File(s) under permanent embargo
ALDD: a hybrid traffic-user behavior detection method for application layer DDoS
conference contribution
posted on 2018-01-01, 00:00 authored by J Jiang, Q Yu, M Yu, Gang LiGang Li, J Chen, K Liu, C Liu, W HuangDistributed Denial of Service (DDoS) has been one of the most critical threats to internet applications and web services. Especially with the current advances in network technology, many attackers resort to application layer DDoS (ALDDoS) which utilizes legitimate requests to overwhelm the victim servers. Under this kind of attack, the single request content can be highly similar to normal ones, and this renders previous traffic features-based detection methods void. In this paper, we are addressing two common issues in ALDDoS detection methods: the inaccuracy of traffic feature based detecting algorithms, and the time and space complexity of user behavior-based detecting algorithms. Different from the existing detection pattern for each request, the detection pattern used in this paper is for a time window. We extract instances of traffic and user behaviors from web server logs, and propose a hybrid traffic-user behavior detection method for ALDDoS. Neutral network is adopted for further cluster analysis. Experimental results on the recent public dataset CICIDS2017 indicate that the proposed method can achieve high detection accuracy while reducing 90% of time cost.
History
Event
IEEE Computer Society. Conference (2018 : New York, N.Y.)Series
IEEE Computer Society ConferencePagination
1565 - 1569Publisher
Institute of Electrical and Electronics EngineersLocation
New York, N.Y.Place of publication
Piscataway, N.J.Start date
2018-08-01End date
2018-08-03ISBN-13
9781538643877Language
engPublication classification
E1 Full written paper - refereedCopyright notice
2018, IEEEEditor/Contributor(s)
[Unknown]Title of proceedings
TrustCom/BigDataSE 2018 : Proceedings of the 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and EngineeringUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC