Ontology type: schema:Chapter
2012
AUTHORSYang-seo Choi , Ik-Kyun Kim , Jin-Tae Oh , Jong-Soo Jang
ABSTRACTDistributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn’t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets. More... »
PAGES270-284
Information Security Applications
ISBN
978-3-642-35415-1
978-3-642-35416-8
http://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19
DOIhttp://dx.doi.org/10.1007/978-3-642-35416-8_19
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1028640044
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Artificial Intelligence and Image Processing",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Electronics and Telecommunications Research Institute",
"id": "https://www.grid.ac/institutes/grid.36303.35",
"name": [
"Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
],
"type": "Organization"
},
"familyName": "Choi",
"givenName": "Yang-seo",
"id": "sg:person.07736736115.06",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07736736115.06"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Electronics and Telecommunications Research Institute",
"id": "https://www.grid.ac/institutes/grid.36303.35",
"name": [
"Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
],
"type": "Organization"
},
"familyName": "Kim",
"givenName": "Ik-Kyun",
"id": "sg:person.012374141605.27",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012374141605.27"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Electronics and Telecommunications Research Institute",
"id": "https://www.grid.ac/institutes/grid.36303.35",
"name": [
"Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
],
"type": "Organization"
},
"familyName": "Oh",
"givenName": "Jin-Tae",
"id": "sg:person.015322546417.44",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015322546417.44"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Electronics and Telecommunications Research Institute",
"id": "https://www.grid.ac/institutes/grid.36303.35",
"name": [
"Cyber Security-Convergence Research Department, ETRI, 218, Gajeong-no, Yuseong-gu, Daejeon, 305-700, South Korea"
],
"type": "Organization"
},
"familyName": "Jang",
"givenName": "Jong-Soo",
"id": "sg:person.010316410070.01",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010316410070.01"
],
"type": "Person"
}
],
"citation": [
{
"id": "https://doi.org/10.1145/997150.997156",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1020238858"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/1947940.1948047",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1045524620"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/978-3-642-10485-5_13",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1051725512",
"https://doi.org/10.1007/978-3-642-10485-5_13"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/978-3-642-10485-5_13",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1051725512",
"https://doi.org/10.1007/978-3-642-10485-5_13"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tnet.2008.923716",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061715032"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tnet.2008.925628",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061715044"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tnet.2008.926503",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061715055"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tpds.2007.1111",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061753138"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.5121/ijnsa.2011.3213",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1072619591"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/infocom.2006.232",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1093716177"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/pacrim.2007.4313218",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095156541"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/icnp.2002.1181418",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095794931"
],
"type": "CreativeWork"
}
],
"datePublished": "2012",
"datePublishedReg": "2012-01-01",
"description": "Distributed denial-of-service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based businesses. As the attackers focus on economic gain, the HTTP GET Flooding attacks against the business web servers become one of the most frequently attempted attacks. Furthermore, the attack is becoming more sophisticated. In order to detect those attacks, several algorithms are developed. However, even though the developed technologies can detect the sophisticated attacks some of them need lots of system resources [12,13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a simple threshold based HTTP GET flooding attack detection algorithm. The threshold is generated from the characteristics of HTTP GET Request behaviors. In this algorithm, based on the defined monitoring period (MP) and Time Slot (TS), we calculate the Average Inter-GET_Request_Packet_Exist_TS-Gap (AIGG). The AIGG is used for threshold extraction. For effective detection, the optimized MP, TS and the threshold value, are extracted. In addition, the proposed algorithm doesn\u2019t need to analyze every HTTP GET request packet so it needs less CPU resources than the algorithms which have to analyze all the request packets.",
"editor": [
{
"familyName": "Lee",
"givenName": "Dong Hoon",
"type": "Person"
},
{
"familyName": "Yung",
"givenName": "Moti",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-642-35416-8_19",
"inLanguage": [
"en"
],
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-642-35415-1",
"978-3-642-35416-8"
],
"name": "Information Security Applications",
"type": "Book"
},
"name": "AIGG Threshold Based HTTP GET Flooding Attack Detection",
"pagination": "270-284",
"productId": [
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-642-35416-8_19"
]
},
{
"name": "readcube_id",
"type": "PropertyValue",
"value": [
"886e9b44936040398d23123bc378a8bee5e2d679bb37057468f816443bded221"
]
},
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1028640044"
]
}
],
"publisher": {
"location": "Berlin, Heidelberg",
"name": "Springer Berlin Heidelberg",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-642-35416-8_19",
"https://app.dimensions.ai/details/publication/pub.1028640044"
],
"sdDataset": "chapters",
"sdDatePublished": "2019-04-15T10:34",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8659_00000261.jsonl",
"type": "Chapter",
"url": "http://link.springer.com/10.1007/978-3-642-35416-8_19"
}
]
Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-35416-8_19'
This table displays all metadata directly associated to this object as RDF triples.
125 TRIPLES
23 PREDICATES
38 URIs
20 LITERALS
8 BLANK NODES