Mitigating Denial of Service Attacks with Load Balancing

Abstract

Denial of service (DoS) attack continues to pose a huge risk to online businesses. The attack has moved from attack at the network level – layer 3 and layer 4 to the layer 7 of the OSI model. This layer 7 attack or application layer attack is not easily detectable by firewalls and most intrusion Detection systems and other security tools but have the capability of bringing down a well-equipped web server. The wide availability and easy accessibility of the attack tools makes this type of security risk very easy to execute, very prolific and difficult to completely mitigate. There have been an increasing number of such attacks against the web server infrastructures of many organisations being recorded. The aim of this research is to look at some layer 7 application DDoS attack tools and test open source tools that offer some form of defense against these attacks. The research deployed open source load balancing software, HAProxy as a first line of defense against Denial of Service attack. The three components of the popular free open source data analysis tool, Elastic stack framework- Logstash, Elasticsearch and Kibana were used to collect logs from the web server, filter and query the logs and then display results in dashboards and graphs to help in the identification of an attack by analysing the visually displayed log data. Rules are also setup to alert the business of anomalies detected based on pre-determined benchmarks.