Recent analysis of forged request headers constitued by HTTP DDoS

• Main Authors: Jaafar, Abdul Ghafar (Author), Ismail, Saiful Adli (Author), Abdullah, Mohd. Shahidan (Author), Kama, Nazri (Author), Azmi, Azri (Author), Mohd. Yusop, Othman (Author)
• Format: Article
• Language: English
• Published: MDPI AG, 2020-07.
• Subjects: T58.5-58.64 Information technology
• Online Access: Get fulltext

 Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors' knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper.