An ontology approach for proactive detection of HTTP flood DoS attack

In the current digital era, the consumer uses web applications for banking, e-commerce, and sharing information with others. These web applications are suffered from different types of attacks. The hacker intelligently uses multiple attack vectors to generate attacks with the help of tools. Therefore, intelligent intrusion detection plays an essential role in security. This paper presents an ontology-based intrusion detection framework to detect Denial of Service (DoS) attacks at the application level. The system proposes the ontology model and semantic rule for the detection of an HTTP flood attack. The system is implemented and tested on the GoldenEye DoS dataset with the help of semantic rules. The system provides early detection of DoS attacks in two seconds and improved detection rate using a time winodw threshold mechanism in the semantic rule. The system also achieves a higher detection rate of 94.89% without threshold in semantic rule to detect DoS attack. Finally, the system is compared with related traditional DoS detection systems.