Mitigation of Application Layer DDoS Flood Attack Against Web Servers
##plugins.themes.bootstrap3.article.main##
Abstract
The Application-layer Distributed Denial of Service (App-DDoS) attack is one of the most menacing types of cyberattacks
that circumvent web servers. Since the attackers have developed different techniques and methods, preventing
App-DDoS attacks has become more difficult than ever before. One of the most commonly and targeted protocols in
the application-layer is HTTP-GET flooding attacks. The attacker sends a large number of HTTP-GET requests from
different infected devices to force the server to assign the maximum resources available in response to every single
request. The objective of this attack is to exhaust the server’s resources and deny service to the legitimate users. The
App-DDoS attacks affect Quality of Service (QoS) and are extremely costly in terms of resource exhaustion. In this
paper, we discuss development and testing of an App-DDoS attack detection and mitigation model in order to defend web
servers against threats. Our design model employs three principle states: normal, screening and suspicious. The defense
model transits between these modes based on the server load. We use Machine Learning (ML) techniques to provide
high detection accuracy of App-DDoS attacks. Our experimental results demonstrate that this defense system is effective
against App-DDoS attack.
Downloads
Metrics
##plugins.themes.bootstrap3.article.details##
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.