Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
6884118 | Computers & Security | 2018 | 37 Pages |
Abstract
HTTP/2 is a newly standardized protocol designed to efficiently utilize the TCP's transmission rate and has other advantages compared to HTTP/1.1. However its threat vectors are not completely understood yet. Our contribution in this paper is threefold. First we describe few new threat vectors of HTTP/2 which are Slow Rate DoS attacks and can be launched by injecting specially crafted HTTP requests. We perform an empirical evaluation of these attacks against popular web servers and report that majority of web servers are vulnerable to these attacks. We also test the effectiveness of proposed attacks using both clear text and encrypted HTTP/2 requests and find that the attack is effective independent of the request type. Second we compare structurally similar attacks with HTTP/1.1 and report that HTTP/2 has more threat vectors compared to its predecessor. Third we propose an anomaly detection scheme which uses chi-square (Ï2) test between traffic profiles generated in normal and attack scenarios to detect these attacks.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Nikhil Tripathi, Neminath Hubballi,