Impact analysis of application layer DDoS attacks on web services: a simulation study

As the world is getting increasingly dependent on the Internet, the availability of web services has been a key concern for various organizations. Application Layer DDoS (AL-DDoS) attacks may hamper the availability of web services to the legitimate users by flooding the request queue of the web server. Hence, it is pertinent to focus fundamentally on studying the queue scheduling policies of web server against the HTTP request flooding attack which has been the base of this research work. In this paper, the various types of AL-DDoS attacks launched by exploiting the HTTP protocol have been reviewed. The key aim is to compare the requests queue scheduling policies of web server against HTTP request flooding attack using NS2 simulator. Various simulation scenarios have been presented for comparison, and it has been established that queue scheduling policy can be a significant role player in tolerating the AL-DDoS attacks.

Download Full-text

HULK and DDoS Attacks in Web Applications with Detection Mechanism

International Journal of Emerging Research in Management and Technology ◽

10.23956/ijermt.v6i6.268 ◽

2018 ◽

Vol 6 (6) ◽

pp. 192

Author(s):

Amit Sharma

Keyword(s):

Web Applications ◽

Denial Of Service ◽

Single Server ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Application Layer ◽

Detection Mechanism ◽

Plan Execution ◽

Social Affair ◽

Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

Download Full-text

DETECTION OF ANOMALY BASED APPLICATION LAYER DDoS ATTACKS USING MACHINE LEARNING APPROACHES

i-manager s Journal on Computer Science ◽

10.26634/jcom.4.2.8120 ◽

2016 ◽

Vol 4 (2) ◽

pp. 6

Author(s):

VANI NIDHI M.S.P.S. ◽

PRASAD K. MUNIVARA ◽

◽

Keyword(s):

Machine Learning ◽

Learning Approaches ◽

Ddos Attacks ◽

Application Layer

Download Full-text

Impact Analysis of HTTP and SYN Flood DDoS Attacks on Apache 2 and IIS 10.0 Web Servers

2018 International Conference on Advanced Science and Engineering (ICOASE) ◽

10.1109/icoase.2018.8548783 ◽

2018 ◽

Cited By ~ 2

Author(s):

Rizgar R. Zebari ◽

Subhi R. M. Zeebaree ◽

Karwan Jacksi

Keyword(s):

Impact Analysis ◽

Ddos Attacks ◽

Web Servers

Download Full-text

A Middleware Mediated Application Layer Protocol to Decouple Provider-Consumer Relationship in Web Services Orchestration and Its Application in Novel IoT Integration

Lecture Notes in Computer Science - Internet of Things – ICIOT 2018 ◽

10.1007/978-3-319-94370-1_12 ◽

2018 ◽

pp. 165-176

Author(s):

Devanathan Venkatesan ◽

Othiyappan Pandithurai ◽

Sundaramoorthy Sridhar

Keyword(s):

Web Services ◽

Application Layer ◽

Services Orchestration ◽

Application Layer Protocol

Download Full-text

A Deep Learning Approach for Detection of Application Layer Attacks in Internet

Handling Priority Inversion in Time-Constrained Distributed Databases - Advances in Data Mining and Database Management ◽

10.4018/978-1-7998-2491-6.ch010 ◽

2020 ◽

pp. 175-188

Author(s):

V. Punitha ◽

C. Mala

Keyword(s):

Deep Learning ◽

Transport Layer ◽

Classification Model ◽

Learning Approach ◽

Ddos Attacks ◽

Application Layer ◽

Learning Models ◽

Technological Transformation ◽

Application Deployment ◽

Machine Learning Models

The recent technological transformation in application deployment, with the enriched availability of applications, induces the attackers to shift the target of the attack to the services provided by the application layer. Application layer DoS or DDoS attacks are launched only after establishing the connection to the server. They are stealthier than network or transport layer attacks. The existing defence mechanisms are unproductive in detecting application layer DoS or DDoS attacks. Hence, this chapter proposes a novel deep learning classification model using an autoencoder to detect application layer DDoS attacks by measuring the deviations in the incoming network traffic. The experimental results show that the proposed deep autoencoder model detects application layer attacks in HTTP traffic more proficiently than existing machine learning models.

Download Full-text

Characterizing the Impacts of Application Layer DDoS Attacks

2017 IEEE International Conference on Web Services (ICWS) ◽

10.1109/icws.2017.58 ◽

2017 ◽

Cited By ~ 4

Author(s):

Muhui Jiang ◽

Chenxu Wang ◽

Xiapu Luo ◽

MiuTung Miu ◽

Ting Chen

Keyword(s):

Ddos Attacks ◽

Application Layer

Download Full-text