Behavior-based detection of application layer distributed denial of service attacks during flash events

Saravanan, R.; Shanmuganathan, Saraswathi; Yogesh, P.

doi:10.3906/elk-1308-188

Cited by 38 publications

(14 citation statements)

References 20 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kurt et al's study was about detecting SIP-based DDoS attacks [9]. Saravanan et al worked on a system for the detection of application layer DDoS attacks [10]. In addition, several studies have been conducted in attack detection and mitigation techniques on fog [11,12] and cloud computing [13,14].…”

Section: Background and Related Workmentioning

confidence: 99%

An Inter-Domain Attack Mitigating Solution

Akin¹,

Bük²,

Uçar³

2020

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Online services on the Internet are increasing day by day, and in parallel, the number of cyber-attacks is rapidly increasing. These attacks are not always about data theft, but they can cause severe damage by denial of service attacks. Intrusion Prevention System products that many organizations use at the border of their enterprise networks are not strong enough to protect against DoS attacks. The typical way to mitigate such attacks is to get support from a service provider. However, a service provider only provides solutions for the traffic originating from itself. If the source of attack is in another ISP domain, it is possible to inform that ISP via phone or e-mail. As a result, the source of the attack is blocked by the manual intervention of the service provider whose domain hosts it. Border Gateway Protocol (BGP) based solutions are also available for automating a blocking system, but not all enterprise networks support BGP. In this research, we have developed a centralized automation solution for software defined network (SDN) environments that is capable of preventing cyber-attacks at the source of attack. This solution does not require any BGP support. Non-SDN environments can also use this attack mitigation and notification system. In the long run, we may use this system to create a national protection shield in order to mitigate Cybersecurity attacks.

show abstract

Section: Background and Related Workmentioning

confidence: 99%

An Inter-Domain Attack Mitigating Solution

Akin¹,

Bük²,

Uçar³

2020

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

show abstract

“…In this method early detect the DDoS attacks. The authors [7] have proposed a concept for detecting DDoS attack and the Flash events based on the 3 key parameters, flow similarity, pages referred, and client legitimacy. The result of proposed method achieves reduced false positive and false negative.…”

Section: T Subburaj K Suthendranmentioning

confidence: 99%

Bit-and-Piece DDoS attack Detection based on the Statistical Metrics

Subburaj,

Suthen

2019

IJEAT

View full text Add to dashboard Cite

on each successive day, the DDoS attacks are increasing, improving and becoming more critical than ever before. In 2018, CISCO predicted that DDoS attack traffics may reach to 3.1 billion during 2021. Bit and Piece DDoS attack is an emerging attacking technique was found and reported by Nexusguard. This attack mainly targets the communication service providers and it injects unwanted junk information in to the legitimate traffic and thus bypasses the detection techniques. This work is aimed to propose a novel approach for detecting bit and piece attack using statistical metrics. Here, the packet flow is monitored at every second and the variations in the data flows easily identified as an attack.

show abstract

“…DDoS attack at the application layer focuses on sending large amounts of GET request to a web server, and detection of this attack becomes more complicated when flash crowd is implemented. A flash crowd refers to the increasing number of legitimate HTTP GETrequest received by a web server due to several events, such as result announcements, new product launches, and breaking news [14]. Iyengar and Ganapathy [15] mentioned that flash crowds occur when plenty of authentic concurrent incoming connections are received by a web server in a short period of time.…”

Section: Introductionmentioning

confidence: 99%

Review of Recent Detection Methods for HTTP DDoS Attack

Jaafar

Abdullah

Ismail

2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

With increment in dependency on web technology, a commensurate increase has been noted in destructive attempts to disrupt the essential web technologies, hence leading to service failures. Web servers that run on Hypertext Transfer Protocol (HTTP) are exposed to denial-of-service (DoS) attacks. A sophisticated version of this attack known as distributed denial of service (DDOS) is among the most dangerous Internet attacks, with the ability to overwhelm a web server, thereby slowing it down and potentially taking it down completely. This paper reviewed 12 recent detection of DDoS attack at the application layer published between January 2014 and December 2018. A summary of each detection method is summarised in table view, along with in-depth critical analysis, for future studies to conduct research pertaining to detection of HTTP DDoS attack.

show abstract

Behavior-based detection of application layer distributed denial of service attacks during flash events

Cited by 38 publications

References 20 publications

An Inter-Domain Attack Mitigating Solution

An Inter-Domain Attack Mitigating Solution

Bit-and-Piece DDoS attack Detection based on the Statistical Metrics

Review of Recent Detection Methods for HTTP DDoS Attack

Contact Info

Product

Resources

About