Creación de un ataque DDoS utilizando HTTP-GET Flood a partir de la metodología Cyber Kill Chain

This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the developmen...

Full description

Autores:
Martínez-Lozano, Jeferson Eleazar
Atencio-Ortiz, Pedro Sandino
Tipo de recurso:
Fecha de publicación:
2019
Institución:
Universidad Santo Tomás
Repositorio:
Repositorio Institucional USTA
Idioma:
eng
OAI Identifier:
oai:repository.usta.edu.co:11634/36200
Acceso en línea:
http://revistas.ustabuca.edu.co/index.php/ITECKNE/article/view/2160
http://hdl.handle.net/11634/36200
Palabra clave:
Rights
License
Copyright (c) 2019 ITECKNE
Description
Summary:This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the development of the research, a systematic UFONet tool is applied and the results obtained are analyzed and it is recommended to protect the Internet application services of said attacks through web application firewalls (WAF) whose presence allows the DDoS traffic of the application layer (including the HTTP-GET flood) arrives effortlessly at the destination server.

Publicaciones similares