For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Joint Beamforming and Power Optimization with Per-Antenna Power Constraints in Cognitive MISO System
p.674
Research on Networked Collaborative Technical Service Based on Cloud Computing
p.679
Study on Cloud Service Evaluation Index System Based on QoS
p.683
The Development of PaaS Based on Cloud Foundry
p.688
User Activity Based Application-Layer DoS/DDoS Attack Defense Algorithm
p.693
Large Scale Motor Group Integrative Management and Control Network System Based on PLC-SCADA under Complex Environment
p.698
Intelligent Operation and Maintenance of Substations Based on Internet of Things (IoT) Technology
p.708
A Heterogeneous Cross-Domain Authentication Model Based on Access Tickets in Virtual Cable Television Network
p.717
Design and Development of the Mass Image Storage Platform Based on Hadoop
p.721

User Activity Based Application-Layer DoS/DDoS Attack Defense Algorithm

Article Preview

Abstract:

In application-layer DoS/DDoS attacks, malicious users attack the victim server by sending lots of legitimate requesting packages, which overwhelm the server bottleneck resources. Normal user’s request thus may not be satisfied. The traditional intrusion detection systems for network-layer cannot effectively identify this attack, and recent researches on this kind of attack are mainly for Web servers. This paper proposed a new defense algorithm based on user activity for topic-based Pub/Sub communication servers in mobile push notification systems. Users consuming system bottleneck resources the most can get high scores and thus are considered overactive. With some resource retaken strategy, overactive users’ connections will be dropped according to system performance level. Therefore, the system can get rid of latent threatens. Experiments indicated that this algorithm can identify normal and abnormal users well.

You might also be interested in these eBooks
Sensors, Mechatronics and Automation II View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volume 742)

Pages:

693-697

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.742.693

Citation:

Cite this paper

Online since:

March 2015

Authors:

Yu Lei Tsien, Rong Li Gai*

Keywords:

Application-Layer DoS/DDoS, Communication Server, Pub/Sub, User Activity

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2015 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] P. Th. Eugster, P. A. Felber, R. Guerraoui and Kermarrec. The many faces of publish/subscribe. ACM Comput. Surv. Vol 35, Pages: 114-131, (2003).

DOI: 10.1145/857076.857078

Google Scholar

[2] S. Mudhakar, G and James,L. Ling. Security architectures and algorithms for publish subscribe network services , http: /www. cc. gatech. edu/projects/disl/SGuard/eventguard/sguard. pdf.

Google Scholar

[3] H. Beitollahi and G. Deconinck. Tackling application-layer DDoS attacks. Procedia Computer Science, Volume 10, 2012, Pages 432–441.

DOI: 10.1016/j.procs.2012.06.056

Google Scholar

[4] Mudhakar Srivatsa and Ling Liu. Securing publish-subscribe overlay services with EentGuard. Proceedings of the 12th ACM conference on Computer and communications security, (2005).

DOI: 10.1145/1102120.1102158

Google Scholar

[5] Chenxi Wang, Antonio Carzaniga, David Evans and Alexander L. Wolf. Security issues and requirements for internet-scale publish-subscribe systems. Proceedings of the 35th Hawaii International Conference on System Sciences, (2002).

DOI: 10.1109/hicss.2002.994531

Google Scholar

[6] Sasu Tarkoma. Publish/Subscribe Systems: Design and Principles, A John Wiley & Sons, Ltd., Publication, (2012).

Google Scholar

[7] Christos Douligeris and Aikaterini Mitrokotsa. DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. Vol 44, Pages: 643-666, (2004).

DOI: 10.1016/j.comnet.2003.10.003

Google Scholar

[8] Ranjan, S., Swaminathan, R., etc. DDoS-Resilient scheduling to counter application layer attacks under imperfect detection. INFOCOM 2006. 25th IEEE International Conference on Computer Communications. Proceedings, April (2006).

DOI: 10.1109/infocom.2006.127

Google Scholar

[9] Hakem Beitollahi and Geert Deconinck. Analyzing well-known countermeasures against distributed denial of service attacks. Computer Communications, Volume 35, Issue 11, 15 June 2012, Pages 1312–1332.

DOI: 10.1016/j.comcom.2012.04.008

Google Scholar

[10] Chu-Hsing Lin, Chen-Yun Lee, Jung-Chun Liu and Ching-Ru Chen. A detection scheme for flooding attack on application layer based on semantic concept. Proc of International Computer Symposium. 2010: 385-389.

DOI: 10.1109/compsym.2010.5685483

Google Scholar

[11] M. Srivatsa, A. Iyengar, Jian Yin and Ling Liu. Mitigating application-level denial of service attacks on Web servers: A client-transparent approach. ACM Trans. Web, Vol 2, Pages: 1-49, (2008).

DOI: 10.1145/1377488.1377489

Google Scholar

[12] Xie Y,Yu S. A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors. IEEE/ACM Trans New 17(1): 54-65, (2009).

DOI: 10.1109/tnet.2008.923716

Google Scholar

[13] H. Beitollahi, G. Deconinck, ConnectionScore: A statistical technique to resist application-layer DDoS attacks. Tech. Rep. 01-2012-0130, Electrical Engineering Department, University of Leuven, Belgium, http: /www. esat. kuleuven. be/electa/publications/fulltexts/pub2313. pdf. (2012).

DOI: 10.1007/s12652-013-0196-5

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.