Consiglio Nazionale delle Ricerche

Tipo di prodottoArticolo in rivista
TitoloSlow DoS attacks: definition and categorisation
Anno di pubblicazione2013
Formato-
Autore/iE. Cambiaso; G. Papaleo; G. Chiola; M. Aiello
Affiliazioni autoriIEIIT
Autori CNR e affiliazioni
  • GIANLUCA PAPALEO
  • GIOVANNI CHIOLA
  • ENRICO CAMBIASO
  • MAURIZIO AIELLO
Lingua/e-
AbstractDenial of service (DoS) attacks evolved and consolidated as severe security threats to network servers, not only for internet service providers but also for governments. Earlier DoS attacks involved high-bandwidth flood-based approaches exploiting vulnerabilities of networking and transport protocol layers. Subsequently, distributed DoS attacks have been introduced amplifying not only the overall attack bandwidth but also the attack source, thus eluding simple counter measures based on source filtering. Current low bit-rate approaches, instead, exploit vulnerabilities of application layer protocols to accomplish DoS or DDoS attacks. Slow DoS attacks like, e.g., slowloris are particularly dangerous because they can bring down a well equipped server using small attacker's bandwidth, hence they can effectively run on low performance hosts, such as routers, game consoles, or mobile phones. In this paper, we study slow DoS attacks, analysing in detail the current threats and presenting a proper definition and categorisation for such attacks. Hopefully, our work will provide a useful framework for the study of this field, for the analysis of network vulnerabilities, and for the proposal of innovative intrusion detection methodologies.
Lingua abstractinglese
Altro abstract-
Lingua altro abstract-
Pagine da-
Pagine a-
Pagine totali-
RivistaInternational journal of security, privacy and trust management
Attiva dal 2011
Editore: Academy and Industry Research Collaboraion Centre - Chennai
Paese di pubblicazione: India
Lingua: inglese
ISSN: 2277-5498
Titolo chiave: International journal of security, privacy and trust management
Titolo proprio: International journal of security, privacy and trust management.
Titolo abbreviato: Int. j. secur. priv. trust manag.
Numero volume della rivista-
Fascicolo della rivista-
DOI-
Verificato da referee-
Stato della pubblicazione-
Indicizzazione (in banche dati controllate)-
Parole chiave-
Link (URL, URI)-
Titolo parallelo-
Data di accettazione-
Note/Altre informazioni-
Strutture CNR
  • IEIIT — Istituto di elettronica e di ingegneria dell'informazione e delle telecomunicazioni
Moduli CNR
    Progetti Europei-
    Allegati
    • Slow DoS attacks: definition and categorisation