Mitigation of Application Traffic DDoS Attacks with Trust and AM Based HMM Models
نویسنده
چکیده
26 ABSTRACT The increase in Internet-based transactions and communications offers new opportunities for hackers to disrupt business operations with DDoS attacks. Organizations that are not adequately protected risk losing customers, revenue, and their good reputations. This thesis discusses the challenges of identifying, countering, and avoiding crippling DDoS attacks. With the proposed comprehensive Self-Defending Network, organizations can deploy layers of defense to detect and mitigate the effects of DDoS attacks. The convenience, efficiency, and global reach of e-business benefit both consumers and businesses. But the accessibility of today’s business operations brings increased security challenges. Legions of malicious hackers target e-commerce sites, online banks, partner networks, and Internet or e-mail servers seeking revenge or profit.
منابع مشابه
Integrated Hidden Markov Model and Bayes Packet Classifier for effective Mitigation of Application DDoS attacks
Resisting distributed denial of service (DDoS) attacks become more challenging with the availability of resources and techniques to attackers. The application-layer-based DDoS attacks utilize legitimate HTTP requests to overwhelm victim resources are more undetectable and are protocol compliant and non-intrusive. Focusing on the detection for application layer DDoS attacks, the existing scheme ...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملA Lightweight Mechanism to Mitigate Application Layer DDoS Attacks
Application layer DDoS attacks, to which network layer solutions is not applicable as attackers are indistinguishable based on packets or protocols, prevent legitimate users from accessing services. In this paper, we propose Trust Management Helmet (TMH ) as a partial solution to this problem, which is a lightweight mitigation mechanism that uses trust to differentiate legitimate users and atta...
متن کاملKernel HTTPS/TCP/IP stack for HTTP DDoS mitigation
Application layer HTTP DDoS attacks are usually mitigated by HTTP accelerators or HTTP load balancers. However, Linux socket interface used by the software doesn’t provide reasonable performance for extreme loads caused by DDoS attacks. Thus, HTTP accelerators are starting to bypass an OS and to use user space TCP/IP stacks. This paper discusses the drawbacks of the bypassing technique and expl...
متن کاملMitigating DDoS Attacks Using OpenFlow-Based Software Defined Networking
Over the last years, Distributed Denial-of-Service (DDoS) attacks have become an increasing threat on the Internet, with recent attacks reaching traffic volumes of up to 500 Gbps. To make matters worse, web-based facilities that offer “DDoS-as-a-service” (i.e., Booters) allow for the layman to launch attacks in the order of tens of Gbps in exchange for only a few euros. A recent development in ...
متن کامل