LoRDAS: A Low-Rate DoS Attack against Application Servers

13 years 9 months ago
LoRDAS: A Low-Rate DoS Attack against Application Servers
In a communication network, there always exist some specific servers that should be considered a critical infrastructure to be protected, specially due to the nature of the services that they provide. In this paper, a low-rate denial of service attack against application servers is presented. The attack gets advantage of known timing mechanisms in the server behaviour to wisely strike ON/OFF attack waveforms that cause denial of service, while the traffic rate sent to the server is controlled, thus allowing to bypass defense mechanisms that rely on the detection of high rate traffics. First, we determine the conditions that a server should present to be considered a potential victim of this attack. As an example, the persistent HTTP server case is presented, being the procedure for striking the attack against it described. Moreover, the efficiency achieved by the attack is evaluated in both simulated and real environments, and its behaviour studied according to the variations on the c...
Gabriel Maciá-Fernández, Jesú
Added 26 Oct 2010
Updated 26 Oct 2010
Type Conference
Year 2007
Authors Gabriel Maciá-Fernández, Jesús E. Díaz-Verdejo, Pedro Garcia-Teodoro, Francisco de Toro-Negro
Comments (0)