The Design and Implementation of HTTP/3 DoS Prevention Technique on QUIC Initial Handshake

Abstract

The deployment of HTTP/3 powered by the QUIC protocol represents a significant advancement in the web technology. This paper investigates the vulnerabilities inherent in the QUIC protocol, particularly during its initial handshake phase, within the framework of Denial of Service (DoS) attacks that pose a threat to the infrastructure of HTTP/3. In this research, a Proof of Concept (POC) script is developed to emulate SYN Flood-like attacks to unveil the protocol's susceptibility to amplification and reflection attacks. Addressing these vulnerabilities, we also develop a signature for Suricata Intrusion Detection System (IDS) and evaluated its efficacy in detecting and mitigating the simulated attacks. The experimental results on a victim machine reveal a significant surge in CPU utilization-peaking at 100 % during nonprotected states and moderating to 49.95 % in protected states. Future research directions include refining these IDS rules and employing machine learning technologies for dynamic threat detection and adaptive rule optimization.