MULTILEVEL INTELLECTUAL APPROACH TO HTTP-REQUESTS LEGITIMACY VALIDATION
DOI:
https://doi.org/10.20535/2411-2976.12013.27-32Abstract
In the paper a multilevel intellectual approach to HTTP-requests legitimacy validation is proposed. The approach is devised for HTTP-flood DDoS-attacks detection and prevention in telecommunication networks with a web-server as the target attack object. The analysis of HTTP-requests attributes and their signatures is provided. On the basis of the analysis the attributes are separated into several levels that allow us to design a flow analyzer in a form of the multilevel block. Due to a multilevel structure of the flow analyzer a minimization of resources, spent for a request handling, is achieved.
References
RFC4732: Internet Denial-of-Service Considerations: http://tools.ietf.org/html/rfc4732
RFC2616: Hypertext Transfer Protocol – HTTP/1.1: http://tools.ietf.org/html/rfc2616
Kononenko V.M. A defense model from failure attacks in HTTP-flood servicing / V. M. Kononenko, S. O. Kravchuk // Modern problems of radio engineering and telecommunications “RT–2012”: Materials of the 8th international youth scientific conference, Sevastopil’, April
-27, 2012 / Sevastopil’ national technical university; ed. J.B. Himpilevych. — Sevastopil’: Sev NTU, 2012. – p. 118. [in Ukrainian]
ISO 3166-1 decoding table: http://www.iso.org/iso/home/standards/country_codes/iso- 3166-1_decoding_table.htm
Nginx documentation: http://nginx.org/en/docs
Lighttpd documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki#Documentation
GeoIP databases and web services: http://www.maxmind.com/en/geolocation_landing
Stephen M. Specht, Ruby B. Lee “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures”: http://palms.ee.princeton.edu/PALMSopen/DDoS%20Final% 20PDCS%20Paper.pdf
Jelena Mirkovic, Peter Reiher “A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms”: http://www.eecis.udel.edu/~sunshine/publications/ccr.pdf
Jelena Mirkovic “Distributed Defense Against DDoS Attacks”: http://www.isi.edu/~mirkovic/publications/udel_
tech_report_2005-02.pdf