1 results listed
Distributed Denial of Service (DDoS) attacks are serious
threat to any online service on the internet. In contrast to other
traditional threats, DDoS HTTP GET flood attack can exploit
legitimate HTTP request mechanism to effectively deny any
online service by flooding the victim with an overwhelming
amount of unused network traffic. This paper introduces a new
anomaly-based technique for discriminating DDoS HTTP GET
requests and legitimate requests using a combination of
behavioral features. The key features are Diversity of the
requested objects, requesting rates for all the requested objects,
and request rate for the requested object with the most
frequency. These features are selected as the key measurements
that will be analyzed and processed for developing the proposed
detection technique. During the evaluation process, sub set of
the UNB ISCX IDS 2012 evaluation dataset representing
anomalous traffic, in addition to another sub set extracted from
the 98 world cup dataset showing legitimate traffic are used to
evaluate the proposed method. The evaluation shows that the
proposed mechanism does effective detection due to the subtle
behavioral dissimilarity between non-recursive attack and
legitimate requests traffic.
International Conference on Cyber Security and Computer Science
ICONCS
Mohammed SALIM
Seçkin ARI