Skip to main content
SpringerLink
Log in

Mind the Amplification: Cracking Content Delivery Networks via DDoS Attacks

  • Conference paper
  • First Online:
Book cover Wireless Algorithms, Systems, and Applications (WASA 2021)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12938))

Abstract

A content delivery network (CDN) refers to a geographically distributed network of web servers, aiming to enhance the website performance and reliability, i.e., providing fast delivery of the Internet content. CDN is often part of a mature enterprise level network, but due to the distributed nature, CDN may be vulnerable to a distributed denial-of-service attack (DDoS), in which the cyber-attackers try to flood the victim with overloaded traffic or requests. In the literature, the impact of DDoS on CDN has not been widely studied. Motivated by this challenge, in this work, we emulate a CDN environment and investigate the effect of a particular DDoS attack on the environment. It is found that free CDN clusters could be destroyed by only several Gigabyte traffic. In the end, we also discuss some potential solutions to help defend against DDoS attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    More details about the hacking tool test can check our demo at https://www.youtube.com/watch?v=cRXGIWcHX0g&feature=youtu.be.

References

  1. PHPStudy. https://www.xp.cn/

  2. Content Delivery Network Market. https://www.marketsandmarkets.com/Market-Reports/content-delivery-networks-cdn-market-657.html. Accessed Feb 2021

  3. How does CDN work? https://www.cdnetworks.com/web-performance-blog/how-content-delivery-networks-work/. Accessed Feb 2021

  4. What is a CDN? | How do CDNs work? https://www.cloudflare.com/learning/cdn/what-is-a-cdn/. Accessed Mar 2021

  5. Police are now targeting former WebStresser DDoS-for-hire users. https://www.zdnet.com/article/police-are-now-targeting-former-webstresser-ddos-for-hire-users/. Asscessed Mar 2021

  6. Bannour, F., Souihi, S., Mellouk, A.: Adaptive distributed SDN controllers: application to content-centric delivery networks. Future Gener. Comput. Syst. 113, 78–93 (2020)

    Article  Google Scholar 

  7. Cui, S., Asghar, M.R., Russello, G.: Multi-CDN: towards privacy in content delivery networks. IEEE Trans. Dependable Secur. Comput. 17(5), 984–999 (2020)

    Article  Google Scholar 

  8. Hao, S., Zhang, Y., Wang, H., Stavrou, A.: End-users get maneuvered: empirical analysis of redirection hijacking in content delivery networks. In: USENIX Security Symposium, pp. 1129–1145 (2018)

    Google Scholar 

  9. Hassine, N.B., Minet, P., Marinca, D., Barth, D.: Popularity prediction-based caching in content delivery networks. Ann. des Telecommun. 74(5–6), 351–364 (2019)

    Article  Google Scholar 

  10. Hu, X., et al.: STYX: a hierarchical key management system for elastic content delivery networks on public clouds. IEEE Trans. Dependable Secur. Comput. 18(2), 843–857 (2021)

    Article  Google Scholar 

  11. Meng, Y., Kwok, L.F: Enhancing list-based packet filter using IP verification mechanism against IP spoofing attack in network intrusion detection. In: Proceedings of the 6th International Conference on Network and System Security (NSS), pp. 1–14 (2012)

    Google Scholar 

  12. Meng, Y., Kwok, L.F.: Adaptive non-critical alarm reduction using hash-based contextual signatures in intrusion detection. Comput. Commun. 38, 50–59 (2014)

    Article  Google Scholar 

  13. Meng, W., Li, W., Kwok, L.F.: Towards effective trust-based packet filtering in collaborative network environments. IEEE Trans. Netw. Serv. Manage. 14(1), 233–245 (2017)

    Article  Google Scholar 

  14. Meng, W.: Intrusion detection in the era of IoT: building trust via traffic filtering and sampling. IEEE Comput. 51(7), 36–43 (2018)

    Article  Google Scholar 

  15. Nishiyama, H., Fomo, D., Fadlullah, Z.M., Kato, N.: Traffic pattern-based content leakage detection for trusted content delivery networks. IEEE Trans. Parallel Distrib. Syst. 25(2), 301–309 (2014)

    Article  Google Scholar 

  16. Nishimuta, H., Nobayashi, D., Ikenaga, T.: Adaptive server and path switching for content delivery networks. IEICE Trans. Inf. Syst. 103-D(11), 2389–2393 (2020)

    Google Scholar 

  17. Thomdapu, S.T., Katiyar, P., Rajawat, K.: Dynamic cache management in content delivery networks. Comput. Networks 187, 107822 (2021)

    Article  Google Scholar 

  18. B. Zolfaghari, et al.: Rai: content delivery networks: state of the art, trends, and future roadmap. ACM Comput. Surv. 53(2), 34:1–34:34 (2020)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Lyngby, Denmark

    Zihao Li & Weizhi Meng

Authors
  1. Zihao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Zhe Liu

  2. Shanghai Jiao Tong University, Shanghai, China

    Fan Wu

  3. Missouri University of Science and Technology, Rolla, MO, USA

    Sajal K. Das

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, Z., Meng, W. (2021). Mind the Amplification: Cracking Content Delivery Networks via DDoS Attacks. In: Liu, Z., Wu, F., Das, S.K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2021. Lecture Notes in Computer Science(), vol 12938. Springer, Cham. https://doi.org/10.1007/978-3-030-86130-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-86130-8_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-86129-2

  • Online ISBN: 978-3-030-86130-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation