Web page request behavior analysis for threshold based HTTP GET Flooding attack detection
- Authors
- Choi, Yangseo; Kim, Ikkyun; Im, Eul Gyu
- Issue Date
- Aug-2013
- Publisher
- International Information Institute
- Keywords
- DDoS attack; HTTP GET Flooding; HTTP GET request behavior analysis; Network security; Threshold based
- Citation
- Information, v.16, no.8 B, pp 6025 - 6039
- Pages
- 15
- Indexed
- SCIE
SCOPUS
- Journal Title
- Information
- Volume
- 16
- Number
- 8 B
- Start Page
- 6025
- End Page
- 6039
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/162198
- ISSN
- 1343-4500
- Abstract
- The HTTP GET Flooding attack is one of the most frequently tried distributed denial-of-service (DDoS) attack. Especially, the sophisticated HTTP GET Flooding attack is very popular and has very similar traffic characteristics to normal one. So, it is quite difficult to detect it. Even though several detection algorithms are developed for the attack, they need lots of system resources [12, 13]. Sometimes due to the time consuming processes the whole performance of DDoS defense systems is degraded and it becomes another problem. For that, we propose a threshold based HTTP GET Flooding attack detection algorithm. Usually, threshold based detection methods can't detect the sophisticated DDoS attacks, but the proposed method develop a new threshold based on the HTTP GET request behavior analysis. In this algorithm, for behavior based threshold generation, we calculate the Average Inter-GET-Request-Packet- Exist-TS-Gap (AIGG) based on two special time periods. Also, the proposed algorithm doesn't need to analyze every HTTP GET request packet, so it needs less CPU resources than the algorithms which have to analyze all the request packets.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.