中图分类号： TP309.5
文献标识码： A
DOI： 10.19358/j.issn.2096-5133.2021.01.004
引用格式： 白翼铭，燕玮，许凤凯，等。 HTTP Slow DDoS攻击机理分析及针对OpenStack云平台的防御策略与架构研究[J].信息技术与网络安全，2021，40（1）：21-25.

Analysis of HTTP Slow DDoS attack mechanism and research on defense strategy and architecture of OpenStack cloud platform

Abstract： Aiming at the security problem that OpenStack-based open source cloud application services are susceptible to HTTP Slow DDoS attacks, this article analyzes the mechanism of the attack in detail, and builds a web test server environment based on the OpenStack-based cloud platform, at the same time，creates Docker simulation'poultry‘（computers remotely controlled by the attacker）， through the use of urllib library and socket programming method in Python library, three common HTTP slow DDoS attacks are simulated. Then, the mechanism of HTTP Slow DDoS attack is studied by analyzing the traffic and packet content generated by the attack. The results show that all the three attacks can make the connection of the Web server in the cloud platform fail. HTTP Slow DDoS attacks are a kind of greater threat to private cloud platforms that have insufficient underlying bandwidth or have not deployed relevant defense policies, making them unable to provide services properly. Finally, this paper proposes corresponding defense strategies for the three attack modes of HTTP Slow DDoS in this paper, and proves the effectiveness of these strategies through attack and defense experiments.

Key words : HTTP Slow DDoS；OpenStack；cloud plantform；defense strategy