Group Testing Based Detection of Web Service DDoS Attackers

Nashat, Dalia; Jiang, Xiaohong; Kameyama, Michitaka

doi:10.1587/transcom.e93.b.1113

Cited by 7 publications

(7 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the SYN flooding attack, the attacker send a high rate of half-open connection requests(SYN packets). These packets consume the server resources [35], [36], thus the services are denied which lead to failure of the server's main mission towards the legitimate users.…”

Section: B Ddos Flooding Attackmentioning

confidence: 99%

Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

Nashat¹,

Hussain²,

Jiang³

2021

J-NaNA

Self Cite

View full text Add to dashboard Cite

Computer networks are vulnerable to many types of attacks while the Distributed Denial of Service attack (DDoS) serves as one of the top concerns for security professionals. The DDoS flooding attack denies the services by consuming the server resources to prevent the legitimate users from using their desired services. The hardness of detecting this attack lies in sending a stream of packets to the server with spoofed IP addresses, so that the internet routing infrastructure cannot distinguish the spoofed packets. Based on the odds ratio (OR) statistical measurement, in this work we propose a new detection method for the DDoS flooding attacks. By exploring the odds ratio to determine the risk factor of any incoming traffic to the server, the legitimate and attack traffic packets can be easily differentiated. Experimental results demonstrate the efficiency of the presented detection method in terms of its detection probability and detection time.

show abstract

Section: B Ddos Flooding Attackmentioning

confidence: 99%

Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

Nashat¹,

Hussain²,

Jiang³

2021

J-NaNA

Self Cite

View full text Add to dashboard Cite

show abstract

“…The DDoS attacks prevent legitimate users from using their service by exhausting network resources such as routers, links, and servers [5]. The DDoS attack starts when the attacker compromises relay hosts called masters, which in turn compromise attack machines called agents.…”

Section: Introductionmentioning

confidence: 99%

“…1. During attack time, the attacker sends a high rate of HTTP requests to the target server by using any possible request method to exhaust server resources (e.g., Sockets, CPU, memory, disk/database bandwidth, and I/O bandwidth) [5], [8]. Thus the server can not respond to any incoming legitimate requests.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Detection of Application Layer DDoS Attack Based on SIS Epidemic Model

2021

Self Cite

View full text Add to dashboard Cite

Distrusted Denial of Service attack (DDoS) is one of the major threats to network security. The HTTP flooding attack is the hardest type of DDoS attacks to detect since the malicious packets are hidden in a huge amount of normal traffic. In this work, we introduce a new detection scheme for HTTP flooding attack by using Susceptible-Infective-Susceptible (SIS) model of an infectious disease which used in dynamic systems. During any time interval, the server can measure various values of attributes for its users like number of total connections, number of open connections and number of closed connections. These values can be used to detect any abnormal behavior or infected connections in a server by mapping this attributes with SIS model. Thus we can get suspected and infected connections during every time interval. Extensive trace driven simulation has been conducted to demonstrate the efficiency of the proposed scheme in terms of its detection rate and probability of false positive. INDEX TERMS Intrusion detection, DDoS attack, HTTP protocol, SIS epidemic model.

show abstract

“…servers) through attacker or his slaves (agents). This huge number of requests exhausts the server resources and makes it unable to response to the incoming requests [6,7]. The available detection schemes for HTTP flooding attack in most cases depend on two techniques.…”

Section: Introductionmentioning

confidence: 99%

Detection of Application layer DDoS Attacks Based on Bayesian Classifier

2019

Assiut University Journal of Multidisciplinary Scientific Resea

View full text Add to dashboard Cite

One of the major challenges in networks security is detecting network attacks. The HTTP flooding attack is the most common type of DDoS attacks that targets application layer. The malicious DDoS packets are encapsulated with the huge amount of normal traffic, so this type of attack is considered the hardest one for detection. The available detection techniques for the HTTP flooding attack usually used similarity methods for traffic attributes or machine learning algorithms but these techniques are not effective especially for large scale networks. In this paper, a new detection technique is presented based on conditional probability and Bayes' theorem. First the probability value for every normal traffic attribute is calculated. Then, we compute the conditional probability for the same attribute in any incoming connection given the occurrence of the same value in the previous normal traffic. Finally, the total probability is calculated by using the Bayes' theorem to classify it either as normal or abnormal connection. The performance of the proposed technique is evaluated by extensive simulation in terms of its detection rate, probability of false positive and false negative. MSC (2010): 53C50, 53C40.

show abstract

Group Testing Based Detection of Web Service DDoS Attackers

Cited by 7 publications

References 14 publications

Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

Detection of Application Layer DDoS Attack Based on SIS Epidemic Model

Detection of Application layer DDoS Attacks Based on Bayesian Classifier

Contact Info

Product

Resources

About