Research on DDoS Attack Model Based on Web Application Layer

doi:10.3969/j.issn.1671-1122.2019.05.011

Abstract

Abstract:

Due to the rapid development of cloud computing and IoT technology, unsafe network space resources are growing exponentially, leading to distributed denial of service attacks(DDoS) gradually becoming the most important threat to computer network security. In the process of attack and defense, the development trend of DDoS attack is changing from traditional single-line attack to platform attack. Currently, the research fields of Web application layer attacks mainly focus on traditional CC attacks, mutated CC attacks, HTTP slow attacks and new features attacks of Web Socket based on HTML5. On the basis of existing research, this paper makes a deep analysis of two kinds of DDoS attack models based on Web application layer, one is based on API, the other is based on Web backdoor. Both models are new attack modes based on Web characteristics and have typical characteristics. The research on this kind of attack model is helpful for network security researchers to propose corresponding defense methods and improve the ability of Web server to resist DDoS attacks.

Key words: Web application layer, DDoS attack, API, Web backdoor

CLC Number:

TP309

Zhibin YU, Cheng MA, Siqi LI, Miao WANG. Research on DDoS Attack Model Based on Web Application Layer[J]. Netinfo Security, 2019, 19(5): 84-90.

Figures/Tables 3

References 11

[1]	LI Hefei, HUANG Xinli, ZHENG Zhengqi.Detection Method of DDoS Attack Based on Software Defined Network and Its Application[J]. Computer Engineering, 2016, 42(2): 118-123.
	李鹤飞,黄新力,郑正奇.基于软件定义网络的DDoS攻击检测方法及其应用[J].计算机工程,2016,42(2):118-123.
[2]	LIU Zhengwei, WEN Zhongling, ZHANG Haitao.Cloud Computing and Cloud Data Management Technology[J]. Journal of Computer Research and Development, 2012, 49(1): 26-31.
	刘正伟,文中领,张海涛.云计算和云数据管理技术[J].计算机研究与发展,2012,49(1):26-31.
[3]	MODI C, DHIREN P, BHAVESH B.A Survey on Security Issues and Solutions at Different Layers of Cloud Computing[J]. The Journal of Supercomputing, 2013, 63(2): 561-592.
[4]	LI Bin.Network-wide Monitoring and Effective Defense of DDoS Attack[J]. Netinfo Security, 2013, 13(10): 157-160.
	厉斌. 网络监控与有效防御DDoS攻击的研究[J].信息网络安全,2013,13(10):157-160.
[5]	LI Heng, SHEN Huawei, CHENG Xueqi.Review of Network High Flow Distributed Denial of Service Attack and Defense Mechanisms[J]. Netinfo Security, 2017, 17(5): 37-43.
	李恒,沈华伟,程学旗.网络高流量分布式拒绝服务攻击防御机制研究综述[J].信息网络安全,2017,17(5):37-43.
[6]	ZHOU Chunru, LIU Xiaoming, LEI Min, et al.Research on Defense of Slow DDoS Attack on Web Server Application Layer[J]. Journal of Beijing University of Posts and Telecommunications, 2017, 40(S1): 80-83.
	周椿入,刘晓明,雷敏,等. Web服务器应用层慢速DDoS攻击防御研究[J].北京邮电大学学报,2017,40(S1):80-83.
[7]	CSDN. Unveiling Online DDoS Attack Platform[EB/OL]. , 2018-1-21.
	CSDN博客.揭秘在线DDoS攻击平台[EB/OL]. , 2018-1-21.
[8]	ZHANG Yongzheng, XIAO Jun, YUN Xiaochun, et al.DDoS Attacks Detection and Control Mechanisms[J]. Journal of Software, 2012, 23(8): 2058-2072.
	张永铮,肖军,云晓春,等. DDoS攻击检测和控制方法[J].软件学报,2012,23(8):2058-2072.
[9]	WORDPRESS. Function Reference/pingback[EB/OL]. , 2018-1-28.
[10]	THE PHP GROUP. Fsockopen Function [EB/OL]. , 2018-2-3.
[11]	Python Software Foundation. multiprocessing—Process-based “threading” interface[EB/OL]. , 2018-2-3.

[1]	Zongping LÜ, Chundi ZHAO, Zhaojun GU, Jingxian ZHOU. Dynamic Detection of Ransomware Based on Stacking Model Fusion [J]. Netinfo Security, 2020, 20(2): 57-57.
[2]	Ke ZHANG, Youjie WANG, Shaoyin CHENG, Lidong WANG. Intrusion Collaborative Disposal Method of Spoofed IP Address in DDoS Attacks [J]. Netinfo Security, 2019, 19(5): 22-29.
[3]	ZHANG Xuebo, LIU Jinghao, FU Xiaomei. Design and Implementation of Anti Web DDoS Attack Model Based on Improved Logistic Regression Algorithm [J]. 信息网络安全, 2017, 17(6): 62-67.
[4]	XIANG Linbo, LIU Chuanyi. Key Technology Research and Implement on Insider Threat for Controlled Cloud Computing [J]. 信息网络安全, 2016, 16(3): 53-58.
[5]	HU Xue, FENG Hua-min, CHEN Ying-ya, WU Yang-yang. An Improved Method for Enhancing the Security of WAPI [J]. 信息网络安全, 2015, 15(8): 47-52.
[6]	LI Jie, XU Xin, CHEN Yu, ZHANG Ding-wen. Research on Cloud Forensics Model under the Simulation DDoS Attack Scenarios [J]. 信息网络安全, 2015, 15(6): 67-72.
[7]	YANG Chun-hui, YAN Cheng-hua. The Analysis of the Security Strategy based on Process Management [J]. 信息网络安全, 2014, 14(8): 61-66.
[8]	. Design and Implementation of the Web Firewall System based on ISAPI Filter [J]. , 2014, 14(7): 35-.
[9]	. Research on the Method of Unearthing Process Space Deeply in Windows [J]. , 2014, 14(4): 31-.
[10]	. Research on APT-Trojan Forensics based on Virtual Machine and API Monitor [J]. , 2014, 14(4): 78-.
[11]	MIAO Jun-feng, MA Chun-guang, HUANG Yu-luo, LI Xiao-guang. Research and Analysis on 3G-WLAN Security Access Scheme [J]. 信息网络安全, 2014, 14(10): 24-30.
[12]	. The Method of Decrypting DPAPI Oflfine and Its Application in Forensics [J]. , 2013, 13(7): 0-0.
[13]	. The Users Scene Info Leakage Prevention System based on the Android Smartphone Research and Implementation [J]. , 2013, 13(2): 0-0.
[14]	. The Mobile Intelligent Terminal Malware Analysis and Detection System based on Behavior [J]. , 2013, 13(12): 0-0.
[15]	. A Network Security Management Process System Design and Research [J]. , 2013, 13(1): 0-0.