CHAPTER 1: INTRODUCTION
The modern threat
In 2011 an exploit taking advantage of a vulnerability in the Apache web server rapidly circulated across the Internet. Apache, at the time, was used by more than 65% of websites, according to Netcraft, so this was a serious issue which required immediate remediation. The exploit took advantage of a little-known vulnerability in the way Apache handled two HTTP headers. Exploitation of this vulnerability resulted in, as described by CVE-2011-3192, “very significant memory and CPU usage on the server”, resulting in a distributed denial-of-serviceattack (DDoS) through resource exhaustion.
In late 2013, a highly complex DDoS attack1 on a prominent member of an online trading community was detected and ...