Low and slow DoS attack 是一種網路應用層的阻斷服務攻擊(DoS);它利用的是傳輸速率很慢的封包,以達成占用伺服器連線資源的目的。該攻擊具有低網路流量以及不需太多資源即可發動的特性,因此難以偵測與防禦;即便針對慢速連線進行阻擋,也恐誤傷合法的使用者。本篇論文提出了一個能保護 HTTP 伺服器免於此攻擊、不需伺服器額外調整,且對於連線速率較慢的使用者有更好包容力的解決方案。實驗顯示其能成功保護 Apache 以及 Nginx 伺服器。;Low and slow DoS attack (LSDoS) is a kind of application layer denial-of-service (DoS) attack, which utilizes slow-sending packets in order to drain server′s connection resources. This kind of attack has low traffic and requires less resources to mount, thus making it hard to detect and mitigate. By blocking slow-rate connections, we might also block legitimate users. In this paper, our proposed solution, which is tolerable to slow-rate clients, can protect HTTP servers from LSDoS, without the need of modifying the server. Evaluation results show that it can successively protect Apache as well as Nginx servers.
