{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:43:36Z","timestamp":1761709416356,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":49,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Louisiana Board of Regents","award":["LEQSF (2015-18)-RD-A-11"],"award-info":[{"award-number":["LEQSF (2015-18)-RD-A-11"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["SaTC (1564097)","REU supplement (1545173)","CISE's CNS (1566443 1421561)","SAVI\/RCN (1402266 1550379)","CRISP (1541074)"],"award-info":[{"award-number":["SaTC (1564097)","REU supplement (1545173)","CISE's CNS (1566443 1421561)","SAVI\/RCN (1402266 1550379)","CRISP (1541074)"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3133968","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"1725-1739","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["Tail Attacks on Web Applications"],"prefix":"10.1145","author":[{"given":"Huasong","family":"Shan","sequence":"first","affiliation":[{"name":"Louisiana State University, Baton Rouge, LA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qingyang","family":"Wang","sequence":"additional","affiliation":[{"name":"Louisiana State University, Baton Rouge, LA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Calton","family":"Pu","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Akamai 2016. Akamai QUARTERLY SECURITY REPORTS. https:\/\/www.akamai.com\/us\/en\/about\/our-thinking\/state-of-the-internet-report\/global-state-of-the-internet-security-ddos-attack-reports.jsp. (2016)."},{"key":"e_1_3_2_2_2_1","unstructured":"Amazon 2017. Amazon Auto Scaling. https:\/\/aws.amazon.com\/documentation\/autoscaling. (2017)."},{"key":"e_1_3_2_2_3_1","unstructured":"Amazon 2017. Amazon EC2. https:\/\/aws.amazon.com\/ec2\/. (2017)."},{"key":"e_1_3_2_2_4_1","unstructured":"Amazon 2017. Amazon Elastic Load Balancing. https:\/\/aws.amazon.com\/elasticloadbalancing\/. (2017)."},{"key":"e_1_3_2_2_5_1","volume-title":"DDoS: Website-crippling cyber-attacks to rise","author":"Baraniuk Chris","year":"2016","unstructured":"Chris Baraniuk. 2016. DDoS: Website-crippling cyber-attacks to rise in 2016. http:\/\/www.bbc.com\/news\/technology-35376327\/. (2016)."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2331576.2331586"},{"volume-title":"Java modelling tools: an open source suite for queueing network modelling andworkload analysis Proceedings of the 3rd International Conference on Quantitative Evaluation of Systems (QEST'06)","author":"Bertoli Marco","key":"e_1_3_2_2_7_1","unstructured":"Marco Bertoli, Giuliano Casale, and Giuseppe Serazzri. 2006. Java modelling tools: an open source suite for queueing network modelling andworkload analysis Proceedings of the 3rd International Conference on Quantitative Evaluation of Systems (QEST'06). IEEE, Riverside, CA, USA, 119--120."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34135-9_20"},{"key":"e_1_3_2_2_9_1","unstructured":"Cisco 2017. Snort. https:\/\/www.snort.org\/. (2017)."},{"key":"e_1_3_2_2_10_1","unstructured":"Kristal Curtis Peter Bod\u00edk Michael Armbrust Armando Fox Mike Franklin Michael Jordan and David Patterson 2010. Determining SLO Violations at Compile Time."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2408776.2408794"},{"volume-title":"Exploiting the transients of adaptation for RoQ attacks on Internet resources Proceedings of the 12th IEEE International Conference on Network Protocols (ICNP'04)","author":"Guirguis Mina","key":"e_1_3_2_2_12_1","unstructured":"Mina Guirguis, Azer Bestavros, and Ibrahim Matta. 2004. Exploiting the transients of adaptation for RoQ attacks on Internet resources Proceedings of the 12th IEEE International Conference on Network Protocols (ICNP'04). IEEE, Berlin, Germany, 184--195."},{"key":"e_1_3_2_2_13_1","unstructured":"Robert \"RSnake\" Hansen. 2017. Slowloris HTTP DoS. https:\/\/web.archive.org\/web\/20090822001255\/http:\/\/ha.ckers.org\/slowloris\/. (2017)."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523662"},{"key":"e_1_3_2_2_15_1","unstructured":"Sabrina Hiller. 2015. Precise to the millisecond: NTP services in the \"Internet of Things\". https:\/\/www.retarus.com\/blog\/en\/precise-to-the-millisecond-ntp-services-in-the-internet-of-things\/. (2015)."},{"key":"e_1_3_2_2_16_1","unstructured":"IETF 2017. RFC 6298. https:\/\/tools.ietf.org\/search\/rfc6298\/. (2017)."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2011.43"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872370"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/511446.511485"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1115\/1.3662552"},{"key":"e_1_3_2_2_21_1","volume-title":"Soo Bum Lee, and Virgil D Gligor","author":"Kang Min Suk","year":"2013","unstructured":"Min Suk Kang, Soo Bum Lee, and Virgil D Gligor. 2013. The crossfire attack Proceedings of the IEEE Symposium on Security and Privacy (S&P'13). IEEE, San Francisco, CA, USA, 127--141."},{"key":"e_1_3_2_2_22_1","unstructured":"Yu-Ming Ke Chih-Wei Chen Hsu-Chun Hsiao Adrian Perrig and Vyas Sekar 2016. CICADAS: Congesting the Internet with Coordinated and Decentralized Pulsating Attacks Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. ACM Xi'an China 699--710."},{"volume-title":"Computer applications.","author":"Kleinrock Leonard","key":"e_1_3_2_2_23_1","unstructured":"Leonard Kleinrock. 1976. Queueing systems, volume 2: Computer applications. Vol. Vol. 66. John Wiley and Sons, New York."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2007.328"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"crossref","unstructured":"Aleksandar Kuzmanovic and Edward W Knightly 2003. Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants Proceedings of the 2003 conference on Applications technologies architectures and protocols for computer communications (SIGCOMM'03). ACM Karlsruhe Germany 75--86.","DOI":"10.1145\/863965.863966"},{"volume-title":"milliScope: a Fine-Grained Monitoring Framework for Performance Debugging of n-Tier Web Services Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS'17)","author":"Lai Chien-An","key":"e_1_3_2_2_26_1","unstructured":"Chien-An Lai, Josh Kimball, Tao Zhu, Qingyang Wang, and Calton Pu 2017. milliScope: a Fine-Grained Monitoring Framework for Performance Debugging of n-Tier Web Services Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS'17). IEEE, Atlanta, GA, USA, 92--102."},{"volume-title":"On a New Class of Pulsing Denial-of-Service Attacks and the Defense Proceedings of Network and Distributed System Security Symposium (NDSS'05)","author":"Luo Xiapu","key":"e_1_3_2_2_27_1","unstructured":"Xiapu Luo and Rocky KC Chang 2005. On a New Class of Pulsing Denial-of-Service Attacks and the Defense Proceedings of Network and Distributed System Security Symposium (NDSS'05). San Diego, CA, USA."},{"volume-title":"LoRDAS: A low-rate DoS attack against application servers Proceedings of International Workshop on Critical Information Infrastructures Security","author":"Maci\u00e1-Fern\u00e1ndez Gabriel","key":"e_1_3_2_2_28_1","unstructured":"Gabriel Maci\u00e1-Fern\u00e1ndez, Jes\u00fas E D\u00edaz-Verdejo, Pedro Garc;\u00eda-Teodoro, and Francisco de Toro-Negro. 2007. LoRDAS: A low-rate DoS attack against application servers Proceedings of International Workshop on Critical Information Infrastructures Security. Springer, M\u00e1laga, Spain, 197--209."},{"key":"e_1_3_2_2_29_1","unstructured":"Microsoft. 2017. Microsoft Azure. https:\/\/azure.microsoft.com\/en-us\/?v=17.14. (2017)."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/997150.997156"},{"key":"e_1_3_2_2_31_1","unstructured":"NSF 2017. CloudLab. https:\/\/www.cloudlab.us. (2017)."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.automatica.2005.09.006"},{"volume-title":"Modeling human behavior for defense against flash-crowd attacks Proceedings of the IEEE International Conference on Communications (ICC'09)","author":"Oikonomou Georgios","key":"e_1_3_2_2_33_1","unstructured":"Georgios Oikonomou and Jelena Mirkovic 2009. Modeling human behavior for defense against flash-crowd attacks Proceedings of the IEEE International Conference on Communications (ICC'09). IEEE, Dresden, Germany, 1--6."},{"key":"e_1_3_2_2_34_1","unstructured":"OW2 2017. RUBBoS. http:\/\/jmob.ow2.org\/rubbos.html. (2017)."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1216370.1216373"},{"key":"e_1_3_2_2_36_1","unstructured":"PhantomJS. 2017. PhantomJS. http:\/\/phantomjs.org\/. (2017)."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.5555\/1404014.1404028"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2008.926503"},{"volume-title":"Temporal lensing and its application in pulsing denial-of-service attacks Proceedings of the IEEE Symposium on Security and Privacy (S&P'15)","author":"Rasti Ryan","key":"e_1_3_2_2_39_1","unstructured":"Ryan Rasti, Mukul Murthy, Nicholas Weaver, and Vern Paxson. 2015. Temporal lensing and its application in pulsing denial-of-service attacks Proceedings of the IEEE Symposium on Security and Privacy (S&P'15). IEEE, San Jose, CA, USA, 187--198."},{"volume-title":"Very Short Intermittent DDoS Attacks in an Unsaturated System Proceedings of the 13th International Conference on Security and Privacy in Communication Systems","author":"Shan Huasong","key":"e_1_3_2_2_40_1","unstructured":"Huasong Shan, Qingyang Wang, and Qiben Yan 2017. Very Short Intermittent DDoS Attacks in an Unsaturated System Proceedings of the 13th International Conference on Security and Privacy in Communication Systems. Springer, Niagara Falls, Canada."},{"volume-title":"Detecting transient bottlenecks in n-tier applications through fine-grained analysis Proceedings of the IEEE 33th International Conference on Distributed Computing Systems (ICDCS'13)","author":"Wang Qingyang","key":"e_1_3_2_2_41_1","unstructured":"Qingyang Wang, Yasuhiko Kanemasa, Jack Li, Deepal Jayasinghe, Toshihiro Shimizu, Masazumi Matsubara, Motoyuki Kawaba, and Calton Pu. 2013. Detecting transient bottlenecks in n-tier applications through fine-grained analysis Proceedings of the IEEE 33th International Conference on Distributed Computing Systems (ICDCS'13). IEEE, Philadelphia, PA, USA, 31--40."},{"key":"e_1_3_2_2_42_1","volume-title":"Proceedings of USENIX Conference on Timely Results in Operating Systems","author":"Wang Qingyang","year":"2014","unstructured":"Qingyang Wang, Yasuhiko Kanemasa, Jack Li, Chien-An Lai, Chien-An Cho, Yuji Nomura, and Calton Pu 2014. Lightning in the cloud: A study of very short bottlenecks on n-tier web application performance. In Proceedings of USENIX Conference on Timely Results in Operating Systems. Broomfield, CO, USA."},{"key":"e_1_3_2_2_43_1","volume-title":"Asynchronous Invocations Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS'17)","author":"Wang Qingyang","year":"2017","unstructured":"Qingyang Wang, Chien-An Lai, Yasuhiko Kanemasa, Shungeng Zhang, and Calton Pu 2017. A Study of Long-Tail Latency in n-Tier Systems: RPC vs. Asynchronous Invocations Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS'17). IEEE, Atlanta, GA, USA, 207--217."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2008.925628"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2009.147"},{"volume-title":"Detection of application layer distributed denial of service Proceedings of the IEEE International Conference on Computer Science and Network Technology","author":"Ye Chengxu","key":"e_1_3_2_2_46_1","unstructured":"Chengxu Ye and Kesong Zheng 2011. Detection of application layer distributed denial of service Proceedings of the IEEE International Conference on Computer Science and Network Technology, Vol. Vol. 1. IEEE, Harbin, China, 310--314."},{"volume-title":"A detection and offense mechanism to defend against application layer DDoS attacks Proceedings of the IEEE 3rd International Conference on Networking and Services (ICNS'07)","author":"Yu Jie","key":"e_1_3_2_2_47_1","unstructured":"Jie Yu, Zhoujun Li, Huowang Chen, and Xiaoming Chen. 2007. A detection and offense mechanism to defend against application layer DDoS attacks Proceedings of the IEEE 3rd International Conference on Networking and Services (ICNS'07). IEEE, Athens, Greece, 54--54."},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.031413.00127"},{"key":"e_1_3_2_2_49_1","volume-title":"Proceedings of Network and Distributed System Security Symposium (NDSS'07)","author":"Zhang Ying","year":"2007","unstructured":"Ying Zhang, Zhuoqing Morley Mao, and Jia Wang. 2007. Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing. Proceedings of Network and Distributed System Security Symposium (NDSS'07). San Diego, CA, USA."}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Dallas Texas USA","acronym":"CCS '17"},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133968","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3133968","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3133968","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:13:26Z","timestamp":1750212806000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133968"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":49,"alternative-id":["10.1145\/3133956.3133968","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3133968","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}