, Slow POST, Slow Read, and Apache Range Header attacks. Detection methods are based on network traffic analysis and anomalous traffic monitoring. When the attack is detected, the attacker is blocked and web server resources are released. Methods are implemented as an intrusion prevention system software.

English abstract

This article investigates the detection and mitigation methods against Slow DoS (Demand of Service) attacks. This research is focused on Slowloris, Slow POST, Slow Read, and Apache Range Header attacks. Detection methods are based on network traffic analysis and anomalous traffic monitoring. When the attack is detected, the attacker is blocked and web server resources are released. Methods are implemented as an intrusion prevention system software.

Keywords

Slow DoS, network traffic analysis, network monitoring, Slowloris, Slow POST, Slow Read, Apache Range Header, detection, mitigation

Released

25.04.2019

Publisher

Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních

ISBN

978-80-214-5735-5

Book

Proceedings of the 25th Conference STUDENT EEICT 2019

Edition number

1

Pages from

510

Pages to

514

Pages count

5

Documents

BibTex


@inproceedings{BUT156712,
  author="Marek {Sikora}",
  title="SLOW DOS ATTACKS DETECTION AND MITIGATION",
  annote="This article investigates the detection and mitigation methods against Slow DoS (Demand
of Service) attacks. This research is focused on Slowloris, Slow POST, Slow Read, and Apache
Range Header attacks. Detection methods are based on network traffic analysis and anomalous traffic
monitoring. When the attack is detected, the attacker is blocked and web server resources are released.
Methods are implemented as an intrusion prevention system software.",
  address="Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních",
  booktitle="Proceedings of the 25th Conference STUDENT EEICT 2019",
  chapter="156712",
  howpublished="electronic, physical medium",
  institution="Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních",
  year="2019",
  month="april",
  pages="510--514",
  publisher="Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních",
  type="conference paper"
}