Modeling user browsing activity for application layer DDoS attack detection

Tung Ngai Miu, Chenxu Wang, Xiapu Luo, Jinhe Wang

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

4 Citations (Scopus)

Abstract

Application layer distributed denial of service (App-layer DDoS) attacks are becoming a severe threat to the security of web servers. In this paper, we model user browsing activity in order to detect abnormal requests. User access patterns are analyzed to detect anomaly at the session level. The likelihood of a browsing session is then calculated to distinguish abnormal behaviors from normal ones. We evaluate our methods based on a real dataset collected from a commercial website that suffered from actual DDoS attacks. The experimental results validate the effectiveness of the proposed methods.
Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks -12th International Conference, SecureComm 2016, Proceedings
PublisherSpringer Verlag
Pages747-750
Number of pages4
ISBN (Print)9783319596075
DOIs
Publication statusPublished - 1 Jan 2017
Event12th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2016 - Guangzhou, China
Duration: 10 Oct 201612 Oct 2016

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume198 LNICST
ISSN (Print)1867-8211

Conference

Conference12th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2016
CountryChina
CityGuangzhou
Period10/10/1612/10/16

Keywords

  • Browsing activity
  • DDoS attack
  • User access pattern

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this