Mitigating Browser-based DDoS Attacks using CORP

被引:2
作者
Agrawall, Akash [1 ]
Chaitanya, Krishna [2 ]
Agrawal, Arnav Kumar [3 ]
Choppella, Venkatesh [1 ]
机构
[1] IIIT Hyderabad, Hyderabad, India
[2] Microsoft India, Hyderabad, India
[3] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
来源
PROCEEDINGS OF THE 10TH INNOVATIONS IN SOFTWARE ENGINEERING CONFERENCE | 2017年
关键词
DDoS; Browser-based DDoS; Browser; !text type='Java']Java[!/text]script; Cross-origin requests; MITM (Man in the middle);
D O I
10.1145/3021460.3021477
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
On March 27, 2015, Github witnessed a massive DDoS attack, the largest in Github's history till date. In this incident, browsers and users were used as vectors to launch the attack. In this paper, we analyse such browser-based DDoS attacks and simulate them in a lab environment. Existing browser security policies like Same Origin Policy (SOP), Content Security Policy (CSP) do not mitigate these attacks by design. In this paper we observe that CORP (Cross Origin Request Policy), a browser security policy, can be used to mitigate these attacks. CORP enables a server to control cross-origin interactions initiated by a browser. The browser intercepts the cross-origin requests and blocks unwanted requests by the server. This takes the load off the server to mitigate the attack.
引用
收藏
页码:137 / 146
页数:10
相关论文
共 50 条
  • [21] Collaborative Detection of DDoS Attacks Based on Chord Protocol
    Han, Zilong
    Wang, Xiaofeng
    Wang, Fei
    Wang, Yongjun
    2012 IEEE 9TH INTERNATIONAL CONFERENCE ON MOBILE AD-HOC AND SENSOR SYSTEMS (MASS): WORKSHOPS, 2012,
  • [22] Study on DDoS Attacks based on DPDK in Cloud Computing
    Zhao, Xutao
    2017 3RD IEEE INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE & COMMUNICATION TECHNOLOGY (CICT), 2017,
  • [23] Detecting DDoS Attacks within Milliseconds by Using FPGA-based Hardware Acceleration
    Nagy, Balazs
    Orosz, Peter
    Tothfalusi, Tamas
    Kovacs, Laszlo
    Varga, Pal
    NOMS 2018 - 2018 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, 2018,
  • [24] Reducing DDoS Attacks impact using a Hybrid Cloud-Based Firewalling Architecture
    Guenane, Fouad
    Nogueira, Michele
    Pujolle, Guy
    2014 GLOBAL INFORMATION INFRASTRUCTURE AND NETWORKING SYMPOSIUM (GIIS), 2014,
  • [25] Optical Mitigation of DDoS Attacks using Silicon Photonic Switches
    Shen, Yiwen
    Goodfellow, Ryan
    Glick, Madeleine Strom
    Bartlett, Genevieve
    Bergman, Keren
    METRO AND DATA CENTER OPTICAL NETWORKS AND SHORT-REACH LINKS III, 2020, 11308
  • [26] DDoS Attacks Detection and Mitigation in SDN using Machine Learning
    Rahman, Obaid
    Quraishi, Mohammad Ali Gauhar
    Lung, Chung-Horng
    2019 IEEE WORLD CONGRESS ON SERVICES (IEEE SERVICES 2019), 2019, : 184 - 189
  • [27] Detection and Classification of DDoS Attacks Using Fuzzy Inference System
    Subbulakshmi, T.
    Shalinie, S. Mercy
    Reddy, C. Suneel
    Ramamoorthi, A.
    RECENT TRENDS IN NETWORK SECURITY AND APPLICATIONS, 2010, 89 : 242 - 252
  • [28] Effective DDoS Attacks Detection Using Generalized Entropy Metric
    Li, Ke
    Zhou, Wanlei
    Yu, Shui
    Dai, Bo
    ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, PROCEEDINGS, 2009, 5574 : 266 - +
  • [29] AN ABNORMAL-BASED APPROACH TO EFFECTIVELY DETECT DDOS ATTACKS
    Li, Ke
    Zhou, Wanlei
    JOURNAL OF THE CHINESE INSTITUTE OF ENGINEERS, 2009, 32 (07) : 889 - 895
  • [30] Research on DDoS Attacks Detection Based on RDF-SVM
    Wang, Chenguang
    Zheng, Jing
    Li, Xiaoyong
    2017 10TH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION (ICICTA 2017), 2017, : 161 - 165
12345