Browsing behavior mimicking attacks on popular web sites for large botnets

Yu, Shui, Zhao, Guofeng, Guo, Song, Xiang, Yang and Vasilakos, Athanasios V. 2011, Browsing behavior mimicking attacks on popular web sites for large botnets, in INFOCOM WKSHPS 2011 : IEEE Conference on Computer Communications Workshops, IEEE, [Shanghai, China], pp. 947-951.

Attached Files
Name Description MIMEType Size Downloads

Title Browsing behavior mimicking attacks on popular web sites for large botnets
Author(s) Yu, Shui
Zhao, Guofeng
Guo, Song
Xiang, Yang
Vasilakos, Athanasios V.
Conference name International Workshop on Security in Computers, Networking and Communications (1st : 2011 : Shanghai, China)
Conference location Shanghai, China
Conference dates 10-15 Apr. 2011
Title of proceedings INFOCOM WKSHPS 2011 : IEEE Conference on Computer Communications Workshops
Editor(s) [Unknown]
Publication date 2011
Conference series International Workshop on Security in Computers, Networking and Communications
Start page 947
End page 951
Publisher IEEE
Place of publication [Shanghai, China]
Keyword(s) attack simulation
botnet
browsing behavior
Summary With the significant growth of botnets, application layer DDoS attacks are much easier to launch using large botnet, and false negative is always a problem for intrusion detection systems in real practice. In this paper, we propose a novel application layer DDoS attack tool, which mimics human browsing behavior following three statistical distributions, the Zipf-like distribution for web page popularity, the Pareto distribution for page request time interval for an individual browser, and the inverse Gaussian distribution for length of browsing path. A Markov model is established for individual bot to generate attack request traffic. Our experiments indicated that the attack traffic that generated by the proposed tool is pretty similar to the real traffic. As a result, the current statistics based detection algorithms will result high false negative rate in general. In order to counter this kind of attacks, we discussed a few preliminary solutions at the end of this paper.
ISBN 9781457702488
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2011, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30042393

Document type: Conference Paper
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 46 Abstract Views, 7 File Downloads  -  Detailed Statistics
Created: Tue, 14 Feb 2012, 15:47:18 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.