You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19

AIGG Threshold Based HTTP GET Flooding Attack Detection View Full Text

Ontology type: schema:Chapter     


Chapter Info

DATE

2012

AUTHORS

Yang-seo Choi , Ik-Kyun Kim , Jin-Tae Oh , Jong-Soo Jang

ABSTRACT

Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets. More... »

PAGES

270-284

References to SciGraph publications

Book

TITLE

Information Security Applications

ISBN

978-3-642-35415-1
978-3-642-35416-8

Subjects

  • FOR: Artificial Intelligence And Image Processing
  • FOR: Information And Computing Sciences

    • Author Affiliations

  • Electronics and Telecommunications Research Institute

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19

    DOI

    http://dx.doi.org/10.1007/978-3-642-35416-8_19

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1028640044

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Choi", 
        "givenName": "Yang-seo", 
        "id": "sg:person.07736736115.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Kim", 
        "givenName": "Ik-Kyun", 
        "id": "sg:person.012374141605.27", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Oh", 
        "givenName": "Jin-Tae", 
        "id": "sg:person.015322546417.44", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Electronics and Telecommunications Research Institute", 
          "id": "https://www.grid.ac/institutes/grid.36303.35", 
          "name": [
            "Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Jang", 
        "givenName": "Jong-Soo", 
        "id": "sg:person.010316410070.01", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1145/997150.997156", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1020238858"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1145/1947940.1948047", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1045524620"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10485-5_13", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1051725512", 
          "https://doi.org/10.1007/978-3-642-10485-5_13"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.923716", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715032"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.925628", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715044"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tnet.2008.926503", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061715055"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/tpds.2007.1111", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1061753138"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.5121/ijnsa.2011.3213", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1072619591"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/infocom.2006.232", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1093716177"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/pacrim.2007.4313218", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095156541"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "https://doi.org/10.1109/icnp.2002.1181418", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1095794931"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2012", 
    "datePublishedReg": "2012-01-01", 
    "description": "Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn\u2019t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.", 
    "editor": [
      {
        "familyName": "Lee", 
        "givenName": "Dong Hoon", 
        "type": "Person"
      }, 
      {
        "familyName": "Yung", 
        "givenName": "Moti", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-35416-8_19", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-642-35415-1", 
        "978-3-642-35416-8"
      ], 
      "name": "Information Security Applications", 
      "type": "Book"
    }, 
    "name": "AIGG Threshold Based HTTP GET Flooding Attack Detection", 
    "pagination": "270-284", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-35416-8_19"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1028640044"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-35416-8_19", 
      "https://app.dimensions.ai/details/publication/pub.1028640044"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T10:34", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8659_00000261.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/978-3-642-35416-8_19"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'


     

    This table displays all metadata directly associated to this object as RDF triples.

    125 TRIPLES      23 PREDICATES      38 URIs      20 LITERALS      8 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-642-35416-8_19 schema:about anzsrc-for:08
    2 anzsrc-for:0801
    3 schema:author N2085b993e2554303893d9e8b2613f7c0
    4 schema:citation sg:pub.10.1007/978-3-642-10485-5_13
    5 https://doi.org/10.1109/icnp.2002.1181418
    6 https://doi.org/10.1109/infocom.2006.232
    7 https://doi.org/10.1109/pacrim.2007.4313218
    8 https://doi.org/10.1109/tnet.2008.923716
    9 https://doi.org/10.1109/tnet.2008.925628
    10 https://doi.org/10.1109/tnet.2008.926503
    11 https://doi.org/10.1109/tpds.2007.1111
    12 https://doi.org/10.1145/1947940.1948047
    13 https://doi.org/10.1145/997150.997156
    14 https://doi.org/10.5121/ijnsa.2011.3213
    15 schema:datePublished 2012
    16 schema:datePublishedReg 2012-01-01
    17 schema:description Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.
    18 schema:editor N90187c82cba74b019176bf167f4609ce
    19 schema:genre chapter
    20 schema:inLanguage en
    21 schema:isAccessibleForFree false
    22 schema:isPartOf N7db0de4555aa4a229190aa3f6e0d8fd2
    23 schema:name AIGG Threshold Based HTTP GET Flooding Attack Detection
    24 schema:pagination 270-284
    25 schema:productId N93445f4f7b8c467b85e09cf93434f670
    26 Nb7f0f6d410ff44fd98fe1439324c3d8b
    27 Nf97abb9c16b64e37ad343a8277779b17
    28 schema:publisher Nd13cf60cf87042d183d21d2ede9c0942
    29 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028640044
    30 https://doi.org/10.1007/978-3-642-35416-8_19
    31 schema:sdDatePublished 2019-04-15T10:34
    32 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    33 schema:sdPublisher N692986a38cbf4384bd8d68c9c7a664ce
    34 schema:url http://link.springer.com/10.1007/978-3-642-35416-8_19
    35 sgo:license sg:explorer/license/
    36 sgo:sdDataset chapters
    37 rdf:type schema:Chapter
    38 N010d8c44fdb3471887b050e1c93193e8 rdf:first N4c4ce31a58cd4916b11142f6f6c3c568
    39 rdf:rest rdf:nil
    40 N0b32792431194cef889808ec7b88a1dc rdf:first sg:person.012374141605.27
    41 rdf:rest N7c7b13e4fb594fc483e1810a885808cb
    42 N1959b9f59c3a4fb991c9cb63b047b197 rdf:first sg:person.010316410070.01
    43 rdf:rest rdf:nil
    44 N2085b993e2554303893d9e8b2613f7c0 rdf:first sg:person.07736736115.06
    45 rdf:rest N0b32792431194cef889808ec7b88a1dc
    46 N4c4ce31a58cd4916b11142f6f6c3c568 schema:familyName Yung
    47 schema:givenName Moti
    48 rdf:type schema:Person
    49 N692986a38cbf4384bd8d68c9c7a664ce schema:name Springer Nature - SN SciGraph project
    50 rdf:type schema:Organization
    51 N78a73803f51e451db9a34fb614184b3e schema:familyName Lee
    52 schema:givenName Dong Hoon
    53 rdf:type schema:Person
    54 N7c7b13e4fb594fc483e1810a885808cb rdf:first sg:person.015322546417.44
    55 rdf:rest N1959b9f59c3a4fb991c9cb63b047b197
    56 N7db0de4555aa4a229190aa3f6e0d8fd2 schema:isbn 978-3-642-35415-1
    57 978-3-642-35416-8
    58 schema:name Information Security Applications
    59 rdf:type schema:Book
    60 N90187c82cba74b019176bf167f4609ce rdf:first N78a73803f51e451db9a34fb614184b3e
    61 rdf:rest N010d8c44fdb3471887b050e1c93193e8
    62 N93445f4f7b8c467b85e09cf93434f670 schema:name doi
    63 schema:value 10.1007/978-3-642-35416-8_19
    64 rdf:type schema:PropertyValue
    65 Nb7f0f6d410ff44fd98fe1439324c3d8b schema:name readcube_id
    66 schema:value 886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221
    67 rdf:type schema:PropertyValue
    68 Nd13cf60cf87042d183d21d2ede9c0942 schema:location Berlin, Heidelberg
    69 schema:name Springer Berlin Heidelberg
    70 rdf:type schema:Organisation
    71 Nf97abb9c16b64e37ad343a8277779b17 schema:name dimensions_id
    72 schema:value pub.1028640044
    73 rdf:type schema:PropertyValue
    74 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    75 schema:name Information and Computing Sciences
    76 rdf:type schema:DefinedTerm
    77 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
    78 schema:name Artificial Intelligence and Image Processing
    79 rdf:type schema:DefinedTerm
    80 sg:person.010316410070.01 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    81 schema:familyName Jang
    82 schema:givenName Jong-Soo
    83 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01
    84 rdf:type schema:Person
    85 sg:person.012374141605.27 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    86 schema:familyName Kim
    87 schema:givenName Ik-Kyun
    88 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27
    89 rdf:type schema:Person
    90 sg:person.015322546417.44 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    91 schema:familyName Oh
    92 schema:givenName Jin-Tae
    93 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44
    94 rdf:type schema:Person
    95 sg:person.07736736115.06 schema:affiliation https://www.grid.ac/institutes/grid.36303.35
    96 schema:familyName Choi
    97 schema:givenName Yang-seo
    98 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06
    99 rdf:type schema:Person
    100 sg:pub.10.1007/978-3-642-10485-5_13 schema:sameAs https://app.dimensions.ai/details/publication/pub.1051725512
    101 https://doi.org/10.1007/978-3-642-10485-5_13
    102 rdf:type schema:CreativeWork
    103 https://doi.org/10.1109/icnp.2002.1181418 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095794931
    104 rdf:type schema:CreativeWork
    105 https://doi.org/10.1109/infocom.2006.232 schema:sameAs https://app.dimensions.ai/details/publication/pub.1093716177
    106 rdf:type schema:CreativeWork
    107 https://doi.org/10.1109/pacrim.2007.4313218 schema:sameAs https://app.dimensions.ai/details/publication/pub.1095156541
    108 rdf:type schema:CreativeWork
    109 https://doi.org/10.1109/tnet.2008.923716 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715032
    110 rdf:type schema:CreativeWork
    111 https://doi.org/10.1109/tnet.2008.925628 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715044
    112 rdf:type schema:CreativeWork
    113 https://doi.org/10.1109/tnet.2008.926503 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061715055
    114 rdf:type schema:CreativeWork
    115 https://doi.org/10.1109/tpds.2007.1111 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061753138
    116 rdf:type schema:CreativeWork
    117 https://doi.org/10.1145/1947940.1948047 schema:sameAs https://app.dimensions.ai/details/publication/pub.1045524620
    118 rdf:type schema:CreativeWork
    119 https://doi.org/10.1145/997150.997156 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020238858
    120 rdf:type schema:CreativeWork
    121 https://doi.org/10.5121/ijnsa.2011.3213 schema:sameAs https://app.dimensions.ai/details/publication/pub.1072619591
    122 rdf:type schema:CreativeWork
    123 https://www.grid.ac/institutes/grid.36303.35 schema:alternateName Electronics and Telecommunications Research Institute
    124 schema:name Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea
    125 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...