{"title":"HTTPreject:在不失去与用户联系的情况下处理过载情况","authors":"J. Schneider, Sebastian Koch","doi":"10.1109/EC2ND.2010.7","DOIUrl":null,"url":null,"abstract":"The web is a crucial source of information nowadays. At the same time, web applications become more and more complex. Therefore, a spontaneous increase in the number of visitors, e.g., based on news reports or events, easily brings a web server in an overload situation. In contrast to the classical model of distributed denial of service (DDoS) attacks, such a so-called flash effect situation is not triggered by a bulk of bots just aiming at hurting the system but by humans with a high interest in the content of the web site itself. While the bots do not stop their attack until told so by their operator, the user try repeatedly to access the site without knowing that the repeated reloads effectively increase the web server's overload. Classical approaches try to distinguish between real user and harmful requests, which is not applicable in this scenario. Simply restricting the number of connections leads to very technical error messages displayed by the users' client software if at all. Therefore, we propose a mean to efficiently block connection attempts and to keep the user informed at the same time. A small subset of HTTP and TCP is state lessly implemented to display simple busy messages or relevant news updates to the end user with only few resources. In this paper we present the protocol subset used and discuss the compatibility problems on the protocol and client software level. Furthermore, we show the results of performance experiments using a prototype implementation.","PeriodicalId":375908,"journal":{"name":"2010 European Conference on Computer Network Defense","volume":"333 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"HTTPreject: Handling Overload Situations without Losing the Contact to the User\",\"authors\":\"J. Schneider, Sebastian Koch\",\"doi\":\"10.1109/EC2ND.2010.7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The web is a crucial source of information nowadays. At the same time, web applications become more and more complex. Therefore, a spontaneous increase in the number of visitors, e.g., based on news reports or events, easily brings a web server in an overload situation. In contrast to the classical model of distributed denial of service (DDoS) attacks, such a so-called flash effect situation is not triggered by a bulk of bots just aiming at hurting the system but by humans with a high interest in the content of the web site itself. While the bots do not stop their attack until told so by their operator, the user try repeatedly to access the site without knowing that the repeated reloads effectively increase the web server's overload. Classical approaches try to distinguish between real user and harmful requests, which is not applicable in this scenario. Simply restricting the number of connections leads to very technical error messages displayed by the users' client software if at all. Therefore, we propose a mean to efficiently block connection attempts and to keep the user informed at the same time. A small subset of HTTP and TCP is state lessly implemented to display simple busy messages or relevant news updates to the end user with only few resources. In this paper we present the protocol subset used and discuss the compatibility problems on the protocol and client software level. Furthermore, we show the results of performance experiments using a prototype implementation.\",\"PeriodicalId\":375908,\"journal\":{\"name\":\"2010 European Conference on Computer Network Defense\",\"volume\":\"333 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 European Conference on Computer Network Defense\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EC2ND.2010.7\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 European Conference on Computer Network Defense","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EC2ND.2010.7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
HTTPreject: Handling Overload Situations without Losing the Contact to the User
The web is a crucial source of information nowadays. At the same time, web applications become more and more complex. Therefore, a spontaneous increase in the number of visitors, e.g., based on news reports or events, easily brings a web server in an overload situation. In contrast to the classical model of distributed denial of service (DDoS) attacks, such a so-called flash effect situation is not triggered by a bulk of bots just aiming at hurting the system but by humans with a high interest in the content of the web site itself. While the bots do not stop their attack until told so by their operator, the user try repeatedly to access the site without knowing that the repeated reloads effectively increase the web server's overload. Classical approaches try to distinguish between real user and harmful requests, which is not applicable in this scenario. Simply restricting the number of connections leads to very technical error messages displayed by the users' client software if at all. Therefore, we propose a mean to efficiently block connection attempts and to keep the user informed at the same time. A small subset of HTTP and TCP is state lessly implemented to display simple busy messages or relevant news updates to the end user with only few resources. In this paper we present the protocol subset used and discuss the compatibility problems on the protocol and client software level. Furthermore, we show the results of performance experiments using a prototype implementation.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
