Torrent Poisoning Protection with a Reverse Proxy Server
Autor(a) principal: | |
---|---|
Data de Publicação: | 2022 |
Outros Autores: | , , , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10400.15/4670 |
Resumo: | A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually compromised/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented. |
id |
RCAP_7417312c406deb895b476d939ac91bb7 |
---|---|
oai_identifier_str |
oai:repositorio.ipsantarem.pt:10400.15/4670 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Torrent Poisoning Protection with a Reverse Proxy ServerTorrent poisoningIndex poisoningHAProxyReversed proxyDistributed Denial-of-Service (DDoS) flooding attackA Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually compromised/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented.MDPIRepositório Científico do Instituto Politécnico de SantarémGodinho, AntónioCardoso, FilipeRosado, JoséSá, FilipeCaldeira, Filipe2024-01-09T14:39:03Z2022-12-302022-12-30T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.15/4670engGodinho A., Rosado J., Sá F., Caldeira F., & Cardoso F. (2023). Torrent poisoning protection with a reverse proxy server. Electronics, 12(1). doi: https://doi.org/10.3390/electronics120101652079-929210.3390/electronics12010165info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-01-21T07:38:49Zoai:repositorio.ipsantarem.pt:10400.15/4670Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T01:56:15.495320Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Torrent Poisoning Protection with a Reverse Proxy Server |
title |
Torrent Poisoning Protection with a Reverse Proxy Server |
spellingShingle |
Torrent Poisoning Protection with a Reverse Proxy Server Godinho, António Torrent poisoning Index poisoning HAProxy Reversed proxy Distributed Denial-of-Service (DDoS) flooding attack |
title_short |
Torrent Poisoning Protection with a Reverse Proxy Server |
title_full |
Torrent Poisoning Protection with a Reverse Proxy Server |
title_fullStr |
Torrent Poisoning Protection with a Reverse Proxy Server |
title_full_unstemmed |
Torrent Poisoning Protection with a Reverse Proxy Server |
title_sort |
Torrent Poisoning Protection with a Reverse Proxy Server |
author |
Godinho, António |
author_facet |
Godinho, António Cardoso, Filipe Rosado, José Sá, Filipe Caldeira, Filipe |
author_role |
author |
author2 |
Cardoso, Filipe Rosado, José Sá, Filipe Caldeira, Filipe |
author2_role |
author author author author |
dc.contributor.none.fl_str_mv |
Repositório Científico do Instituto Politécnico de Santarém |
dc.contributor.author.fl_str_mv |
Godinho, António Cardoso, Filipe Rosado, José Sá, Filipe Caldeira, Filipe |
dc.subject.por.fl_str_mv |
Torrent poisoning Index poisoning HAProxy Reversed proxy Distributed Denial-of-Service (DDoS) flooding attack |
topic |
Torrent poisoning Index poisoning HAProxy Reversed proxy Distributed Denial-of-Service (DDoS) flooding attack |
description |
A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually compromised/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented. |
publishDate |
2022 |
dc.date.none.fl_str_mv |
2022-12-30 2022-12-30T00:00:00Z 2024-01-09T14:39:03Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10400.15/4670 |
url |
http://hdl.handle.net/10400.15/4670 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
Godinho A., Rosado J., Sá F., Caldeira F., & Cardoso F. (2023). Torrent poisoning protection with a reverse proxy server. Electronics, 12(1). doi: https://doi.org/10.3390/electronics12010165 2079-9292 10.3390/electronics12010165 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
MDPI |
publisher.none.fl_str_mv |
MDPI |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799137051245805568 |