Публикация

Поделиться публикацией:

Опубликовано 2014-02-28 Опубликовано на SciPeople2014-12-29 15:29:52 ЖурналПроблеми телекомунікацій

Analysis of realization and method of detecting low-intensity HTTP-attacks. Part 2. Method of detecting Slow HTTP attacks

Carlsson Anders, Duravkin IEvgen Vladimirovich, Loktionova Anastasya Sergeevna / Максим Семеняка ^{контактное лицо}

Carlsson Anders, Duravkin IEvgen Vladimirovich, Loktionova Anastasya Sergeevna Analysis of realization and method of detecting low-intensity HTTP-attacks. Part 2. Method of detecting Slow HTTP attacks // Проблеми телекомунікацій, Vol. 2014, Issue 1, 2014, pp. 96-100

Аннотация Analysis of the implementation specifics Slow HTTP- attacks allowed to allocate a set of features, based on which is possible to detect this type of attack. The model of the web- server's behavior when implementing Slow HTTP- attack was created. The model is based on Markov chains using the machine as a means of describing the web-server transitions between states. The formulary relations allowing to calculate the probability of transition of web-server into overload condition for known values of intensities Incoming and outgoing requests were derived. Definable relations allowing to calculate the transition to web-server overload condition using the method of generating functions were withdrawn.