HTTP/2 Tsunami: Investigating HTTP/2 Proxy Amplification DDoS Attacks

David Beckett, Sakir Sezer

Research output: Contribution to conferencePaperpeer-review

13 Citations (Scopus)
1625 Downloads (Pure)

Abstract

Distributed Denial of Service (DDoS) attacks cause significant damage to computer systems by taking a system of-fline. Hypertext Transfer Protocol (HTTP), is the most commonly used protocol for web services. The HTTP protocol has recently received a major update to HTTP/2. This new protocol provides increased functionality, however this poses a threat from DDoS due to the larger attack surface.HTTP/2 implements novel compression techniques to reduce bandwidth, in this paper we explore this compression technology to providing understanding on its risk from DDoS, specifically ina HTTP/2 to HTTP/1 proxy deployment. We implement a test bed and measure the bandwidth to show that a amplification attack is possible which is comparable to the current largest amplification attacks.
Original languageEnglish
DOIs
Publication statusEarly online date - 02 Nov 2017

Fingerprint

Dive into the research topics of 'HTTP/2 Tsunami: Investigating HTTP/2 Proxy Amplification DDoS Attacks'. Together they form a unique fingerprint.

Cite this