Detection of Application Layer DDoS Attack Based on SIS Epidemic Model

3Citations
Citations of this article
9Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Distrusted Denial of Service attack (DDoS) is one of the major threats to network security. The HTTP flooding attack is the hardest type of DDoS attacks to detect since the malicious packets are hidden in a huge amount of normal traffic. In this work, we introduce a new detection scheme for HTTP flooding attack by using Susceptible-Infective-Susceptible (SIS) model of an infectious disease which used in dynamic systems. During any time interval, the server can measure various values of attributes for its users like number of total connections, number of open connections and number of closed connections. These values can be used to detect any abnormal behavior or infected connections in a server by mapping this attributes with SIS model. Thus we can get suspected and infected connections during every time interval. Extensive trace driven simulation has been conducted to demonstrate the efficiency of the proposed scheme in terms of its detection rate and probability of false positive.

Cite

CITATION STYLE

APA

Nashat, D., Khairy, S., & Hassan, M. M. (2021). Detection of Application Layer DDoS Attack Based on SIS Epidemic Model. IEEE Access, 9, 159827–159832. https://doi.org/10.1109/ACCESS.2021.3132130

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free