☆ 4.2 Article

Behavior-based detection of application layer distributed denial of service attacks during flash events

TURKISH JOURNAL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCES (2016)

Journal

TURKISH JOURNAL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCES

Volume 24, Issue 2, Pages 510-523

Publisher

Tubitak Scientific & Technological Research Council Turkey

DOI: 10.3906/elk-1308-188

Keywords

DDoS; flash crowd; flow similarity; security

Categories

Computer Science, Artificial Intelligence Engineering, Electrical & Electronic

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

Abstract

Distributed denial of service (DDoS) attacks are ever threatening to the developers and users of the Internet. DDoS attacks targeted at the application layer are especially difficult to be detected since they mimic the legitimate users' requests. The situation becomes more serious when they occur during flash events. A more sophisticated algorithm is required to detect such attacks during a flash crowd. A few existing works make use of flow similarity for differentiating flash crowds and DDoS, but flow characteristics alone cannot be used for effective detection. In this paper, we propose a novel mechanism for discriminating DDoS and flash crowds based on the combination of the parameters reflecting their behavioral differences. Flow similarity, client legitimacy, and web page requested are identified as the principal parameters and are used together for effective discrimination. The proposed mechanism is implemented on resilient proxies in order to protect the server from direct flooding and to improve the overall performance. The real datasets are used for simulation, and the results are presented to evaluate the performance of the proposed system. The results show that the proposed mechanism does effective detection with fewer false positives and false negatives.

Authors

I am an author on this paper

Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.2

Not enough ratings

Secondary Ratings

Novelty

-

Significance

-

Scientific rigor

-

Rate this paper

Recommended

Article Computer Science, Hardware & Architecture

Discriminate, locate and mitigate DDoS traffic in presence of Flash Crowd in Software Defined Network

Jitendra Patil, Vrinda Tokekar, Alpana Rajan, Anil Rawat

Summary: This paper proposes a model based on behavior and techniques to detect and address multi-destination DDoS traffic targeting SDN controllers. The model is able to detect, locate, and mitigate attacks generated using spoofed legitimate IP/MAC addresses.

JOURNAL OF SUPERCOMPUTING (2022)

Add to Collection

Article Computer Science, Information Systems

D-FAC: A novel φ-Divergence based distributed DDoS defense system

Sunny Behal, Krishan Kumar, Monika Sachdeva

Summary: This paper presents D-FAC, an anomaly-based distributed defense system that effectively detects and distinguishes various types of DDoS attacks with superior performance on various detection metrics.

JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES (2021)

Add to Collection

Article Chemistry, Analytical

An Efficient Multilevel Probabilistic Model for Abnormal Traffic Detection in Wireless Sensor Networks

Muhammad Altaf Khan, Moustafa M. Nasralla, Muhammad Muneer Umar, Ghani-Ur-Rehman, Shafiullah Khan, Nikumani Choudhury

Summary: This paper introduces a novel mechanism based on a Bayesian model to detect abnormal data traffic and discriminate DDoS attacks from flash crowds (FC). The simulation results prove the effectiveness of the proposed mechanism.

SENSORS (2022)

Add to Collection

Article Computer Science, Information Systems

A crowd cooperative defense model for mitigating DDoS attacks in Mobile Crowdsensing networks

Guosheng Zhao, Ming Gao, Jian Wang

Summary: This paper proposes a crowd cooperative defense model for mitigating DDoS attacks in Mobile Crowdsensing (MCS). The model enables distributed sensing nodes to cooperate against DDoS attacks by forming overlapping sensing coalitions. Simulation results show that the proposed model can reduce the defense cost compared to non-cooperative and non-overlapping sensing coalition methods, while increasing the throughput of the sensing network.

COMPUTER COMMUNICATIONS (2023)

Add to Collection

Article Computer Science, Hardware & Architecture

DOCUS-DDoS detection in SDN using modified CUSUM with flash traffic discrimination and mitigation

P. V. Shalini, V. Radha, Sriram G. Sanjeevi

Summary: SDN separates the data plane from the control plane, enabling centralized control and faster data transmission. However, it faces challenges in network security, especially in the detection of DDoS attacks.

COMPUTER NETWORKS (2022)

Add to Collection

Article Business

A novel approach for DDoS attacks detection in COVID-19 scenario for small entrepreneurs

Akshat Gaurav, Brij B. Gupta, Prabin Kumar Panigrahi

Summary: The COVID-19 pandemic has led to changes in the business landscape, increasing the risk of cyberattacks, particularly for new entrepreneurs with limited security resources to defend against DDoS attacks.

TECHNOLOGICAL FORECASTING AND SOCIAL CHANGE (2022)

Add to Collection

Article Computer Science, Hardware & Architecture

Composite and efficient DDoS attack detection framework for B5G networks

G. C. Amaizu, C. Nwakanma, S. Bhardwaj, J. M. Lee, D. S. Kim

Summary: With the growth of 5G and B5G networks, the number and frequency of DDoS attacks are predicted to increase, requiring a sophisticated detection framework. This paper proposes a composite and efficient DDoS attack detection framework that can accurately identify not only DDoS attacks, but also the type of DDoS attack encountered.

COMPUTER NETWORKS (2021)

Add to Collection

Article Chemistry, Analytical

Security Performance Analysis of LEO Satellite Constellation Networks under DDoS Attack

Yan Zhang, Yong Wang, Yihua Hu, Zhi Lin, Yadi Zhai, Lei Wang, Qingsong Zhao, Kang Wen, Linshuang Kang

Summary: This paper analyzes the security performance of Low Earth Orbit Satellite Constellation Networks (LSCNs) under DDoS attacks by building a space-time graph model. The study reveals that the transmission path of key satellite nodes will change after being attacked, and the number of key-node attacks is linearly related to the average delay and packet loss.

SENSORS (2022)

Add to Collection

Article Computer Science, Information Systems

A Framework for Mitigating DDoS and DOS Attacks in IoT Environment Using Hybrid Approach

Abdulrahman Aminu Ghali, Rohiza Ahmad, Hitham Alhussian

Summary: The Internet of Things (IoT) has been widely accepted, but security concerns, especially DDoS and DoS attacks, pose significant challenges. This study focuses on mitigating data exfiltration caused by these attacks and improving network lifetime, energy consumption, and throughput. The proposed hybrid approach shows promising results in reducing the impact of DDoS and DoS attacks.

ELECTRONICS (2021)

Add to Collection

Article Chemistry, Multidisciplinary

A Study on Improving M2M Network Security through Abnormal Traffic Control

Seongsoo Cho, Bhanu Shrestha

Summary: This paper proposes a network filter for improving the security of M2M intelligent networks. Experimental results demonstrate that the filter enhances device response speed while minimizing unnecessary loss.

APPLIED SCIENCES-BASEL (2022)

Add to Collection

Article Computer Science, Artificial Intelligence

An anomaly based distributed detection system for DDoS attacks in Tier-2 ISP networks

Abhinav Bhandari, Krishan Kumar, A. L. Sangal, Sunny Behal

Summary: The proposed ISP-level distributed, collaborative, and automated (D-CAD) defense system effectively detects DDoS attacks while distinguishing attack traffic from flash event traffic, with low computational complexity. The system outperforms existing counterparts on various detection system evaluation metrics in novel software defined networks (SDN) using Mininet emulator.

JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING (2021)

Add to Collection

Review Computer Science, Hardware & Architecture

DDoS attacks in Industrial IoT: A survey

Shubhankar Chaudhary, Pramod Kumar Mishra

Summary: This paper investigates the issue of DDoS attacks in IIoT and discusses the solutions, as well as the correlation between IoT, IIoT, and various communication layers. It also explores research in fields such as machine learning, deep learning, federated learning, and transfer learning.

COMPUTER NETWORKS (2023)

Add to Collection

Article Computer Science, Hardware & Architecture

Distributed denial of service attack prediction: Challenges, open issues and opportunities

Anderson Bergamini de Neira, Burak Kantarci, Michele Nogueira

Summary: This survey article summarizes the classification of studies on DDoS attack prediction, highlighting the current state-of-the-art and research opportunities in this field.

COMPUTER NETWORKS (2023)

Add to Collection

Article Computer Science, Information Systems

Detection and Classification of DDoS Flooding Attacks on Software-Defined Networks: A Case Study for the Application of Machine Learning

Abimbola O. Sangodoyin, Mobayode O. Akinsolu, Prashant Pillai, Vic Grout

Summary: Software-defined networks (SDNs) provide robust network architectures for Internet of Things (IoT) applications but are also attractive targets for cyber attackers. Vulnerable to Distributed Denial of Service (DDoS) flooding attacks, machine learning algorithms such as Quadratic Discriminant Analysis (QDA), Gaussian Naive Bayes (GNB), k-nearest neighbor (k-NN), and Classification and Regression Tree (CART) are investigated for detecting and classifying these attacks on SDNs, with CART showing the best overall performance.

IEEE ACCESS (2021)

Add to Collection

Article Computer Science, Information Systems

Denial of service attacks in edge computing layers: Taxonomy, vulnerabilities, threats and solutions

Ryhan Uddin, Sathish A. P. Kumar, Vinay Chamola

Summary: This paper examines the impact of different types of DoS and DDoS attacks on edge computing layers and investigates existing detection and prevention mechanisms to address security weaknesses. Additionally, a theoretical architecture is proposed to mitigate the impact of distributed denial of service attacks on edge systems.

AD HOC NETWORKS (2024)

Add to Collection

Article Computer Science, Hardware & Architecture

Secure and Efficient Smart-Card-Based Remote User Authentication Scheme for Multiserver Environment

Saraswathi Shunmuganathan, Renuka Devi Saravanan, Yogesh Palanichamy

CANADIAN JOURNAL OF ELECTRICAL AND COMPUTER ENGINEERING-REVUE CANADIENNE DE GENIE ELECTRIQUE ET INFORMATIQUE (2015)

Add to Collection

Proceedings Paper Computer Science, Hardware & Architecture

An Effective Approach to Counter Application Layer DDoS Attacks

S. Renuka Devi, P. Yogesh

2012 THIRD INTERNATIONAL CONFERENCE ON COMPUTING COMMUNICATION & NETWORKING TECHNOLOGIES (ICCCNT) (2012)

Add to Collection

No Data Available

© Peeref 2019-2024. All rights reserved.