Unveiling the Bandwidth Nightmare: CDN Compression Format Conversion Attacks - Details

author：

Lin, Ziyu (Lin, Ziyu.) ^[1] | Lin, Zhiwei (Lin, Zhiwei.) ^[2] | Liu, Ximeng (Liu, Ximeng.) ^[3] (Scholars：刘西蒙) | Ying, Zuobing (Ying, Zuobing.) ^[4] | Chen, Cheng (Chen, Cheng.) ^[5]

Indexed by：

EI Scopus

Abstract：

Content　Delivery　Networks　(CDNs)　are　designed　to　enhance　network　performance　and　protect　against　web　attack　traffic　for　their　hosting　websites.　And　the　HTTP　compression　request　mechanism　primarily　aims　to　reduce　unnecessary　network　transfers.　However,　we　find　that　the　specification　failed　to　consider　the　security　risks　introduced　when　CDNs　meet　compression　requests.　In　this　paper,　we　present　a　novel　HTTP　amplification　attack,　CDN　Compression　Format　Convert(CDN-Convet)　Attacks.　It　allows　attackers　to　massively　exhaust　not　only　the　outgoing　bandwidth　of　the　origin　servers　deployed　behind　CDNs　but　also　the　bandwidth　of　CDN　surrogate　nodes.　We　examined　the　CDN-Convet　attacks　on　11　popular　CDNs　to　evaluate　the　feasibility　and　real-world　impacts.　Our　experimental　results　show　that　all　these　CDNs　are　affected　by　the　CDN-Convet　attacks.　We　have　also　disclosed　our　findings　to　affected　CDN　providers　and　have　received　constructive　feedback.　©　2024　IEEE.

Keyword：

Amplification Bandwidth Bandwidth compression Carrier sense multiple access Code division multiple access Data compression Frequency division multiple access HTTP Hypertext systems Static random access storage Websites

Community：

[ 1 ] [Lin, Ziyu]Fuzhou University, Fuzhou, China
[ 2 ] [Lin, Zhiwei]Sichuan University, Chengdu, China
[ 3 ] [Liu, Ximeng]Fuzhou University, Fuzhou, China
[ 4 ] [Ying, Zuobing]City University of Macau, China
[ 5 ] [Chen, Cheng]Fuzhou University, Fuzhou, China

Reprint 's Address：

Email：

Show more details

Version：

Unveiling the Bandwidth Nightmare: CDN Compression Format Conversion Attacks
2024，2024 2nd International Conference on Big Data and Privacy Computing, BDPC 2024

Related Keywords：

CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks
2024，33rd USENIX Security Symposium, USENIX Security 2024
A tri-functional probe mediated exponential amplification strategy for highly sensitive detection of Dnmt1 and UDG activities at single-cell level
2020，ANALYTICA CHIMICA ACTA
Electrochemiluminescence aptasensor for vascular endothelial growth factor 165 detection based on Ru(bpy)32+/Au nanoparticles film modified electrode and double signal amplification
2022，Bioelectrochemistry
TD-SCDMA system frequency synthesizer design
2008，2008 11th IEEE International Conference on Communication Technology, ICCT 2008

Source ：

Year： 2024

Page： 97-106

Language： English

Cited Count：

WoS CC Cited Count：

SCOPUS Cited Count：

ESI Highly Cited Papers on the List： 0 Unfold All

WanFang Cited Count：

Chinese Cited Count：

30 Days PV： 5

Affiliated Colleges：

计算机与大数据学院、软件学院本学院/部未明确归属的数据

Get Fulltext

DOI Library Discovery Baidu Scholar Search Engineering Village

Type
Departments

All Years Choose Year From to