Mitigation of Application Layer DDoS Flood Attack Against Web Servers

The application-layer distributed denial of service (App-DDoS) attack is one of the most menacing types of cyberattacks that circumvent web servers. As attackers have developed different techniques and methods, preventing App-DDoS attacks has become more difficult. A commonly targeted protocol in the application layer is the HTTP-GET flooding attack, where the attacker sends a large number of HTTP-GET requests from multiple infected devices, forcing the server to devote all available resources responding to all the requests. This attack exhausts the server’s resources and denies service to legitimate users.

App-DDoS attacks are extremely costly in terms of resource exhaustion, affecting intended clients’ quality of service (QoS). The current range of defense mechanisms against App-DDoS attacks have several limitations, which include slow and delayed attack detection, increased computation load, and reduced hardware computational capacity.The aim of this research is to design and develop an App-DDoS attack detection and mitigation approach to defend web servers against such attacks. We develop a holistic DDoS mitigation framework to detect and mitigate all types of DDoS attacks. Our general defense model has four main components: a screener, policy control, a resource monitoring protocol, and a reporting module.

These components interact during screening and security service stages to achieve robust mitigation of various types of DDoS attacks. Based on this general defense model, we derive a new specific scheme to detect and mitigate App-DDoS attacks at an early stage, ensuring the App-DDoS attacks will not degrade the QoS for legitimate users. Our defense system employs three principle modes: normal, screening, and suspicious. The defense scheme transits between these modes, based on the server load. The detection method employs machine learning (ML) techniques during the screening mode, improving detection of App-DDoS attacks.

Our defense system is designed to automatically defeat App-DDoS attacks; every action is logged into the reporting module. We evaluate our defense system by testing its performance under different attack scenarios. The experimental results demonstrate our defense system is effective against App-DDoS attacks. This research seeks to help service providers reduce the risk of being a victim of App-DDoS attacks. Also, this research opens new perspectives in academic and industrial research to build and develop mechanisms based on our proposed model.

Comments

Post a Comment

Popular posts from this blog

DDoS Can Mask Security Breaches

Cyber criminals launch low-threshold DDoS attacks— also known as “Dark DDoS”—because they are a cheap and easy way to infiltrate and map a network. Because the attacks are so short – typically less than five minutes in duration – they are usually not detected by security teams or traditional DDoS scrubbing solutions. Because these attacks typically require very little bandwidth to execute, they are nearly impossible to detect without an advanced in-line DDoS protection solution that has granular detection capabilities. Stop denial of service attack In cases where the IT security staff do notice a DDoS attack in progress, the attack often serves as a decoy to distract security staff while hackers stealthily find pathways and test for vulnerabilities within a network. Hackers may install malware to ex-filtrate sensitive data such as email addresses or credit card numbers or corporate intellectual property. In addition, hackers may “own” or “enslave” the network so it can later be ex
Read more

Algorithm for troubleshooting computer problems

If you encounter problems with your computer and its hardware, you must act correctly. If the problem is with the hardware, for example, the printer does not print, you should start looking for the problem from that device. First, you need to check the printer's electrical and computer connections. Perhaps this step will fix the problem. Secondly, you need to make sure that the printer is displayed and ready to use in the Device Manager on your computer. This indicates that the device is correctly installed and configured, connected to the mains. Thirdly, you need to check if the paper is jammed in the printer and if there is toner in the cartridge. If there are problems with connecting the device, paper jams or the toner in the cartridge has run out, then such problems are solved by quickly eliminating the cause of the malfunction (correcting the cable, removing the jammed paper, refilling the cartridge). If the problem is in the "Device Manager" , the computer does not
Read more

What does data science have in store for 2021?

 Data is everywhere. In an increasingly digital world, the science that brings them together and analyzes them is constantly increasing in importance. 2020 was a year that presented us with new Artificial Intelligence interfaces, the improvement of existing ones and brought up issues like LGPD and how the analysis of the information we leave on the networks is made. But what awaits us in 2021? Several factors are expected to influence the labor market.  Know more:  Managed Storage Services And one of them is on the date of arrival in the market of young native people, who already see the world with great familiarity in data analysis. As Lucy Kosturko, manager of social innovation at SAS, pointed out, these young people live in this ecosystem from the moment they eat until they go to sleep. This generation that has an understanding and tracking of data acquired in an innate way and certainly their actions will mark 2021. Faced with scenarios like this, I bring together the three trends
Read more