Mitigating Denial of Service Attacks with Load Balancing

Adaoma Ezenwe, Eoghan Furey, Kevin Curran

Abstract


Denial of service (DoS) attack continues to pose a huge risk to online businesses. The attack has moved from attack at the network level – layer 3 and layer 4 to the layer 7 of the OSI model. This layer 7 attack or application layer attack is not easily detectable by firewalls and most intrusion Detection systems and other security tools but have the capability of bringing down a well-equipped web server. The wide availability and easy accessibility of the attack tools makes this type of security risk very easy to execute, very prolific and difficult to completely mitigate. There have been an increasing number of such attacks against the web server infrastructures of many organisations being recorded. The aim of this research is to look at some layer 7 application DDoS attack tools and test open source tools that offer some form of defense against these attacks. The research deployed open source load balancing software, HAProxy as a first line of defense against Denial of Service attack. The three components of the popular free open source data analysis tool, Elastic stack framework- Logstash, Elasticsearch and Kibana were used to collect logs from the web server, filter and query the logs and then display results in dashboards and graphs to help in the identification of an attack by analysing the visually displayed log data. Rules are also setup to alert the business of anomalies detected based on pre-determined benchmarks.

Full Text:

PDF

References


Symantec, “Internet Security Threat Report (ISTR)”, 2017. https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf

Masdari, M.; Jalali, M., “A survey and taxonomy of DDoS attacks in cloud computing”. Secure Communication Networks, Vol. 9, No. 1, pp:3724–3751, SCN-15-0746.R1, 2016.

Vlajic, N. and Slopek, A., “Performance and economies of ‘bot-less’ application-layer DOS attacks.” The 9th International Conference for Internet Technology and Secured Transactions (ICITST-2014). 2014, DOI: 10.1109/ICITST.2014.7038828, 8-10 Dec 2014, London, UK,

Verisign, “Distributed Denial of Service Trends Report”. Verisign2017. https://www.verisign.com/en_GB/security-services/DOS-protection/DOS-report/index.xhtml

Bonguet, A., Bellaiche, M., “A Survey of Denial-of-Service and Distributed” Denial of Service Attacks and Defenses in Cloud Computing. Future Internet 2017, 9(3), 43, 2017; doi:10.3390/fi9030043

Santanna, J., Rijswijk-Deij, R., Hofstede, R., Sperotto, A., Wierbosch, M., Granville, L. and Pras, A. “Booters — An analysis of DOS-as-a-service attacks.”, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM). 2015 DOI: 10.1109/INM.2015.7140298, 11-15 May 2015, Ottawa, Canada,

Merouane, M. “An approach for detecting and preventing DDOS attacks in campus.”, Automatic Control and Computer Sciences, January 2017, Volume 51, Issue 1, pp 13–23, 2017

Mahadev, A., Kumar, V. and Kumar, K. “Classification of DDOS Attack Tools and Its Handling Techniques and Strategy at Application Layer.”, International Conference on Advances in Computing, Communication, & Automation (ICACCA), 30 Sep – 1 Oct 2016, 2016, DOI: 10.1109/ICACCAF.2016.7749002,

Sree, R., Bhanu, S. “HADM:detection of HTTP GET flooding attacks by using Analytical hierarchical process and Dempster–Shafer theory with MapReduce. Security and Communications Networks, Vol. 22, No. 1, pp.4341-43574, 2016.

Park, J., Iwai, K., Tanaka, H. and Kurokawa, T. “Analysis of Slow Read DoS Attack and Countermeasures on Web servers.”, International Journal of Cyber-Security and Digital Forensics, Vol. 4, No. 2, pp.339–353, 2015. http://dx.doi.org/10.17781/P001550

Srivastava, R., Verma, A., Hussain, S. An Approach for Load Balancing Among Multi-Agents to Protect Cloud Against DDos Attack.”, International Journal of Computer Trends and Technology (IJCTT), Vol. 9 , No 5, Mar 2014. ISSN: 2231-2803. Pp: 217-228, 2014.

Fouladi, R., Kayatas, C. and Anarim, E. (2016) Frequency based DDOS attack detection approach using naive Bayes classification. 2016 39th International Conference on Telecommunications and Signal Processing (TSP). June 27-29 2016, Vienna, Austria, DOI: 10.1109/TSP.2016.7760838

Modiri, N., “The ISO reference model entities.”, IEEE Network, [online] 5(4), pp.24–33, 1991. DOI: 10.1109/65.93182. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=93182

Hirakawa, T., Ogura, K., Bista, B.B. and Takata, T.,.” A Defense Method against Distributed Slow HTTP DoS Attack.” 2016 19th International Conference on Network-Based Information Systems (NBiS), 2016, 7-9 Sep 2016, Ostrava, Czech Republic, DOI: 10.1109/NBiS.2016.58

OWASP. “Application Denial of Service.” OWASP White Paper, 2010, March 2010 https://www.owasp.org/index.php/Application_Denial_of_Service

Chwalinski, P., Belavkin, R. and Cheng, X, “Detection of application layer DDOS attack with clustering and likelihood analysis.”, ModGlobecom 2013 Workshop - First International Workshop on Security and Privacy in Big Data, Atlanta, USA, 2013 DOI: 10.1109/GLOCOMW.2013.6824989

Oikonomou, G. and Mirkovic, J. “Modelling Human Behaviour for Defense Against Flash-Crowd Attacks.”, 2009 IEEE International Conference on Communications, 2009. DOI: 10.1109/ICC.2009.5199191, 14-18 June 2009, Dresden, Germany, http://ieeexplore.ieee.org/document/5199191

Bekeneva, V., Shipilov, N., Borisenko, K. and Shorov, A. “Simulation of DDOS-attacks and Protection Mechanisms against Them.” Young Researchers in Electrical and Electronic Engineering Conference (EIConRusNW), 2015 IEEE NW Russia. 2015, Available at: http://ieeexplore.ieee.org/document/7102230/.

Tang, C., Lee, E., Tang, A. and Tao, L. “Mitigating HTTP Flooding Attacks with Meta-data Analysis.” 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336365.

Ahmed, A., Sadiq, A. and Zolkipli, M. “Traceback model for identifying sources of distributed attacks in real time.” Security and Communications Networks, Vol. 44, No. 2, pp.2173-2185, 2016..

Kaur, P., Kumar, M. & Bhandari, A. “A review of detection approaches for distributed denial of service attacks,” Systems Science & Control Engineering, Vol. 5, No. 1, pp: 301-320, 2017. doi:10.1080/21642583.2017.1331768

Hou, L., Zhao, S., Xiong, X., Zheng, K., Chatzimisios, P., Hossain, M.S. and Xiang, W. “Internet of Things Cloud: Architecture and Implementation.” IEEE Communications Magazine, Vol. 54, No. 12, December 2016, 2016. DOI: 10.1109/MCOM.2016.1600398CM

Kaushal, V., and Bala,M.. “Autonomic Fault Tolerance Using HAProxy in Cloud Environment.” International journal of advanced engineering sciences and technologies, Vol No. 7, Issue No. 2, pp: 222 – 227, 2010.

Sun, J., Dong, X., Zhang, X., Gong, W. and Wang, Y. “High availability analysis and evaluation of heterogeneous dual computer fault-tolerant system.” 2014 IEEE 5th International Conference on Software Engineering and Service Science, 2014. DOI: 10.1109/ICSESS.2014.6933605, 27-29 June 2014, Beijing, China,

HAProxy, “Failover and worst case management with HAProxy”, 2013. https://www.haproxy.com/blog/failover-and-worst-case-management-with-haproxy/

Lassnig, M., Vigne, R., Beermann, T., Barisits, M., Garonne, V. and Serfon, C. “Scalable and fail-safe deployment of the ATLAS Distributed Data Management system Rucio.” Journal of Physics: Conference Series, 12 May 2015, pp: 140-148, 2015. https://cds.cern.ch/record/2015469/files/ATL-SOFT-PROC-2015-023.pdf

Oliverira, R., Ferreira, D., Ferreira, R., Cruz-Correia, R. “Open-Source Based Integration Solution for Hospitals. Computer-Based Medical Systems (CBMS),” 2016 IEEE 29th International Symposium, Open-Source Based Integration Solution for Hospitals, 2016. DOI: 10.1109/CBMS.2016.44,

Smith, G. “Log Analysis with the ELK Stack.” LinuxFest North West Blog. October 11 2016, 2016. https://www.linuxfestnorthwest.org/sites/default/files/slides/Log%20Analysis%20with%20the%20ELK%20Stack.pdf.




DOI: https://doi.org/10.18196/jrc.1427

Refbacks

  • There are currently no refbacks.


Copyright (c) 2019 Journal of Robotics and Control (JRC)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

 


Journal of Robotics and Control (JRC)

P-ISSN: 2715-5056 || E-ISSN: 2715-5072
Organized by Peneliti Teknologi Teknik Indonesia
Published by Universitas Muhammadiyah Yogyakarta in collaboration with Peneliti Teknologi Teknik Indonesia, Indonesia and the Department of Electrical Engineering
Website: http://journal.umy.ac.id/index.php/jrc
Email: jrcofumy@gmail.com


Kuliah Teknik Elektro Terbaik