• Title, Summary, Keyword: HTTP

Search Result 1,067, Processing Time 0.037 seconds

Detect H1TP Tunnels Using Support Vector Machines (SVM을 이용한 HTTP 터널링 검출)

  • He, Dengke;Nyang, Dae-Hun;Lee, Kyung-Hee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.3
    • /
    • pp.45-56
    • /
    • 2011
  • Hyper Text Transfer Protocol(HTTP) is widely used in nearly every network when people access web pages, therefore HTTP traffic is usually allowed by local security policies to pass though firewalls and other gateway security devices without examination. However this characteristic can be used by malicious people. With the help of HTTP tunnel applications, malicious people can transmit data within HTTP in order to circumvent local security policies. Thus it is quite important to distinguish between regular HTTP traffic and tunneled HTTP traffic. Our work of HTTP tunnel detection is based on Support Vector Machines. The experimental results show the high accuracy of HTTP tunnel detection. Moreover, being trained once, our work of HTTP tunnel detection can be applied to other places without training any more.

A Study on Improving HTTP latency for the Latency Web Document Processing (효율적인 웹문서 처리를 위한 HTTP 지연 개선에 관한 연구)

  • 고일석;최우진;나윤지;류승렬
    • The Journal of the Korea Contents Association
    • /
    • v.2 no.2
    • /
    • pp.47-52
    • /
    • 2002
  • Recently, network overload is greatly increased with explosive use of internet. So the Hyper-Text Transfer Protocol(HTTP) is required improve of performance for decreasing of latency on the web document processing. The P-HTTP is one of the improved mood of He HTTP and has pipeline structure, but performance of the P-HTTP is decreased on interaction between the TCP and P-HTTP. Modification of structural design of the HTTP is not enough to improvement this problem. In this paper, we analyse performance of the HTTP and P-HTTP, and propose a new method on improving HTTP latency for the efficient web document processing.

  • PDF

Classification of Client-side Application-level HTTP Traffic (HTTP 트래픽의 클라이언트측 어플리케이션별 분류)

  • Choi, Mi-Jung;Jin, Chang-Gyu;Kim, Myung-Sup
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.11B
    • /
    • pp.1277-1284
    • /
    • 2011
  • Today, many applications use 80 port, which is a basic port number of HTTP protocol, to avoid a blocking of firewall. HTTP protocol is used in not only Web browsing but also many applications such as the search of P2P programs, update of softwares and advertisement transfer of nateon messenger. As HTTP traffics are increasing and various applications transfer data through HTTP protocol, it is essential to identify which applications use HTTP and how they use the HTTP protocol. In order to prevent a specific application in the firewall, not the protocol-level, but the application-level traffic classification is necessary. This paper presents a method to classify HTTP traffics based on applications of the client-side and group the applications based on providing services. We developed an application-level HTTP traffic classification system and verified the method by applying the system to a small part of the campus network.

Analysis of Defense Method for HTTP POST DDoS Attack base on Content-Length Control (Content-Length 통제기반 HTTP POST DDoS 공격 대응 방법 분석)

  • Lee, Dae-Seob;Won, Dong-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.4
    • /
    • pp.809-817
    • /
    • 2012
  • One of the OSI 7 Layer DDoS Attack, HTTP POST DDoS can deny legitimate service by web server resource depletion. This Attack can be executed with less network traffic and legitimate TCP connections. Therefore, It is difficult to distinguish DDoS traffic from legitimate users. In this paper, I propose an anomaly HTTP POST traffic detection algorithm and http each page Content-Length field size limit with defense method for HTTP POST DDoS attack. Proposed method showed the result of detection and countermeasure without false negative and positive to use the r-u-dead-yet of HTTP POST DDoS attack tool and the self-developed attack tool.

Load Distribution Policy of Web Server using Subsequent Load and HTTP Connection Time (잠재 부하 정보와 HTTP 연결의 에이징을 통한 HTTP 연결 스케줄링 알고리즘)

  • Kim Si-Yeon;Kim Sungchun
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.32 no.11_12
    • /
    • pp.717-721
    • /
    • 2005
  • With HTTP/1.0, a single request means a single HTTP connection so that the granular unit of dispatching is the same as real load. But with persistent HTTP connection, multiple requests may arrive on a single TCP connection. Therefore, a scheme that dispatches load at the granularity of individual requests constrains the feasible dispatching policies In this paper we propose a new connection dispatching polity for supporting HTTP/1.1 persistent connections in cluster-based Web servers. When the request of a base html file arrives, the dispatcher gets the subsequent load arriving on that connection using the embedded objects information. After the dispatcher stores the load information in Load Table, the dispatcher employs the connection aging strategy on live persistent connections on the passage of time. The results of simulation show about $1.7\%\~16.8\%$ improved average response time compared to existing WLC algorithm.

HTTP with Peer to Peer (HTTP3)

  • 추성호;박홍성
    • Proceedings of the IEEK Conference
    • /
    • /
    • pp.145-148
    • /
    • 2001
  • For reducing network traffic between long distance network or WAN, we supplement the Peer-to-Peer technology to HTTP. The large file transmition have the biggest traffic on HTTP. If downloading a large size file from a near computer not from the original location, we will get it speedier. For this, we propose a extened HTTP, named HTTP3. In this paper, we describe the HTTP3, the HTTP3 agent to support this protocol., and its security.

  • PDF

Modeling and Performance Evaluation of the Web server supporting Persistent Connection (Persistent Connection을 지원하는 웹서버 모델링 및 성능분석)

  • Min, Byeong-Seok;Nam, Ui-Seok;Lee, Sang-Mun;Sim, Yeong-Seok;Kim, Hak-Bae
    • The KIPS Transactions:PartC
    • /
    • v.9C no.4
    • /
    • pp.605-614
    • /
    • 2002
  • Amount of the web traffic web server handles are explosively increasing, which requires that the performance of the web server should be improved for the various web services. Although the analysis for the HTTP traffic with the proper tuning for the web server is essential, the research relevant to the subject are insignificant. In particular, although most of applications are implemented over HTTP 1.1 protocol, the researches mostly deal with the performance evaluation of the HTTP 1.0 protocol. Consequently, the modeling approach and the performance evaluation over HTTP 1.1 protocol have not been well formed. Therefore, basing on the HTTP 1.1 protocol supporting persistent connection, we present an analytical end-to-end tandem queueing model for web server to consider the specific hardware configuration inside web server beginning at accepting the user request until completing the service. we compare various performances between HTTP 1.0 and HTTP 1.1 under the overloading condition, and then analyze the characteristics of the HTTP traffic that include file size requested to web server, the OFF time between file transfers, the frequency of requests, and the temporal locality of requests. Presented model is verified through the comparing the server throughput according to varying requests rate with the real web server. Thereafter, we analyze the performance evaluation of the web server, according to the interrelation between TCP Listen queue size, the number of HTTP threads and the size of the network buffers.

Mathematical Model for Mean Transfer Delay of Web Object in Initial Slow Start Phase (초기 슬로우 스타트 구간에서 웹 객체의 평균 전송 시간 추정을 위한 수학적 모델)

  • Lee, Yong-Jin
    • 대한공업교육학회지
    • /
    • v.33 no.2
    • /
    • pp.248-258
    • /
    • 2008
  • Current Internet uses HTTP (Hyper Text Transfer Protocol) as an application layer protocol and TCP (Transmission Control Protocol) as a transport layer protocol to provide web service. SCTP (Stream Control Transmission Protocol) is a recently proposed transport protocol with very similar congestion control mechanisms as TCP, except the initial congestion window during the slow start phase. In this paper, we present a mathematical model of object transfer latency during the slow start phase for HTTP over SCTP and compare with the latency of HTTP over TCP. Validation of the model using experimental result shows that the mean object transfer latency for HTTP over SCTP during the slow start phase is less than that for HTTP over TCP by 11%.

A Study on Next Generation HTTP-based Adaptive Streaming Transmission Protocol for Realistic Media (실감미디어 전송을 위한 차세대 HTTP 기반 적응적 스트리밍 전송 프로토콜 연구)

  • Song, Minjeong;Yoo, Seong-geun;Park, Sang-il
    • Journal of Broadcast Engineering
    • /
    • v.24 no.4
    • /
    • pp.602-612
    • /
    • 2019
  • Various streaming technologies are being studied to guarantee the QoE of viewers due to the development of realistic media. HTTP adaptive streaming is a typical example, and it is based on HTTP / 1.1 and TCP. These protocols have become one of the causes of delaying the image delay and increasing the waiting time of web pages. Therefore, in this paper, we propose a QUIC-DASH system applying the UDP-based transmission protocols QUIC and HTTP / 2 to the MPEG-DASH system after analyzing various transmission protocols and development process of HTTP. Through experiments, the QUIC-DASH system confirmed the possibility of providing optimal performance in terms of transmission speed of LTE environment than existing system. We also suggest various future studies for better performance.

Processing Speed Improvement of HTTP Traffic Classification Based on Hierarchical Structure of Signature (시그니쳐 계층 구조에 기반한 HTTP 트래픽 분석 시스템의 처리 속도 향상)

  • Choi, Ji-Hyeok;Park, Jun-Sang;Kim, Myung-Sup
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.4
    • /
    • pp.191-199
    • /
    • 2014
  • Currently, HTTP traffic has been developed rapidly due to appearance of various applications and services based web. Accordingly, HTTP Traffic classification is necessary to effective network management. Among the various signature-based method, Payload signature-based classification method is effective to analyze various aspects of HTTP traffic. However, the payload signature-based method has a significant drawback in high-speed network environment due to the slow processing speed than other classification methods such as header, statistic signature-based. Therefore, we proposed various classification method of HTTP Traffic based HTTP signatures of hierarchical structure and to improve pattern matching speed reflect the hierarchical structure features. The proposed method achieved more performance than aho-corasick to applying real campus network traffic.