Denial of Service Attacks using Content Delivery Networks
No Thumbnail Available
URL
Journal Title
Journal ISSN
Volume Title
School of Science |
Master's thesis
Authors
Date
2024-11-18
Department
Major/Subject
Security and Cloud Computing
Mcode
Degree programme
Master's Programme in Security and Cloud Computing
Language
en
Pages
54
Series
Abstract
Content Delivery Networks (CDNs) have become an essential part of web applications. CDNs are employed to improve website availability, and they have many additional benefits, one of which is to protect against Distributed Denial of Service (DDoS) attacks. However, the complexity added by introducing CDN as a middle layer in the internet infrastructure results in new vectors for Denial of Service (DoS) attacks. This thesis work investigates the security status of DoS attacks that take advantage of CDN infrastructure. Our work replicates known attacks and contributes open-source implementations, allowing CDN providers and clients to evaluate their vulnerability to these attacks. Moreover, this thesis introduces the CDN-Convex HTTP/2 attack, a novel pulsing attack that causes short-term network connection resource exhaustion. Additionally, this thesis has discovered a gap in the current literature, showing that it is not possible to simultaneously mitigate CDN-Convex and Pre-POST Slow HTTP attacks.Description
Supervisor
Aura, TuomasThesis advisor
Gligoroski, DaniloMartin-Navarro, Jose Luis
Keywords
conten delivery network, denial of service, network security, slow attack, pulsing attack, amplification attack