GT Approach for Detecting Application DoS Attacks
Subscribe/Renew Journal
Application DoS attack, which aims at disrupting application service rather than depleting the network resource, has emerged as a larger threat to network services, compared to the classic DoS attack. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DDoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions. To identify application DoS attack, we propose a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks. In proposed system, Appropriation can be made in sequential algorithm to avoid requirement of isolating attackers. It improves the detection rate of application DoS attack with heuristic algorithm for constraint-based group testing and variants of anomaly detection in application request. Attackers use same functions to control speed of attack package pumping to the victim.
The proposed model develops counter mechanism to mitigate the potency of the resource attacks and evaluate the efficacy. Asymmetric attack overwhelms the server resources, by increasing the response time of legitimate clients from 0.1 seconds to 10 seconds. Under the same attack scenario, DDoS Shield limits the effects of false-negatives and false-positives and improves the victims’ performance to 0.8 seconds. The proposed access matrix captures the spatial-temporal patterns of a normal flash crowd. Principal component analysis and independent component analysis are applied to abstract the multidimensional access matrix. The anomaly detector based on hidden Markov model is proposed to describe the dynamics of Access Matrix and to detect the attacks. Numerical results based on real Web traffic data are presented to demonstrate the effectiveness of the proposed method.
Keywords
Abstract Views: 215
PDF Views: 3