Performance analysis of IIS10.0 and Apache2 Cluster-based Web Servers under SYN DDoS Attack
Abstract
Since the last decade, Internet users increased rapidly and most of them are depending on the World Wide Web (WWW) service for achieving daily routine. Having Internet access and especially WWW sometimes users face difficulties because of various security problems. The most dangerous and serious threats that make Internet services impossible is Denial of Service (DoS) and its severe type ‘Distributed Denial of Service (DDoS)’. In this paper, the performance of different web servers in Network Load Balancing (NLB), cluster-based and none clustered are analyzed. Furthermore, we evaluate the impact of TCP SYN flood attack with massive concurrent HTTP load traffic on web server’s average response time, throughput and average CPU usage. The results show that Internet Information Service 10.0 (IIS10.0) on Windows server 2016 is more vulnerable to attacks compared to Apache2 on Ubuntu 16.04. The results also show that the IIS10.0 NLB clustered web servers is the most suitable mechanism for handling huge HTTP workload.