Low interaction honeypot as the defense mechanism against Slowloris attack on the web server-Reference-Cited by-同舟云学术

Low interaction honeypot as the defense mechanism against Slowloris attack on the web server

Published:2020-05-01 Issue:1 Volume:850 Page:012037
ISSN:1757-8981
Container-title:IOP Conference Series: Materials Science and Engineering
language:
Short-container-title:IOP Conf. Ser.: Mater. Sci. Eng.

Author:

Fitri N R,Budi A H S,Kustiawan I,Suwono S E

Abstract

Abstract Threats and attacks on internet services are in line with developments in internet technology. One of the main risks is Distributed Denial of Service (DDoS). In this paper, we focus on the Slowloris attack which is an open-source DDoS attacker that generally attacks the Apache webserver. Apache is one of the most popular web servers in the world and is still used by many companies. This research presents another way to reduce attacks to the firewalls and load a counterweight by using a low interaction honeypot, HoneyPy. In normal conditions, attack schemes and defense mechanisms are evaluated by conducting experiments. Slowloris attacks cause high traffic because it prevents the socket from closing, so the webserver cannot handle other connections from legitimate users. When defense mechanisms are applied to the network, Slowloris attacks that enter the webserver are minimized because most packets are discarded and directed to the honeypot without the attacker’s knowledge. It seems like the attacker has managed to attack the web server even when the attack becomes slower.

Publisher

IOP Publishing

Subject

General Medicine

Link

https://iopscience.iop.org/article/10.1088/1757-899X/850/1/012037/pdf

Reference10 articles.

1. Analyzing websites protection mechanisms against DDoS attacks In;Papadie,2017

2. The distributed denial of service attacks (DDoS) prevention mechanisms on application layer;Bhosale,2017

3. Performance comparison and analysis of slowloris, goldeneye and xerxes ddos attack tools;Shorey,2018

4. Method of slow-attack detection;Duravkin,2014

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Leader: Defense Against Exploit-Based Denial-of-Service Attacks on Web Applications;Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses;2023-10-16

2. Malware Detection and Analysis using Modern Honeypot Allied with Machine Learning: A Performance Evaluation;2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC);2023-07-06

3. Analysis of Effectiveness of Iptables on Web Server from Slowloris Attack;2022 5th International Conference of Computer and Informatics Engineering (IC2IE);2022-09-13

4. A deep learning assisted personalized deception system for countering web application attacks;Journal of Information Security and Applications;2022-06

5. A Reliable Real-Time Slow DoS Detection Framework for Resource-Constrained IoT Networks;2021 IEEE Global Communications Conference (GLOBECOM);2021-12