A study of slow denial of service mitigation tools and solutions deployed in the cloud

Sammanfattning: Slow rate Denial of Service (DoS) attacks have been shown to be a very effective way of attacking vulnerable servers while using few resources. This thesis investigates the effectiveness of mitigation tools used for protection against slow DoS attacks, specifically slowheader and slow body. Finally, we propose a service that cloud providers could implement to ensure better protection against slow rate DoS attacks. The tools studied in this thesis are, a Web Application firewall, a reverse proxy using an event-based architecture and Amazon’s Elastic Load Balancing. To gather data a realistic HTTP load script was built that simulated load on the server while using probe requests to gather response time data from the server. The script recorded the impact the attacks had for each server configuration.The results show that it’s hard to protect against slow rate DoS attacks while only using firewalls or load balancers. We found that using a reverse proxy with an event-based architecture was the best way to protect against slow rate DoS attacks and that such a service would allow the customer to use their server of choice while also being protected.