Impact analysis of SYN flood DDOS attack on HAPROXY and NLB cluster-base web servers

Subhi Rafeeq Zeebaree, Karwan Fahmi Jacksi, Rizgar Ramadhan Zebari

Abstract


In recent, the high available internet service is main demand of the most people. However, online services occasionally become inaccessible due to various threats and attacks. Synchronization (SYN) flood Distributed Denial of Service (DDoS) is the most used and has a serious effect on the public network services. Hence, the outcome of this attack on the commonly utilized cluster-based web servers is systematically illustrated in this paper. Moreover, performance of Internet Information Service 10.0 (IIS 10.0) on Windows server 2016 and Apache 2 on Linux Ubuntu 16.04 server is evaluated efficiently. The performance measuring process is done on both Network Load Balancing (NLB) and High Available Proxy (HAProxy) in Windows and Linux environments respectively as methods for web server load balancing.  Furthermore, stability, efficiency and responsiveness of the web servers are depended as the study evaluation metrics. Additionally, average CPU usage and throughput of the both mechanisms are measured in the proposed system. The results show that the IIS 10.0 cluster-based web servers are more responsiveness, efficiency and stable with and without SYN flood DDoS attack. Also, the performance of IIS 10.0 web server is better than of the Apache 2 in term of the average CPU usage and throughput.


Keywords


SYN flood DDoS attack; HAProxy; NLB; Web Server; DoS

Full Text:

PDF


DOI: http://doi.org/10.11591/ijeecs.v19.i1.pp505-512

Refbacks



Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

shopify stats IJEECS visitor statistics