Sequence-order-independent network profiling for detecting application layer DDoS attacks
作者: Sangjae Lee , Gisung Kim , Sehun Kim
DOI: 10.1186/1687-1499-2011-50
关键词:
摘要: Distributed denial of service (DDoS) attacks, which are a major threat on the Internet, have recently become more sophisticated as result their ability to exploit application-layer vulnerabilities. Most defense methods designed for detecting DDoS attacks IP and TCP layers consequently difficulty in this new type attack. With profiling web browsing behavior, sequence order page requests can be used (App-DDoS) attacks. However, may harmful than helpful behaviors because it varies significantly different individuals behaviors. This article introduces sequence-order-independent method network traffic detection App-DDoS Four attributes extracted from request sequences without consideration requested pages. A model based multiple principal component analysis is proposed normal behaviors, its reconstruction error criterion The experimentally confirmed with various types
springeropen.com
springer.com
core.ac.uk
eurasipjournals.com 参考文章(16)
David G. Stork, Richard O. Duda, Peter E. Hart, Pattern Classification (2nd Edition) Wiley-Interscience. ,(2000)
Sangjae Lee, Jaewon Sung, Daijin Kim, Incremental update of linear appearance models and its application to AAM: incremental AAM international conference on image analysis and recognition. pp. 538- 547 ,(2007) , 10.1007/978-3-540-74260-9_48
Deli Zhao, Rapid and Brief communication: Formulating LLE using alignment technique Pattern Recognition. ,vol. 39, pp. 2233- 2235 ,(2006) , 10.1016/J.PATCOG.2006.05.007
J. A. Hartigan, M. A. Wong, A K-Means Clustering Algorithm Journal of The Royal Statistical Society Series C-applied Statistics. ,vol. 28, pp. 100- 108 ,(1979) , 10.2307/2346830
Xuan Chen, John Heidemann, Flash crowd mitigation via adaptive admission control based on application-level observations ACM Transactions on Internet Technology. ,vol. 5, pp. 532- 569 ,(2005) , 10.1145/1084772.1084776
S. Amari, S. Wu, Improving support vector machine classifiers by modifying kernal functions Neural Networks. ,vol. 12, pp. 783- 789 ,(1999) , 10.1016/S0893-6080(99)00032-5
Dina Katabi, Srikanth Kandula, Matthias Jacob, Arthur Berger, Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds networked systems design and implementation. pp. 287- 300 ,(2005) , 10.5555/1251203.1251224
Jinzhu Hu, Chunxiu Xiong, Jiangbo Shu, Xing Zhou, Jun Zhu, A Novel Text Clustering Method Based on TGSOM and Fuzzy K-Means international workshop on education technology and computer science. ,vol. 1, pp. 26- 30 ,(2009) , 10.1109/ETCS.2009.14
Yi Xie, Shun-Zheng Yu, A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors IEEE ACM Transactions on Networking. ,vol. 17, pp. 54- 65 ,(2009) , 10.1109/TNET.2008.923716
S. Ranjan, R. Swaminathan, M. Uysal, A. Nucci, E. Knightly, DDoS-shield: DDoS-resilient scheduling to counter application layer attacks IEEE ACM Transactions on Networking. ,vol. 17, pp. 26- 39 ,(2009) , 10.1109/TNET.2008.926503