SDToW: A Slowloris Detecting Tool for WMNs

Faria, Vinicius da Silva; Gonçalves, Jéssica Alcântara; Silva, Camilla Alves Mariano da; Vieira, Gabriele de Brito; Mascarenhas, Dalbert Matos

doi:10.3390/info11120544

Cited by 10 publications

(8 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3 from which it is observed that packets in the range [40, 79] bytes occur with the highest frequency. This particular range, which contains both SYN and ACK packets, has the highest proportion of traffic, with LN, SN and MN traffic appearing similar, so corroborating the judgement [16] that Slow DoS attack detection for reliable IDS is problematic when attempting to differentiate between LN and MN, with SN often being misclassified as Slow DoS attacks.…”

Section: A Packet Length Analysissupporting

confidence: 56%

“…The range value is specified in bytes, i.e., 0-50 and the attacker compromises the range request header by requesting a long stream of bytes, where some are illegally overlapping so forcing the server to waste resources. • Slowloris: the attacker sends partial HTTP GET requests, and the server opens a connection, but the attacker deliberately fails to respond to the server to complete the connection and holds the socket open until the timeout value is reached [16]. Multiple connection requests can then occupy all the available web server sockets.…”

Section: A Slow Dos Threatsmentioning

confidence: 99%

See 1 more Smart Citation

A Reliable Real-Time Slow DoS Detection Framework for Resource-Constrained IoT Networks

Reed

Dooley

Mostéfaoui

2021

2021 IEEE Global Communications Conference (GLOBECOM)

View full text Add to dashboard Cite

Section: A Packet Length Analysissupporting

confidence: 56%

Section: A Slow Dos Threatsmentioning

confidence: 99%

A Reliable Real-Time Slow DoS Detection Framework for Resource-Constrained IoT Networks

Reed

Dooley

Mostéfaoui

2021

2021 IEEE Global Communications Conference (GLOBECOM)

View full text Add to dashboard Cite

“…Only when the number of such connections is exceeded and it could disrupt the stability of the server should the mitigation technique block the connection and release the server’s occupied resources. Thus, it is possible to use specialized tools for the detection and mitigation of individual attacks, such as the SDToW tool [ 44 ]. This tool is for the detection and mitigation of Slowloris attacks in wireless mesh networks using a device called a concentrator.…”

Section: Discussion On Detection and Mitigationmentioning

confidence: 99%

Generator of Slow Denial-of-Service Cyber Attacks

Sikora

Fujdiak

Kuchař

et al. 2021

Sensors

View full text Add to dashboard Cite

In today’s world, the volume of cyber attacks grows every year. These attacks can cause many people or companies high financial losses or loss of private data. One of the most common types of attack on the Internet is a DoS (denial-of-service) attack, which, despite its simplicity, can cause catastrophic consequences. A slow DoS attack attempts to make the Internet service unavailable to users. Due to the small data flows, these attacks are very similar to legitimate users with a slow Internet connection. Accurate detection of these attacks is one of the biggest challenges in cybersecurity. In this paper, we implemented our proposal of eleven major and most dangerous slow DoS attacks and introduced an advanced attack generator for testing vulnerabilities of protocols, servers, and services. The main motivation for this research was the absence of a similarly comprehensive generator for testing slow DoS vulnerabilities in network systems. We built an experimental environment for testing our generator, and then we performed a security analysis of the five most used web servers. Based on the discovered vulnerabilities, we also discuss preventive and detection techniques to mitigate the attacks. In future research, our generator can be used for testing slow DoS security vulnerabilities and increasing the level of cyber security of various network systems.

show abstract

“…Faria et al in [116] HTTP GET method, The Reassembled SDToW Victim Real environment Lower incidence of false positive errors PDU and the Packets with 296 bytes and TCP set on protocol field the authors' algorithm was better at detecting the slowloris attack, reaching 98% of accuracy.…”

Section: Slowloris Attackmentioning

confidence: 93%

“…Faria et al in [116] developed a tool which they called SD-ToW (Slowloris Detecting Tool for WMNs) that detected and blocked slowloris attack traffic in wireless mesh networks (WMNs). First, they analyzed the slowloris traffic behavior.…”

Section: Slowloris Attackmentioning

confidence: 99%

Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey

et al. 2022

View full text Add to dashboard Cite

The potential for being the target of Denial of Service (DoS) attacks is one of the most severe security threats on the Internet. Attackers have been modifying their attack format over the years, damaging specific conditions of operating systems and protocols in an attempt to deny or diminish the quality of the service provided to legitimate users. Nowadays, attacks are stealthier and mimic legitimate user traffic in such a way that detection mechanisms against High-rate DoS attacks are no longer sufficient. This evolving type of attack, known as LDoS (Low-rate Denial of Service) attacks, has the potential to produce more damage than its predecessor due to its stealth nature and the lack of suitable detection and defense methods. This survey summarizes and complements previous studies and surveys related to this specific type of attack. First, we propose a taxonomy of the LDoS attacks, which were divided into three broad categories based on their modus operandi: QoS attacks, Slow rate attacks, and Service queue attacks. Next, we detail numerous detection mechanisms and counter-measures available against eight types of LDoS attacks. More specifically, we describe the methods used to throttle the attack traffic. Finally, we provide a feature comparison table for some existing attack tools. This survey aims at providing an extensive review of the literature for helping researchers and network administrators find up-to-date knowledge on LDoS attacks.

show abstract

SDToW: A Slowloris Detecting Tool for WMNs

Cited by 10 publications

References 47 publications

A Reliable Real-Time Slow DoS Detection Framework for Resource-Constrained IoT Networks

A Reliable Real-Time Slow DoS Detection Framework for Resource-Constrained IoT Networks

Generator of Slow Denial-of-Service Cyber Attacks

Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey

Contact Info

Product

Resources

About