HTTP Application Layer DDoS Attack Mitigation Using Resources Monitor View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2018

AUTHORS

Mohamed Aly Mohamed , Nashwa Abdelbaki

ABSTRACT

Denial of Service attacks are one of the most annoying day to day challenges for any security expert and IT professional. This is according to the attack nature. It can be run against any kind of network resources, whether exposed to the Internet or internally in a corporate network, regardless of the type of service it provides and its role in the network. There is no one complete solution or unified framework method against this type of attack. The most dangerous type of DoS attack is the DDoS type. The attack flow from many sources at the same time. In the context of mitigation from DDoS attack, the detection mechanisms are the first step in the way. Mechanisms like IPS and firewall are not effective because of the current challenging DDOS attack methods against application layer. The attackers use vulnerability in the application itself to disrupt the service it provides. Current mitigation techniques depend on preventing the attack traffic from reaching web servers. In this paper we study http application layer DDoS attacks against web servers. We propose new approach for mitigation that depends on absorbing the attack effects on the web server and increases server’s resistance against DDoS attacks. More... »

PAGES

213-221

References to SciGraph publications

  • 2015. An Approach of DDOS Attack Detection Using Classifiers in EMERGING RESEARCH IN COMPUTING, INFORMATION, COMMUNICATION AND APPLICATIONS
  • 2012. AIGG Threshold Based HTTP GET Flooding Attack Detection in INFORMATION SECURITY APPLICATIONS
  • 2014-06. ConnectionScore: a statistical technique to resist application-layer DDoS attacks in JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING
  • 2016-03. Distributed denial-of-service attacks against HTTP/2 services in CLUSTER COMPUTING
  • 2014. Protective Frameworks and Schemes to Detect and Prevent High Rate DoS/DDoS and Flash Crowd Attacks: A Comprehensive Review in ADVANCED MACHINE LEARNING TECHNOLOGIES AND APPLICATIONS
  • 2016-09. Learning to control a structured-prediction decoder for detection of HTTP-layer DDoS attackers in MACHINE LEARNING
  • 2017-03. DyProSD: a dynamic protocol specific defense for high-rate DDoS flooding attacks in MICROSYSTEM TECHNOLOGIES
  • Book

    TITLE

    Proceedings of the International Conference on Advanced Intelligent Systems and Informatics 2017

    ISBN

    978-3-319-64860-6
    978-3-319-64861-3

    Author Affiliations

    Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-319-64861-3_20

    DOI

    http://dx.doi.org/10.1007/978-3-319-64861-3_20

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1091403037


    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

    [
      {
        "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
        "about": [
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/1005", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Communications Technologies", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/10", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Technology", 
            "type": "DefinedTerm"
          }
        ], 
        "author": [
          {
            "affiliation": {
              "alternateName": "Nile University", 
              "id": "https://www.grid.ac/institutes/grid.440877.8", 
              "name": [
                "Nile University"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Mohamed", 
            "givenName": "Mohamed Aly", 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Nile University", 
              "id": "https://www.grid.ac/institutes/grid.440877.8", 
              "name": [
                "Nile University"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Abdelbaki", 
            "givenName": "Nashwa", 
            "id": "sg:person.010062432325.70", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010062432325.70"
            ], 
            "type": "Person"
          }
        ], 
        "citation": [
          {
            "id": "sg:pub.10.1007/s10586-015-0528-7", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1010664539", 
              "https://doi.org/10.1007/s10586-015-0528-7"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/s10994-016-5581-9", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1013750322", 
              "https://doi.org/10.1007/s10994-016-5581-9"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/s10994-016-5581-9", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1013750322", 
              "https://doi.org/10.1007/s10994-016-5581-9"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/s00542-016-2978-0", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1020316127", 
              "https://doi.org/10.1007/s00542-016-2978-0"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-35416-8_19", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1028640044", 
              "https://doi.org/10.1007/978-3-642-35416-8_19"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/j.comnet.2010.05.002", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1029599983"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-81-322-2550-8_41", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1037743296", 
              "https://doi.org/10.1007/978-81-322-2550-8_41"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/s12652-013-0196-5", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1051725491", 
              "https://doi.org/10.1007/s12652-013-0196-5"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-319-13461-1_15", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1052346600", 
              "https://doi.org/10.1007/978-3-319-13461-1_15"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.7763/ijcee.2013.v5.771", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1074032361"
            ], 
            "type": "CreativeWork"
          }
        ], 
        "datePublished": "2018", 
        "datePublishedReg": "2018-01-01", 
        "description": "Denial of Service attacks are one of the most annoying day to day challenges for any security expert and IT professional. This is according to the attack nature. It can be run against any kind of network resources, whether exposed to the Internet or internally in a corporate network, regardless of the type of service it provides and its role in the network. There is no one complete solution or unified framework method against this type of attack. The most dangerous type of DoS attack is the DDoS type. The attack flow from many sources at the same time. In the context of mitigation from DDoS attack, the detection mechanisms are the first step in the way. Mechanisms like IPS and firewall are not effective because of the current challenging DDOS attack methods against application layer. The attackers use vulnerability in the application itself to disrupt the service it provides. Current mitigation techniques depend on preventing the attack traffic from reaching web servers. In this paper we study http application layer DDoS attacks against web servers. We propose new approach for mitigation that depends on absorbing the attack effects on the web server and increases server\u2019s resistance against DDoS attacks.", 
        "editor": [
          {
            "familyName": "Hassanien", 
            "givenName": "Aboul Ella", 
            "type": "Person"
          }, 
          {
            "familyName": "Shaalan", 
            "givenName": "Khaled", 
            "type": "Person"
          }, 
          {
            "familyName": "Gaber", 
            "givenName": "Tarek", 
            "type": "Person"
          }, 
          {
            "familyName": "Tolba", 
            "givenName": "Mohamed F.", 
            "type": "Person"
          }
        ], 
        "genre": "chapter", 
        "id": "sg:pub.10.1007/978-3-319-64861-3_20", 
        "inLanguage": [
          "en"
        ], 
        "isAccessibleForFree": false, 
        "isPartOf": {
          "isbn": [
            "978-3-319-64860-6", 
            "978-3-319-64861-3"
          ], 
          "name": "Proceedings of the International Conference on Advanced Intelligent Systems and Informatics 2017", 
          "type": "Book"
        }, 
        "name": "HTTP Application Layer DDoS Attack Mitigation Using Resources Monitor", 
        "pagination": "213-221", 
        "productId": [
          {
            "name": "doi", 
            "type": "PropertyValue", 
            "value": [
              "10.1007/978-3-319-64861-3_20"
            ]
          }, 
          {
            "name": "readcube_id", 
            "type": "PropertyValue", 
            "value": [
              "391c38575bb8597fec796824c0e7fd30a03eab4cc315c5987865f0a1ad6760b9"
            ]
          }, 
          {
            "name": "dimensions_id", 
            "type": "PropertyValue", 
            "value": [
              "pub.1091403037"
            ]
          }
        ], 
        "publisher": {
          "location": "Cham", 
          "name": "Springer International Publishing", 
          "type": "Organisation"
        }, 
        "sameAs": [
          "https://doi.org/10.1007/978-3-319-64861-3_20", 
          "https://app.dimensions.ai/details/publication/pub.1091403037"
        ], 
        "sdDataset": "chapters", 
        "sdDatePublished": "2019-04-15T14:29", 
        "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
        "sdPublisher": {
          "name": "Springer Nature - SN SciGraph project", 
          "type": "Organization"
        }, 
        "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8669_00000280.jsonl", 
        "type": "Chapter", 
        "url": "http://link.springer.com/10.1007/978-3-319-64861-3_20"
      }
    ]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON.

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-64861-3_20'

    N-Triples is a line-based linked data format ideal for batch operations.

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-64861-3_20'

    Turtle is a human-readable linked data format.

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-64861-3_20'

    RDF/XML is a standard XML format for linked data.

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-64861-3_20'


     

    This table displays all metadata directly associated to this object as RDF triples.

    120 TRIPLES      23 PREDICATES      36 URIs      20 LITERALS      8 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-319-64861-3_20 schema:about anzsrc-for:10
    2 anzsrc-for:1005
    3 schema:author N8a4c1f00b7fd40d2a7f78937e1fa802a
    4 schema:citation sg:pub.10.1007/978-3-319-13461-1_15
    5 sg:pub.10.1007/978-3-642-35416-8_19
    6 sg:pub.10.1007/978-81-322-2550-8_41
    7 sg:pub.10.1007/s00542-016-2978-0
    8 sg:pub.10.1007/s10586-015-0528-7
    9 sg:pub.10.1007/s10994-016-5581-9
    10 sg:pub.10.1007/s12652-013-0196-5
    11 https://doi.org/10.1016/j.comnet.2010.05.002
    12 https://doi.org/10.7763/ijcee.2013.v5.771
    13 schema:datePublished 2018
    14 schema:datePublishedReg 2018-01-01
    15 schema:description Denial of Service attacks are one of the most annoying day to day challenges for any security expert and IT professional. This is according to the attack nature. It can be run against any kind of network resources, whether exposed to the Internet or internally in a corporate network, regardless of the type of service it provides and its role in the network. There is no one complete solution or unified framework method against this type of attack. The most dangerous type of DoS attack is the DDoS type. The attack flow from many sources at the same time. In the context of mitigation from DDoS attack, the detection mechanisms are the first step in the way. Mechanisms like IPS and firewall are not effective because of the current challenging DDOS attack methods against application layer. The attackers use vulnerability in the application itself to disrupt the service it provides. Current mitigation techniques depend on preventing the attack traffic from reaching web servers. In this paper we study http application layer DDoS attacks against web servers. We propose new approach for mitigation that depends on absorbing the attack effects on the web server and increases server’s resistance against DDoS attacks.
    16 schema:editor Ne0c3f1df00cd45e1a1ec9bea6ad197de
    17 schema:genre chapter
    18 schema:inLanguage en
    19 schema:isAccessibleForFree false
    20 schema:isPartOf N6c5756dfbfdc4501bd3b1d3ea65131d3
    21 schema:name HTTP Application Layer DDoS Attack Mitigation Using Resources Monitor
    22 schema:pagination 213-221
    23 schema:productId N3d1f6add21cb48329deb320ed76f76bb
    24 Nb23e977a04df4000b3481b271770f318
    25 Nf7915269abb7484888f68c722f474b79
    26 schema:publisher N7db8dd49be094b89bc3167073ebf9485
    27 schema:sameAs https://app.dimensions.ai/details/publication/pub.1091403037
    28 https://doi.org/10.1007/978-3-319-64861-3_20
    29 schema:sdDatePublished 2019-04-15T14:29
    30 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    31 schema:sdPublisher N37a42739eae44e5a83480721425cceb8
    32 schema:url http://link.springer.com/10.1007/978-3-319-64861-3_20
    33 sgo:license sg:explorer/license/
    34 sgo:sdDataset chapters
    35 rdf:type schema:Chapter
    36 N09c109ee764c44efaa22713493ab05df rdf:first N7ee8feea96a64ce3bdf4237833671d7d
    37 rdf:rest rdf:nil
    38 N14a70cae60ff450e93feb4341339f13a rdf:first sg:person.010062432325.70
    39 rdf:rest rdf:nil
    40 N26d692bdc3f8435f8a9fae51c4e12cc8 schema:familyName Hassanien
    41 schema:givenName Aboul Ella
    42 rdf:type schema:Person
    43 N37a42739eae44e5a83480721425cceb8 schema:name Springer Nature - SN SciGraph project
    44 rdf:type schema:Organization
    45 N3d1f6add21cb48329deb320ed76f76bb schema:name doi
    46 schema:value 10.1007/978-3-319-64861-3_20
    47 rdf:type schema:PropertyValue
    48 N582bc70b3e594a64b36878745690c499 rdf:first N75685d9901b64c5caa87b4158d52536a
    49 rdf:rest N09c109ee764c44efaa22713493ab05df
    50 N6c5756dfbfdc4501bd3b1d3ea65131d3 schema:isbn 978-3-319-64860-6
    51 978-3-319-64861-3
    52 schema:name Proceedings of the International Conference on Advanced Intelligent Systems and Informatics 2017
    53 rdf:type schema:Book
    54 N75685d9901b64c5caa87b4158d52536a schema:familyName Gaber
    55 schema:givenName Tarek
    56 rdf:type schema:Person
    57 N7db8dd49be094b89bc3167073ebf9485 schema:location Cham
    58 schema:name Springer International Publishing
    59 rdf:type schema:Organisation
    60 N7ee8feea96a64ce3bdf4237833671d7d schema:familyName Tolba
    61 schema:givenName Mohamed F.
    62 rdf:type schema:Person
    63 N8a4c1f00b7fd40d2a7f78937e1fa802a rdf:first Nc246b8e7b2bf47f899cfe5993d1762f0
    64 rdf:rest N14a70cae60ff450e93feb4341339f13a
    65 N932f2188a4014af783c0fe0e366b568c schema:familyName Shaalan
    66 schema:givenName Khaled
    67 rdf:type schema:Person
    68 N9806f7512a834fd58bbb44bdecf01f48 rdf:first N932f2188a4014af783c0fe0e366b568c
    69 rdf:rest N582bc70b3e594a64b36878745690c499
    70 Nb23e977a04df4000b3481b271770f318 schema:name readcube_id
    71 schema:value 391c38575bb8597fec796824c0e7fd30a03eab4cc315c5987865f0a1ad6760b9
    72 rdf:type schema:PropertyValue
    73 Nc246b8e7b2bf47f899cfe5993d1762f0 schema:affiliation https://www.grid.ac/institutes/grid.440877.8
    74 schema:familyName Mohamed
    75 schema:givenName Mohamed Aly
    76 rdf:type schema:Person
    77 Ne0c3f1df00cd45e1a1ec9bea6ad197de rdf:first N26d692bdc3f8435f8a9fae51c4e12cc8
    78 rdf:rest N9806f7512a834fd58bbb44bdecf01f48
    79 Nf7915269abb7484888f68c722f474b79 schema:name dimensions_id
    80 schema:value pub.1091403037
    81 rdf:type schema:PropertyValue
    82 anzsrc-for:10 schema:inDefinedTermSet anzsrc-for:
    83 schema:name Technology
    84 rdf:type schema:DefinedTerm
    85 anzsrc-for:1005 schema:inDefinedTermSet anzsrc-for:
    86 schema:name Communications Technologies
    87 rdf:type schema:DefinedTerm
    88 sg:person.010062432325.70 schema:affiliation https://www.grid.ac/institutes/grid.440877.8
    89 schema:familyName Abdelbaki
    90 schema:givenName Nashwa
    91 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010062432325.70
    92 rdf:type schema:Person
    93 sg:pub.10.1007/978-3-319-13461-1_15 schema:sameAs https://app.dimensions.ai/details/publication/pub.1052346600
    94 https://doi.org/10.1007/978-3-319-13461-1_15
    95 rdf:type schema:CreativeWork
    96 sg:pub.10.1007/978-3-642-35416-8_19 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028640044
    97 https://doi.org/10.1007/978-3-642-35416-8_19
    98 rdf:type schema:CreativeWork
    99 sg:pub.10.1007/978-81-322-2550-8_41 schema:sameAs https://app.dimensions.ai/details/publication/pub.1037743296
    100 https://doi.org/10.1007/978-81-322-2550-8_41
    101 rdf:type schema:CreativeWork
    102 sg:pub.10.1007/s00542-016-2978-0 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020316127
    103 https://doi.org/10.1007/s00542-016-2978-0
    104 rdf:type schema:CreativeWork
    105 sg:pub.10.1007/s10586-015-0528-7 schema:sameAs https://app.dimensions.ai/details/publication/pub.1010664539
    106 https://doi.org/10.1007/s10586-015-0528-7
    107 rdf:type schema:CreativeWork
    108 sg:pub.10.1007/s10994-016-5581-9 schema:sameAs https://app.dimensions.ai/details/publication/pub.1013750322
    109 https://doi.org/10.1007/s10994-016-5581-9
    110 rdf:type schema:CreativeWork
    111 sg:pub.10.1007/s12652-013-0196-5 schema:sameAs https://app.dimensions.ai/details/publication/pub.1051725491
    112 https://doi.org/10.1007/s12652-013-0196-5
    113 rdf:type schema:CreativeWork
    114 https://doi.org/10.1016/j.comnet.2010.05.002 schema:sameAs https://app.dimensions.ai/details/publication/pub.1029599983
    115 rdf:type schema:CreativeWork
    116 https://doi.org/10.7763/ijcee.2013.v5.771 schema:sameAs https://app.dimensions.ai/details/publication/pub.1074032361
    117 rdf:type schema:CreativeWork
    118 https://www.grid.ac/institutes/grid.440877.8 schema:alternateName Nile University
    119 schema:name Nile University
    120 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)


    ...