2019
DOI: 10.1109/comst.2018.2870658
|View full text |Cite
|
Sign up to set email alerts
|

DDoS Attacks at the Application Layer: Challenges and Research Perspectives for Safeguarding Web Applications

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
74
0
1

Year Published

2019
2019
2022
2022

Publication Types

Select...
7
1

Relationship

0
8

Authors

Journals

citations
Cited by 125 publications
(75 citation statements)
references
References 77 publications
0
74
0
1
Order By: Relevance
“…e Smart Detection system has reached high accuracy and low false-positive rate. Experiments were conducted using two Virtual Linux boxes, Define all the descriptor database variables as the current variables; (5) while True do (6) Split dataset in training and test partitions; (7) Create and train the model using training data partition; (8) Select the most important variables from the trained model; (9) Calculate the cumulative importance of variables from the trained model; (10) if max (cumulative importance of variables) < Variable importance threshold then (11) Exit loop; (12) end (13) Train the model using only the most important variables; (14) Test the trained model and calculate the accuracy; (15) if Calculated accuracy < Accuracy threshold then (16) Exit loop; (17) end (18) Add current model to optimized model set; (19) Define the most important variables from the trained model as the current variables; (20) end (21) end (22) Group the models by number of variables; (23) Remove outliers from the grouped model set; (24) Select the group of models with the highest frequency and their number of variables "N"; (25) Rank the variables by the mean of the importance calculated in step 7; (26) Return the "N" most important variables; [2004][2005] have been used by the researchers to evaluate the performance of their proposed intrusion detection and prevention approaches. However, many such datasets are out of date and unreliable to use [25].…”
Section: Resultsmentioning
confidence: 99%
See 1 more Smart Citation
“…e Smart Detection system has reached high accuracy and low false-positive rate. Experiments were conducted using two Virtual Linux boxes, Define all the descriptor database variables as the current variables; (5) while True do (6) Split dataset in training and test partitions; (7) Create and train the model using training data partition; (8) Select the most important variables from the trained model; (9) Calculate the cumulative importance of variables from the trained model; (10) if max (cumulative importance of variables) < Variable importance threshold then (11) Exit loop; (12) end (13) Train the model using only the most important variables; (14) Test the trained model and calculate the accuracy; (15) if Calculated accuracy < Accuracy threshold then (16) Exit loop; (17) end (18) Add current model to optimized model set; (19) Define the most important variables from the trained model as the current variables; (20) end (21) end (22) Group the models by number of variables; (23) Remove outliers from the grouped model set; (24) Select the group of models with the highest frequency and their number of variables "N"; (25) Rank the variables by the mean of the importance calculated in step 7; (26) Return the "N" most important variables; [2004][2005] have been used by the researchers to evaluate the performance of their proposed intrusion detection and prevention approaches. However, many such datasets are out of date and unreliable to use [25].…”
Section: Resultsmentioning
confidence: 99%
“…have been under study in both the scientific community and industry for several years. e related literature reveals that several studies have undertaken to propose solutions to deal with this problem in a general way [6,[11][12][13][14][15]. Another group of works dedicated themselves to presenting specific solutions for high-volume and low-volume DDoS attacks [8,13,16].…”
Section: Problem Statements Ddos Detection and Mitigationmentioning
confidence: 99%
“…To block automated requests, Suriadi et al [18] proposed computation-bound hash-based puzzles, but are vulnerable to the sophisticated attacks using image processing algorithms [10] - [11]. Recently, Praseed and Thilagam [9] proposed a user puzzle that can be resolved by human users, but comparatively difficult to complete systems. Examples of the user puzzles are CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) and AYAHs (Are You A Human).…”
Section: A Different Ddos Attacks On Application Layermentioning
confidence: 99%
“…Different types of detection methods are namely: Template matching of individual requests is done by tracking, by analyzing the request stream dynamics and semantics etc. [9].They also proposed defense methods against the Asymmetric DDoS Attacks that blocks many raising of red flags and other warning signals for detection. Jensen et al [12] proposed an XML DDoS Defense technique by strengthening the schema of Web service in XML query through stricter validation of structure of incoming message in Web Service Description Language (WSDL) as well as hardening by imposing further restrictions on input message fields.…”
Section: A Different Ddos Attacks On Application Layermentioning
confidence: 99%
“…Using SQL and Cross site scripting attacker can easily establish malicious activity on nodes. DDoS attacks on application layer solved by many feature [30].…”
Section: B Types Of Attacks On Networked Protocol Stackmentioning
confidence: 99%