Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and Nor Alifah Rosaidi
Denial of Service (DoS) attacks are a common type of attack that affect many websites in today's modern internet. Web-servers and applications are mostly vulnerable to DoS attacks by default and require some extended knowledge to have a good or even a decent level of security. However, with aut...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Book Section |
| Language: | English |
| Published: |
College of Computing, Informatics and Media, UiTM Perlis
2023
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/100839/1/100839.pdf https://ir.uitm.edu.my/id/eprint/100839/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Mara |
| Language: | English |
| id |
my.uitm.ir.100839 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.1008392024-09-27T01:43:28Z https://ir.uitm.edu.my/id/eprint/100839/ Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and Nor Alifah Rosaidi M. Zulkepli, Ismail Arif M. Mat Taib, Abidah Rosaidi, Nor Alifah Intrusion detection systems (Computer security). Computer network security. Hackers Denial of Service (DoS) attacks are a common type of attack that affect many websites in today's modern internet. Web-servers and applications are mostly vulnerable to DoS attacks by default and require some extended knowledge to have a good or even a decent level of security. However, with automation, web developers would have less time to set-up their servers and have more time developing their websites without compromising their own security. With containerization and load balancing, by using the same machine with the same specs, web-developers will require less time and effort to scale their web-production without sacrificing the security of their web-servers. The engine (nginx) web-server application and reverse proxy has the ability to provide an application-level load balancing. Meanwhile Docker containers can manage many instances of a web-application inside a single web-server with little overhead on system resources unlike their virtual machine counterpart. With these solutions, in addition to automation within a single shell script and a docker compose configuration, the web-server application can be hardened to a higher extend compared to the default configuration of a normal web-server. With attacks such as SYN-flood and HTTP request flood in the wild, the research finds that the automation script has been successful in setting-up the application load balancer as the DoS attacks such as SYN-flood and HTTP request flood attacks has been mitigated. However, there are few enhancements that can be made such as using a ICMP firewall rules and further automation of the web-server application configuration. College of Computing, Informatics and Media, UiTM Perlis 2023 Book Section PeerReviewed text en https://ir.uitm.edu.my/id/eprint/100839/1/100839.pdf Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and Nor Alifah Rosaidi. (2023) In: Research Exhibition in Mathematics and Computer Sciences (REMACS 5.0). College of Computing, Informatics and Media, UiTM Perlis, pp. 273-274. ISBN 978-629-97934-0-3 |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Intrusion detection systems (Computer security). Computer network security. Hackers |
| spellingShingle |
Intrusion detection systems (Computer security). Computer network security. Hackers M. Zulkepli, Ismail Arif M. Mat Taib, Abidah Rosaidi, Nor Alifah Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and Nor Alifah Rosaidi |
| description |
Denial of Service (DoS) attacks are a common type of attack that affect many websites in today's modern internet. Web-servers and applications are mostly vulnerable to DoS attacks by default and require some extended knowledge to have a good or even a decent level of security. However, with automation, web developers would have less time to set-up their servers and have more time developing their websites without compromising their own security. With containerization and load balancing, by using the same machine with the same specs, web-developers will require less time and effort to scale their web-production without sacrificing the security of their web-servers. The engine (nginx) web-server application and reverse proxy has the ability to provide an application-level load balancing. Meanwhile Docker containers can manage many instances of a web-application inside a single web-server with little overhead on system resources unlike their virtual machine counterpart. With these solutions, in addition to automation within a single shell script and a docker compose configuration, the web-server application can be hardened to a higher extend compared to the default configuration of a normal web-server. With attacks such as SYN-flood and HTTP request flood in the wild, the research finds that the automation script has been successful in setting-up the application load balancer as the DoS attacks such as SYN-flood and HTTP request flood attacks has been mitigated. However, there are few enhancements that can be made such as using a ICMP firewall rules and further automation of the web-server application configuration. |
| format |
Book Section |
| author |
M. Zulkepli, Ismail Arif M. Mat Taib, Abidah Rosaidi, Nor Alifah |
| author_facet |
M. Zulkepli, Ismail Arif M. Mat Taib, Abidah Rosaidi, Nor Alifah |
| author_sort |
M. Zulkepli, Ismail Arif M. |
| title |
Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and
Nor Alifah Rosaidi |
| title_short |
Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and
Nor Alifah Rosaidi |
| title_full |
Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and
Nor Alifah Rosaidi |
| title_fullStr |
Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and
Nor Alifah Rosaidi |
| title_full_unstemmed |
Reducing DoS attacks by running multi instances of nginx web-server in docker using shell script / Ismail Arif M. Zulkepli, Abidah Mat Taib and
Nor Alifah Rosaidi |
| title_sort |
reducing dos attacks by running multi instances of nginx web-server in docker using shell script / ismail arif m. zulkepli, abidah mat taib and
nor alifah rosaidi |
| publisher |
College of Computing, Informatics and Media, UiTM Perlis |
| publishDate |
2023 |
| url |
https://ir.uitm.edu.my/id/eprint/100839/1/100839.pdf https://ir.uitm.edu.my/id/eprint/100839/ |
| _version_ |
1811598179621142528 |