%0 Conference Proceedings
%T Measurement-Based Analysis of a DoS Defense Module for an Open Source Web Server
%+ Department of Engineering [Sannio] (DING)
%A Catillo, Marta
%A Pecchia, Antonio
%A Villano, Umberto
%Z Part 2: Security Testing
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 32th IFIP International Conference on Testing Software and Systems (ICTSS)
%C Naples, Italy
%Y Valentina Casola
%Y Alessandra De Benedictis
%Y Massimiliano Rak
%I Springer International Publishing
%3 Testing Software and Systems
%V LNCS-12543
%P 121-134
%8 2020-12-09
%D 2020
%R 10.1007/978-3-030-64881-7_8
%K Denial of Service
%K Web server
%K Defense
%K Availability
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Denial of Service (DoS) attacks represent an ever evolving landscape, which ranges from bruteforce flooding approaches to more sophisticated low-bandwidth slow techniques. DoS has become a major threat to the availability of modern web servers because of the large number of attack tools across the Internet. In spite of the increasing number of security modules that can be usefully deployed in production servers, there is not a one-fits-all defense solution against DoS.This paper proposes a measurement-based analysis of a well-established defense module for the Apache web server. The module is tested against both flooding and slow DoS attacks in order to quantify its capability at assuring correct service to legitimate clients. Results indicate that the module can mitigate flooding DoS attacks while causing some performance loss of the server; however, it is ineffective against slow attacks. The findings of our analysis are useful to support the deployment of proper defense mechanisms.
%G English
%Z TC 6
%Z WG 6.1
%2 https://inria.hal.science/hal-03239811/document
%2 https://inria.hal.science/hal-03239811/file/497758_1_En_8_Chapter.pdf
%L hal-03239811
%U https://inria.hal.science/hal-03239811
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC6
%~ IFIP-WG6-1
%~ IFIP-ICTSS
%~ IFIP-LNCS-12543