AIGG Threshold Based HTTP GET Flooding Attack Detection View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2012

AUTHORS

Yang-seo Choi , Ik-Kyun Kim , Jin-Tae Oh , Jong-Soo Jang

ABSTRACT

Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets. More... »

PAGES

270-284

References to SciGraph publications

Book

TITLE

Information Security Applications

ISBN

978-3-642-35415-1
978-3-642-35416-8

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19

DOI

http://dx.doi.org/10.1007/978-3-642-35416-8_19

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1028640044


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Choi", 
        "givenName": "Yang-seo", 
        "id": "sg:person.07736736115.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Kim", 
        "givenName": "Ik-Kyun", 
        "id": "sg:person.012374141605.27", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Oh", 
        "givenName": "Jin-Tae", 
        "id": "sg:person.015322546417.44", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Jang", 
        "givenName": "Jong-Soo", 
        "id": "sg:person.010316410070.01", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1145/997150.997156", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1020238858"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/1947940.1948047", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1045524620"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.923716", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715032"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.925628", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715044"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.926503", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715055"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tpds.2007.1111", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061753138"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.5121/ijnsa.2011.3213", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1072619591"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/infocom.2006.232", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1093716177"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/pacrim.2007.4313218", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095156541"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/icnp.2002.1181418", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095794931"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2012", 
    "datePublishedReg": "2012-01-01", 
    "description": "Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn\u2019t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.", 
    "editor": [
      {
        "familyName": "Lee", 
        "givenName": "Dong Hoon", 
        "type": "Person"
      }, 
      {
        "familyName": "Yung", 
        "givenName": "Moti", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-35416-8_19", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-642-35415-1", 
        "978-3-642-35416-8"
      ], 
      "name": "Information Security Applications", 
      "type": "Book"
    }, 
    "name": "AIGG Threshold Based HTTP GET Flooding Attack Detection", 
    "pagination": "270-284", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-35416-8_19"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1028640044"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-35416-8_19", 
      "https://app.dimensions.ai/details/publication/pub.1028640044"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T10:34", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8659_00000261.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/978-3-642-35416-8_19"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'


 

This table displays all metadata directly associated to this object as RDF triples.

125 TRIPLES      23 PREDICATES      38 URIs      20 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-642-35416-8_19 schema:about anzsrc-for:08
2 anzsrc-for:0801
3 schema:author N2085b993e2554303893d9e8b2613f7c0
4 schema:citation sg:pub.10.1007/978-3-642-10485-5_13
5 https://doi.org/10.1109/icnp.2002.1181418
6 https://doi.org/10.1109/infocom.2006.232
7 https://doi.org/10.1109/pacrim.2007.4313218
8 https://doi.org/10.1109/tnet.2008.923716
9 https://doi.org/10.1109/tnet.2008.925628
10 https://doi.org/10.1109/tnet.2008.926503
11 https://doi.org/10.1109/tpds.2007.1111
12 https://doi.org/10.1145/1947940.1948047
13 https://doi.org/10.1145/997150.997156
14 https://doi.org/10.5121/ijnsa.2011.3213
15 schema:datePublished 2012
16 schema:datePublishedReg 2012-01-01
17 schema:description Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.
18 schema:editor N90187c82cba74b019176bf167f4609ce
19 schema:genre chapter
20 schema:inLanguage en
21 schema:isAccessibleForFree false
22 schema:isPartOf N7db0de4555aa4a229190aa3f6e0d8fd2
23 schema:name AIGG Threshold Based HTTP GET Flooding Attack Detection
24 schema:pagination 270-284
25 schema:productId N93445f4f7b8c467b85e09cf93434f670
26 Nb7f0f6d410ff44fd98fe1439324c3d8b
27 Nf97abb9c16b64e37ad343a8277779b17
28 schema:publisher Nd13cf60cf87042d183d21d2ede9c0942
29 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028640044
30 https://doi.org/10.1007/978-3-642-35416-8_19
31 schema:sdDatePublished 2019-04-15T10:34
32 schema:sdLicense https://scigraph.springernature.com/explorer/license/
33 schema:sdPublisher N692986a38cbf4384bd8d68c9c7a664ce
34 schema:url http://link.springer.com/10.1007/978-3-642-35416-8_19
35 sgo:license sg:explorer/license/
36 sgo:sdDataset chapters
37 rdf:type schema:Chapter
38 N010d8c44fdb3471887b050e1c93193e8 rdf:first N4c4ce31a58cd4916b11142f6f6c3c568
39 rdf:rest rdf:nil
40 N0b32792431194cef889808ec7b88a1dc rdf:first sg:person.012374141605.27
41 rdf:rest N7c7b13e4fb594fc483e1810a885808cb
42 N1959b9f59c3a4fb991c9cb63b047b197 rdf:first sg:person.010316410070.01
43 rdf:rest rdf:nil
44 N2085b993e2554303893d9e8b2613f7c0 rdf:first sg:person.07736736115.06
45 rdf:rest N0b32792431194cef889808ec7b88a1dc
46 N4c4ce31a58cd4916b11142f6f6c3c568 schema:familyName Yung
47 schema:givenName Moti
48 rdf:type schema:Person
49 N692986a38cbf4384bd8d68c9c7a664ce schema:name Springer Nature - SN SciGraph project
50 rdf:type schema:Organization
51 N78a73803f51e451db9a34fb614184b3e schema:familyName Lee
52 schema:givenName Dong Hoon
53 rdf:type schema:Person
54 N7c7b13e4fb594fc483e1810a885808cb rdf:first sg:person.015322546417.44
55 rdf:rest N1959b9f59c3a4fb991c9cb63b047b197
56 N7db0de4555aa4a229190aa3f6e0d8fd2 schema:isbn 978-3-642-35415-1
57 978-3-642-35416-8
58 schema:name Information Security Applications
59 rdf:type schema:Book
60 N90187c82cba74b019176bf167f4609ce rdf:first N78a73803f51e451db9a34fb614184b3e
61 rdf:rest N010d8c44fdb3471887b050e1c93193e8
62 N93445f4f7b8c467b85e09cf93434f670 schema:name doi
63 schema:value 10.1007/978-3-642-35416-8_19
64 rdf:type schema:PropertyValue
65 Nb7f0f6d410ff44fd98fe1439324c3d8b schema:name readcube_id
66 schema:value 886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221
67 rdf:type schema:PropertyValue
68 Nd13cf60cf87042d183d21d2ede9c0942 schema:location Berlin, Heidelberg
69 schema:name Springer Berlin Heidelberg
70 rdf:type schema:Organisation
71 Nf97abb9c16b64e37ad343a8277779b17 schema:name dimensions_id
72 schema:value pub.1028640044
73 rdf:type schema:PropertyValue
74 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
75 schema:name Information and Computing Sciences
76 rdf:type schema:DefinedTerm
77 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
78 schema:name Artificial Intelligence and Image Processing
79 rdf:type schema:DefinedTerm
80 sg:person.010316410070.01 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
81 schema:familyName Jang
82 schema:givenName Jong-Soo
83 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01
84 rdf:type schema:Person
85 sg:person.012374141605.27 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
86 schema:familyName Kim
87 schema:givenName Ik-Kyun
88 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27
89 rdf:type schema:Person
90 sg:person.015322546417.44 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
91 schema:familyName Oh
92 schema:givenName Jin-Tae
93 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44
94 rdf:type schema:Person
95 sg:person.07736736115.06 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
96 schema:familyName Choi
97 schema:givenName Yang-seo
98 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06
99 rdf:type schema:Person
100 sg:pub.10.1007/978-3-642-10485-5_13 schema:sameAs https://app.dimensions.ai/details/publication/pub.1051725512
101 https://doi.org/10.1007/978-3-642-10485-5_13
102 rdf:type schema:CreativeWork
103 https://doi.org/10.1109/icnp.2002.1181418 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095794931
104 rdf:type schema:CreativeWork
105 https://doi.org/10.1109/infocom.2006.232 schema:sameAs https://app.dimensions.ai/details/publication/pub.1093716177
106 rdf:type schema:CreativeWork
107 https://doi.org/10.1109/pacrim.2007.4313218 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095156541
108 rdf:type schema:CreativeWork
109 https://doi.org/10.1109/tnet.2008.923716 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715032
110 rdf:type schema:CreativeWork
111 https://doi.org/10.1109/tnet.2008.925628 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715044
112 rdf:type schema:CreativeWork
113 https://doi.org/10.1109/tnet.2008.926503 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715055
114 rdf:type schema:CreativeWork
115 https://doi.org/10.1109/tpds.2007.1111 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061753138
116 rdf:type schema:CreativeWork
117 https://doi.org/10.1145/1947940.1948047 schema:sameAs https://app.dimensions.ai/details/publication/pub.1045524620
118 rdf:type schema:CreativeWork
119 https://doi.org/10.1145/997150.997156 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020238858
120 rdf:type schema:CreativeWork
121 https://doi.org/10.5121/ijnsa.2011.3213 schema:sameAs https://app.dimensions.ai/details/publication/pub.1072619591
122 rdf:type schema:CreativeWork
123 https://www.grid.ac/institutes/grid.36303.35 schema:alternateName Electronics and Telecommunications Research Institute
124 schema:name Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea
125 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...