Cover Image

Recent analysis of forged request headers constitued by HTTP DDoS

Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an atta...

Full description

Saved in:
Bibliographic Details
Main Authors: Jaafar, Abdul Ghafar, Ismail, Saiful Adli, Abdullah, Mohd. Shahidan, Kama, Nazri, Azmi, Azri, Mohd. Yusop, Othman
Format: Article
Language:English
Published: MDPI AG 2020
Subjects:
T58.5-58.64 Information technology
Online Access:http://eprints.utm.my/id/eprint/91381/1/AbdulGhafarJaafar2020_RecentAnalysisofForgedRequestHeaders.pdf
http://eprints.utm.my/id/eprint/91381/
http://dx.doi.org/10.3390/s20143820
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utm.91381
record_format eprints
spelling my.utm.913812021-06-30T12:08:33Z http://eprints.utm.my/id/eprint/91381/ Recent analysis of forged request headers constitued by HTTP DDoS Jaafar, Abdul Ghafar Ismail, Saiful Adli Abdullah, Mohd. Shahidan Kama, Nazri Azmi, Azri Mohd. Yusop, Othman T58.5-58.64 Information technology Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper. MDPI AG 2020-07 Article PeerReviewed application/pdf en http://eprints.utm.my/id/eprint/91381/1/AbdulGhafarJaafar2020_RecentAnalysisofForgedRequestHeaders.pdf Jaafar, Abdul Ghafar and Ismail, Saiful Adli and Abdullah, Mohd. Shahidan and Kama, Nazri and Azmi, Azri and Mohd. Yusop, Othman (2020) Recent analysis of forged request headers constitued by HTTP DDoS. Sensors, 20 (14). pp. 1-28. ISSN 1424-8220 http://dx.doi.org/10.3390/s20143820 DOI:10.3390/s20143820
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
language English
topic T58.5-58.64 Information technology
spellingShingle T58.5-58.64 Information technology
Jaafar, Abdul Ghafar
Ismail, Saiful Adli
Abdullah, Mohd. Shahidan
Kama, Nazri
Azmi, Azri
Mohd. Yusop, Othman
Recent analysis of forged request headers constitued by HTTP DDoS
description Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper.
format Article
author Jaafar, Abdul Ghafar
Ismail, Saiful Adli
Abdullah, Mohd. Shahidan
Kama, Nazri
Azmi, Azri
Mohd. Yusop, Othman
author_facet Jaafar, Abdul Ghafar
Ismail, Saiful Adli
Abdullah, Mohd. Shahidan
Kama, Nazri
Azmi, Azri
Mohd. Yusop, Othman
author_sort Jaafar, Abdul Ghafar
title Recent analysis of forged request headers constitued by HTTP DDoS
title_short Recent analysis of forged request headers constitued by HTTP DDoS
title_full Recent analysis of forged request headers constitued by HTTP DDoS
title_fullStr Recent analysis of forged request headers constitued by HTTP DDoS
title_full_unstemmed Recent analysis of forged request headers constitued by HTTP DDoS
title_sort recent analysis of forged request headers constitued by http ddos
publisher MDPI AG
publishDate 2020
url http://eprints.utm.my/id/eprint/91381/1/AbdulGhafarJaafar2020_RecentAnalysisofForgedRequestHeaders.pdf
http://eprints.utm.my/id/eprint/91381/
http://dx.doi.org/10.3390/s20143820
_version_ 1705056705478393856
score 13.214268

Similar Items