Collaboratively Detecting HTTP-based Distributed Denial of Service Attack using Software Defined Network
Adam Bryant (Committee Member), Bin Wang (Committee Member), Junjie Zhang (Advisor)
Master of Science in Cyber Security (M.S.C.S.)
Over the years, there have been a lot of attacks on the web servers of critical companies and organization. As much as these organizations tighten their security, it always tends not to be enough to stop all the attacks towards their servers. These attack vectors are so difficult to stop because of the technicalities behind the attack. Furthermore, there are different classes of distributed denial of service(DDoS) attacks such as the high rates (SYN Flood attacks, ARP Flood attacks, etc), low-rate(HTTP-GET, HTTP-POST). Although there are different ways to stop high rate DDoS attacks by traffic sampling and detecting malformed packets and unsolicited request by using stateful firewalls and other security sensors, but with low rate DDoS attacks it is different. The attack is a carefully crafted denial of service attacks that tend to evade known security tools out there. Aside that, the traditional networking architecture is very rigid and it makes it very difficult for new ideas or innovations that can help solve this problem, but in recent years, there have been talks about a new networking paradigm, which is Software Defined Networking (SDN); this paradigm brings the possibility to program your network which allows more innovative idea to enter into the networking world in ways not seen before. This thesis proposes a solution to the problem of attacks that are difficult for security sensors to detect or prevent by using some of the powerful features of Software Defined Networking to mitigate this attack. This project is capable of mitigating against HTTP-GET attacks, the initial testing has a successful out-come in stopping attacks from known attack tools used to launch these attacks and also with a good prospect as per future improvements in making it cover more attack vectors and robust.
Department or Program
Department of Computer Science and Engineering
Year Degree Awarded
Copyright 2017, some rights reserved. My ETD may be copied and distributed only for non-commercial purposes and may not be modified. All use must give me credit as the original author.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.