Detection on application layer DDoS using random walk model

Xu,C, Zhao,G, Xie,G and Yu,S 2014, Detection on application layer DDoS using random walk model, in ICC 2014 : Proceedings of the 2014 IEEE International Conference on Communications, IEEE, Piscataway, N.J., pp. 707-712, doi: 10.1109/ICC.2014.6883402.

Attached Files
Name Description MIMEType Size Downloads

Title Detection on application layer DDoS using random walk model
Author(s) Xu,C
Yu,SORCID iD for Yu,S
Conference name IEEE International Conference on Communications (2014 : Sydney, N.S.W.)
Conference location Sydney, NSW
Conference dates 10-14 Jun. 2014
Title of proceedings ICC 2014 : Proceedings of the 2014 IEEE International Conference on Communications
Editor(s) [Unknown]
Publication date 2014
Conference series IEEE International Conference on Communications
Start page 707
End page 712
Total pages 6
Publisher IEEE
Place of publication Piscataway, N.J.
Keyword(s) anomaly detection
Asymmetric application layer DDoS attack
random walk model
Summary Application Layer Distributed Denial of Service (ALDDoS) attacks have been increasing rapidly with the growth of Botnets and Ubiquitous computing. Differentiate to the former DDoS attacks, ALDDoS attacks cannot be efficiently detected, as attackers always adopt legitimate requests with real IP address, and the traffic has high similarity to legitimate traffic. In spite of that, we think, the attackers' browsing behavior will have great disparity from that of the legitimate users'. In this paper, we put forward a novel user behavior-based method to detect the application layer asymmetric DDoS attack. We introduce an extended random walk model to describe user browsing behavior and establish the legitimate pattern of browsing sequences. For each incoming browser, we observe his page request sequence and predict subsequent page request sequence based on random walk model. The similarity between the predicted and the observed page request sequence is used as a criterion to measure the legality of the user, and then attacker would be detected based on it. Evaluation results based on real collected data set has demonstrated that our method is very effective in detecting asymmetric ALDDoS attacks. © 2014 IEEE.
ISBN 9781479920037
Language eng
DOI 10.1109/ICC.2014.6883402
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category E1 Full written paper - refereed
ERA Research output type E Conference publication
Copyright notice ©2014, IEEE
Persistent URL

Connect to link resolver
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 12 times in TR Web of Science
Scopus Citation Count Cited 14 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 325 Abstract Views, 9 File Downloads  -  Detailed Statistics
Created: Mon, 02 Feb 2015, 12:51:14 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact