Detection of Application Layer DDoS Attacks with Clustering and Bayes Factors

被引：10

作者：

Chwalinski, Pawel ^{[1
]}

Belavkin, Roman ^{[1
]}

Cheng, Xiaochun ^{[1
]}

机构：

[1] Middlesex Univ, Sch Sci & Technol, London N17 8HR, England

来源：

2013 IEEE INTERNATIONAL CONFERENCE ON SYSTEMS, MAN, AND CYBERNETICS (SMC 2013) | 2013年

关键词：

HTTP-GET Attack; Entropy; Clustering; Intrusion Detection; Bayes Factors; INTRUSION;

D O I：

10.1109/SMC.2013.34

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

One of the attacks observed against HTTP protocol is HTTP-GET attack using sequences of requests to limit accessibility of webservers. This attack has been researched in this report, and a novel detection technique has been developed to tackle it. In general, the technique uses entropy-based clustering and application of Bayes factors to distinguish among legitimate and attacking sequences. It has been presented that the introduced method allows for formation of recent patterns of behaviours observed at a webserver, that remain unknown to the attackers. Subsequently, Bayes factors are introduced to measure anomaly of web sessions. The method performs reasonably well, against strategy and scope varying attackers.

引用

页码：156 / 161

页数：6

共 29 条

[1]

[Anonymous], CIRCUITS SYSTEMS SIG

[2]

[Anonymous], 1948, BELL SYST TECH J

[3]

Arlitt M.F., 1996, PROC ACM SIGMETRICS, P126

[4]

Barbara D., 2002, Proceedings of the Eleventh International Conference on Information and Knowledge Management. CIKM 2002, P582, DOI 10.1145/584792.584888

[5]

Chwalinski Pawel, 2013, Foundations and Practice of Security. 5th International Symposium, FPS 2012. Revised Selected Papers, P45, DOI 10.1007/978-3-642-37119-6_4

[6] Applying Support Vector Regression for Web Effort Estimation using a Cross-Company Dataset [J].

Corazza, A. ;

Di Martino, S. ;

Ferrucci, F. ;

Gravino, C. ;

Mendes, E. .

ESEM: 2009 3RD INTERNATIONAL SYMPOSIUM ON EMPIRICAL SOFTWARE ENGINEERING AND MEASUREMENT, 2009, :191-+

[7] AN INTRUSION-DETECTION MODEL [J].

DENNING, DE .

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :222-232

[8]

Gavrilis D., 2006, COMM SYST NETW DIG S, P266

[9]

Giralte L. C., 2012, COMPUTERS ELECT ENG

[10] Cluster-wise assessment of cluster stability [J].

Hennig, Christian .

COMPUTATIONAL STATISTICS & DATA ANALYSIS, 2007, 52 (01) :258-271

← 1 2 3 →