| Title | An Overview on Detection and Prevention of Application Layer DDoS Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Black, Samuel, Kim, Yoohwan |
| Conference Name | 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC) |
| Keywords | Application Layer, attacks, codes, composability, compositionality, Conferences, Databases, DDoS, DDoS Attack Prevention, denial-of-service attack, HOIC, HTTP flooding, Ions, Layer 7, Low and Slow attacks, Metrics, Protocols, pubcrawl, resilience, Resiliency, Slowloris, web services |
| Abstract | Distributed Denial-of-Service (DDoS) attacks aim to cause downtime or a lack of responsiveness for web services. DDoS attacks targeting the application layer are amongst the hardest to catch as they generally appear legitimate at lower layers and attempt to take advantage of common application functionality or aspects of the HTTP protocol, rather than simply send large amounts of traffic like with volumetric flooding. Attacks can focus on functionality such as database operations, file retrieval, or just general backend code. In this paper, we examine common forms of application layer attacks, preventative and detection measures, and take a closer look specifically at HTTP Flooding attacks by the High Orbit Ion Cannon (HOIC) and "low and slow" attacks through slowloris. |
| DOI | 10.1109/CCWC54503.2022.9720741 |
| Citation Key | black_overview_2022 |
An Overview on Detection and Prevention of Application Layer DDoS Attacks