Title

Distributed denial-of-service attacks against HTTP/2 services

Document Type

Journal Article

Publisher

Springer New York LLC

School

School of Science / Security Research Institute

RAS ID

24363

Comments

Originally published as : Adi, Erwin (03.2016). "Distributed denial-of-service attacks against HTTP/2 services". Cluster computing (1386-7857), 19 (1), p. 79-86. Article found here

Abstract

HTTP/2 is the second major version of the HTTP protocol published by the internet engineering steering group. The protocol is designed to improve reliability and performance Such enhancements have thus delineated the protocol as being more vulnerable to distributed denial-of-service (DDoS) attacks when compared to its predecessor. Recent phenomenon showed that legitimate traffic or flash crowds could have high-traffic flow characteristics as seen in DDoS attacks. In this paper, we demonstrate that legitimate HTTP/2 flash crowd traffic can be launched to cause denial of service. To the best of our knowledge, no previous study has been conducted to analyse the effect of both DDoS as well as flash crowd traffic against HTTP/2 services. Results obtained prove the effect of such attacks when tested under four varying protocol-dependant attack scenarios. © 2016, Springer Science+Business Media New York.

DOI

10.1007/s10586-015-0528-7