Modelling Web-server Flash Events
作者: Sajal Bhatia , George Mohay , Desmond Schmidt , Alan Tickle
DOI: 10.1109/NCA.2012.24
关键词: Quality of service 、 Network security 、 Denial-of-service attack 、 Computer security 、 Network congestion 、 File server 、 Web server 、 Server 、 Computer science 、 Computer network 、 Event (computing) 、 The Internet
摘要: A Flash Event (FE) represents a period of time when web-server experiences dramatic increase in incoming traffic, either following newsworthy event that has prompted users to locate and access it, or as result redirection from other popular web social media sites. This usually leads network congestion Quality-of-Service (QoS) degradation. These events can be mistaken for Distributed Denial-of-Service (DDoS) attacks aimed at disrupting the server. Accurate detection FEs their distinction DDoS is important, since different actions need undertaken by administrators these two cases. However, lack public domain FE datasets hinders research this area. In paper we present detailed study flash classify them into three broad categories. addition, describes terms key components: volume related source IP-addresses, resources being accessed. We such model with minimal parameters use publicly available analyse validate our proposed model. The used generate types closely approximating real-world scenarios, order facilitate distinguishing attacks.
computer.org
sci-hub.se 参考文章(13)
Larry Niven, The Flight of the Horse ,(1973)
Ejaz Ahmed, George Mohay, Alan Tickle, Sajal Bhatia, None, Use of IP Addresses for High Rate Flooding Attack Detection information security conference. pp. 124- 135 ,(2010) , 10.1007/978-3-642-15257-3_12
Jaeyeon Jung, Balachander Krishnamurthy, Michael Rabinovich, Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites the web conference. pp. 293- 304 ,(2002) , 10.1145/511446.511485
CE Shennon, Warren Weaver, A mathematical theory of communication Bell System Technical Journal. ,vol. 27, pp. 379- 423 ,(1948) , 10.1002/J.1538-7305.1948.TB01338.X
Peter Bodik, Armando Fox, Michael J Franklin, Michael I Jordan, David A Patterson, None, Characterizing, modeling, and generating workload spikes for stateful services Proceedings of the 1st ACM symposium on Cloud computing - SoCC '10. pp. 241- 252 ,(2010) , 10.1145/1807128.1807166
Martin F. Arlitt, Carey L. Williamson, Web server workload characterization: the search for invariants measurement and modeling of computer systems. ,vol. 24, pp. 126- 137 ,(1996) , 10.1145/233008.233034
C Shanndn, W Weaver, The Mathematical Theory of Communication ,(1948)
M.F. Arlitt, C.L. Williamson, Internet Web servers: workload characterization and performance implications IEEE ACM Transactions on Networking. ,vol. 5, pp. 631- 645 ,(1997) , 10.1109/90.649565
Boxun Zhang, Alexandru Iosup, Johan Pouwelse, Dick Epema, Identifying, analyzing, and modeling flashcrowds in BitTorrent international conference on peer-to-peer computing. pp. 240- 249 ,(2011) , 10.1109/P2P.2011.6038742
Patrick Wendell, Michael J. Freedman, Going viral Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference - IMC '11. pp. 549- 558 ,(2011) , 10.1145/2068816.2068867