Relevant bibliographies by topics / Application layer DDoS / Journal articles
To see the other types of publications on this topic, follow the link: Application layer DDoS.

Journal articles on the topic 'Application layer DDoS'

Author: Grafiati
Published: 3 June 2025
Last updated: 22 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Application layer DDoS.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Xie, Bailin, Yu Wang, Guogui Wen, and Xiaojun Xu. "Application-Layer DDoS Attack Detection Using Explicit Duration Recurrent Network-Based Application-Layer Protocol Communication Models." International Journal of Intelligent Systems 2023 (June 17, 2023): 1–13. http://dx.doi.org/10.1155/2023/2632678.

Full text
Abstract:
Existing application-layer distributed denial of service (AL-DDoS) attack detection methods are mainly targeted at specific attacks and cannot effectively detect other types of AL-DDoS attacks. This study presents an application-layer protocol communication model for AL-DDoS attack detection, based on the explicit duration recurrent network (EDRN). The proposed method includes model training and AL-DDoS attack detection. In the AL-DDoS attack detection phase, the output of each observation sequence is updated in real time. The observation sequences are based on application-layer protocol keywords and time intervals between adjacent protocol keywords. Protocol keywords are extracted based on their identification using regular expressions. Experiments are conducted using datasets collected from a real campus network and the CICDDoS2019 dataset. The results of the experiments show that EDRN is superior to several popular recurrent neural networks in accuracy, F1, recall, and loss values. The proposed model achieves an accuracy of 0.996, F1 of 0.992, recall of 0.993, and loss of 0.041 in detecting HTTP DDoS attacks on the CICDDoS2019 dataset. The results further show that our model can effectively detect multiple types of AL-DDoS attacks. In a comparison test, the proposed method outperforms several state-of-the-art approaches.
APA, Harvard, Vancouver, ISO, and other styles
2

Ravichandran, S., and M. Umamaheswari. "Design and Development of Collaborative Detection and Taxonomy of DDoS Attacks Using ESVM." Asian Journal of Computer Science and Technology 6, no. 2 (2017): 27–32. http://dx.doi.org/10.51983/ajcst-2017.6.2.1783.

Full text
Abstract:
Distributed Denial of Service (DDoS) assault is a ceaseless basic risk to the web. Application layer DDoS Attack is gotten from the lower layers. Application layer based DDoS assaults utilize honest to goodness HTTP asks for after foundation of TCP three-way handshaking and overpowers the casualty assets, for example, attachments, CPU, memory, circle, database transfer speed. Arrange layer based DDoS assaults sends the SYN, UDP and ICMP solicitations to the server and debilitates the transfer speed. An oddity discovery system is proposed in this paper to identify DDoS assaults utilizing Enhanced Support Vector Machine (ESVM). The Application layer DDoS Attack, for example, HTTP Flooding, DNS Spoofing and Network layer DDoS Attack, for example, Port Scanning, TCP Flooding, UDP Flooding, ICMP Flooding, Land Flooding. Session Flooding is taken as test tests for ESVM. The Normal client gets to conduct characteristics is taken as preparing tests for ESVM. The movement from the testing tests and preparing tests are Cross Validated and the better arrangement exactness is acquired. Application and Network layer DDoS assaults are arranged with order exactness of 99 % with ESVM.
APA, Harvard, Vancouver, ISO, and other styles
3

Beitollahi, Hakem, and Geert Deconinck. "Tackling Application-layer DDoS Attacks." Procedia Computer Science 10 (2012): 432–41. http://dx.doi.org/10.1016/j.procs.2012.06.056.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Di, Xiao Qiang, Hua Min Yang, and Hui Qi. "Low-Rate Application-Layer DDoS Attacks Detection by Principal Component Analysis (PCA) through User Browsing Behavior." Applied Mechanics and Materials 397-400 (September 2013): 1945–48. http://dx.doi.org/10.4028/www.scientific.net/amm.397-400.1945.

Full text
Abstract:
Application-layer distributed denials of service (DDoS) attacks are becoming ever more challenging to internet service security, since firewall and intrusion detection system work on network layer while these attacks are launched on application layer. In contrast to prior work focusing on detection of high-rate DDoS attacks at static web sites, we propose a novel approach to detect low-rate application-layer DDoS attacks at dynamic web sites. A feature matrix is introduced to characterize user browsing behavior. Principal component analysis (PCA) is applied to profile the user browsing behavior pattern. Outliers from this pattern are used to identify anomaly users. Experiments are conducted to validate our approach. Experimental results show that our approach is accurate to detect low-rate application-layer DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
5

Ranjan, S., R. Swaminathan, M. Uysal, A. Nucci, and E. Knightly. "DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks." IEEE/ACM Transactions on Networking 17, no. 1 (2009): 26–39. http://dx.doi.org/10.1109/tnet.2008.926503.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

P., Ashvini, Anushree P., Bhagyashree N., Kiran S., and K. S. Kumavat. "DDOS Attack Prevention on Application Layer." International Journal of Computer Applications 127, no. 10 (2015): 22–25. http://dx.doi.org/10.5120/ijca2015906509.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Zeebaree, Subhi R. M., Karzan H. Sharif, and Roshna M. Mohammed Amin. "Application Layer Distributed Denial of Service Attacks Defense Techniques : A review." Academic Journal of Nawroz University 7, no. 4 (2018): 113. http://dx.doi.org/10.25007/ajnu.v7n4a279.

Full text
Abstract:
Currently distributed denial of service (DDoS) is the most sever attack that effect on the internet convenience. The main goal of these attacks is to prevent normal users from accessing the internet services such as web servers. However the more challenge and difficult types to detect is application layer DDoS attacks because of using legitimate client to create connection with victims. In this paper we give a review on application layer DDoS attacks defense or detection mechanisms. Furthermore, we summarize several experimental approaches on detection techniques of application layer DDoS attacks. The main goal of this paper is to get a clear view and detailed summary of the recent algorithms, methods and techniques presented to tackle these serious types of attacks.
APA, Harvard, Vancouver, ISO, and other styles
8

Kareem, Morenikeji Kabirat, Olaniyi Dada Aborisade, Saidat Adebukola Onashoga, Tole Sutikno, and Olaniyi Mathew Olayiwola. "Efficient model for detecting application layer distributed denial of service attacks." Bulletin of Electrical Engineering and Informatics 12, no. 1 (2023): 441–50. http://dx.doi.org/10.11591/eei.v12i1.3871.

Full text
Abstract:
The increasing advancement of technologies and communication infrastructures has been posing threats to the internet services. One of the most powerful attack weapons for disrupting web-based services is the distributed denial of service (DDoS) attack. The sophisticated nature of attack tools being created and used for launching attacks on target systems makes it difficult to distinguish between normal and attack traffic. Consequently, there is a need to detect application layer DDoS attacks from network traffic efficiently. This paper proposes a detection system coined eXtreme gradient boosting (XGB-DDoS) using a tree-based ensemble model known as XGBoost to detect application layer DDoS attacks. The Canadian institute for cybersecurity intrusion detection systems (CIC IDS) 2017 dataset consisting of both benign and malicious attacks was used in training and testing of the proposed model. The performance results of the proposed model indicate that the accuracy rate, recall, precision rate, and F1-score of XGB-DDoS are 0.999, 0.997, 0.995, and 0.996, respectively, as against those of k-nearest neighbor (KNN), support vector machine (SVM), principal component analysis (PCA) hybridized with XGBoost, and KNN with SVM. So, the XGB-DDoS detection model did better than the models that were chosen. This shows that it is good at finding application layer DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
9

Ni, Tongguang, Xiaoqing Gu, Hongyuan Wang, and Yu Li. "Real-Time Detection of Application-Layer DDoS Attack Using Time Series Analysis." Journal of Control Science and Engineering 2013 (2013): 1–6. http://dx.doi.org/10.1155/2013/821315.

Full text
Abstract:
Distributed denial of service (DDoS) attacks are one of the major threats to the current Internet, and application-layer DDoS attacks utilizing legitimate HTTP requests to overwhelm victim resources are more undetectable. Consequently, neither intrusion detection systems (IDS) nor victim server can detect malicious packets. In this paper, a novel approach to detect application-layer DDoS attack is proposed based on entropy of HTTP GET requests per source IP address (HRPI). By approximating the adaptive autoregressive (AAR) model, the HRPI time series is transformed into a multidimensional vector series. Then, a trained support vector machine (SVM) classifier is applied to identify the attacks. The experiments with several databases are performed and results show that this approach can detect application-layer DDoS attacks effectively.
APA, Harvard, Vancouver, ISO, and other styles
10

Rahmad, Gunawan, Ab Ghani Hadhrami, Khamis Nurulaqilla, Al Amien Januar, and Ismanto Edi. "Deep learning approach to DDoS attack with imbalanced data at the application layer." TELKOMNIKA 21, no. 05 (2023): 1060–67. https://doi.org/10.12928/telkomnika.v21i5.24857.

Full text
Abstract:
A distributed denial of service (DDoS) attack is where one or more computers attack or target a server computer, by flooding internet traffic to the server. As a result, the server cannot be accessed by legitimate users. A result of this attack causes enormous losses for a company because it can reduce the level of user trust, and reduce the company’s reputation to lose customers due to downtime. One of the services at the application layer that can be accessed by users is a web-based lightweight directory access protocol (LDAP) service that can provide safe and easy services to access directory applications. We used a deep learning approach to detect DDoS attacks on the CICDDoS 2019 dataset on a complex computer network at the application layer to get fast and accurate results for dealing with unbalanced data. Based on the results obtained, it is observed that DDoS attack detection using a deep learning approach on imbalanced data performs better when implemented using synthetic minority oversampling technique (SMOTE) method for binary classes. On the other hand, the proposed deep learning approach performs better for detecting DDoS attacks in multiclass when implemented using the adaptive synthetic (ADASYN) method.
APA, Harvard, Vancouver, ISO, and other styles
11

El-Sofany, Hosam F., and Samir Abou El-Seoud. "Performance Analysis of an Effective Approach to Protect Cloud Systems against Application Layer Based Attacks." International Journal of Online and Biomedical Engineering (iJOE) 15, no. 03 (2019): 82. http://dx.doi.org/10.3991/ijoe.v15i03.9931.

Full text
Abstract:
Cloud computing is a new paradigm for hosting hardware and software resources and provides a web-based services to organizations and consumers. It also provides an easy to use and on-demand access to cloud based computing resources that can be published by easy, minimal administration and with a great efficiency. Services of cloud computing are accessing and sharing through internet connection thus it is open for attacker to attack on its security. Application layer based attacks is one of Distributed Denial of Service attacks (DDoS) that can cause a big problem in cloud security. The main objective of DDoS attacks is to infect computer resources (e.g., software applications, network, CPU, etc.) and make them not working properly for the authorized users. In DDoS, the attacker tries to overload the web-based service with traffic. HTTP and XML-based DDoS attacks are founded under the application layer based category of DoS attacks. This category of attack is focused on particular web applications. The main objective of this research paper is to introduce an effective approach to protect cloud-based systems against application layer based attacks. Complexity analysis, effectiveness and performance evaluations of the presented approach are presented. The feedbacks of the experimental results were highly promising, for protecting cloud computing systems against both DoS and DDoS attacks. Correlation analysis model is also used to validate the efficiency of the proposed approach.
APA, Harvard, Vancouver, ISO, and other styles
12

Yalgʻashov, Anvar Ikrom oʻgʻli Fayzullayev Ikrom Yusub o'g'li Norqobilov Sobir Hamza o'g'li. "DDOS ATTACKS AND PROTECTION AGAINST THEM." EURASIAN JOURNAL OF ACADEMIC RESEARCH 2, no. 13 (2022): 1009–12. https://doi.org/10.5281/zenodo.7476343.

Full text
Abstract:
A Denial of Service (DoS) attack is an attempt to harm a targeted system, such as a website or application, by making it unavailable to normal end users. Typically, attackers create a large number of packets or requests that overload the target system. An attacker uses many compromised or controlled resources to carry out a distributed denial of service (DDoS) attack. In general, DDoS attacks can be divided into types based on the level at which the attack occurs in the Open Systems Interconnection (OSI) model. Attacks on the network layer (layer 3), transport layer (layer 4), presentation layer (layer 6), and application layer (layer 7) are the most common.
APA, Harvard, Vancouver, ISO, and other styles
13

LAKSHMI TEJASWI, Mrs LINGAREDDY, and Mr VELPULA RAJU. "Detection of Application Layer DDOS-Attacks Produced by Various Freely Accessible Toolkits Using Machine Learning." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 008 (2024): 1–15. http://dx.doi.org/10.55041/ijsrem37080.

Full text
Abstract:
The project aims to detect and mitigate escalating application-layer DDoS attacks, providing insights into attack patterns and tools for enhanced cybersecurity measures. With a target on HTTP-layer attacks, the project seeks to unravel tactics and tools, offering a specialized approach to bolster understanding and countermeasures against evolving cyber threats. There is an urgent need to address rising DDoS threats by shifting the project focus to tools' accessibility. This is crucial for proactive defense against the widespread use of malicious attack tools. The project aims to empower network administrators and cybersecurity experts, securing online services. Ultimately, it benefits users and businesses with resilient defenses against evolving DDoS threats. To boost performance, we introduced ensemble models—Voting Classifier (RandomForest, DecisionTree) and Stacking Classifier (RandomForest, DecisionTree, LGBM). These enhancements aim to improve cyberbullying detection accuracy.. Key Words: DDoS, DDoS tools, machine learning, deep learning
APA, Harvard, Vancouver, ISO, and other styles
14

Kanber, Bassam M., Naglaa F. Noaman, Amr M. H. Saeed, and Mansoor Malas. "DDoS Attacks Detection in the Application Layer Using Three Level Machine Learning Classification Architecture." International Journal of Computer Network and Information Security 14, no. 3 (2022): 33–46. http://dx.doi.org/10.5815/ijcnis.2022.03.03.

Full text
Abstract:
Distributed Denial of Service (DDoS) is an ever-changing type of attack in cybersecurity, especially with the growing demand for cloud and web services raising a never-ending challenge in the lucrative business. DDoS attacks disrupt users' access to the targeted online services leading to significant business loss. This article presents a three-level architecture for detecting DDoS attacks at the application layer. The first level is responsible for selecting the best features of the samples and classifying the traffic into either benign or malicious, then the second level consists of a hard voting classifier to identify the type of the DDoS source: UDP, TCP, or Mixed-based. Finally, the last level aligns the attack to the appropriate DDoS type. This approach is validated using the CIC-DDoS2019 dataset, and the time, accuracy score, and precision are used as the model performance metrics. Compared to the existing machine learning (ML) approaches, the proposed architecture reveals substantial improvements in both binary and multiclass classification of application-layer DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
15

Zhao, Xiaolin, Hui Peng, Xiang Li, et al. "Defending Application Layer DDoS Attacks via Multidimensional Parallelotope." Security and Communication Networks 2020 (December 30, 2020): 1–11. http://dx.doi.org/10.1155/2020/6679304.

Full text
Abstract:
The Internet is more and more integrated into people’s life; because of the complexity and fragility of the network environment, network attack presents a more and more serious trend. Application Layer DDoS (AL-DDoS) attack is the most complex form of DDoS attack, which is hindering the availability for the legitimate users by taking up a large number of requests of web server. The paper introduced the concept of behavior utility to portray the network. The concept of attack and defense utility was defined by a specific property which was the manifestation of the network risk after the offset of attack and defense. In the utility model, traffic metrics were mapped to the multidimensional parallelotope in the Euclidean space to express as a diagonal matrix. To determine the threshold status, the defense strategies of load balancing and limiting the maximum number of connections were used with different attack scales. Finally, the attack and defense utility value was calculated to evaluate the network risk level. The proposed method can master the capacity of network system against each attack means and the defense capability of network system. Its availability and accuracy are verified by comparing with the relevant works.
APA, Harvard, Vancouver, ISO, and other styles
16

Kravchuk, Arkadii, and Mykola Onai. "Developing information technology for evaluating and enhancing application-layer DDoS attack detection methods." Radioelectronic and Computer Systems 2024, no. 3 (2024): 132–55. http://dx.doi.org/10.32620/reks.2024.3.09.

Full text
Abstract:
The subject matter of this article is the methods to detect distributed denial-of-service (DDoS) attacks at the Hypertext Transfer Protocol (HTTP) level with the purpose of justifying the requirements for creating software capable of identifying malicious web server clients. The goal of this article is to develop an information technology to evaluate the efficiency of DDoS attack detection methods, which will quantify their operating time, memory consumption, and approximate classification accuracy. In addition, this paper proposes hypotheses and a potential approach to improve existing application-layer DDoS attack detection methods with the intention of increasing their accuracy and identification speed. The tasks of this study are as follows: to analyse modern methods for detecting application-layer DDoS attacks; to investigate their features and short­comings; to develop a software system to assess DDoS attack detection methods; to programmatically implement these methods and experimentally measure their performance indicators, specifically: classification ac­curacy, operating time, and memory usage; to compare the efficiency of the investigated methods; to formulate hypotheses and propose an approach to improve existing methods and/or develop new methods based on the results obtained. The methods employed are abstraction, analysis, systematic approach, and empirical research. In particular, the datasets generated by DDoS utilities were processed using the synthetic minority oversampling technique (SMOTE) to balance them. Furthermore, the studied DDoS attack detection methods were implemented, including fitting the required parameters and training artificial neural network models for evaluation. The following results were obtained. The average classification accuracy, operating time, and random-access memory (RAM) consumption during Internet traffic classification were determined for six DDoS attack detection methods under the same conditions. This study has demonstrated that the development of a novel method to detect DDoS attacks at the HTTP level with enhanced accuracy and classification speed is strongly required. The experimental results demonstrate that the time series-based method exhibited the shortest operating time (1.33 ms for 5000 vectors), whereas the deep neural network-based method exhibited the highest average classification accuracy (ranging from 99.07% to 99.97%) and the lowest memory consumption (39.09 KB for 5000 vectors). Conclusions. In this study, a software system was developed to assess the average accuracy of DDoS attack classification methods and measure the computational resources utilized. The scientific novelty of the obtained results lies in the formulation of two hypotheses and a potential approach to the creation of a novel method for detecting DDoS attacks at the HTTP level, which will have both high classification accuracy and a short operating time to surpass previously studied analogues in these respects. The first hypothesis is based on the additional usage of HTTP request attributes during Internet traffic classification. The second hypothesis is to analyse a graph of user transitions between website pages. The article also superficially describes a potential approach that involves the implementation of the described hypotheses as well as the proposed software architecture of an application-layer DDoS attack detection system for the Kubernetes platform and the Istio framework, which addresses the issue of collecting web request parameter values for websites that use the cryptographically secured HTTPS protocol.
APA, Harvard, Vancouver, ISO, and other styles
17

Asad, Muhammad, Muhammad Asim, Talha Javed, Mirza O. Beg, Hasan Mujtaba, and Sohail Abbas. "DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning." Computer Journal 63, no. 7 (2019): 983–94. http://dx.doi.org/10.1093/comjnl/bxz064.

Full text
Abstract:
Abstract At the advent of advanced wireless technology and contemporary computing paradigms, Distributed Denial of Service (DDoS) attacks on Web-based services have not only increased exponentially in number, but also in the degree of sophistication; hence the need for detecting these attacks within the ocean of communication packets is extremely important. DDoS attacks were initially projected toward the network and transport layers. Over the years, attackers have shifted their offensive strategies toward the application layer. The application layer attacks are potentially more detrimental and stealthier because of the attack traffic and the benign traffic flows being indistinguishable. The distributed nature of these attacks is difficult to combat as they may affect tangible computing resources apart from network bandwidth consumption. In addition, smart devices connected to the Internet can be infected and used as botnets to launch DDoS attacks. In this paper, we propose a novel deep neural network-based detection mechanism that uses feed-forward back-propagation for accurately discovering multiple application layer DDoS attacks. The proposed neural network architecture can identify and use the most relevant high level features of packet flows with an accuracy of 98% on the state-of-the-art dataset containing various forms of DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
18

Abdullayeva, Fargana J. "Convolutional Neural Network-Based Automatic Diagnostic System for AL-DDoS Attacks Detection." International Journal of Cyber Warfare and Terrorism 12, no. 1 (2022): 1–15. http://dx.doi.org/10.4018/ijcwt.305242.

Full text
Abstract:
Distributed denial of service (DDoS) attacks are one of the main threats to information security. The purpose of DDoS attacks at the network (IP) and transport (TCP) layers is to consume the network bandwidth and deny service to legitimate users of the target system. Application layer DDoS attacks (AL-DDoS) can be organized against many different applications. Many of these attacks target HTTP, in which case their goal is to deplete the resources of web services. Various schemes have been proposed to detect DDoS attacks on network and transport layers. There are very few works being done to detect AL-DDoS attacks. The development of an intelligent system automatically detecting AL-DDoS attacks in advance is very necessary. In this paper to detect AL-DDoS attacks a deep learning model based on the Convolutional Neural Network is proposed. To simulate the AL-DDoS attack detection process, while in testing of the model on CSE-CIC-IDS2018 DDoS and CSIC 2010 datasets, 0.9974 and 0.9059 accuracy values were obtained, respectively.
APA, Harvard, Vancouver, ISO, and other styles
19

Tennakoon, Chaminda, and Subha Fernando. "Deep learning model for distributed denial of service (DDoS) detection." International Journal of ADVANCED AND APPLIED SCIENCES 9, no. 2 (2022): 109–18. http://dx.doi.org/10.21833/ijaas.2022.02.012.

Full text
Abstract:
Distributed denial of service (DDoS) attacks is one of the serious threats in the domain of cybersecurity where it affects the availability of online services by disrupting access to its legitimate users. The consequences of such attacks could be millions of dollars in worth since all of the online services are relying on high availability. The magnitude of DDoS attacks is ever increasing as attackers are smart enough to innovate their attacking strategies to expose vulnerabilities in the intrusion detection models or mitigation mechanisms. The history of DDoS attacks reflects that network and transport layers of the OSI model were the initial target of the attackers, but the recent history from the cybersecurity domain proves that the attacking momentum has shifted toward the application layer of the OSI model which presents a high degree of difficulty distinguishing the attack and benign traffics that make the combat against application-layer DDoS attack a sophisticated task. Striding for high accuracy with high DDoS classification recall is key for any DDoS detection mechanism to keep the reliability and trustworthiness of such a system. In this paper, a deep learning approach for application-layer DDoS detection is proposed by using an autoencoder to perform the feature selection and Deep neural networks to perform the attack classification. A popular benchmark dataset CIC DoS 2017 is selected by extracting the most appealing features from the packet flows. The proposed model has achieved an accuracy of 99.83% with a detection rate of 99.84% while maintaining the false-negative rate of 0.17%, which has the heights accuracy rate among the literature reviewed so far.
APA, Harvard, Vancouver, ISO, and other styles
20

Jaafar, Abdul Ghafar, Saiful Adli Ismail, Mohd Shahidan Abdullah, Nazri Kama, Azri Azmi, and Othman Mohd Yusop. "Recent Analysis of Forged Request Headers Constituted by HTTP DDoS." Sensors 20, no. 14 (2020): 3820. http://dx.doi.org/10.3390/s20143820.

Full text
Abstract:
Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect. The shortfall at the application layer allows formation of HTTP DDoS as the request headers are not compulsory to be attached in an HTTP request. Furthermore, the header is editable, thus providing an attacker with the advantage to execute HTTP DDoS as it contains almost similar request header that can emulate a genuine client request. To the best of the authors’ knowledge, there are no recent studies that provide forged request headers pattern with the execution of the current HTTP DDoS attack scripts. Besides that, the current dataset for HTTP DDoS is not publicly available which leads to complexity for researchers to disclose false headers, causing them to rely on old dataset rather than more current attack patterns. Hence, this study conducted an analysis to disclose forged request headers patterns created by HTTP DDoS. The results of this study successfully disclose eight forged request headers patterns constituted by HTTP DDoS. The analysis was executed by using actual machines and eight real attack scripts which are capable of overwhelming a web server in a minimal duration. The request headers patterns were explained supported by a critical analysis to provide the outcome of this paper.
APA, Harvard, Vancouver, ISO, and other styles
21

Researcher. "AN ARCHITECTURE FOR A DISTRIBUTED CLOUD HONEYPOT." International Journal of Computer Engineering and Technology (IJCET) 15, no. 6 (2024): 488–500. https://doi.org/10.5281/zenodo.14183575.

Full text
Abstract:
DDoS assaults present a significant menace to the Internet. With the increasing prevalence of the Internet of Things (IoT), the DDoS attack has evolved beyond a simple traffic attack. The primary focus of the attack has shifted from the network layer to the application layer. In addition, DDoS attacks utilizing botnets yield more devastating consequences. The objective of this study is to introduce a novel collaborative active defensive framework that combines Honeypot and cloud platform technologies. This framework is designed to identify and protect against future Distributed Denial of Service (DDoS) assaults inside the Internet of Things (IoT) context. The framework is capable of detecting and mitigating large volumes of malicious traffic, measured in Terabytes, in real-time.
APA, Harvard, Vancouver, ISO, and other styles
22

Dawadi, Babu R., Bibek Adhikari, and Devesh K. Srivastava. "Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks." Sensors 23, no. 4 (2023): 2073. http://dx.doi.org/10.3390/s23042073.

Full text
Abstract:
New techniques and tactics are being used to gain unauthorized access to the web that harm, steal, and destroy information. Protecting the system from many threats such as DDoS, SQL injection, cross-site scripting, etc., is always a challenging issue. This research work makes a comparative analysis between normal HTTP traffic and attack traffic that identifies attack-indicating parameters and features. Different features of standard datasets ISCX, CISC, and CICDDoS were analyzed and attack and normal traffic were compared by taking different parameters into consideration. A layered architecture model for DDoS, XSS, and SQL injection attack detection was developed using a dataset collected from the simulation environment. In the long short-term memory (LSTM)-based layered architecture, the first layer was the DDoS detection model designed with an accuracy of 97.57% and the second was the XSS and SQL injection layer with an obtained accuracy of 89.34%. The higher rate of HTTP traffic was investigated first and filtered out, and then passed to the second layer. The web application firewall (WAF) adds an extra layer of security to the web application by providing application-level filtering that cannot be achieved by the traditional network firewall system.
APA, Harvard, Vancouver, ISO, and other styles
23

Zhao, Yuntao, Wenbo Zhang, Yongxin Feng, and Bo Yu. "A Classification Detection Algorithm Based on Joint Entropy Vector against Application-Layer DDoS Attack." Security and Communication Networks 2018 (2018): 1–8. http://dx.doi.org/10.1155/2018/9463653.

Full text
Abstract:
The application-layer distributed denial of service (AL-DDoS) attack makes a great threat against cyberspace security. The attack detection is an important part of the security protection, which provides effective support for defense system through the rapid and accurate identification of attacks. According to the attacker’s different URL of the Web service, the AL-DDoS attack is divided into three categories, including a random URL attack and a fixed and a traverse one. In order to realize identification of attacks, a mapping matrix of the joint entropy vector is constructed. By defining and computing the value of EUPI and jEIPU, a visual coordinate discrimination diagram of entropy vector is proposed, which also realizes data dimension reduction from N to two. In terms of boundary discrimination and the region where the entropy vectors fall in, the class of AL-DDoS attack can be distinguished. Through the study of training data set and classification, the results show that the novel algorithm can effectively distinguish the web server DDoS attack from normal burst traffic.
APA, Harvard, Vancouver, ISO, and other styles
24

Ahmed, Sheeraz, Zahoor Ali Khan, Syed Muhammad Mohsin, et al. "Effective and Efficient DDoS Attack Detection Using Deep Learning Algorithm, Multi-Layer Perceptron." Future Internet 15, no. 2 (2023): 76. http://dx.doi.org/10.3390/fi15020076.

Full text
Abstract:
Distributed denial of service (DDoS) attacks pose an increasing threat to businesses and government agencies. They harm internet businesses, limit access to information and services, and damage corporate brands. Attackers use application layer DDoS attacks that are not easily detectable because of impersonating authentic users. In this study, we address novel application layer DDoS attacks by analyzing the characteristics of incoming packets, including the size of HTTP frame packets, the number of Internet Protocol (IP) addresses sent, constant mappings of ports, and the number of IP addresses using proxy IP. We analyzed client behavior in public attacks using standard datasets, the CTU-13 dataset, real weblogs (dataset) from our organization, and experimentally created datasets from DDoS attack tools: Slow Lairs, Hulk, Golden Eyes, and Xerex. A multilayer perceptron (MLP), a deep learning algorithm, is used to evaluate the effectiveness of metrics-based attack detection. Simulation results show that the proposed MLP classification algorithm has an efficiency of 98.99% in detecting DDoS attacks. The performance of our proposed technique provided the lowest value of false positives of 2.11% compared to conventional classifiers, i.e., Naïve Bayes, Decision Stump, Logistic Model Tree, Naïve Bayes Updateable, Naïve Bayes Multinomial Text, AdaBoostM1, Attribute Selected Classifier, Iterative Classifier, and OneR.
APA, Harvard, Vancouver, ISO, and other styles
25

Bravo, Silvia, and David Mauricio. "New Features of User’s Behavior to Distributed Denial of Service Attacks Detection in Application Layer." International Journal of Online and Biomedical Engineering (iJOE) 14, no. 12 (2018): 164. http://dx.doi.org/10.3991/ijoe.v14i12.9439.

Full text
Abstract:
Distributed Denial of Service (DDoS) attacks are a threat to the security of red. In recent years, these attacks have been directed especially towards the application layer. This phenomenon is mainly due to the large number of existing tools for the generation of this type of attack. The highest detection rate achieved by a method in the application capacity is 98.5%. Therefore, the problem of detecting DDoS attacks persists. In this work an alternative of detection based on the dynamism of the web user is proposed. To do this, evaluate the user's characteristics, mouse functions and right click. For the evaluation, a data set of 11055 requests was used, from which the characteristics were extracted and entered into a classification algorithm. To that end, it can be applied once in Java for the classification of real users and DDoS attacks. The results showed that the evaluated characteristics achieved an efficiency of 100%. Therefore, it is concluded that these characteristics show the dynamism of the user and can be used in a detection method of DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
26

Kalutharage, Chathuranga Sampath, Xiaodong Liu, Christos Chrysoulas, Nikolaos Pitropakis, and Pavlos Papadopoulos. "Explainable AI-Based DDOS Attack Identification Method for IoT Networks." Computers 12, no. 2 (2023): 32. http://dx.doi.org/10.3390/computers12020032.

Full text
Abstract:
The modern digitized world is mainly dependent on online services. The availability of online systems continues to be seriously challenged by distributed denial of service (DDoS) attacks. The challenge in mitigating attacks is not limited to identifying DDoS attacks when they happen, but also identifying the streams of attacks. However, existing attack detection methods cannot accurately and efficiently detect DDoS attacks. To this end, we propose an explainable artificial intelligence (XAI)-based novel method to identify DDoS attacks. This method detects abnormal behaviours of network traffic flows by analysing the traffic at the network layer. Moreover, it chooses the most influential features for each anomalous instance with influence weight and then sets a threshold value for each feature. Hence, this DDoS attack detection method defines security policies based on each feature threshold value for application-layer-based, volumetric-based, and transport control protocol (TCP) state-exhaustion-based features. Since the proposed method is based on layer three traffic, it can identify DDoS attacks on both Internet of Things (IoT) and traditional networks. Extensive experiments were performed on the University of Sannio, Benevento Instrution Detection System (USB-IDS) dataset, which consists of different types of DDoS attacks to test the performance of the proposed solution. The results of the comparison show that the proposed method provides greater detection accuracy and attack certainty than the state-of-the-art methods.
APA, Harvard, Vancouver, ISO, and other styles
27

Yu, Xiang, Wenchao Yu, Shudong Li, Xianfei Yang, Ying Chen, and Hui Lu. "WEB DDoS Attack Detection Method Based on Semisupervised Learning." Security and Communication Networks 2021 (November 29, 2021): 1–10. http://dx.doi.org/10.1155/2021/9534016.

Full text
Abstract:
Since the services on the Internet are becoming increasingly abundant, all walks of life are inextricably linked with the Internet. Simultaneously, the Internet’s WEB attacks have never stopped. Relative to other common WEB attacks, WEB DDoS (distributed denial of service) will cause serious damage to the availability of the target network or system resources in a short period of time. At present, most researches are centered around machine learning-related DDoS attack detection algorithms. According to previous studies, unsupervised methods generally have a high false positive rate, while supervisory methods cannot handle large amount of network traffic data, and the performance is often limited by noise and irrelevant data. Therefore, this paper proposes a semisupervised learning detection model combining spectral clustering and random forest to detect the DDoS attack of the WEB application layer and compares it with other existing detection schemes to verify the semisupervised learning model proposed in this paper. While ensuring a low false positive rate, there is a certain improvement in the detection rate, which is more suitable for the WEB application layer DDoS attack detection.
APA, Harvard, Vancouver, ISO, and other styles
28

Reddy, R. Obulakonda, R. Nagarjuna Reddy, M. Radha, N. Sree Vani, and B. Srinivasulu. "Observing the Application-Layer DDoS Attacks for Prevalent Websites." International Journal of Advanced Research in Computer Science and Software Engineering 7, no. 6 (2017): 821–27. http://dx.doi.org/10.23956/ijarcsse/v7i6/0344.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Sree, T. Raja, and S. Mary Saira Bhanu. "Investigation of Application Layer DDoS Attacks Using Clustering Techniques." International Journal of Wireless and Microwave Technologies 8, no. 3 (2018): 1–13. http://dx.doi.org/10.5815/ijwmt.2018.03.01.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Yi Xie and Shun-Zheng Yu. "Monitoring the Application-Layer DDoS Attacks for Popular Websites." IEEE/ACM Transactions on Networking 17, no. 1 (2009): 15–25. http://dx.doi.org/10.1109/tnet.2008.925628.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Renuka Devi, s. "A Hybrid Approach to Counter Application Layer DDOS Attacks." International Journal on Cryptography and Information Security 2, no. 2 (2012): 45–52. http://dx.doi.org/10.5121/ijcis.2012.2204.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Praseed, Amit, and P. Santhi Thilagam. "Modelling Behavioural Dynamics for Asymmetric Application Layer DDoS Detection." IEEE Transactions on Information Forensics and Security 16 (2021): 617–26. http://dx.doi.org/10.1109/tifs.2020.3017928.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Priya M R, Usha J. "A Study on DDoS Attack Detection Technique Prior to Machine Learning in Wireless Sensor Networks." Tuijin Jishu/Journal of Propulsion Technology 44, no. 5 (2023): 3698–721. http://dx.doi.org/10.52783/tjjpt.v44.i5.3458.

Full text
Abstract:
Wireless Sensor Networks (WSNs) are integral to a wide range of critical applications, including environmental monitoring, healthcare, and industrial control systems. Then delves into DDoS attacks, elucidating the various attack types, motives, and their detrimental effects on WSNs. The core of the study investigates DDoS detection techniques, encompassing signature-based, anomaly-based, and hybrid approaches. Optimization mechanisms for DDoS detection in WSNs are explored in-depth, including resource-efficient algorithms and scalability solutions. Consideration is given to striking a balance between detection accuracy and resource consumption, essential in the energy-limited world of WSNs. Machine learning and artificial intelligence's role in DDoS detection is elucidated, with a focus on feature selection, dimensionality reduction, and the application of various supervised and unsupervised learning algorithms. Cross-layer approaches, coordinating physical, data-link, and network layers, are discussed to enhance DDoS detection's robustness against sophisticated attacks. Energy efficiency considerations are integral, with strategies outlined to prolong sensor nodes' lifespans while ensuring reliable DDoS detection. The study culminates in the presentation of real-world experiments and simulations, offering insights into the practical performance of DDoS detection and optimization mechanisms. Various evaluation metrics are employed, such as detection rate, false positives, and resource utilization.
APA, Harvard, Vancouver, ISO, and other styles
34

Selvakani, S., K. Vasumathi, T. Vijayalakshmi, and A. Kavitha. "Attack in SDN Based Distributed Denial of Service." Asian Journal of Engineering and Applied Technology 10, no. 1 (2021): 38–44. http://dx.doi.org/10.51983/ajeat-2021.10.1.2802.

Full text
Abstract:
DOS assaults are executed with the aid of using assault tools, worms and botnets the usage of exclusive packet-transmission techniques and diverse types of assault packets to conquer protection structures. These issues cause protection structures requiring diverse detection techniques to be able to discover assaults. Moreover, DOS assaults can blend their traffics for the duration of flash crowds. By doing this, the complicated protection machine cannot locate the assault site visitors in time. In this challenge a conduct primarily based totally detection the usage of Crowd Correlation Analysis which can discriminate DOS assault site visitors from site visitors generated with the aid of using actual customers. In the Euclidean area to specific as a diagonal matrix proposed can grasp the potential of community machine towards every assault manner and the protection functionality of community machine. Cyber-assault consisting of DDOS assault continues to be the maximum effective assault that disrupts the real customers from having access to the crucial offerings. In software layer-primarily based totally DDOS assault, attacker makes use of different gadget in preference to the usage of his very own IP cope with to flood the focused machine and disrupts the offerings SDN (software program described networks) for value performance and community Application layer allotted denial of provider (DDOS) assaults have turn out to be a extreme hazard to the safety of net servers. These assaults avoid maximum intrusion prevention structures with the aid of using sending several HTTP requests flexibility, however DDOS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure DDoS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure monetary loss, facts theft, and overall performance degradation massive survey has been made to locate and save you DDOS primarily based totally assault in software layer and SDN primarily based totally surroundings. We suggest an powerful protection machine, named Sky Shield, which leverages the caricature facts shape to fast locate and mitigate software layer DDOS assaults. Novel calculation of the divergence among sketches, which alleviates the effect of community dynamics and improves the detection accuracy.
APA, Harvard, Vancouver, ISO, and other styles
35

Sharma, Amit. "HULK and DDoS Attacks in Web Applications with Detection Mechanism." International Journal of Emerging Research in Management and Technology 6, no. 6 (2018): 192. http://dx.doi.org/10.23956/ijermt.v6i6.268.

Full text
Abstract:
Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.
APA, Harvard, Vancouver, ISO, and other styles
36

Almeghlef, Sultan M., Abdullah AL-Malaise AL-Ghamdi, Muhammad Sher Ramzan, and Mahmoud Ragab. "Application Layer-Based Denial-of-Service Attacks Detection against IoT-CoAP." Electronics 12, no. 12 (2023): 2563. http://dx.doi.org/10.3390/electronics12122563.

Full text
Abstract:
Internet of Things (IoT) is a massive network based on tiny devices connected internally and to the internet. Each connected device is uniquely identified in this network through a dedicated IP address and can share the information with other devices. In contrast to its alternatives, IoT consumes less power and resources; however, this makes its devices more vulnerable to different types of attacks as they cannot execute heavy security protocols. Moreover, traditionally used heavy protocols for web-based communication, such as the Hyper Text Transport Protocol (HTTP) are quite costly to be executed on IoT devices, and thus specially designed lightweight protocols, such as the Constrained Application Protocol (CoAP) are employed for this purpose. However, while the CoAP remains widely-used, it is also susceptible to attacks, such as the Distributed Denial-of-Service (DDoS) attack, which aims to overwhelm the resources of the target and make them unavailable to legitimate users. While protocols, such as the Datagram Transport Layer Security (DTLS) and Lightweight and the Secure Protocol for Wireless Sensor Network (LSPWSN) can help in securing CoAP against DDoS attacks, they also have their limitations. DTLS is not designed for constrained devices and is considered as a heavy protocol. LSPWSN, on the other hand, operates on the network layer, in contrast to CoAP which operates on the application layer. This paper presents a machine learning model, using the CIDAD dataset (created on 11 July 2022), that can detect the DDoS attacks against CoAP with an accuracy of 98%.
APA, Harvard, Vancouver, ISO, and other styles
37

Li, Jin Ling, and Bin Qiang Wang. "Detecting App-DDoS Attacks Based on Marking Access and d-SVDD." Applied Mechanics and Materials 347-350 (August 2013): 3734–39. http://dx.doi.org/10.4028/www.scientific.net/amm.347-350.3734.

Full text
Abstract:
In order to enhance the extensibility of current attack feature extracted and detection means for App-DDoS(Application Layer Distributed Denial of Service, App-DDoS) attacks, a novel feature extracted method based on marking access and a new detection algorithm named d-SVDD are proposed. After expressing kinds of App-DDoS attacks as characteristic vectors by access marked strategy and feature extracted strategy, d-SVDD algorithm is used for secondary classification and detection of pre-set area around decision boundary based on SVDD. It is proved by experiments that the proposed feature extracted and detection means can realize effective detection for kinds of App-DDoS attacks, both have satisfying time, space and extensibility performance.
APA, Harvard, Vancouver, ISO, and other styles
38

Sambangi, Swathi, and Lakshmeeswari Gondi. "A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression." Proceedings 63, no. 1 (2020): 51. http://dx.doi.org/10.3390/proceedings2020063051.

Full text
Abstract:
The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.
APA, Harvard, Vancouver, ISO, and other styles
39

Ye, Xi, Wu Shao Wen, and Yi Ru Ye. "A Defensive OTP-Based Mechanism against Application Layer DDoS Attacks." Key Engineering Materials 480-481 (June 2011): 769–74. http://dx.doi.org/10.4028/www.scientific.net/kem.480-481.769.

Full text
Abstract:
In this paper, we present the design and implementation of OTP-DEF, a kernel extension to protect web servers against application layer DDoS attacks. OTP-DEF provides authentication by using OTP-based tests, which is different from other systems that use graphical tests. First of all, according to the load of web server, an OTP-DEF web-server should fall into one of three following modes: normal, suspected attack or confirmed attack mode, and the OTP-DEF authentication mechanism shall only be activated when web-server is in suspected attack mode. Secondly, we use OTP as our puzzle, which can automatically change at the certain time interval. It makes our proposal can defend socially-engineered attack, copy attacks, replay attacks and Brute-Force Attack. Thirdly, OTP-DEF uses an intermediate stage to identify the IP addresses that ignore the test, and persistently bombard the server with requests despite repeated failures at solving the puzzles. These machines are zombies because their intent is to congest the server. Once these machines are identified, OTP-DEF blocks their requests, turns the tests off, and allows access to legitimate users who are unable or unwilling to solve tests. Finally, OTP-DEF requires no modifications to client software.
APA, Harvard, Vancouver, ISO, and other styles
40

Tsien, Yu Lei, and Rong Li Gai. "User Activity Based Application-Layer DoS/DDoS Attack Defense Algorithm." Applied Mechanics and Materials 742 (March 2015): 693–97. http://dx.doi.org/10.4028/www.scientific.net/amm.742.693.

Full text
Abstract:
In application-layer DoS/DDoS attacks, malicious users attack the victim server by sending lots of legitimate requesting packages, which overwhelm the server bottleneck resources. Normal user’s request thus may not be satisfied. The traditional intrusion detection systems for network-layer cannot effectively identify this attack, and recent researches on this kind of attack are mainly for Web servers. This paper proposed a new defense algorithm based on user activity for topic-based Pub/Sub communication servers in mobile push notification systems. Users consuming system bottleneck resources the most can get high scores and thus are considered overactive. With some resource retaken strategy, overactive users’ connections will be dropped according to system performance level. Therefore, the system can get rid of latent threatens. Experiments indicated that this algorithm can identify normal and abnormal users well.
APA, Harvard, Vancouver, ISO, and other styles
41

Singhal, Sunita, Paul Agostinho Medeira, Parth Singhal, and Moin Khorajiya. "Detection of application layer DDoS attacks using big data technologies." Journal of Discrete Mathematical Sciences and Cryptography 23, no. 2 (2020): 563–71. http://dx.doi.org/10.1080/09720529.2020.1729505.

Full text
APA, Harvard, Vancouver, ISO, and other styles
42

A. Siva, Kumar, and Karthik M.Ganesh. "A Prevention Approach to Counter DDoS Attacks in Application Layer." i-manager's Journal on Information Technology 5, no. 3 (2016): 13. http://dx.doi.org/10.26634/jit.5.3.8136.

Full text
APA, Harvard, Vancouver, ISO, and other styles
43

Rahman, Rizwan ur, Deepak Singh Tomar, and Jijin A.V. "Application Layer DDOS Attack Detection Using Hybrid Machine Learning Approach." International Journal of Security and Its Applications 11, no. 4 (2017): 85–96. http://dx.doi.org/10.14257/ijsia.2017.11.4.07.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Lin, Huan, Shoufeng Cao, Jiayan Wu, Zhenzhong Cao, and Fengyu Wang. "Identifying Application-Layer DDoS Attacks Based on Request Rhythm Matrices." IEEE Access 7 (2019): 164480–91. http://dx.doi.org/10.1109/access.2019.2950820.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Singh, Khundrakpam Johnson, and Tanmay De. "MLP-GA based algorithm to detect application layer DDoS attack." Journal of Information Security and Applications 36 (October 2017): 145–53. http://dx.doi.org/10.1016/j.jisa.2017.09.004.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Beitollahi, Hakem, and Geert Deconinck. "ConnectionScore: a statistical technique to resist application-layer DDoS attacks." Journal of Ambient Intelligence and Humanized Computing 5, no. 3 (2013): 425–42. http://dx.doi.org/10.1007/s12652-013-0196-5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
47

Ali, Omar Mohammed Amin, Rebin Abdulkareem Hamaamin, Barzan Jalal Youns, and Shahab Wahhab Kareem. "Innovative Machine Learning Strategies for DDoS Detection: A Review." UHD Journal of Science and Technology 8, no. 2 (2024): 38–49. http://dx.doi.org/10.21928/uhdjst.v8n2y2024.pp38-49.

Full text
Abstract:
This is a broad survey that investigates the use of machine learning (ML) methods for detecting distributed denial of service (DDoS) attacks. Traditional intrusion detection systems face difficulties in application-layer DDoS attacks because they target legal web traffic forms using standard transmission control protocol connections. This paper reviews different ML methods used in recent studies to tackle these issues. These studies use various data sets, such as UNSW-np-15, CICDDoS2019, and the novel dataset LATAM-DDoS-Internet of Things., which prove the efficacy of the proposed models in terms of accuracy and performance metrics. The second group of studies shows more advanced designs, such as protocol-based deep intrusion detection and autoencoder-multi-layer perceptron. These use deep learning to find features and group attacks. All of these approaches present favorable outcomes when it comes to distinguishing normal, DoS, and DDoS traffic with a high level of accuracy. Furthermore, the review discusses works that emphasize the early detection of noise-robust models and distributed frameworks. Different techniques, such as snake optimizer with ensemble learning, metastability theory, and spark-based anomaly detection, highlight the trend of predicting DDoS attacks, whereas hyperband-tuned deep neural networks and evolutionary support vector machine models show higher accuracy in cloud systems as well as software-defined networking environments. Hence, this review gives a general observation of how DDoS attacks develop on their way and proves that ML techniques help to strengthen network security.
APA, Harvard, Vancouver, ISO, and other styles
48

GU, Xiaoqing, Hongyuan WANG, Tongguang NI, and Hui DING. "Detection of application-layer DDoS attack based on time series analysis." Journal of Computer Applications 33, no. 8 (2013): 2228–31. http://dx.doi.org/10.3724/sp.j.1087.2013.02228.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Nashat, Dalia, S. Khairy, and Montaser M. Hassan. "Detection of Application Layer DDoS Attack Based on SIS Epidemic Model." IEEE Access 9 (2021): 159827–32. http://dx.doi.org/10.1109/access.2021.3132130.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Singh, Karanpreet, Paramvir Singh, and Krishan Kumar. "Application layer HTTP-GET flood DDoS attacks: Research landscape and challenges." Computers & Security 65 (March 2017): 344–72. http://dx.doi.org/10.1016/j.cose.2016.10.005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography