Content Delivery Networks: Protection or Threat?

Free registration required

Executive Summary

Content Delivery Networks (CDNs) are commonly believed to offer their customers protection against application-level Denial of Service (DoS) attacks. Indeed, a typical CDN with its vast resources can absorb these attacks without noticeable effect. This paper uncovers a vulnerability which not only allows an attacker to penetrate CDN's protection, but to actually use a content delivery network to amplify the attack against a customer Web site. The paper shows that leading commercial CDNs - Akamai and Limelight - and an influential research CDN - Coral - can be recruited for this attack. By mounting an attack against the own Web site, the paper demonstrates an order of magnitude attack amplification though leveraging the Coral CDN.

  • Format: PDF
  • Size: 759.3 KB