Analysis of Slow Read DoS Attack and Communication Environment

Tayama, Shunsuke; Tanaka, Hidema

doi:10.1007/978-981-10-5281-1_38

Analysis of Slow Read DoS Attack and Communication Environment

Shunsuke Tayama³ &
Hidema Tanaka³

Conference paper
First Online: 17 June 2017

1362 Accesses
3 Citations

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 425))

Abstract

Slow Read DoS attack is a technique which interferes Web server by exhausting resources. There are no effective countermeasures against from this attack nowadays. In this paper, we analyze Slow Read DoS attack, we found that the efficient attack can be realized when the bandwidth is over 500[Kbps]. In addition, we found that attacker can more effective attack by setting the connection rate to be equal to the process capability of Web server. At the same time, we can derive the secure setting of Web server against Slow Read DoS attack.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Anonymous Operation Japan, twitter account “@OP-japan.”
Google Scholar
Apache: http://httpd.apache.org. Last Accessed 12 Feb 2017
Anstee D, Bowen P, Chui CF, Sockrider G (2016) Worldwide infrastructure security report, vol 11. ARBOR Networks
Google Scholar
Muscat I (2017) How to mitigate slow HTTP DoS attacks in apache HTTP Server. acunetix. https://www.acunetix.com/blog/articles/slow-http-dos-attacks-mitigate-apache-http-server/. Last Accessed 12 Feb 2017
Japanese bulletin board, 2ch.net
Google Scholar
Higgins KJ (2017) New denial-of-service attack cripples web server by reading slowly. InformationsWeek DarkReading. http://www.darkreading.com/attacks-breaches/new-denial-of-service-attack-cripples-we/232301367. Last Accessed 12 Feb 2017
Constantin L (2017) Researcher devises hard-to-detect DoS attack against HTTP servers. InfoWorld. http://www.infoworld.com/article/2618359/security-management/researcher-devises-hard-to-detect-dos-attack-against-http-servers.html. Last Accessed 12 Feb 2017
Zelasko M: DDoS attacks rose significantly in 2016.”, COLOCROSSING Dec 21. 2016. https://blog.colocrossing.com/ddos-attacks-rising-2016/. Last Accessed 12 Feb 2017
Shekyan S (2017) Are you ready for slow reading?. https://blog.qualys.com/securitylabs/2012/01/05/slowread. Last Accessed 12 Feb 2017
Shekyan S (2017) Application layer DoS attack simulator. https://github.com/shekyan/slowhttptest. Last Accessed 12 Feb 2017
VMware. https://my.vmware.com/jp/web/vmware/details?productId=524&downloadGroup=WKST-1210-WIN. Last Accessed 12 Feb 2017
W3Techs: Most popular web servers. http://w3techs.com. Last Accessed 12 Feb 2017
Enrico C, Gianluca P, Giovanni C, Maurizio A (2013) Slow DoS attacks: definition and categorisation. Int. J. Trust Manage Comput Commun 1(3/4):300–319
Article Google Scholar
Li JJ, Savor T (2014) Detecting DoS attacks on notification services. In: Software security and reliability-companion, pp 192–198
Google Scholar
Park J, Iwai K, Tanaka H, Kurokawa T (2014) Analysis of slow read DoS attack. In: Information Theory and its Applications, pp 60–64
Google Scholar
Park Junhan, Iwai Keisuke, Tanaka Hidema, Kurokawa Takakazu (2015) Analysis of slow read DoS attack and countermeasures on web servers. Int J Cyber-Secur Digital Forensics (IJCSDF) 4(2):339–353
Article Google Scholar
Tripathi N, Hubballi N, Singh Y (2016) How secure are web servers? An empirical study of slow HTTP DoS attacks and detection. In: Availability, reliability and security, pp. 454–463
Google Scholar
Oshima S, Nakashima T, Sueyoshi T (2010) Early DoS/DDoS detection method using short-term statistics. In: Complex, intelligent and software intensive systems, pp. 168–174
Google Scholar
Tayama S, Tanaka H (2016) A study on the relationship between communication environment and effectiveness of slow read DoS attack. In: Proceeding of the computer security symposium, vol 2016(2), pp 749–755
Google Scholar
Hirakawa T, Ogura K, Bista BB, Taketa T A defense method against distributed slow HTTP DoS attack. In: Network-based information system, pp 152–158 (2016)
Google Scholar

Download references

Author information

Authors and Affiliations

National Defense Academy of Japan, 1-10-20 Hashirimizu, Yokosuka, Kanagawa, 239-8686, Japan
Shunsuke Tayama & Hidema Tanaka

Authors

Shunsuke Tayama
View author publications
You can also search for this author in PubMed Google Scholar
Hidema Tanaka
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shunsuke Tayama .

Editor information

Editors and Affiliations

B-dong Intellige 2, Korea Industry Security Forum, Seongnam-si, Kyonggi-do, Korea (Republic of)
Kuinam J. Kim
modelizeIT Inc., CEO and NYU , Stony Brook, New York, USA
Nikolai Joukov

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Tayama, S., Tanaka, H. (2018). Analysis of Slow Read DoS Attack and Communication Environment. In: Kim, K., Joukov, N. (eds) Mobile and Wireless Technologies 2017. ICMWT 2017. Lecture Notes in Electrical Engineering, vol 425. Springer, Singapore. https://doi.org/10.1007/978-981-10-5281-1_38

Download citation

DOI: https://doi.org/10.1007/978-981-10-5281-1_38
Published: 17 June 2017
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5280-4
Online ISBN: 978-981-10-5281-1
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics