中圖分類號(hào)： TP309.5
文獻(xiàn)標(biāo)識(shí)碼： A
DOI： 10.19358/j.issn.2096-5133.2021.01.004
引用格式： 白翼銘，燕瑋，許鳳凱，等。 HTTP Slow DDoS攻擊機(jī)理分析及針對(duì)OpenStack云平臺(tái)的防御策略與架構(gòu)研究[J].信息技術(shù)與網(wǎng)絡(luò)安全，2021，40（1）：21-25.

Analysis of HTTP Slow DDoS attack mechanism and research on defense strategy and architecture of OpenStack cloud platform

Abstract： Aiming at the security problem that OpenStack-based open source cloud application services are susceptible to HTTP Slow DDoS attacks, this article analyzes the mechanism of the attack in detail, and builds a web test server environment based on the OpenStack-based cloud platform, at the same time，creates Docker simulation'poultry‘（computers remotely controlled by the attacker）， through the use of urllib library and socket programming method in Python library, three common HTTP slow DDoS attacks are simulated. Then, the mechanism of HTTP Slow DDoS attack is studied by analyzing the traffic and packet content generated by the attack. The results show that all the three attacks can make the connection of the Web server in the cloud platform fail. HTTP Slow DDoS attacks are a kind of greater threat to private cloud platforms that have insufficient underlying bandwidth or have not deployed relevant defense policies, making them unable to provide services properly. Finally, this paper proposes corresponding defense strategies for the three attack modes of HTTP Slow DDoS in this paper, and proves the effectiveness of these strategies through attack and defense experiments.

Key words : HTTP Slow DDoS；OpenStack；cloud plantform；defense strategy