상세정보
학술지
Web Page Request Behavior Analysis for Threshold based HTTP GET Flooding Attack Detection
Cited 0 time in 
Download 4 time
Share 
Download 4 time
Share
- 발행일
- 201308
- 출처
- Information : An International Interdisciplinary Journal, v.16 no.8(B), pp.6025-6040
- ISSN
- 1343-4500
- 출판사
- International Information Institute
- 협약과제
- 13MS1200, 신뢰기반 클라우스 컴퓨팅 서비스를 위한 알려지지 않은 가상화 기반 악성행위 탐지 및 분석기술 개발, 김익균
- 초록
- The HTTP GET Flooding attack is one of the most frequently tried distributed denial-of-service (DDoS) attack. Especially, the sophisticated HTTP GET Flooding attack is very popular and has very similar traffic characteristics to normal one. So, it is quite difficult to detect it. Even though several detection algorithms are developed for the attack, they need lots of system resources [12, 13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a threshold based HTTP GET Flooding attack detection algorithm. Usually, threshold based detection methods can't detect the sophisticated DDoS attacks, but the proposed method develop a new threshold based on the HTTP GET request behavior analysis. In this algorithm, for behavior based threshold generation, we calculate the Average Inter-GET-Request-Packet- Exist-TS-Gap (AIGG) based on two special time periods. Also, the proposed algorithm doesn't need to analyze every HTTP GET request packet, so it needs less CPU resources than the algorithms which have to analyze all the request packets. © 2013 International Information Institute.
- KSP 제안 키워드
- Attack Detection, Behavior analysis, DDoS attacks, DDoS defense, Defense system, Detection Method, Detection algorithm, Distributed denial-of-service(DDoS), Flooding attack, HTTP GET flooding, Threshold based