APPLICATION DOS

1-1.5 hours. The practical part of the exercise is synchronous. The teacher has to set up this part and start the attack, have all students observe the attack's effects.

Students will learn about denial-of-service attacks in general, and how application-level attacks work. They will also learn the specific mechanism of Slowloris attack, which aims to bring down a Web server.

Web servers are the most popular type of servers on the Internet. Any Web site you visit, any mobile app you use, serves you the content using some kind of Web server. If an attacker can make a Web server slow or unresponsive, the content provider may lose many clients - humans just don't like to wait for content to load. Denial-of-service attacks aim to slow down or disable a network's or a service's ability to serve its legitimate clients. This exercise will demonstrate the Slowloris attack - one type of denial-of-service attacks, discuss how it works and why it is hard to prevent. The exercise will lead students through analysis of the resources the attack consumes.