Impact analysis of SYN flood DDOS attack on HAPROXY and NLB cluster-base web servers

Subhi Rafeeq Zeebaree, Karwan Fahmi Jacksi, Rizgar Ramadhan Zebari


In recent, the high available internet service is main demand of the most people. However, online services occasionally become inaccessible due to various threats and attacks. Synchronization (SYN) flood Distributed Denial of Service (DDoS) is the most used and has a serious effect on the public network services. Hence, the outcome of this attack on the commonly utilized cluster-based web servers is systematically illustrated in this paper. Moreover, performance of Internet Information Service 10.0 (IIS 10.0) on Windows server 2016 and Apache 2 on Linux Ubuntu 16.04 server is evaluated efficiently. The performance measuring process is done on both Network Load Balancing (NLB) and High Available Proxy (HAProxy) in Windows and Linux environments respectively as methods for web server load balancing.  Furthermore, stability, efficiency and responsiveness of the web servers are depended as the study evaluation metrics. Additionally, average CPU usage and throughput of the both mechanisms are measured in the proposed system. The results show that the IIS 10.0 cluster-based web servers are more responsiveness, efficiency and stable with and without SYN flood DDoS attack. Also, the performance of IIS 10.0 web server is better than of the Apache 2 in term of the average CPU usage and throughput.


SYN flood DDoS attack; HAProxy; NLB; Web Server; DoS


K. Jacksi and S. M. Abass, “Development History of the World Wide Web.” International Journal of Scientific & Technology Research (IJSTR), vol. 8, pp. 75-79, 2019.

K. Jacksi, S. R. M. Zeebaree, and N. Dimililer, “LOD Explorer: Presenting the Web of Data,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 9, no. 1, 2018, doi: 10.14569/IJACSA.2018.090107.

K. Jacksi, “Design and Implementation of E-Campus Ontology with a Hybrid Software Engineering Methodology,” Science Journal of University of Zakho, vol. 7, no. 3, 2019,

Stevens, J., “Internet Statistics & Facts (Including Mobile) for 2019,” [Online]. Available: [Accessed: 30-Nov-2019].

P. Srivani, S. Ramachandram, and R. Sridevi, “A survey on client side and server side approaches to secure web applications,” in 2017 International conference of Electronics, Communication and Aerospace Technology (ICECA), 2017, vol. 1, pp. 22–27.

Z. N. Rashid, S. R. Zebari, K. H. Sharif, and K. Jacksi, “Distributed Cloud Computing and Distributed Parallel Computing: A Review,” presented at the 2018 International Conference on Advanced Science and Engineering (ICOASE), 2018, pp. 167–172.

Q. Fan and Q. Wang, “Performance comparison of web servers with different architectures: a case study using high concurrency workload,” in 2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb), 2015, pp. 37–42.

O. H. Jader, S. R. Zeebaree, and R. R. Zebari, “A State Of Art Survey For Web Server Performance Measurement And Load Balancing Mechanisms,” International Journal of Scientific & Technology Research (IJSTR), vol. 8, no. 12, pp. 535-543, 2019.

M. A. Saifullah and M. M. Mohammed, “Scalable load balancing using enhanced server health monitoring and adimission control,” in 2015 IEEE International Conference on Engineering and Technology (ICETECH), 2015, pp. 1–4.

P. López and E. Baydal, “Teaching high-performance service in a cluster computing course,” Journal of Parallel and Distributed Computing, vol. 117, pp. 138–147, 2018.

J. E. C. de la Cruz and C. A. R. Goyzueta, “Design of a high availability system with HAProxy and domain name service for web services,” in 2017 IEEE XXIV International Conference on Electronics, Electrical Engineering and Computing (INTERCON), 2017, pp. 1–4.

S. R. M. Zeebaree, R. R. Zebari, K. Jacksi, and D. A. Hasan, “Security Approaches For Integrated Enterprise Systems Performance: A Review,” International Journal of Scientific & Technology Research (IJSTR) vol. 8, no. 12, 2019.

S. Akbar and A. D. Wibawa, “The impact analysis and mitigation of DDoS attack on local government electronic procurement service (LPSE),” in 2016 International Seminar on Intelligent Technology and Its Applications (ISITIA), 2016, pp. 405–410.

S. Bravo and D. Mauricio, “Systematic review of aspects of DDoS attacks detection,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 14, Feb. 2019, doi: 10.11591/ijeecs.v14.i1.pp162-176.

B. Singh, K. Kumar, and A. Bhandari, “Simulation study of application layer DDoS attack,” in 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), 2015, pp. 893–898.

S. R. Zeebaree, K. H. Sharif, and R. M. M. Amin, “Application Layer Distributed Denial of Service Attacks Defense Techniques: A review,” Academic Journal of Nawroz University, vol. 7, no. 4, pp. 113–117, 2018.

S. Daneshgadeh and N. Baykal, “DDoS attack modeling and detection using smo,” in 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), 2017, pp. 432–436.

M. Semerci, A. T. Cemgil, and B. Sankur, “An intelligent cyber security system against DDoS attacks in SIP networks,” Computer Networks, vol. 136, pp. 137–154, 2018.

B. Prabadevi and N. Jeyanthi, “A Review on Various Sniffing Attacks and its Mitigation Techniques,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 12, no. 3, pp. 1117–1125, 2018.

M. N. Vora and D. Shah, “Estimating effective web server response time,” in 2017 Second International Conference on Information Systems Engineering (ICISE), 2017, pp. 37–44.

A. Saravanan, S. SathyaBama, S. Kadry, and L. K. Ramasamy, “A new framework to alleviate DDoS vulnerabilities in cloud computing,” International Journal of Electrical and Computer Engineering (IJECE), vol. 9, no. 5, pp. 4163–4175, 2019.

“Netcraft | Internet Research, Cybercrime Disruption and PCI Security Services.” [Online]. Available: [Accessed: 30-Nov-2019].

R. R. Zebari, S. R. Zeebaree, and K. Jacksi, “Impact Analysis of HTTP and SYN Flood DDoS Attacks on Apache 2 and IIS 10.0 Web Servers,” in 2018 International Conference on Advanced Science and Engineering (ICOASE), 2018, pp. 156–161.

T. Bezboruah and A. Bora, “Performance evaluation of hierarchical SOAP based web service in load balancing cluster-based and non-cluster-based web server,” International Journal of Information Retrieval Research (IJIRR), vol. 5, no. 4, pp. 19–30, 2015.

S. S. Kolahi, K. Treseangrat, and B. Sarrafpour, “Analysis of UDP DDoS flood cyber attack and defense mechanisms on web server with Linux Ubuntu 13,” in 2015 International Conference on Communications, Signal Processing, and their Applications (ICCSPA’15), 2015, pp. 1–5.

K. Treseangrat, “Performance analysis of defense mechanisms against UDP flood attacks,” Master’s Thesis, 2014.

R. Papadie and I. Apostol, “Analyzing websites protection mechanisms against DDoS attacks,” in 2017 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), 2017, pp. 1–6.

M. A. Putri, H. N. Hadi, and F. Ramdani, “Performance testing analysis on web application: Study case student admission web system,” in 2017 International Conference on Sustainable Information Engineering and Technology (SIET), 2017, pp. 1–5.

P. M. Ombase, N. P. Kulkarni, S. T. Bagade, and A. V. Mhaisgawali, “DoS attack mitigation using rule based and anomaly based techniques in software defined networking,” in 2017 International Conference on Inventive Computing and Informatics (ICICI), 2017, pp. 469–475.

A. G. Chekkilla, Monitoring and Analysis of CPU Utilization, Disk Throughput and Latency in servers running Cassandra database: An Experimental Investigation. 2017.

Total views : 110 times


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

shopify stats IJEECS visitor statistics