Distributed denial-of-service attacks against HTTP/2 services

Authors

Erwin Adi, Edith Cowan UniversityFollow
Zubair A. Baig, Edith Cowan UniversityFollow
Philip Hingston, Edith Cowan UniversityFollow
Chiou-Peng Lam, Edith Cowan UniversityFollow

Document Type

Journal Article

Publication Title

Cluster Computing

Publisher

Springer

School

School of Science / Security Research Institute

RAS ID

24363

Comments

Erwin, A., Baig, Z. A., Hingston, P., & Lam, C. P. (2016). Distributed denial-of-service attacks against HTTP/2 services. Cluster Computing, 19(1), 79-86. Available here

Abstract

HTTP/2 is the second major version of the HTTP protocol published by the internet engineering steering group. The protocol is designed to improve reliability and performance Such enhancements have thus delineated the protocol as being more vulnerable to distributed denial-of-service (DDoS) attacks when compared to its predecessor. Recent phenomenon showed that legitimate traffic or flash crowds could have high-traffic flow characteristics as seen in DDoS attacks. In this paper, we demonstrate that legitimate HTTP/2 flash crowd traffic can be launched to cause denial of service. To the best of our knowledge, no previous study has been conducted to analyse the effect of both DDoS as well as flash crowd traffic against HTTP/2 services. Results obtained prove the effect of such attacks when tested under four varying protocol-dependant attack scenarios. © 2016, Springer Science+Business Media New York.

DOI

10.1007/s10586-015-0528-7

Related Publications

Adi, E. (2017). Denial-of-service attack modelling and detection for HTTP/2 services. Retrieved from http://ro.ecu.edu.au/theses/1953

Access Rights

subscription content