HTTP Application Layer DDoS Attack Mitigation Using Resources Monitor

2017 ◽  
pp. 213-221
Author(s):  
Mohamed Aly Mohamed ◽  
Nashwa Abdelbaki
Keyword(s):  
Application Layer ◽  
Ddos Attack ◽  
Attack Mitigation

scholarly journals Traffic flow features as metrics (TFFM): detection of application layer level DDOS attack scope of IOT traffic flows

2018 ◽  
Vol 7 (2.7) ◽  
pp. 203 ◽  
Author(s):  
Kalathiripi Rambabu ◽  
N Venkatram
Keyword(s):  
Traffic Flow ◽  
Traffic Flows ◽  
Application Layer ◽  
Continuous Growth ◽  
Loosely Coupled ◽  
Ddos Attack ◽  
Proposed Model ◽  
Flow Features ◽  
Target Network ◽  
Iot Devices

The phenomenal and continuous growth of diversified IOT (Internet of Things) dependent networks has open for security and connectivity challenges. This is due to the nature of IOT devices, loosely coupled behavior of internetworking, and heterogenic structure of the networks.  These factors are highly vulnerable to traffic flow based DDOS (distributed-denial of services) attacks. The botnets such as “mirae” noticed in recent past exploits the IoT devises and tune them to flood the traffic flow such that the target network exhaust to response to benevolent requests. Hence the contribution of this manuscript proposed a novel learning-based model that learns from the traffic flow features defined to distinguish the DDOS attack prone traffic flows and benevolent traffic flows. The performance analysis was done empirically by using the synthesized traffic flows that are high in volume and source of attacks. The values obtained for statistical metrics are evincing the significance and robustness of the proposed model

Security Integration in DDoS Attack Mitigation Using Access Control Lists

2018 ◽  
Vol 9 (1) ◽  
pp. 56-76 ◽  
Author(s):  
Sumit Kumar Yadav ◽  
Kavita Sharma ◽  
Arushi Arora
Keyword(s):  
Access Control ◽  
Ddos Attacks ◽  
Fixed Amount ◽  
Internet Service ◽  
Ip Address ◽  
Ddos Attack ◽  
Simulated Environment ◽  
Processing Power ◽  
Main Challenge ◽  
Attack Mitigation

In this article, the authors propose a DDoS mitigation system through access list-based configurations, which are deployed at the ISP (Internet Service Provider's) edge routers to prohibit DDoS attacks over ISPs' networks traffic. The effectiveness of the proposed system relies heavily on the willingness of ISPs in implementing the system. Once each ISP implements the system, most attacks can easily be stopped close to their point of origin. The main challenge is to implement such a system with the fixed amount of memory and available processing power with routers. A coordinated effort by participating ISPs filters out attacks close to their source, reducing the load on other routers. The suspicious traffic is first filtered out based on their source IP address. The authors also implemented the WRED algorithm for their case and conduct GNS3 experiments in a simulated environment.

scholarly journals A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors

2019 ◽  
Vol 9 (21) ◽  
pp. 4633 ◽  
Author(s):  
Jian Zhang ◽  
Qidi Liang ◽  
Rui Jiang ◽  
Xi Li
Keyword(s):  
Success Rate ◽  
Denial Of Service ◽  
Detection Algorithm ◽  
Feature Analysis ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Detection Capability ◽  
Ddos Attack ◽  
Attack Mitigation ◽  
Multiple Attack

In recent years, distributed denial of service (DDoS) attacks have increasingly shown the trend of multiattack vector composites, which has significantly improved the concealment and success rate of DDoS attacks. Therefore, improving the ubiquitous detection capability of DDoS attacks and accurately and quickly identifying DDoS attack traffic play an important role in later attack mitigation. This paper proposes a method to efficiently detect and identify multivector DDoS attacks. The detection algorithm is applicable to known and unknown DDoS attacks.

Sign in / Sign up

Export Citation Format

Share Document