The robustness principle, written by Jon Postel in an early version of TCP
implementation, states that the communicating entities should be liberal while
accepting the data. Several entities on the Internet do follow this principle.
For instance, in this work, we show that many popular web servers on the
Internet are generous as they wait for a substantial time period to receive the
remaining portion of an incomplete web request. Unfortunately, this behavior
also makes them vulnerable to a class of cyber attacks, commonly known as Slow
Rate DoS attacks. HTTP/2, the recent version of HTTP, is recently found
vulnerable to these attacks. However, the impact of Slow HTTP/2 DoS attacks on
real web servers on the Internet has not been studied yet. Also, to the best of
our knowledge, there is no defense scheme known to detect Slow Rate DoS attacks
against HTTP/2 in real-time. To bridge these gaps, we first test the behavior
of HTTP/2 supporting web servers on the Internet against Slow HTTP/2 DoS
attacks. Subsequently, we propose a scheme to detect these attacks in
real-time. We show that the proposed detection scheme can detect attacks in
real-time with high accuracy and marginal computational overhead.
Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!
