Enhanced detection algorithms to detect http ddos

A web application utilizes Hypertext Transfer Protocol (HTTP) to surf client requests. This protocol is used widely, especially in business areas such as in online transactions and websites, including in government websites. A client delivers information to a server carried by a client web browser....

Full description

Bibliographic Details
Main Authors: Jaafar, G. A. (Author), Abdullah, S. M. (Author), Adli, S. (Author)
Format: Article
Language:English
Published: World Academy of Research in Science and Engineering, 2019.
Subjects:
Online Access:Get fulltext
LEADER 01795 am a22001573u 4500
001 89515
042 |a dc 
100 1 0 |a Jaafar, G. A.  |e author 
700 1 0 |a Abdullah, S. M.  |e author 
700 1 0 |a Adli, S.  |e author 
245 0 0 |a Enhanced detection algorithms to detect http ddos 
260 |b World Academy of Research in Science and Engineering,   |c 2019. 
856 |z Get fulltext  |u http://eprints.utm.my/id/eprint/89515/1/GhafarAJaafar2019_EnhancedDetectionAlgorithms.pdf 
520 |a A web application utilizes Hypertext Transfer Protocol (HTTP) to surf client requests. This protocol is used widely, especially in business areas such as in online transactions and websites, including in government websites. A client delivers information to a server carried by a client web browser. An HTTP distributed denial of service (DDoS) attack occurs when the attacker is able to mimic client information, which makes a DDoS attack at the application layer difficult to distinguish as the traffic pattern is similar to a genuine request. Furthermore, it is not compulsory for the client to present the GET headers component to a web server during the GET request transaction. Existing detection of HTTP DDoS attacks still faces challenges in differentiating between authentic and bogus GET requests in real time. In this paper, a fast algorithm (FARGO) method to detect HTTP DDoS attacks is introduced. FARGO consists of three detection algorithms to recognize HTTP DDoS categories as request flooding attacks. The assessment of the proposed detection system was conducted in real experimental conditions with real attack scripts. The proposed detection method provided expected outcomes with improvements of 11.30% for true positive rates and 8.9% for false-positive rates. 
546 |a en 
650 0 4 |a T Technology (General)