Rozšíření nástroje JMeter / Implementation of plugins for JMeter

Švehlák, Milan

January 2017

This thesis discusses the load testing tool JMeter and its opportunities for expansion by modules carrying out cyber attacks of the type Denial of Service (DoS). To begin with, there is a theoretical overview of cyber attacks of this type. The following chapter, talks about the JMeter tool, namely its functions and expansion options. After that, it is proceeded to the actual design and realization of the modules. The module implementing the attack HTTP Flood is created first. This module uses internal functions of the program JMeter. This new module is tested. Next chapter folows the procedure of creating modules, that use external generator of network traffic. Modules SYN Flood, ICMP Flood and NTP Flood are implemented using the generator Trafgen. Module implementing attack Slowloris uses a Python script as a generator of the attack. Finally, all the new modules are tested.

Performance comparison between Apache and NGINX under slow rate DoS attacks

Al-Saydali, Josef, Al-Saydali, Mahdi

January 2021

One of the novel threats to the internet is the slow HTTP Denial of Service (DoS) attack on the application level targeting web server software. The slow HTTP attack can leave a high impact on web server availability to normal users, and it is affordable to be established compared to other types of attacks, which makes it one of the most feasible attacks against web servers. This project investigates the slow HTTP attack impact on the Apache and Nginx servers comparably, and review the available configurations for mitigating such attack. The performance of the Apache and NGINX servers against slow HTTP attack has been compared, as these two servers are the most globally used web server software. Identifying the most resilient web server software against this attack and knowing the suitable configurations to defeat it play a key role in securing web servers from one of the major threats on the internet. From comparing the results of the experiments that have been conducted on the two web servers, it has been found that NGINX performs better than the Apache server under slow rate DoS attack without using any configured defense mechanism. However, when defense mechanisms have been applied to both servers, the Apache server acted similarly to NGINX and was successful to defeat the slow rate DoS attack.

Apache

NGINX

slow HTTP

low rate HTTP

RUDY

slow rate DoS

Slowloris

Computer Sciences

Datavetenskap (datalogi)

A study of slow denial of service mitigation tools and solutions deployed in the cloud

Larsson, Niklas, Ågren Josefsson, Fredrik

January 2019

Slow rate Denial of Service (DoS) attacks have been shown to be a very effective way of attacking vulnerable servers while using few resources. This thesis investigates the effectiveness of mitigation tools used for protection against slow DoS attacks, specifically slowheader and slow body. Finally, we propose a service that cloud providers could implement to ensure better protection against slow rate DoS attacks. The tools studied in this thesis are, a Web Application firewall, a reverse proxy using an event-based architecture and Amazon’s Elastic Load Balancing. To gather data a realistic HTTP load script was built that simulated load on the server while using probe requests to gather response time data from the server. The script recorded the impact the attacks had for each server configuration.The results show that it’s hard to protect against slow rate DoS attacks while only using firewalls or load balancers. We found that using a reverse proxy with an event-based architecture was the best way to protect against slow rate DoS attacks and that such a service would allow the customer to use their server of choice while also being protected.

slowloris

slow post

slow body

slow rate DoS

slow rate denail of service attack

DoS attacks

slow rate dos mitigation

apache

nginx

aws

elastic load balancer

Computer Engineering

Datorteknik

Generátor kybernetických útoků / Cyberattack Generator

Gregr, Filip

January 2017

This thesis is focused on developing a tool that is capable of generating cyber attacks. In the opening there are introduced some attacks using the ISO/OSI application layer protocols. Specifically, these are attacks known as Slowloris, RUDY, Slow Read, HTTP flood, and dictionary attack on the SSH. These attacks are implemented into an existing DoSgen Linux tool that already contains several famous network attacks. The main part of the thesis is devoted to the description of the tool and to the implementation of its own extension. The created tool is practically tested in an experimental enviroment against the Apache web server. Part of the thesis is the documentation for the improved DoSgen tool.

Generátor nelegitimního síťového provozu / Generator of illegitimate network traffic

Blažek, Ondřej

January 2017

The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.