• Complex
  • Title
  • Keyword
  • Abstract
  • Scholars
  • Journal
  • ISSN
  • Conference
成果搜索

author:

Lin, Ziyu (Lin, Ziyu.) [1] | Lin, Zhiwei (Lin, Zhiwei.) [2] | Liu, Ximeng (Liu, Ximeng.) [3] (Scholars:刘西蒙) | Ying, Zuobing (Ying, Zuobing.) [4] | Chen, Cheng (Chen, Cheng.) [5]

Indexed by:

EI Scopus

Abstract:

Content Delivery Networks (CDNs) are designed to enhance network performance and protect against web attack traffic for their hosting websites. And the HTTP compression request mechanism primarily aims to reduce unnecessary network transfers. However, we find that the specification failed to consider the security risks introduced when CDNs meet compression requests. In this paper, we present a novel HTTP amplification attack, CDN Compression Format Convert(CDN-Convet) Attacks. It allows attackers to massively exhaust not only the outgoing bandwidth of the origin servers deployed behind CDNs but also the bandwidth of CDN surrogate nodes. We examined the CDN-Convet attacks on 11 popular CDNs to evaluate the feasibility and real-world impacts. Our experimental results show that all these CDNs are affected by the CDN-Convet attacks. We have also disclosed our findings to affected CDN providers and have received constructive feedback. © 2024 IEEE.

Keyword:

Amplification Bandwidth Bandwidth compression Carrier sense multiple access Code division multiple access Data compression Frequency division multiple access HTTP Hypertext systems Static random access storage Websites

Community:

  • [ 1 ] [Lin, Ziyu]Fuzhou University, Fuzhou, China
  • [ 2 ] [Lin, Zhiwei]Sichuan University, Chengdu, China
  • [ 3 ] [Liu, Ximeng]Fuzhou University, Fuzhou, China
  • [ 4 ] [Ying, Zuobing]City University of Macau, China
  • [ 5 ] [Chen, Cheng]Fuzhou University, Fuzhou, China

Reprint 's Address:

Email:

Show more details

Version:

Related Keywords:

Source :

Year: 2024

Page: 97-106

Language: English

Cited Count:

WoS CC Cited Count:

SCOPUS Cited Count:

ESI Highly Cited Papers on the List: 0 Unfold All

WanFang Cited Count:

Chinese Cited Count:

30 Days PV: 5

Online/Total:173/10018798
Address:FZU Library(No.2 Xuyuan Road, Fuzhou, Fujian, PRC Post Code:350116) Contact Us:0591-22865326
Copyright:FZU Library Technical Support:Beijing Aegean Software Co., Ltd. 闽ICP备05005463号-1