JOIV: International Journal on Informatics Visualization (Nov 2017)
A Review of Defense Against Slow HTTP Attack
Abstract
Every web server poses a risk to network security threats. One of them is a threat of Slow HTTP Attack. Slow HTTP Attack exploits the working methods of the HTTP protocol, where it requires that every request from the client be fully accepted by the server before it is processed. If the HTTP request is incomplete, or if the transfer rate is very low, the server remains busy waiting for the rest of the data. If the server is storing too many busy resources, there is a denial of service. Internet users can exploit such vulnerabilities, send incomplete data packets deliberately and requests repeatedly. When a web server is in a public network or the Internet, then protecting computer and network security is an important issue. After identifying and analyzing how the Slow HTTP attack works, as well as its attack detection, this paper describes portfolio of the work system , how to detect and how to defence against the Slow HTTP attack. Keywords— Slow HTTP Attack, Web Server Exploit, Denial of Service, DoS
Keywords