Secure Double-Layered Defense against HTTP-DDoS Attacks

Eid, Mohamad Samir A.; Aida, Hitoshi

doi:10.1109/compsac.2017.207

Cited by 5 publications

(2 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Authors of [14] have focused on mitigating multi-page HTTP DDoS attacks with slow-moving targets that target public servers. The conceptual proof model was used in a simple and validated the argument.…”

Section: Literature Reviewmentioning

confidence: 99%

Effective and Efficient DDoS Attack Detection Using Deep Learning Algorithm, Multi-Layer Perceptron

et al. 2023

View full text Add to dashboard Cite

Distributed denial of service (DDoS) attacks pose an increasing threat to businesses and government agencies. They harm internet businesses, limit access to information and services, and damage corporate brands. Attackers use application layer DDoS attacks that are not easily detectable because of impersonating authentic users. In this study, we address novel application layer DDoS attacks by analyzing the characteristics of incoming packets, including the size of HTTP frame packets, the number of Internet Protocol (IP) addresses sent, constant mappings of ports, and the number of IP addresses using proxy IP. We analyzed client behavior in public attacks using standard datasets, the CTU-13 dataset, real weblogs (dataset) from our organization, and experimentally created datasets from DDoS attack tools: Slow Lairs, Hulk, Golden Eyes, and Xerex. A multilayer perceptron (MLP), a deep learning algorithm, is used to evaluate the effectiveness of metrics-based attack detection. Simulation results show that the proposed MLP classification algorithm has an efficiency of 98.99% in detecting DDoS attacks. The performance of our proposed technique provided the lowest value of false positives of 2.11% compared to conventional classifiers, i.e., Naïve Bayes, Decision Stump, Logistic Model Tree, Naïve Bayes Updateable, Naïve Bayes Multinomial Text, AdaBoostM1, Attribute Selected Classifier, Iterative Classifier, and OneR.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Effective and Efficient DDoS Attack Detection Using Deep Learning Algorithm, Multi-Layer Perceptron

et al. 2023

View full text Add to dashboard Cite

show abstract

“…They require the content to be decrypted, hence compromise the end-to-end encryption security of communication. Few recent works [9], [10] proposed overlay based mitigation methods which preserve the end-to-end encryption security and yet achieve considerable reduction in attack traffic at the server.…”

Section: Literature Reviewmentioning

confidence: 99%

SlowTrack: Detecting Slow Rate Denial of Service Attacks againstHTTP with Behavioral Parameters

Sood

Hubballi

2022

Preprint

View full text Add to dashboard Cite

Denial of Service (DoS) attacks have evolved from volumetric attacks to target specific applications and can cripple different services with very limited effort. Hypertext Transfer Protocol (HTTP) is vulnerable to a slow rate DoS attack generated through prolonged connections which deliberately send incomplete requests to server. Simple detection methods which use $x$ number of such connections in $y$ time can be easily evaded. In this paper, we present SlowTrack which can detect slow rate DoS attacks against HTTP using a set of behavioral parameters. SlowTrack uses eight behavioral parameters which are validated to be useful in identifying the attack. We correlate these parameters to understand how their values change when attack is launched and subsequently use these observations to propose detection methods. \texttt{SlowTrack} is composed of three detection algorithms which make use of these observations for detecting attacks. We evaluate the detection performance of \texttt{SlowTarck} using experiments done in a testbed and also in a live network to show that these algorithms can detect the slow rate attacks effectively.

show abstract