A PCA Based Framework for Detection of Application Layer DDoS Attacks

Authors: ,

Abstract: Hackers uses Distributed Denial of Service (DDoS) and leaves hundreds and thousands of bots to overwhelm the victim in terms of bandwidth and reduce the services that are rendering to the users. To initiate an attack against victim, hackers use the internet as their venue. To address this threat various methods were proposed, but all the earlier method identifies the DDoS attack that exists in IP and TCP layers. Attackers, on the other hand, found the vulnerabilities in the application-layer (higher layer) to attack the victim and using DDoS known as (App-DDoS) and makes complexity in finding and handling the attack. In this paper, in order to detect the attack in earlier stage that is targeted for the application layer, we proposed a framework. This framework uses the profiling of user’s browsing behavior and network traffic by sequence order independent and Principal Component Analysis (PCA) respectively. These profiles are clustered, and a threshold is used to verify and determine whether a HTTP request from a user is normal or abnormal. If the user request to the victim is normal, then it allows the access otherwise denies the request in the early stage itself. Finally, the proposed method is verified experimentally and confirmed with various types of App-DDoS attacks.

WSEAS Transactions on Information Science and Applications, ISSN / E-ISSN: 1790-0832 / 2224-3402, Volume 9, 2012

PDF
XML
Cite
×
Citation Tools
WSEAS AMA
R. Bharathi, R. Sukanesh, "A PCA Based Framework for Detection of Application Layer DDoS Attacks," WSEAS Transactions on Information Science and Applications, vol. 9, pp. -, 2012, DOI:
R. Bharathi, R. Sukanesh. A PCA Based Framework for Detection of Application Layer DDoS Attacks. WSEAS Transactions on Information Science and Applications. 2012;9:-.
Copy to Clipboard
Citation copied to Clipboard

Certification

---