Mitigating Browser-based DDoS Attacks using CORP

被引:2
作者
Agrawall, Akash [1 ]
Chaitanya, Krishna [2 ]
Agrawal, Arnav Kumar [3 ]
Choppella, Venkatesh [1 ]
机构
[1] IIIT Hyderabad, Hyderabad, India
[2] Microsoft India, Hyderabad, India
[3] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
来源
PROCEEDINGS OF THE 10TH INNOVATIONS IN SOFTWARE ENGINEERING CONFERENCE | 2017年
关键词
DDoS; Browser-based DDoS; Browser; !text type='Java']Java[!/text]script; Cross-origin requests; MITM (Man in the middle);
D O I
10.1145/3021460.3021477
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
On March 27, 2015, Github witnessed a massive DDoS attack, the largest in Github's history till date. In this incident, browsers and users were used as vectors to launch the attack. In this paper, we analyse such browser-based DDoS attacks and simulate them in a lab environment. Existing browser security policies like Same Origin Policy (SOP), Content Security Policy (CSP) do not mitigate these attacks by design. In this paper we observe that CORP (Cross Origin Request Policy), a browser security policy, can be used to mitigate these attacks. CORP enables a server to control cross-origin interactions initiated by a browser. The browser intercepts the cross-origin requests and blocks unwanted requests by the server. This takes the load off the server to mitigate the attack.
引用
收藏
页码:137 / 146
页数:10
相关论文
共 50 条
  • [1] NGS: Mitigating DDoS Attacks using SDN-based Network Gate Shield
    Dalati, Mohamad Suhel
    Meng, Weizhi
    Chiu, Wei-Yang
    2021 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2021,
  • [2] Applying NFV/SDN in Mitigating DDoS Attacks
    Zhou, Luying
    Guo, Huaqun
    TENCON 2017 - 2017 IEEE REGION 10 CONFERENCE, 2017, : 2061 - 2066
  • [3] A Framework for Mitigating DDoS and DOS Attacks in IoT Environment Using Hybrid Approach
    Ghali, Abdulrahman Aminu
    Ahmad, Rohiza
    Alhussian, Hitham
    ELECTRONICS, 2021, 10 (11)
  • [4] Bringing Intelligence to Software Defined Networks: Mitigating DDoS Attacks
    Houda, Zakaria Abou El
    Khoukhi, Lyes
    Hafid, Abdelhakim Senhaji
    IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2020, 17 (04): : 2523 - 2535
  • [5] Defining a call control interface for browser-based integrations using representational state transfer
    Griffin, Keith
    Flanagan, Colin
    COMPUTER COMMUNICATIONS, 2011, 34 (02) : 140 - 149
  • [6] Detecting and Mitigating DDoS Attacks in SDN Using Spatial-Temporal Graph Convolutional Network
    Cao, Yongyi
    Jiang, Hao
    Deng, Yuchuan
    Wu, Jing
    Zhou, Pan
    Luo, Wei
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (06) : 3855 - 3872
  • [7] Mitigating DDoS Attacks: A Text-Mining Approach Completed Research
    Sharma, Kalpit
    Mukhopadhyay, Arunabha
    DIGITAL INNOVATION AND ENTREPRENEURSHIP (AMCIS 2021), 2021,
  • [8] Mitigating DDoS Attacks towards Top Level Domain Name Service
    Pan, Lanlan
    Yuchi, Xuebiao
    Chen, Yong
    2016 18TH ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2016,
  • [9] An Overview of DDoS attacks based on DNS
    Alieyan, Kamal
    Kadhum, Mohammed M.
    Anbar, Mohammed
    Ul Rehman, Shafiq
    Alajmi, Naser K. A.
    2016 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC 2016): TOWARDS SMARTER HYPER-CONNECTED WORLD, 2016, : 276 - 280
  • [10] Mitigating DDoS Attacks in SDN-Based IoT Networks Leveraging Secure Control and Data Plane Algorithm
    Wang, Song
    Gomez, Karina
    Sithamparanathan, Kandeepan
    Asghar, Muhammad Rizwan
    Russello, Giovanni
    Zanna, Paul
    APPLIED SCIENCES-BASEL, 2021, 11 (03): : 1 - 27
12345