• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE International Conference on Computer and Communications >A Slow Rate Denial-of-Service Attack Against HTTP/2
【24h】

A Slow Rate Denial-of-Service Attack Against HTTP/2

机译:针对HTTP / 2的慢速拒绝服务攻击

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

HTTP/2 is the second major version of the HTTP protocol published by the IEIF. One of its purposes is to make more efficient use of the transmission efficiency of the TCP protocol. However, while improving efficiency, the emergence of the HTTP/2 protocol has also made attackers have another option to attack Web servers. This paper proposes a slow denial-of-service attack named zAttack against the HTTP/2 protocol, which sends specific request packets through a malicious client to cause the server to wait, continuously consume server resources and finally cause a denial-of-service attack. This paper uses a number of popular web servers to test this attack. The test results show that mainstream web servers that support the HTTP/2 protocol are vulnerable to this attack.
机译:HTTP / 2是IEIF发布的HTTP协议的第二个主要版本。其目的之一是更有效地利用TCP协议的传输效率。但是,在提高效率的同时,HTTP / 2协议的出现也使攻击者有了攻击Web服务器的另一种选择。本文针对HTTP / 2协议提出了一种名为zAttack的慢速拒绝服务攻击,该攻击通过恶意客户端发送特定的请求数据包,导致服务器等待,不断消耗服务器资源,最终导致拒绝服务攻击。本文使用许多流行的Web服务器来测试此攻击。测试结果表明,支持HTTP / 2协议的主流Web服务器容易受到此攻击。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号