Comparative Analysis of HAProxy and Nginx Load Balancers in Mitigating User Datagram Protocol (UDP) Flood Attacks

Faizal Wahyu Romadhon, Muhammad Azza Ulin Nuha, Yusuf Adiprawira, Riri Fitri Sari

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Distributed Denial of Service (DDoS) attack refers to an unauthorized attempt by a threat actor to flood a system with fake internet traffic, aiming to disrupt the targeted services, ultimately rendering them inaccessible to legitimate users. Potential impacts include decreased service performance, connectivity disruptions, and financial losses due to operational downtime. DDoS can be performed using User Datagram Protocol (UDP) flood attacks. This paper presents a comparative analysis of High Availability Proxy (HAProxy) and Nginx load balancers for mitigating UDP Flood attacks. NS-3 simulation is used to simulate DDoS attacks and evaluate the performance of the load balancers. The results show that HAProxy outperforms Nginx in multi-layered security for mitigating DDoS attacks. Additionally, the research includes an assessment of web server performance against UDP Flood attacks and the effectiveness of IDS Suricata for detecting attacks. The findings demonstrate that HAProxy is better than Nginx in handling network traffic and system misc interrupt parameters. Furthermore, IDS Suricata proves successful in detecting DDoS attacks, while HAProxy demonstrates superior capabilities in securing against UDP Flood attacks. The paper concludes with a plan for future research and provides access to the research's source code on GitHub.

Original languageEnglish
Title of host publication2024 12th International Conference on Information and Communication Technology, ICoICT 2024
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages354-359
Number of pages6
ISBN (Electronic)9798350363432
DOIs
Publication statusPublished - 2024
Event12th International Conference on Information and Communication Technology, ICoICT 2024 - Bandung, Indonesia
Duration: 7 Aug 20248 Aug 2024

Publication series

Name2024 12th International Conference on Information and Communication Technology, ICoICT 2024

Conference

Conference12th International Conference on Information and Communication Technology, ICoICT 2024
Country/TerritoryIndonesia
CityBandung
Period7/08/248/08/24

Keywords

  • DDoS attacks
  • High Availability Proxy (HAProxy)
  • Nginx load balancers
  • NS-3 simulation
  • UDP Flood attacks

Fingerprint

Dive into the research topics of 'Comparative Analysis of HAProxy and Nginx Load Balancers in Mitigating User Datagram Protocol (UDP) Flood Attacks'. Together they form a unique fingerprint.

Cite this