On Detection and Mitigation of Slow Rate Denial of Service Attacks

This work investigates the detection and mitigation methods that aim at Slow Denial of Service attacks. The paper focuses mainly on Slowloris and Slow Read DoS attacks which are resistant to classical DoS detection and mitigation techniques. The proposed approach consists of the detection phase and mitigation phase. Detection methods are based on network traffic analysis and anomalous traffic monitoring. Furthermore, if an attack is recognized then classified malicious traffic is blocked and web server resources are released. The proposed methods are implemented and consolidated into an intrusion prevention system software. The implemented system is tested and obtained results prove its functionality.