Creation of a DDOS attack using HTTP-GET Flood with the Cyber Kill Chain methodology

Creation of a DDOS attack using HTTP-GET Flood with the Cyber Kill Chain methodology

This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the developmen...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Iteckne 2019-06, Vol.16 (1), p.41-47
Hauptverfasser: Martínez-Lozano, Jeferson Eleazar, Atencio-Ortiz, Pedro Sandino
Format: Artikel
Sprache:eng ; spa
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the development of the research, a systematic UFONet tool is applied and the results obtained are analyzed and it is recommended to protect the Internet application services of said attacks through web application firewalls (WAF) whose presence allows the DDoS traffic of the application layer (including the HTTP-GET flood) arrives effortlessly at the destination server.
ISSN:1692-1798
2339-3483
DOI:10.15332/iteckne.v16i1.2160