This paper presents a mitigation scheme to cope with the random query string Denial of Service (DoS) attack, which is based on a vulnerability of current Content Delivery Networks (CDNs), a storage technology widely exploited to create reliable large scale distributed systems and cloud computing system architectures. Basically, the attack exploits the fact that edge servers composing a CDN, receiving an HTTP request for a resource with an appended random query string never saw before, ask the origin server for a (novel) copy of the resource. This request to the origin server is made also if the edge server contains a copy of the resource in its storage. Such characteristics can be employed to take an attack against the origin server by exploiting edge servers. In fact, the attacker can send different random query string requests to different edge servers that will overload the origin server with simultaneous (and unneeded) requests. Our strategy is based on the adoption of a simple gossip protocol, executed by edge servers, to detect the attack. Based on such a detection, countermeasures can be taken to protect the origin server, the CDN and thus the whole distributed system architecture against the attack. We provide simulation results that show the viability of our approach.

S. Ferretti, V. Ghini (2012). Mitigation of Random Query String DoS via Gossip. Berlin : SPRINGER Berlin Heidelberg [10.1007/978-3-642-29166-1_11].

Mitigation of Random Query String DoS via Gossip

FERRETTI, STEFANO;GHINI, VITTORIO
2012

Abstract

This paper presents a mitigation scheme to cope with the random query string Denial of Service (DoS) attack, which is based on a vulnerability of current Content Delivery Networks (CDNs), a storage technology widely exploited to create reliable large scale distributed systems and cloud computing system architectures. Basically, the attack exploits the fact that edge servers composing a CDN, receiving an HTTP request for a resource with an appended random query string never saw before, ask the origin server for a (novel) copy of the resource. This request to the origin server is made also if the edge server contains a copy of the resource in its storage. Such characteristics can be employed to take an attack against the origin server by exploiting edge servers. In fact, the attacker can send different random query string requests to different edge servers that will overload the origin server with simultaneous (and unneeded) requests. Our strategy is based on the adoption of a simple gossip protocol, executed by edge servers, to detect the attack. Based on such a detection, countermeasures can be taken to protect the origin server, the CDN and thus the whole distributed system architecture against the attack. We provide simulation results that show the viability of our approach.
2012
Information Systems, Technology and Management
124
134
S. Ferretti, V. Ghini (2012). Mitigation of Random Query String DoS via Gossip. Berlin : SPRINGER Berlin Heidelberg [10.1007/978-3-642-29166-1_11].
S. Ferretti; V. Ghini
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/115913
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? ND
social impact