DDoS attack detection mechanism in the application layer using user features

2018 ◽  
Author(s):  
Silvia Bravo ◽  
David Mauricio
Keyword(s):  
Attack Detection ◽  
Application Layer ◽  
Detection Mechanism ◽  
Ddos Attack ◽  
Ddos Attack Detection

scholarly journals A Novel Real-Time DDoS Attack Detection Mechanism Based on MDRA Algorithm in Big Data

2016 ◽  
Vol 2016 ◽  
pp. 1-10 ◽  
Author(s):  
Bin Jia ◽  
Yan Ma ◽  
Xiaohong Huang ◽  
Zhaowen Lin ◽  
Yi Sun
Keyword(s):  
Big Data ◽  
Real Time ◽  
Network Traffic ◽  
Rapid Development ◽  
Computing Time ◽  
Attack Detection ◽  
Attack Behavior ◽  
Detection Mechanism ◽  
Ddos Attack ◽  
Ddos Attack Detection

In the wake of the rapid development and wide application of information technology and Internet, our society has come into the information explosion era. Meanwhile, it brings in new and severe challenges to the field of network attack behavior detection due to the explosive growth and high complexity of network traffic. Therefore, an effective and efficient detection mechanism that can detect attack behavior from large scale of network traffic plays an important role. In this paper, we focus on how to distinguish the attack traffic from normal data flows in Big Data and propose a novel real-time DDoS attack detection mechanism based on Multivariate Dimensionality Reduction Analysis (MDRA). In this mechanism, we first reduce the dimensionality of multiple characteristic variables in a network traffic record by Principal Component Analysis (PCA). Then, we analyze the correlation of the lower dimensional variables. Finally, the attack traffic can be differentiated from the normal traffic by MDRA and Mahalanobis distance (MD). Compared with previous research methods, our experimental results show that higher precision rate is achieved and it approximates to 100% in True Negative Rate (TNR) for detection; CPU computing time is one-eightieth and memory resource consumption is one-third of the previous detection method based on Multivariate Correlation Analysis (MCA); computing complexity is constant.

scholarly journals WEB DDoS Attack Detection Method Based on Semisupervised Learning

2021 ◽  
Vol 2021 ◽  
pp. 1-10
Author(s):  
Xiang Yu ◽  
Wenchao Yu ◽  
Shudong Li ◽  
Xianfei Yang ◽  
Ying Chen ◽  
...  
Keyword(s):  
Web Application ◽  
False Positive Rate ◽  
Semisupervised Learning ◽  
Attack Detection ◽  
Application Layer ◽  
Ddos Attack ◽  
Web Attacks ◽  
Positive Rate ◽  
Ddos Attack Detection ◽  
The Web

Since the services on the Internet are becoming increasingly abundant, all walks of life are inextricably linked with the Internet. Simultaneously, the Internet’s WEB attacks have never stopped. Relative to other common WEB attacks, WEB DDoS (distributed denial of service) will cause serious damage to the availability of the target network or system resources in a short period of time. At present, most researches are centered around machine learning-related DDoS attack detection algorithms. According to previous studies, unsupervised methods generally have a high false positive rate, while supervisory methods cannot handle large amount of network traffic data, and the performance is often limited by noise and irrelevant data. Therefore, this paper proposes a semisupervised learning detection model combining spectral clustering and random forest to detect the DDoS attack of the WEB application layer and compares it with other existing detection schemes to verify the semisupervised learning model proposed in this paper. While ensuring a low false positive rate, there is a certain improvement in the detection rate, which is more suitable for the WEB application layer DDoS attack detection.

Sign in / Sign up

Export Citation Format

Share Document