A Novel Model for Detecting Application Layer DDoS Attacks

I
IMSCCS
2006
2006 First International Multi-Symposiums on Computer and Computational Sciences
Abstract - A Novel Model for Detecting Application Layer DDoS Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Yi Xie Articles by Shun-Zheng Yu

2006 First International Multi-Symposiums on Computer and Computational Sciences

Hangzhou, Zhejiang, China

June 20-June 24

ISBN: 0-7695-2581-4

	ASCII Text	x
	Yi Xie, Shun-Zheng Yu, "A Novel Model for Detecting Application Layer DDoS Attacks," Computer and Computational Sciences, International Multi-Symposiums on, vol. 2, pp. 56-63, 2006 First International Multi-Symposiums on Computer and Computational Sciences, 2006.

	BibTex	x
	@article{ 10.1109/IMSCCS.2006.159, author = {Yi Xie and Shun-Zheng Yu}, title = {A Novel Model for Detecting Application Layer DDoS Attacks}, journal ={Computer and Computational Sciences, International Multi-Symposiums on}, volume = {2}, year = {2006}, isbn = {0-7695-2581-4}, pages = {56-63}, doi = {http://doi.ieeecomputersociety.org/10.1109/IMSCCS.2006.159}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer and Computational Sciences, International Multi-Symposiums on TI - A Novel Model for Detecting Application Layer DDoS Attacks SN - 0-7695-2581-4 SP56 EP63 A1 - Yi Xie, A1 - Shun-Zheng Yu, PY - 2006 KW - null VL - 2 JA - Computer and Computational Sciences, International Multi-Symposiums on ER -

Yi Xie, Sun Yat-Sen University, China

Shun-Zheng Yu, Sun Yat-Sen University, China

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IMSCCS.2006.159

Countering Distributed Denial of Service (DDoS) attacks is becoming ever more challenging with the vast resources and techniques increasingly available to attackers. DDoS attacks are typically carried out at the network layer. However, there is evidence to suggest that application layer DDoS attacks can be more effective than the traditional ones. In this paper, we consider sophisticated attacks that utilize legitimate application layer HTTP requests from legitimately connected network machines to overwhelm Web server. Since the attack signature of each application layer DDoS is represented in abnormal user behavior, we propose a countermechanism based on Web user browsing behavior to protect the servers from these attacks. In contrast to prior works, we explore Hidden semi-Markov Model to describe the browsing behaviors of Web users and apply it to implement the anomaly detection for the application layer DDoS attacks which simulate the Web request behaviors of browser and use HTTP requests to launch attacks. By conducting an experiment with a real traffic data, the model shows that it is effective in measuring the user behaviors and detecting the application layer DDoS attacks.

Citation:

Yi Xie, Shun-Zheng Yu, "A Novel Model for Detecting Application Layer DDoS Attacks," imsccs, vol. 2, pp.56-63, 2006 First International Multi-Symposiums on Computer and Computational Sciences, 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.