Denial of Service Attacks using Content Delivery Networks
dc.contributor | Aalto-yliopisto | fi |
dc.contributor | Aalto University | en |
dc.contributor.advisor | Gligoroski, Danilo | |
dc.contributor.advisor | Martin-Navarro, Jose Luis | |
dc.contributor.author | Yeleuov, Sanzhar | |
dc.contributor.school | Perustieteiden korkeakoulu | fi |
dc.contributor.school | School of Science | en |
dc.contributor.supervisor | Aura, Tuomas | |
dc.date.accessioned | 2024-12-16T18:01:27Z | |
dc.date.available | 2024-12-16T18:01:27Z | |
dc.date.issued | 2024-11-18 | |
dc.description.abstract | Content Delivery Networks (CDNs) have become an essential part of web applications. CDNs are employed to improve website availability, and they have many additional benefits, one of which is to protect against Distributed Denial of Service (DDoS) attacks. However, the complexity added by introducing CDN as a middle layer in the internet infrastructure results in new vectors for Denial of Service (DoS) attacks. This thesis work investigates the security status of DoS attacks that take advantage of CDN infrastructure. Our work replicates known attacks and contributes open-source implementations, allowing CDN providers and clients to evaluate their vulnerability to these attacks. Moreover, this thesis introduces the CDN-Convex HTTP/2 attack, a novel pulsing attack that causes short-term network connection resource exhaustion. Additionally, this thesis has discovered a gap in the current literature, showing that it is not possible to simultaneously mitigate CDN-Convex and Pre-POST Slow HTTP attacks. | en |
dc.format.extent | 54 | |
dc.format.mimetype | application/pdf | en |
dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/132323 | |
dc.identifier.urn | URN:NBN:fi:aalto-202412167801 | |
dc.language.iso | en | en |
dc.programme | Master's Programme in Security and Cloud Computing | en |
dc.programme.major | Security and Cloud Computing | en |
dc.subject.keyword | conten delivery network | en |
dc.subject.keyword | denial of service | en |
dc.subject.keyword | network security | en |
dc.subject.keyword | slow attack | en |
dc.subject.keyword | pulsing attack | en |
dc.subject.keyword | amplification attack | en |
dc.title | Denial of Service Attacks using Content Delivery Networks | en |
dc.type | G2 Pro gradu, diplomityö | fi |
dc.type.ontasot | Master's thesis | en |
dc.type.ontasot | Diplomityö | fi |
local.aalto.electroniconly | yes | |
local.aalto.openaccess | no |