Integrated Hidden Markov Model and Bayes Packet Classifier for effective Mitigation of Application DDoS attacks
Resisting distributed denial of service
(DDoS) attacks become more challenging with the
availability of resources and techniques to attackers.
The application-layer-based DDoS attacks utilize
legitimate HTTP requests to overwhelm victim
resources are more undetectable and are protocol
compliant and non-intrusive. Focusing on the
detection for application layer DDoS attacks, the
existing scheme provide an access matrix which
capture the spatial-temporal patterns of a normal
flash crowd on non stationary object. The access
matrix captures the spatial-temporal patterns of the
normal flash crowd and the anomaly detector based
on hidden Markov model (HMM) described the
dynamics of Access Matrix (AM) to detect the
application DDoS attacks. However current
application layer attacks have high influence on the
stationary object as well. In addition the detection
threshold for non stationary object should be
reevaluated to improve the performance of false
positive rate and detection rate of the DDoS attacks.
Keywords: Application DDoS attacks, Gaussian Distribution, Bayes packet classifier, HMM
Download Full-Text
