Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

GT Approach for Detecting Application DoS Attacks


Affiliations
1 Department of Information Technology, Park College of Engineering and Technology, Coimbatore, India
     

   Subscribe/Renew Journal


Application DoS attack, which aims at disrupting application service rather than depleting the network resource, has emerged as a larger threat to network services, compared to the classic DoS attack. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DDoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions. To identify application DoS attack, we propose a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks. In proposed system, Appropriation can be made in sequential algorithm to avoid requirement of isolating attackers. It improves the detection rate of application DoS attack with heuristic algorithm for constraint-based group testing and variants of anomaly detection in application request. Attackers use same functions to control speed of attack package pumping to the victim.


The proposed model develops counter mechanism to mitigate the potency of the resource attacks and evaluate the efficacy. Asymmetric attack overwhelms the server resources, by increasing the response time of legitimate clients from 0.1 seconds to 10 seconds. Under the same attack scenario, DDoS Shield limits the effects of false-negatives and false-positives and improves the victims’ performance to 0.8 seconds. The proposed access matrix captures the spatial-temporal patterns of a normal flash crowd. Principal component analysis and independent component analysis are applied to abstract the multidimensional access matrix. The anomaly detector based on hidden Markov model is proposed to describe the dynamics of Access Matrix and to detect the attacks. Numerical results based on real Web traffic data are presented to demonstrate the effectiveness of the proposed method.


Keywords

Application DoS, DDoS, Group Testing, Network Security, Resistance Rate, Throughput.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 214

PDF Views: 3




  • GT Approach for Detecting Application DoS Attacks

Abstract Views: 214  |  PDF Views: 3

Authors

D. Jebakumar Immanuel
Department of Information Technology, Park College of Engineering and Technology, Coimbatore, India
C. Sangeetha
Department of Information Technology, Park College of Engineering and Technology, Coimbatore, India

Abstract


Application DoS attack, which aims at disrupting application service rather than depleting the network resource, has emerged as a larger threat to network services, compared to the classic DoS attack. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DDoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions. To identify application DoS attack, we propose a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks. In proposed system, Appropriation can be made in sequential algorithm to avoid requirement of isolating attackers. It improves the detection rate of application DoS attack with heuristic algorithm for constraint-based group testing and variants of anomaly detection in application request. Attackers use same functions to control speed of attack package pumping to the victim.


The proposed model develops counter mechanism to mitigate the potency of the resource attacks and evaluate the efficacy. Asymmetric attack overwhelms the server resources, by increasing the response time of legitimate clients from 0.1 seconds to 10 seconds. Under the same attack scenario, DDoS Shield limits the effects of false-negatives and false-positives and improves the victims’ performance to 0.8 seconds. The proposed access matrix captures the spatial-temporal patterns of a normal flash crowd. Principal component analysis and independent component analysis are applied to abstract the multidimensional access matrix. The anomaly detector based on hidden Markov model is proposed to describe the dynamics of Access Matrix and to detect the attacks. Numerical results based on real Web traffic data are presented to demonstrate the effectiveness of the proposed method.


Keywords


Application DoS, DDoS, Group Testing, Network Security, Resistance Rate, Throughput.