Skip to main content
SpringerLink
Log in

Distributed denial-of-service attacks against HTTP/2 services

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

HTTP/2 is the second major version of the HTTP protocol published by the internet engineering steering group. The protocol is designed to improve reliability and performance Such enhancements have thus delineated the protocol as being more vulnerable to distributed denial-of-service (DDoS) attacks when compared to its predecessor. Recent phenomenon showed that legitimate traffic or flash crowds could have high-traffic flow characteristics as seen in DDoS attacks. In this paper, we demonstrate that legitimate HTTP/2 flash crowd traffic can be launched to cause denial of service. To the best of our knowledge, no previous study has been conducted to analyse the effect of both DDoS as well as flash crowd traffic against HTTP/2 services. Results obtained prove the effect of such attacks when tested under four varying protocol-dependant attack scenarios.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Agrawal, P., Gupta, B., Jain, S.: SVM based scheme for predicting number of zombies in a DDoS attack. In: Intelligence and Security Informatics Conference (EISIC), 2011 European, pp. 178–182. IEEE (2011)

  2. Barthakur, P., Dahal, M., Ghose, M.K.: An efficient machine learning based classification scheme for detecting distributed command & control traffic of P2P botnets. Int. J. Mod. Educ. Comput. Sci. (IJMECS) 5(10), 9 (2013)

    Article  Google Scholar 

  3. Belshe, M., Peon, R., Thomson, M.: Hypertext Transfer Protocol version 2 (HTTP/2). Report RFC 7540, Internet Engineering Task Force (May 2015)

  4. CERT: Denial of Service attacks (2014). http://www.cert.org/historical/tech_tips/denial_of_service.cfm?

  5. Chang, R.K.: Defending against flooding-based distributed denial-of-service attacks: a tutorial. Commun. Mag., IEEE 40(10), 42–51 (2002)

    Article  Google Scholar 

  6. Choi, J., Choi, C., Ko, B., Kim, P.: A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment. Soft Comput. 18, 1–7 (2014)

    Article  Google Scholar 

  7. Crosby, S.A., Wallach, D.S.: Denial of service via algorithmic complexity attacks. In: Usenix Security, vol. 2 (2003)

  8. Garg, S., Singh, A.K., Sarje, A.K., Peddoju, S.K.: Behaviour analysis of machine learning algorithms for detecting P2P botnets. In: Advanced Computing Technologies (ICACT), 2013 15th International Conference on, pp. 1–4. IEEE (2013)

  9. Grigorik, I.: High Performance Browser Networking: what Every Web Developer should Know About Networking and Web Performance. ” O’Reilly Media, Inc”., New York (2013)

  10. Heron, S.: Denial of service: motivations and trends. Netw. Secur. 2010(5), 10–12 (2010)

    Article  Google Scholar 

  11. Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites. In: Proceedings of the 11th international conference on World Wide Web, pp. 293–304. ACM (2002)

  12. Liu, H., Zhang, Y., Lin, H., Wu, J., Wu, Z., Zhang, X.: How many zombies around you? In: Data Mining (ICDM), 2013 IEEE 13th International Conference on, pp. 1133–1138. IEEE (2013)

  13. Malialis, K., Kudenko, D.: Large-scale DDoS response using cooperative reinforcement learning. In: 11th European Workshop on Multi-Agent Systems (EUMAS) (2013)

  14. Mansfield-Devine, S.: DDoS: threats and mitigation. Netw. Secur. 2011(12), 5–12 (2011)

    Article  Google Scholar 

  15. Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004)

    Article  Google Scholar 

  16. Ni, T., Gu, X., Wang, H., Li, Y.: Real-time detection of application-layer DDoS attack using time series analysis. J. Control Sci. Eng. 2013, 4 (2013)

    Article  MATH  Google Scholar 

  17. Rahmani, H., Sahli, N., Kamoun, F.: Distributed denial-of-service attack detection scheme-based joint-entropy. Secur. Commun. Netw. 5(9), 1049–1061 (2012)

    Article  Google Scholar 

  18. Salah, K., Sattar, K., Sqalli, M., Al-Shaer, E.: A potential low-rate DoS attack against network firewalls. Secur. Commun. Netw. 4(2), 136–146 (2011)

    Article  Google Scholar 

  19. Tsujikawa, T.: Nghttp2: HTTP/2 C library (2015). https://nghttp2.org/

  20. Ye, C., Zheng, K.: Detection of application layer distributed denial of service. In: Computer Science and Network Technology (ICCSNT), 2011 International Conference on, vol. 1, pp. 310–314. IEEE (2011)

  21. Yu, S., Zhou, W., Jia, W., Guo, S., Xiang, Y., Tang, F.: Discriminating DDoS attacks from flash crowds using flow correlation coefficient. Parallel Distrib. Syst., IEEE Trans. 23(6), 1073–1080 (2012)

    Article  Google Scholar 

  22. Zhou, W., Jia, W., Wen, S., Xiang, Y., Zhou, W.: Detection and defense of application-layer DDoS attacks in backbone web traffic. Futur. Gener. Comput. Syst. 38, 36–46 (2014)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Science, Edith Cowan University, 270 Joondalup Dr., Joondalup, WA, 6027, Australia

    Erwin Adi, Philip Hingston & Chiou-Peng Lam

  2. School of Science and Security Research Institute, Edith Cowan University, 270 Joondalup Dr., Joondalup, WA, 6027, Australia

    Zubair A. Baig

Authors
  1. Erwin Adi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zubair A. Baig
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Philip Hingston
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chiou-Peng Lam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Erwin Adi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Adi, E., Baig, Z.A., Hingston, P. et al. Distributed denial-of-service attacks against HTTP/2 services. Cluster Comput 19, 79–86 (2016). https://doi.org/10.1007/s10586-015-0528-7

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-015-0528-7

Keywords

Search

Navigation