What is an effective mitigation for an HTTP flood attack?

Last Updated on February 9, 2022 by Admin 2

What is an effective mitigation for an HTTP flood attack?

  • Inspect connections using a reverse proxy and stall those showing repetitive patterns
  • Drop connections using the most bandwidth
  • Interrupt connections using CAPTCHA
  • Analyze requests and drop those using multiple GETs
Explanation: 
HTTP floods are difficult to mitigate through analysis of sessions or by statistical criteria because HTTP flood requests are designed to appear as normal traffic. Floods originate from bots that are running scripts that make normal-looking GET and POST requests in normal traffic volumes and with expected Useragent values. It is the collective bandwidth of all bots rather than high traffic from a single source that creates the DoS. Because they are bots that are running a script, they are unable to react to situations that require human interactions, like CAPTCHAs. Another characteristic of website traffic is its repetitiveness as users traverse pages in the site, which renders this ineffective as a tactic for preventing floods.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments