Title: Impact analysis of application layer DDoS attacks on web services: a simulation study
Authors: Karanpreet Singh; Paramvir Singh; Krishan Kumar
Addresses: Department of Computer Science and Engineering, National Institute of Technology Jalandhar, GT Road, Amritsar Bypass Road, Jalandhar, Punjab 144011, India ' Department of Computer Science and Engineering, National Institute of Technology Jalandhar, GT Road, Amritsar Bypass Road, Jalandhar, Punjab 144011, India ' Department of Computer Science and Engineering, SBS State Technical Campus, Moga Road (NH-95), Ferozepur, Punjab 152004, India
Abstract: Due to a wide range of attacks possible on the internet, abundance of security solutions exists in the market today. In spite of this, distributed denial of service (DDoS) attack is still considered irrepressible, as none of the present-day solutions seems to completely eradicate its existence. The most sophisticated form of this attack, application-layer DDoS attack, is on the rise seeking to its surging frequency in recent years. With a primary focus on their detection and mitigation, the researchers have made significant contributions toward the related literature. We begin with introducing application-layer DDoS attacks followed by an analysis of the recent contributions in a nutshell. Subsequently, the underlying mechanism behind the application-layer DDoS attacks is discussed to apprehend its effect on traditional web server architecture. Finally, two independent exhaustive simulations are carried out to evaluate the impact of such attacks on the performance of a web server from multiple perspectives. Multifarious experimental designs corresponding to different attack intensities and server performance parameters are exercised during our first simulation scenario in order to report diverse possible scenarios. The second simulation scenario examines three well-known application-layer DDoS attack strategies that an attacker usually adopts in order to instigate an application-layer DDoS attack.
Keywords: distributed DoS; DDoS attacks; denial of service; simulation; application layer; impact analysis; http flood; web services; internet attacks.
DOI: 10.1504/IJIEI.2017.082564
International Journal of Intelligent Engineering Informatics, 2017 Vol.5 No.1, pp.80 - 100
Received: 08 Sep 2015
Accepted: 08 Feb 2016
Published online: 01 Mar 2017 *