Denial of Service Attacks using Content Delivery Networks

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.advisorGligoroski, Danilo
dc.contributor.advisorMartin-Navarro, Jose Luis
dc.contributor.authorYeleuov, Sanzhar
dc.contributor.schoolPerustieteiden korkeakoulufi
dc.contributor.schoolSchool of Scienceen
dc.contributor.supervisorAura, Tuomas
dc.date.accessioned2024-12-16T18:01:27Z
dc.date.available2024-12-16T18:01:27Z
dc.date.issued2024-11-18
dc.description.abstractContent Delivery Networks (CDNs) have become an essential part of web applications. CDNs are employed to improve website availability, and they have many additional benefits, one of which is to protect against Distributed Denial of Service (DDoS) attacks. However, the complexity added by introducing CDN as a middle layer in the internet infrastructure results in new vectors for Denial of Service (DoS) attacks. This thesis work investigates the security status of DoS attacks that take advantage of CDN infrastructure. Our work replicates known attacks and contributes open-source implementations, allowing CDN providers and clients to evaluate their vulnerability to these attacks. Moreover, this thesis introduces the CDN-Convex HTTP/2 attack, a novel pulsing attack that causes short-term network connection resource exhaustion. Additionally, this thesis has discovered a gap in the current literature, showing that it is not possible to simultaneously mitigate CDN-Convex and Pre-POST Slow HTTP attacks.en
dc.format.extent54
dc.format.mimetypeapplication/pdfen
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/132323
dc.identifier.urnURN:NBN:fi:aalto-202412167801
dc.language.isoenen
dc.programmeMaster's Programme in Security and Cloud Computingen
dc.programme.majorSecurity and Cloud Computingen
dc.subject.keywordconten delivery networken
dc.subject.keyworddenial of serviceen
dc.subject.keywordnetwork securityen
dc.subject.keywordslow attacken
dc.subject.keywordpulsing attacken
dc.subject.keywordamplification attacken
dc.titleDenial of Service Attacks using Content Delivery Networksen
dc.typeG2 Pro gradu, diplomityöfi
dc.type.ontasotMaster's thesisen
dc.type.ontasotDiplomityöfi
local.aalto.electroniconlyyes
local.aalto.openaccessno

Files