Abstract | ||
---|---|---|
Distributed Denial of Service (DDoS) attacks cause significant damage to computer systems by taking a system offline. Hypertext Transfer Protocol (HTTP), is the most commonly used protocol for web services. The HTTP protocol has recently received a major update to HTTP/2. This new protocol provides increased functionality, however this poses a threat from DDoS due to the larger attack surface. HTTP/2 implements novel compression techniques to reduce bandwidth, in this paper we explore this compression technology to providing understanding on its risk from DDoS, specifically in a HTTP/2 to HTTP/1 proxy deployment. We implement a testbed and measure the bandwidth to show that a amplification attack is possible which is comparable to the current largest amplification attacks. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1109/EST.2017.8090411 | 2017 Seventh International Conference on Emerging Security Technologies (EST) |
Keywords | Field | DocType |
DDoS,HTTP2,HPACK,Flood,Amplification,Attack,Apache,nghttp2,Nginx,Vulnerabilities | Attack surface,Denial-of-service attack,Computer security,Computer science,Testbed,HTTP/2,Web service,Hypertext Transfer Protocol,Application layer DDoS attack,Web server | Conference |
ISBN | Citations | PageRank |
978-1-5386-4019-7 | 0 | 0.34 |
References | Authors | |
5 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
David Beckett | 1 | 0 | 1.01 |
Sakir Sezer | 2 | 1010 | 84.22 |