You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19

AIGG Threshold Based HTTP GET Flooding Attack Detection View Full Text

Ontology type: schema:Chapter     


Chapter Info

DATE

2012

AUTHORS

Yang-seo Choi , Ik-Kyun Kim , Jin-Tae Oh , Jong-Soo Jang

ABSTRACT

Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets. More... »

PAGES

270-284

References to SciGraph publications

  • 2009. A Lightweight Mechanism to Mitigate Application Layer DDoS Attacks in SCALABLE INFORMATION SYSTEMS

    • Book

    TITLE

    Information Security Applications

    ISBN

    978-3-642-35415-1
    978-3-642-35416-8

    Subjects

  • FOR: Artificial Intelligence And Image Processing
  • FOR: Information And Computing Sciences

    • Author Affiliations

  • Electronics and Telecommunications Research Institute

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19

    DOI

    http://dx.doi.org/10.1007/978-3-642-35416-8_19

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1028640044

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Choi", 
        "givenName": "Yang-seo", 
        "id": "sg:person.07736736115.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Kim", 
        "givenName": "Ik-Kyun", 
        "id": "sg:person.012374141605.27", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Oh", 
        "givenName": "Jin-Tae", 
        "id": "sg:person.015322546417.44", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Jang", 
        "givenName": "Jong-Soo", 
        "id": "sg:person.010316410070.01", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1145/997150.997156", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1020238858"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/1947940.1948047", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1045524620"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.923716", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715032"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.925628", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715044"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.926503", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715055"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tpds.2007.1111", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061753138"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.5121/ijnsa.2011.3213", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1072619591"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/infocom.2006.232", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1093716177"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/pacrim.2007.4313218", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095156541"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/icnp.2002.1181418", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095794931"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2012", 
    "datePublishedReg": "2012-01-01", 
    "description": "Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn\u2019t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.", 
    "editor": [
      {
        "familyName": "Lee", 
        "givenName": "Dong Hoon", 
        "type": "Person"
      }, 
      {
        "familyName": "Yung", 
        "givenName": "Moti", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-35416-8_19", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-642-35415-1", 
        "978-3-642-35416-8"
      ], 
      "name": "Information Security Applications", 
      "type": "Book"
    }, 
    "name": "AIGG Threshold Based HTTP GET Flooding Attack Detection", 
    "pagination": "270-284", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-35416-8_19"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1028640044"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-35416-8_19", 
      "https://app.dimensions.ai/details/publication/pub.1028640044"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T10:34", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8659_00000261.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/978-3-642-35416-8_19"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'


     

    This table displays all metadata directly associated to this object as RDF triples.

    125 TRIPLES      23 PREDICATES      38 URIs      20 LITERALS      8 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-642-35416-8_19 schema:about anzsrc-for:08
    2 anzsrc-for:0801
    3 schema:author Nc0c0ee79b5694137a06080c0853f1fcd
    4 schema:citation sg:pub.10.1007/978-3-642-10485-5_13
    5 https://doi.org/10.1109/icnp.2002.1181418
    6 https://doi.org/10.1109/infocom.2006.232
    7 https://doi.org/10.1109/pacrim.2007.4313218
    8 https://doi.org/10.1109/tnet.2008.923716
    9 https://doi.org/10.1109/tnet.2008.925628
    10 https://doi.org/10.1109/tnet.2008.926503
    11 https://doi.org/10.1109/tpds.2007.1111
    12 https://doi.org/10.1145/1947940.1948047
    13 https://doi.org/10.1145/997150.997156
    14 https://doi.org/10.5121/ijnsa.2011.3213
    15 schema:datePublished 2012
    16 schema:datePublishedReg 2012-01-01
    17 schema:description Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.
    18 schema:editor Na4224c67518b4c429f9d3a3d81592f6e
    19 schema:genre chapter
    20 schema:inLanguage en
    21 schema:isAccessibleForFree false
    22 schema:isPartOf N8fb70f38dacf48ad84b5703c30953714
    23 schema:name AIGG Threshold Based HTTP GET Flooding Attack Detection
    24 schema:pagination 270-284
    25 schema:productId N0fa71eb240364b8784c2d53b15a966e0
    26 N147300f7a4ce4ca79dfe6a4b4d0a2e29
    27 N2c280c28e5d54e5dbab79460afa0c672
    28 schema:publisher N562648abe5ad46aea653399163d35897
    29 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028640044
    30 https://doi.org/10.1007/978-3-642-35416-8_19
    31 schema:sdDatePublished 2019-04-15T10:34
    32 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    33 schema:sdPublisher N2865be8ace1b4d54afff8f60fa4317b2
    34 schema:url http://link.springer.com/10.1007/978-3-642-35416-8_19
    35 sgo:license sg:explorer/license/
    36 sgo:sdDataset chapters
    37 rdf:type schema:Chapter
    38 N0f9c2a4f62e14d0190eea5f1a32fec69 schema:familyName Yung
    39 schema:givenName Moti
    40 rdf:type schema:Person
    41 N0fa71eb240364b8784c2d53b15a966e0 schema:name doi
    42 schema:value 10.1007/978-3-642-35416-8_19
    43 rdf:type schema:PropertyValue
    44 N147300f7a4ce4ca79dfe6a4b4d0a2e29 schema:name dimensions_id
    45 schema:value pub.1028640044
    46 rdf:type schema:PropertyValue
    47 N2865be8ace1b4d54afff8f60fa4317b2 schema:name Springer Nature - SN SciGraph project
    48 rdf:type schema:Organization
    49 N2c280c28e5d54e5dbab79460afa0c672 schema:name readcube_id
    50 schema:value 886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221
    51 rdf:type schema:PropertyValue
    52 N562648abe5ad46aea653399163d35897 schema:location Berlin, Heidelberg
    53 schema:name Springer Berlin Heidelberg
    54 rdf:type schema:Organisation
    55 N79fad3259e524fffb8226ee5440e9a49 rdf:first N0f9c2a4f62e14d0190eea5f1a32fec69
    56 rdf:rest rdf:nil
    57 N7c390d1a486d48ac973ca74effe3b953 schema:familyName Lee
    58 schema:givenName Dong Hoon
    59 rdf:type schema:Person
    60 N8fb70f38dacf48ad84b5703c30953714 schema:isbn 978-3-642-35415-1
    61 978-3-642-35416-8
    62 schema:name Information Security Applications
    63 rdf:type schema:Book
    64 Na4224c67518b4c429f9d3a3d81592f6e rdf:first N7c390d1a486d48ac973ca74effe3b953
    65 rdf:rest N79fad3259e524fffb8226ee5440e9a49
    66 Nc0c0ee79b5694137a06080c0853f1fcd rdf:first sg:person.07736736115.06
    67 rdf:rest Nc2289a0e0aa746fd8c75ca51386a9986
    68 Nc2289a0e0aa746fd8c75ca51386a9986 rdf:first sg:person.012374141605.27
    69 rdf:rest Ndb0ed17fa34948b7af46494713621ac7
    70 Ndb0ed17fa34948b7af46494713621ac7 rdf:first sg:person.015322546417.44
    71 rdf:rest Nee99c46f65d84a3cb9b775db9d305059
    72 Nee99c46f65d84a3cb9b775db9d305059 rdf:first sg:person.010316410070.01
    73 rdf:rest rdf:nil
    74 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    75 schema:name Information and Computing Sciences
    76 rdf:type schema:DefinedTerm
    77 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
    78 schema:name Artificial Intelligence and Image Processing
    79 rdf:type schema:DefinedTerm
    80 sg:person.010316410070.01 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    81 schema:familyName Jang
    82 schema:givenName Jong-Soo
    83 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01
    84 rdf:type schema:Person
    85 sg:person.012374141605.27 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    86 schema:familyName Kim
    87 schema:givenName Ik-Kyun
    88 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27
    89 rdf:type schema:Person
    90 sg:person.015322546417.44 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    91 schema:familyName Oh
    92 schema:givenName Jin-Tae
    93 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44
    94 rdf:type schema:Person
    95 sg:person.07736736115.06 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    96 schema:familyName Choi
    97 schema:givenName Yang-seo
    98 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06
    99 rdf:type schema:Person
    100 sg:pub.10.1007/978-3-642-10485-5_13 schema:sameAs https://app.dimensions.ai/details/publication/pub.1051725512
    101 https://doi.org/10.1007/978-3-642-10485-5_13
    102 rdf:type schema:CreativeWork
    103 https://doi.org/10.1109/icnp.2002.1181418 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095794931
    104 rdf:type schema:CreativeWork
    105 https://doi.org/10.1109/infocom.2006.232 schema:sameAs https://app.dimensions.ai/details/publication/pub.1093716177
    106 rdf:type schema:CreativeWork
    107 https://doi.org/10.1109/pacrim.2007.4313218 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095156541
    108 rdf:type schema:CreativeWork
    109 https://doi.org/10.1109/tnet.2008.923716 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715032
    110 rdf:type schema:CreativeWork
    111 https://doi.org/10.1109/tnet.2008.925628 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715044
    112 rdf:type schema:CreativeWork
    113 https://doi.org/10.1109/tnet.2008.926503 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715055
    114 rdf:type schema:CreativeWork
    115 https://doi.org/10.1109/tpds.2007.1111 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061753138
    116 rdf:type schema:CreativeWork
    117 https://doi.org/10.1145/1947940.1948047 schema:sameAs https://app.dimensions.ai/details/publication/pub.1045524620
    118 rdf:type schema:CreativeWork
    119 https://doi.org/10.1145/997150.997156 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020238858
    120 rdf:type schema:CreativeWork
    121 https://doi.org/10.5121/ijnsa.2011.3213 schema:sameAs https://app.dimensions.ai/details/publication/pub.1072619591
    122 rdf:type schema:CreativeWork
    123 https://www.grid.ac/institutes/grid.36303.35 schema:alternateName Electronics and Telecommunications Research Institute
    124 schema:name Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea
    125 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...