{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:19:11Z","timestamp":1750306751214,"version":"3.41.0"},"reference-count":9,"publisher":"Association for Computing Machinery (ACM)","issue":"5","license":[{"start":{"date-parts":[[2013,8,26]],"date-time":"2013-08-26T00:00:00Z","timestamp":1377475200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGSOFT Softw. Eng. Notes"],"published-print":{"date-parts":[[2013,8,26]]},"abstract":"<jats:p>Denial of Service (DoS) attacks represent a major threat to network security, especially in today's networked world. There has been significant research in this area, primarily focused on mitigating and preventing DoS attacks affecting transport layer services. This paper addresses issues arising from a new variation of a DoS attack, namely the SlowPOST attack that affects Application Layer services. In SlowPOST, the malicious clients send data at a slow rate after the connection is established, and the server is left waiting for the data to arrive. These attacks are particularly devastating due to their ability to resist detection due to their protocol compliance. In addition, such attacks do not require the massive resources that DoS attacks normally require, making them easier to launch. Some solutions for this issue have already been deployed in some commercial servers. These solutions are based on either monitoring traffic or enforcing a time limit on the transmission of the protocol headers. In order to achieve reliable detection, the detection parameters need to adapt to the constantly changing traffic. This paper proposes a novel algorithm that uses the data rate of connections to evolve a threshold for determining potential attackers in SlowPOST. This proposed method is tested by subjecting a server to an attack, and it was observed that in the absence of this method, the servicing of legitimate requests is not completed.<\/jats:p>","DOI":"10.1145\/2507288.2507310","type":"journal-article","created":{"date-parts":[[2013,9,3]],"date-time":"2013-09-03T11:57:11Z","timestamp":1378209431000},"page":"1-5","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Data rate based adaptive thread assignment solution for combating the SlowPOST denial of service attack"],"prefix":"10.1145","volume":"38","author":[{"given":"Amritha","family":"Raghunath","sequence":"first","affiliation":[{"name":"National Institute of Technology, Tiruchirappalli, India"}]},{"given":"Sadhana","family":"Ramachandran","sequence":"additional","affiliation":[{"name":"National Institute of Technology, Tiruchirappalli, India"}]},{"given":"Selvakumar","family":"Subramanian","sequence":"additional","affiliation":[{"name":"National Institute of Technology, Tiruchirappalli, India"}]},{"given":"Sreevatsan","family":"Vaidyanathan","sequence":"additional","affiliation":[{"name":"National Institute of Technology, Tiruchirappalli, India"}]}],"member":"320","published-online":{"date-parts":[[2013,8,26]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2007.904002"},{"key":"e_1_2_1_2_1","first-page":"482","volume-title":"IEEE International Conference on Communications","volume":"1","author":"Peng T.","year":"2003","unstructured":"T. Peng , K. R. Mohanarao , and C. Leckie . 2003. \"Protection from distributed denial of service attacks using history-based IP filtering,\" in Proc . IEEE International Conference on Communications , May 2003 , Vol. 1 , pp. 482 -- 486 T. Peng, K. R. Mohanarao, and C. Leckie. 2003. \"Protection from distributed denial of service attacks using history-based IP filtering,\" in Proc. IEEE International Conference on Communications, May 2003, Vol. 1, pp. 482--486"},{"key":"e_1_2_1_3_1","volume-title":"Proc. IEEE INFOCOM","author":"Ranjan S.","year":"2006","unstructured":"S. Ranjan , R. Swaminathan , M. Uysal , and E. Knightly . 2006. \"DDoS Resilient scheduling to counter application layer attacks under imperfect detection \", in Proc. IEEE INFOCOM , Apr. 2006 S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly. 2006. \"DDoS Resilient scheduling to counter application layer attacks under imperfect detection\", in Proc. IEEE INFOCOM, Apr. 2006"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1984.5010241"},{"key":"e_1_2_1_5_1","first-page":"55","volume-title":"Ladislav Schwartz and Nahid Shahmehri","year":"2012","unstructured":"VeronikaDurcekova , Ladislav Schwartz and Nahid Shahmehri . 2012 . \"Sophisticated Denial of Service Attacks aimed at Application Layer\", 2012 IEEE pp. 55 -- 60 VeronikaDurcekova, Ladislav Schwartz and Nahid Shahmehri. 2012. \"Sophisticated Denial of Service Attacks aimed at Application Layer\", 2012 IEEE pp. 55--60"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2010.46"},{"key":"e_1_2_1_7_1","first-page":"310","volume-title":"IEEE International Conference on Computer Science and Network Technology","author":"Ye Chengxu","year":"2011","unstructured":"Chengxu Ye , Kesong Zheng . 2011 . \" Detection of Application Layer Distributed Denial of Service \", IEEE International Conference on Computer Science and Network Technology , 2011, pp. 310 -- 314 Chengxu Ye, Kesong Zheng. 2011. \"Detection of Application Layer Distributed Denial of Service\", IEEE International Conference on Computer Science and Network Technology, 2011, pp. 310--314"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/IMSCCS.2006.159"},{"key":"e_1_2_1_9_1","article-title":"Detection Architecture of Application Layer DDoS Attack for Internet","volume":"03","author":"Ankali S. B.","year":"2011","unstructured":"S. B. Ankali , D. V. Ashoka . 2011 . \" Detection Architecture of Application Layer DDoS Attack for Internet .\" Int. J. Advanced Networking and Applications , Vol. 03 , Issue 1, 2011, pp. 84--9 S. B. Ankali, D. V. Ashoka. 2011. \"Detection Architecture of Application Layer DDoS Attack for Internet.\" Int. J. Advanced Networking and Applications, Vol. 03, Issue 1, 2011, pp. 84--9","journal-title":"Int. J. Advanced Networking and Applications"}],"container-title":["ACM SIGSOFT Software Engineering Notes"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2507288.2507310","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2507288.2507310","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:28:29Z","timestamp":1750231709000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2507288.2507310"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,8,26]]},"references-count":9,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2013,8,26]]}},"alternative-id":["10.1145\/2507288.2507310"],"URL":"https:\/\/doi.org\/10.1145\/2507288.2507310","relation":{},"ISSN":["0163-5948"],"issn-type":[{"type":"print","value":"0163-5948"}],"subject":[],"published":{"date-parts":[[2013,8,26]]},"assertion":[{"value":"2013-08-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}