direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

Publikationen

HTTPreject: Handling Overload Situations without Losing the Contact to the User
Zitatschlüssel Schneider2010
Autor Jörg Schneider and Sebastian Koch
Buchtitel Proceedings of European Conference on Computer Network Defense (EC2ND 2010)
Seiten 29-34
Jahr 2010
ISBN 978-0-7695-4311-6
DOI 10.1109/EC2ND.2010.7
Zusammenfassung The web is a crucial source of information nowadays. At the same time, web applications become more and more complex. Therefore, a spontaneous increase in the number of visitors, e.g., based on news reports or events, easily brings a web server in an overload situation. In contrast to the classical model of distributed denial of service (DDoS) attacks, such a so-called flash effect situation is not triggered by a bulk of bots just aiming at hurting the system but by humans with a high interest in the content of the web site itself. While the bots do not stop their attack until told so by their operator, the user try repeatedly to access the site without knowing that the repeated reloads effectively increase the web server's overload. Classical approaches try to distinguish between real user and harmful requests, which is not applicable in this scenario. Simply restricting the number of connections leads to very technical error messages displayed by the users' client software if at all. Therefore, we propose a mean to efficiently block connection attempts and to keep the user informed at the same time. A small subset of HTTP and TCP is statelessly implemented to display simple busy messages or relevant news updates to the end user with only few resources. In this paper we present the protocol subset used and discuss the compatibility problems on the protocol and client software level. Furthermore, we show the results of performance experiments using a prototype implementation.
Link zur Publikation Link zur Originalpublikation Download Bibtex Eintrag

Zusatzinformationen / Extras

Direktzugang

Schnellnavigation zur Seite über Nummerneingabe

Ansprechpartner

Jörg Schneider
+49 30 314-73388
Raum EN 357

Webseite