Tipo di prodotto | Articolo in rivista |
---|---|
Titolo | Introducing the SlowDrop Attack |
Anno di pubblicazione | 2019 |
Formato | Elettronico |
Autore/i | Enrico Cambiaso, Giovanni Chiola, Maurizio Aiello |
Affiliazioni autori | IEIIT-CNR, National Research Council via De Marini, 6 Genoa, 16149 Italy DIBRIS Department, Università degli Studi di Genova via Dodecaneso, 35 Genoa, 16145 Italy |
Autori CNR e affiliazioni |
|
Lingua/e |
|
Abstract | In network security, Denial of Service (DoS) attacks target network systems with the aim of making them unreachable. Last generation threats are particularly dangerous because they can be carried out with very low resource consumption by the attacker. In this paper we propose SlowDrop, an attack characterized by a legitimate-like behavior and able to target different protocols and server systems. The proposed attack is the first slow DoS threat targeting Microsoft IIS, until now unexploited from other similar attacks. We properly describe the attack, analyzing its ability to target arbitrary systems on different scenarios, by including both wired and wireless connections, and comparing the proposed attack to similar threats. The obtained results show that by executing targeted attacks, SlowDrop is successful both against conventional servers and Microsoft IIS, which is closed source and required us the execution of so called "network level reverse engineering" activities. Due to its ability to successfully target different servers on different scenarios, the attack should be considered an important achievement in the slow DoS field. |
Lingua abstract | inglese |
Altro abstract | - |
Lingua altro abstract | - |
Pagine da | 234 |
Pagine a | 249 |
Pagine totali | 16 |
Rivista | Computer networks (1999) Attiva dal 1999 Editore: Elsevier - Amsterdam ; Paese di pubblicazione: Paesi Bassi Lingua: inglese ISSN: 1389-1286 Titolo chiave: Computer networks (1999) Titolo proprio: Computer networks. (1999) Titolo abbreviato: Comput. networks (1999) |
Numero volume della rivista | 150 |
Fascicolo della rivista | - |
DOI | 10.1016/j.comnet.2019.01.007 |
Verificato da referee | Sì: Internazionale |
Stato della pubblicazione | Published version |
Indicizzazione (in banche dati controllate) | - |
Parole chiave | cyber-security, denial of service, slow dos attack, microsoft iis, web server, wireless |
Link (URL, URI) | https://www.sciencedirect.com/science/article/pii/S1389128619300210 |
Titolo parallelo | - |
Data di accettazione | - |
Note/Altre informazioni | - |
Strutture CNR |
|
Moduli CNR | |
Progetti Europei | |
Allegati |
