Abstract
Denial of Service attacks are one of the most annoying day to day challenges for any security expert and IT professional. This is according to the attack nature. It can be run against any kind of network resources, whether exposed to the Internet or internally in a corporate network, regardless of the type of service it provides and its role in the network. There is no one complete solution or unified framework method against this type of attack. The most dangerous type of DoS attack is the DDoS type. The attack flow from many sources at the same time. In the context of mitigation from DDoS attack, the detection mechanisms are the first step in the way. Mechanisms like IPS and firewall are not effective because of the current challenging DDOS attack methods against application layer. The attackers use vulnerability in the application itself to disrupt the service it provides. Current mitigation techniques depend on preventing the attack traffic from reaching web servers. In this paper we study http application layer DDoS attacks against web servers. We propose new approach for mitigation that depends on absorbing the attack effects on the web server and increases server’s resistance against DDoS attacks.
References
Oo, K.K., Ye, K.Z., Tun, H., Lin, K.Z., Portnov, E.M.: Enhancement of preventing application layer based on DDOS attacks by using hidden semi-markov model. Advances in Intelligent Systems and Computing, vol. 387, pp 125–135, Springer, Cham (2016)
Singh, K.J., De, T.: An approach of DDOS attack detection using classifiers. In: Emerging Research in Computing, Information, Communication and Applications, pp 429–437, Springer, India (2015)
Saleh, M.A., Manaf, A.A.: Protective frameworks and schemes to detect and prevent high rate DoS/DDoS and flash crowd attacks: a comprehensive review. In: Advanced Machine Learning Technologies and Applications, vol. 488, pp 145–152. Springer, Cham (2014)
Umarani, S., Sharmila, D.: Predicting application layer DDoS attacks using machine learning algorithms. Int. J. Comput. 8(10) (2014)
Boro, D., Bhattacharyya, D.K.: A dynamic protocol specific defense for high-rate DDoS flooding attacks. Microsyst. Technol. 23(3), 593–611 (2016). Springer, Heidelberg
Beitollahi, H., Deconinck, G.: A statistical technique to resist application-layer DDoS attacks. J. Ambient Intell. Humanized Comput. 5(3), 425–442 (2013). Springer, Heidelberg
Dick, U., Scheffer, T.: Learning to control a structured-prediction decoder for detection of HTTP-layer DDoS attackers. Kluwer Acad. J. Mach. Learn. 104(2), 385–410 (2016)
Choi, Y.-S., Kim, I.-K., Oh, J.-T., Jang, J.-S.: AIGG threshold based HTTP GET flooding attack detection. In: Information Security Applications, vol. 7690. Lecture Notes in Computer Science, pp 270–284. Springer, Heidelberg (2012)
Sharma, R.: Detection of low-rate dos attacks against HTTP servers using spectral analysis. In: IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 954–961, Paris (2015)
Maciá-Fernández, G., RodrÃguez-Gómez, R.A., DÃaz-Verdejo, J.E.: Defense techniques for low-rate DoS attacks against application servers. Comput. Netw. 54(15), 28, 2711–2727 (2010)
Adi, E., Baig, Z.A., Hingston, P., Lam, C.-P.: Distributed denial-of-service attacks against HTTP/2 services 19(1), 79–86 (2016). Springer Science+Business Media, New York
Rajesh, S.: Protection from application layer DDoS attacks for popular websites. Int. J. Comput. Electric. Eng. 5(6), December 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Mohamed, M.A., Abdelbaki, N. (2018). HTTP Application Layer DDoS Attack Mitigation Using Resources Monitor. In: Hassanien, A., Shaalan, K., Gaber, T., Tolba, M. (eds) Proceedings of the International Conference on Advanced Intelligent Systems and Informatics 2017. AISI 2017. Advances in Intelligent Systems and Computing, vol 639. Springer, Cham. https://doi.org/10.1007/978-3-319-64861-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-64861-3_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64860-6
Online ISBN: 978-3-319-64861-3
eBook Packages: EngineeringEngineering (R0)