Abstract
Distributed denial-of-service attacks are one of the toughest attacks on Web applications. All of this is targeted at draining the network storage bandwidth and is known as DDoS attacks on the network layer. DDoS attacks recently started to hit the application layer. These attacks can be conducted with a comparatively small number of attacks in contrast to network layer attacks. They often use legal layer software, making it hard to identify existing security mechanisms. Count distinct or cardinality estimates are commonly used in defense network surveillance. For example, they may be used to identify the spread of ransomware, network scans or server attack. There are several cardinality-estimating algorithms. One of the most commonly used method was HyperLogLog (HLL). HLL is simple, offers a large range of cardinality estimates, takes only a limited amount of memory and makes it easy to combine the estimates from dissimilar sources. Though, HLL will itself is the targets of attacking individuals who wish to stop being observed as it is widely used to detect attacks. In this letter, we take an initial step in exposing a DDoS attacks and vulnerability of HLL that lets an attacker to manipulate its estimate. This displays the importance of designing secure HLL implementations. In the second part of the letter, we propose an effective protection technique to identify as well as avoid the HLL manipulation. The outcomes highlight the need to further study protection of DDoS attacks and HLL’s safety since it is widely used in several computing applications as well as networking.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Praseed, A., Thilagam, P.S.: DDoS attacks at the application layer: challenges and research perspectives for safeguarding Web applications. IEEE Commun. Surveys Tutorials 21, 661–685 (2018)
Yadav, S., Subramanian, S.: Detection of application layer DDoS attack by feature learning using stacked AutoEncoder. In: 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT), pp. 361–366 (2016)
Devi, S.R., Yogesh P.: An effective approach to counter application layer DDoS attacks. In: 2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT’12), pp. 1–4 (2012)
Sivabalan, S., Radcliffe P.J.: A novel framework to detect and block DDoS attack at the application layer. In: IEEE 2013 Tencon-Spring, pp. 578–582 (2013)
Bhosale, K.S., Nenova, M., Iliev, G.: The distributed denial of service attacks (DDoS) prevention mechanisms on application layer. In: 2017 13th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS), pp. 136–139 (2017)
Harmouch, H., Naumann, F.: Cardinality estimation: an experimental survey. Proc. VLDB Endowment 11, 499–512 (2017)
Najafabadi, M. M., Khoshgoftaar, T.M., Calvert, C., Kemp, C.: User behavior anomaly detection for application layer DDoS attacks. In: 2017 IEEE International Conference on Information Reuse and Integration (IRI), pp. 154–161 (2017)
Rajesh, D., Sivakalai, R.: Detection and isolation of attacks in manet using ts-aomdv. Int. J. MC Square Sci. Res. 8, 170–182 (2016)
Chinnaiah, B., Prasad, C.: Confined home automation system using smartphone based on hybrid module. Int. J. Sci. Technol. Res. 9, 770–773 (2020)
Chinnaiah, B.: Multistage Interconnection Networks in Reliability Shuffle Exchange Networks, pp. 571–581. Springer (2019)
Chinnaiah B.: CEP Support for Detection of Application Layer Attacks. In IEEE Conference on CICT’2018, IEEE UP Chapter, pp. 1–5, (2018).
Chinnaiah, B.: Performance analysis of detection and prediction of DDoS attacks in LRWPAN MAC layer using fuzzy systems. Int. J. Pure Appl. Mathe. 118, 747–753 (2018)
Beckett, D., Sezer, S., McCanny, J.: New sensing technique for detecting application layer DDoS attacks targeting back-end database resources. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–7 (2017)
Kachavimath, A.V., Nazare, S.V., Akki, S.S.: Distributed denial of service attack detection using Naïve Bayes and K-Nearest neighbour for network forensics. In: 2020 2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA), pp. 711–717 (2020)
Khalaf, B.A., Mostafa, S.A., Mustapha, A., Abdullah, N.: An adaptive model for detection and prevention of DDoS and flash crowd flooding attacks. In: 2018 International Symposium on Agent, Multi-Agent Systems and Robotics (ISAMSR), pp. 1–6 (2018)
Afek, Y., Bremler-Barr, A., Cohen, E., Feibish, S.L., Shagam, M.: Efficient distinct heavy hitters for DNS DDoS attack detection. arXiv preprint arXiv:1612.02636 (2016)
Reviriego, P., Ting D.: Security of HyperLogLog HLL) cardinality estimation vulnerabilities and protection. IEEE Commun. Lett. (2020)
Bozkus, C., Fraguela, B.B.: Accelerating the HyperLogLog cardinality estimation algorithm. In: Scientific Programming (2017)
Liu, H., Xu, M., Yu, Z., Corvinelli, V., Zuzarte, C.: Cardinality estimation using neural networks. In: Proceedings of the 25th Annual International Conference on Computer Science and Software Engineering, pp. 53–59 (2015)
Chinnaiah, B.: An overview: CEP support for detection of application layer attacks. Int. J. Pure Appl. Mathe. 118, 51–55 (2018)
Balarengadurai, C., Saraswathi, S.: Comparative analysis of detection of DDoS attacks in IEEE 802.15.4 low rate wireless personal area network. In: Proceedings of Elsevier Procedia Engineering, vol. 38, pp. 3855–3863 (2012)
Balarengadurai, C., Saraswathi, S.: Detection of jamming attacks in IEEE 802.15.4 low rate wireless personal area network using fuzzy systems. In: IEEE Explore, pp. 32-38 (2012)
Balarengadurai, C., Saraswathi, S.: A Fuzzy based detection technique for jamming attacks in IEEE 802.15.4 low rate wireless personal area networks. In: Proceeding of IEEE Explore, pp. 253–259 (2015)
Balarengadurai, C., Saraswathi, S.: Fuzzy logic-based detection of DDoS attacks in IEEE 802.15.4 low rate wireless personal area network. Indersci. Int. J. Trust Manage. Comput. Commun. 1, 243–260 (2013)
Balarengadurai, C., Saraswathi, S.: A fuzzy logic system for detecting ping pong effect attack in IEEE 802.15.4 low rate wireless personal area network. J. Adv. Intell. Syst. Comput.-Springer Verlag. 182, 405–416 (2013)
C Balarengadurai C., Saraswathi S.: Fuzzy based detection and prediction of DDoS attacks in IEEE 802.15.4 low rate wireless personal area network. Int. J. Comput. Sci. 10, 293–310 (2013)
Lokesh, C.H., Balarengadurai, C.: Prevention of authentication problems using quantum cryptography. Int. J. Res. Electron. Comput. Eng. 6, 737–740 (2018)
Anil, K.K., Balarengadurai, C.: Prevention of misbehaving users in unknown networks. Int. J. Res. Electron. Comput. Eng. 6, 753–756 (2018)
Hemalatha, R.J., Vijaybaskar, V., Thamizhvani, T.R.: Automatic localization of anatomical regions in medical ultrasound images of rheumatoid arthritis using deep learning. Proc. Inst. Mech. Eng. 233, 657–667 (2019)
Narayanan, K.L., Ramesh, G.P.: Vlsi architecture for 2D-discrete wavelet transform (DWT) based lifting method. Indian J. Public Health Res. Develop. 8, 644–649 (2017)
Chabchoub, Y., Chiky, R., Dogan, B.: How can sliding HyperLogLog and EWMA detect port scan attacks in IP traffic? EURASIP J. Informat. Sec. 1 (2014)
Swaminathan, M.: Data mining based malicious application detection of android. Int. J. MC Square Sci. Res. 10, 8–16 (2018)
Bhoi, A.K., Mallick, P.K., Liu, C.M., Balas, V.E.: Bio-inspired Neurocomputing. Springer Nature (2021)
Mishra, S., Tripathy, H.K., Mallick, P.K., Bhoi, A.K., Barsocchi, P.: EAGA-MLP-an enhanced and adaptive hybrid classification model for diabetes diagnosis. Sensors 20, 4036 (2020)
Mallick, P.K., Balas, V.E., Bhoi, A.K., Zobaa, A.F. (eds.): Cognitive Informatics and Soft Computing: Proceeding of CISC 2017, vol. 768 (2019)
Mallick, P.K., Balas, V.E., Bhoi, A.K., Chae, G.-S. (eds.): Cognitive Informatics and Soft Computing: Proceeding of CISC 2019, vol. 768 (2020)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chinnaiah, B. (2021). Protection of DDoS Attacks at the Application Layer: HyperLogLog (HLL) Cardinality Estimation. In: Mallick, P.K., Bhoi, A.K., Marques, G., Hugo C. de Albuquerque, V. (eds) Cognitive Informatics and Soft Computing. Advances in Intelligent Systems and Computing, vol 1317. Springer, Singapore. https://doi.org/10.1007/978-981-16-1056-1_46
Download citation
DOI: https://doi.org/10.1007/978-981-16-1056-1_46
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-1055-4
Online ISBN: 978-981-16-1056-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)