HADM: detection of HTTP GET flooding attacks by using Analytical hierarchical process and Dempster–Shafer theory with MapReduce

Sree, Thankaraja Raja; Bhanu, S. Mary Saira

doi:10.1002/sec.1611

Cited by 14 publications

(13 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To validate the obtained results, the proposed approach is compared with the state-of-the-art HTTP DDoS detection methods given in [14][15][16][17][18]. For this purpose we used 60% of the dataset for training and 40% for testing as it is the commonly datasets splitting configuration used in the literature.…”

Section: Validation Of the Obtained Resultsmentioning

confidence: 99%

“…The performances of the entire proposed approach are assessed and compared with the performances of different classifiers tested directly on the dataset without the time sliding window entropy estimation algorithm. Furthermore, the obtained results of the proposed system are compared with the state-of-the-art HTTP DDoS detection methods given in [14][15][16][17][18].…”

Section: Methodsmentioning

confidence: 99%

“…Sree et al [18] have proposed to detect HTTP GET flooding attack by reading the web server logs, extracting the relevant features and using analytical hierarchical process to predict whether the attack has occurred or not, and detecting the suspicious sources by using Dempster-Shafer theory of evidence. The authors use MapReduce techniques to analyze large volumes of log data which allows improving the processing time of their method.…”

Section: Related Workmentioning

confidence: 99%

“…The authors use MapReduce techniques to analyze large volumes of log data which allows improving the processing time of their method. The method was evaluated using the public Cyber Research Centre (CDX) dataset [18] and a dataset generated locally by authors.…”

Section: Related Workmentioning

confidence: 99%

See 3 more Smart Citations

Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

Idhammad

Afdel

Belouch

2018

Security and Communication Networks

View full text Add to dashboard Cite

Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

show abstract

Section: Validation Of the Obtained Resultsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

Idhammad

Afdel

Belouch

2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…e continuity of such requests at a higher rate will collapse a web server as it is unable to process a valid HTTP GET request. Beitollahi and Deconinck [24] and Sree and Bhanu [25] mentioned that an HTTP GET flood attack can stress bandwidth and outbound traffic, memory, CPU cycles, and input and output devices.…”

Section: Web Server Architecturementioning

confidence: 99%

Review of Recent Detection Methods for HTTP DDoS Attack

Jaafar

Abdullah

Ismail

2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

With increment in dependency on web technology, a commensurate increase has been noted in destructive attempts to disrupt the essential web technologies, hence leading to service failures. Web servers that run on Hypertext Transfer Protocol (HTTP) are exposed to denial-of-service (DoS) attacks. A sophisticated version of this attack known as distributed denial of service (DDOS) is among the most dangerous Internet attacks, with the ability to overwhelm a web server, thereby slowing it down and potentially taking it down completely. This paper reviewed 12 recent detection of DDoS attack at the application layer published between January 2014 and December 2018. A summary of each detection method is summarised in table view, along with in-depth critical analysis, for future studies to conduct research pertaining to detection of HTTP DDoS attack.

show abstract

Challenge Collapsar (CC) Attack Traffic Detection Based on Packet Field Differentiated Preprocessing and Deep Neural Network

Liu

Zhang

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

HADM: detection of HTTP GET flooding attacks by using Analytical hierarchical process and Dempster–Shafer theory with MapReduce

Cited by 14 publications

References 28 publications

Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

Review of Recent Detection Methods for HTTP DDoS Attack

Challenge Collapsar (CC) Attack Traffic Detection Based on Packet Field Differentiated Preprocessing and Deep Neural Network

Contact Info

Product

Resources

About