Carlsson, A.Duravkin, E.Loktionova, A.2025-04-052025-04-052014Carlsson A. Analysis of realization and method of detecting low-intensity http-attacks. Part 2. Method of detecting slow http attacks / A. Carlsson, E. Duravkin, A. Loktionova // Проблеми телекомунікацій. – 2014. – № 1(13). – С. 96–100.https://openarchive.nure.ua/handle/document/30221Analysis of the implementation specifics Slow HTTP- attacks allowed to allocate a set of features, based on which is possible to detect this type of attack. The model of the web- server’s behavior when implementing Slow HTTP- attack was created. The model is based on Markov chains using the machine as a means of describing the web-server transitions between states. The formulary relations allowing to calculate the probability of transition of web-server into overload condition for known values of intensities Incoming and outgoing requests were derived. Definable relations allowing to calculate the transition to web-server overload condition using the method of generating functions were withdrawn.otherdetect type of attackSlow HTTP- attackArticle