DDos System: A Disparagement System with Cache Based and Question Generation in Client-Server Application



Similar documents
CS 356 Lecture 16 Denial of Service. Spring 2013

Dual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor

Firewall Firewall August, 2003

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

co Characterizing and Tracing Packet Floods Using Cisco R

Firewalls and Intrusion Detection

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN

Survey on DDoS Attack in Cloud Environment

DoS: Attack and Defense

Preventing DDOS attack in Mobile Ad-hoc Network using a Secure Intrusion Detection System

Survey on DDoS Attack Detection and Prevention in Cloud

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks

Denial of Service Attacks

V-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks

Distributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment

Distributed Denial of Service (DDoS)

Frequent Denial of Service Attacks

DDoS Protection Technology White Paper

Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks

Acquia Cloud Edge Protect Powered by CloudFlare

Strategies to Protect Against Distributed Denial of Service (DD

Design and Experiments of small DDoS Defense System using Traffic Deflecting in Autonomous System

CloudFlare advanced DDoS protection

DDoS Overview and Incident Response Guide. July 2014

Ashok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.

Complete Protection against Evolving DDoS Threats

How To Protect A Dns Authority Server From A Flood Attack

Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial

Prevention, Detection and Mitigation of DDoS Attacks. Randall Lewis MS Cybersecurity

Bandwidth based Distributed Denial of Service Attack Detection using Artificial Immune System

Adaptive Discriminating Detection for DDoS Attacks from Flash Crowds Using Flow. Feedback

Federal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski

A COMPREHENSIVE STUDY OF DDOS ATTACKS AND DEFENSE MECHANISMS

Comparing Two Models of Distributed Denial of Service (DDoS) Defences

TDC s perspective on DDoS threats

How Cisco IT Protects Against Distributed Denial of Service Attacks

A SYSTEM FOR DENIAL OF SERVICE ATTACK DETECTION BASED ON MULTIVARIATE CORRELATION ANALYSIS

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT

An Efficient Filter for Denial-of-Service Bandwidth Attacks

Provider-Based Deterministic Packet Marking against Distributed DoS Attacks

A Novel Packet Marketing Method in DDoS Attack Detection

Network Bandwidth Denial of Service (DoS)

Index Terms Denial-of-Service Attack, Intrusion Prevention System, Internet Service Provider. Fig.1.Single IPS System

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

Malice Aforethought [D]DoS on Today's Internet

Secure Software Programming and Vulnerability Analysis

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper

DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK

SECURITY FLAWS IN INTERNET VOTING SYSTEM

Quality Certificate for Kaspersky DDoS Prevention Software

Keywords Attack model, DDoS, Host Scan, Port Scan

A UNIFIED APPROACH FOR DETECTION AND PREVENTION OF DDOS ATTACKS USING ENHANCED SUPPORT VECTOR MACHINES AND FILTERING MECHANISMS

ATTACK PATTERNS FOR DETECTING AND PREVENTING DDOS AND REPLAY ATTACKS

Client Server Registration Protocol

1. Firewall Configuration

A Secure Intrusion detection system against DDOS attack in Wireless Mobile Ad-hoc Network Abstract

Chapter 8 Security Pt 2

Detection of Distributed Denial of Service Attack with Hadoop on Live Network

Abstract. Introduction. Section I. What is Denial of Service Attack?

DDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

How To Understand A Network Attack

SECURING APACHE : DOS & DDOS ATTACKS - I

JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE

Denial of Service (DoS)

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide

Security Technology White Paper

DDoS Attack Trends and Countermeasures A Information Theoretical Metric Based Approach

Current Trends in Detection and Mitigation of Denial of Service Attacks-A Survey

Firewalls, Tunnels, and Network Intrusion Detection

DDoS Attack and Defense: Review of Some Traditional and Current Techniques

DENIAL OF SERVICE (DOS) ATTACKS

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA DDoS and IP Traceback. Overview

STUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Denial Of Service. Types of attacks

Network Service, Systems and Data Communications Monitoring Policy

A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS

A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack

Analyze & Classify Intrusions to Detect Selective Measures to Optimize Intrusions in Virtual Network

Efficient Detection of Ddos Attacks by Entropy Variation

A Layperson s Guide To DoS Attacks

Link Layer and Network Layer Security for Wireless Networks

CS5008: Internet Computing

How To Detect Denial Of Service Attack On A Network With A Network Traffic Characterization Scheme

How To Stop A Ddos Attack On A Website From Being Successful

Application DDoS Mitigation

Transcription:

DDos System: A Disparagement System with Cache Based and Question Generation in Client-Server Application Dr. V. Naga Lakshmi 1 Professor and HOD, Department of Computer Science, GITAM University, Visakhapatnam. Andhra Pradesh, India Email-id: vn_lakshmi8@yahoo.com Shameena Begum 2 Assistant Professor, Department of IT, Sasi Institute of Technology & Engineering, Tadepalligudem, Andhra Pradesh, India Email-id: sameenazm@gmail.com A B S T R A C T Any web application or server requires the use of Distributed Denial of Service (DDoS) service in order to achieve high security from various attacks. A client server application plays a major role for any application like healthcare application to prepare distributed applications while reducing the cost and executing the high performance computing devices. The distributed system in client server application undergoes many security risks including DDoS. These client server applications are based on HTTP connection. Thus, the aim of HTTP based connection allows us to make less vulnerable system against all possible DDOS attack. This system incorporates with Source Checking, Counting, Attack Detection and Prevention module with Turing test module to detect the malicious node. In this paper we are proposing a multi-stage detection system which includes cache based information Turing and question generation pool Turing tests to challenge the suspicious intruders more effectively and efficiently. The proposed system is executed to check the efficiency of proposed work and to judge how effectively the proposed system is capable to mitigate the DDoS traffic from network. Keywords: DDos, Turing test, Question generation, VC (virtual cluster). I. INTRODUCTION A. DDoS Attack in Network Distributed Denial of Service (DDoS) is the main security concern in present time against network security [1]. DDoS attacks control various machines all around the network. These DDoS attacks are called as zombies. The main aim of DDoS is to prevent a legal user to access the network resources or services from the victim server. Thus user will not be able to access its services like web, email etc. in network. Mainly DDoS attacks specially focus the network availability i.e. network bandwidth and server s computing capability. DDoS attack is launched producing huge volume of traffic in the network that causes the interrupt in network services. Though, it is complex to identify the DDoS attacks and normal traffic in the network. Thus DDoS attacks have been taken as serious issues in network security. DDoS attack may cause to serious loss in any organization. 31 2015, IJAFRC All Rights Reserved www.ijafrc.org

To resolve the DDoS attack, previous works [2-5] done for minimizing the DDoS attack traffic and mitigate its effect in network. B. Types of Dos Attacks Generally, DDoS attacks are classified into two main parts. In first part, DDoS attacks use maximum bandwidth in network to break the network. In second part is resource depletion which uses the CPU, network resources and services for which user are not able to access the network resources. The attack generally begins from various sources to focus at a single target. These attacks are given below: SYN Flood Attack: These attacks are belongs to TCP-based network services. These attacks causes the server harass which leads system crash [6]. TCP Reset Attack: These types of attacks use the properties of TCP protocol. Attackers listens the TCP connection and send a fake TCP RESET packet to the victim. Due to these attacks the victim to casually close its TCP connection [7]. ICMP Attack: These types of attacks use ICMP echo request packets for victim and attacks start via ping. Attackers use ICMP datagram to produce these types of attack [8]. UDP Storm Attack: These types of attacks are produces in UDP connection. When there is connection made between two parties then they will generate large number of packets on the network due to this attack happen. DNS Request Attack: These types of attacks are produced by using UDP-based DNS requests and causes in network bandwidth. Attackers use spoofed source IP address to communicate with server [9]. CGI Request Attack: In this attack, an attacker sends CGI request to server which uses huge CPU resources in network. Result of this attack causes close the services of server. Mail Bomb Attack: In this attack, an attacker sends numerous amounts of mail to target server which can be tough to handle by server. Due to this attack server can stop working. ARP Storm Attack: This attack produces by huge ARP request to target system which can badly affect its system. Algorithmic Complexity Attack: It s a class of low-bandwidth DDoS attacks that exploit algorithmic deficiencies in the worst case performance of algorithms used in many mainstream applications. Spam Attack: This type of attack is focusing for organization as well as public users. Huge amount of mails are sending through the attacker side at a time. C. Client-Server Application Client- server application is an application in which client can request for accessing services or available resources to remote server. A wireless local area network (WLAN) is an application in which two or more system or devices are connected through an access point. User can move around the network coverage. In the given network coverage system will be remain connected via wireless connection. Various Current 32 2015, IJAFRC All Rights Reserved www.ijafrc.org

WLANs are based on IEEE 802.11 standards, marketed under the Wi-Fi brand name. It is a type of localarea network with the aim of high-frequency radio waves rather than wires to communicate between nodes [10]. II. RECENT RELATED WORK Fei Wang, Xiaofeng Hu and Jinshu Su [11] have suggested an unfair rate limiting mechanism which was used to handle DDoS attacks. They have focused on the traffic increasing patterns. In the proposed work, they categorized port-flows into three subsets with various decreasing priorities. In simulation section, port-flows that most likely contain DDoS attack traffic compressed most. To avoid drawback of LoURL, they have presented CoURL to enhance DDoS mitigation in an efficient manner. They have proved an outstanding performance for their given approach. Md.Khamruddin and Dr Ch. Rupa [12] have proposed an approach to detect various types of DDoS attacks. In the given approach, they have balanced the load on the victim machine by replicating servers. For mitigate the traffic on victim machine, attack signature has pushed back to upstream routers. The main goal of their mechanism is to mitigate the traffic on the victim machine so that the legal users have got the services from remote server. Yonghong Chen et. al. [13] modeled a network DDoS intrusion detection approach which is generally based on pre-processing network traffic predicted approach. Moreover, chaos theory has been come in their research. Their approach detected an anomaly caused due to any reason either by burst legal traffic or by DDoS flooding attacks. They efficiently used the neural network to execute the proposed approach in order to differentiate between DDoS attacks from unusual traffic. Their results have been based on the DARPA network traffic data which showed that the given DDoS detection method got high detection probabilities. B.S. Kiruthika Devi et. al. [14] described the classification of attack and effectual traffic monitored online. They have measured performance metrics like Latency, Link utilization and Throughput. They have used IBRL approach to reduce the attack traffic so that legal users were able send their packets without any congestion. The research design and the execution carried out on a simulated testbed. The experimental result showed that the rate limiting was efficient in reducing a network from DDoS attacks. They suggested enhancements in future contain weight based performance metrics to group the impact of DDoS attacks and quantify at various attack strengths. Jin Wang et. al. [15] explained two web applications DDoS detection approach. The given approach focused on large deviation theory i.e. LD-IID and LD-MP. LD-IID distinguished a user s access actions with 33 2015, IJAFRC All Rights Reserved www.ijafrc.org

experimental click-ratio distribution, and chosen huge deviation to estimate the deviation of each continuous user s access actions to the priori click-ratio distribution of a website. LD-MP provided the connection of a user s sub-sequent web-pages accessed. The proposed approach provided huge deviation theory to estimate the uniformity of user s experimental access action to the priori website s access action. In result section, LD-IID detected web app-ddos precisely, yet one-order Markov process makes LD-MP has high false negatives. III. PROBLEM STATEMENT A. The main issue to keep DDoS mitigation system relevant against growing the attackers. B. In the case, attackers get the control of user datagram protocol (UDP) like domain name server; user is not able to access the services from remote server. C. The mentioned methodology was not much cost effective. D. Some research was not focusing on packet loss in DDoS mitigation system. IV. RESEARCH METHODOLOGY The proposed system architecture is shown in figure 1. The packet coming from user side will arrived in Source Checking and Counting Module, where user is verified. If user is suspicious then the user is redirected to the Cache-Based Turing Module. In Cache-Based Turing Module, user is verified by the server through cache information of user saved in temporary file (user s system). The Detection section will be used for finding any other DDoS attack. The Source Checking and Counting Module takes care the all the essential information regarding attack detection. Moreover, we have Question generation module which is also used for DDoS prevention. A. Source Checking and Counting Module This module serves as a coordinator module for another module. In this module we have Source Checking Module and Counting Module 1. Source Checking Module This module is responsible for categorization of packets based on their status. This module acts as a coordination for other module. By using this module, packets are categorized into following list: Black list: In this section, Source Checking Module verifies the user s address. If it is exist in black list database then it will block the packet with the given user s address. Otherwise, it will send the packet to pink list or white list. Pink list: In this section, packets will be again verified by Cache Based Turing Test. It will check whether the packet is suspicious or not based on cache information. If packet is suspicious, it will send it to black list else in white list. 34 2015, IJAFRC All Rights Reserved www.ijafrc.org

White list: In this list, only authorized user address will be store after the complete verification by Cache Based Turing Test. 2. Counting Module The counting module stores the address of source and destination packet. It also store the arrival time of request. The default mode of counting module is to be disabled. Whenever any suspicious packet identified by DDoS Attack Detection Module, its value change to enable from disable by DDoS Attack Detection Module. The counting module reset its value periodically. Lists (Black, White.) Source Checking DDoS Attack Detection VC VC Turing Test Caching Based Turing Question Generation VC Figure 1: Packet Flow in the Proposed DDoS system B. DDoS Attack Detection Module The main aim of this module is to find suspicious source and send this suspicious source address to black list repository. Moreover, the given source is authorized by the Cache-Based Turing Module by challenging the source to receive the question. It takes four steps for detecting the suspicious source which are given below: 1. Stage 0: In this section, the detection module act as a monitor mode which is responsible for detecting the source actions and collects its information in the form of average, and maximum value of connection/incoming packets/incoming bytes per second. The stored data represents each VC s network actions which can be used for identifying the suspicious source. 2. Stage 1: In this stage, the process in Stage 0 is still running to gather the instant VC traffic data for identifying malicious source. At this section, attack detection module check for each virtual controller, compare the value between current traffic and the previous statistic one. If the current 35 2015, IJAFRC All Rights Reserved www.ijafrc.org

traffic value is greater than the previous statistic one then the detection status moved to the Stage 2 and the Counting Module enable to count the incoming traffic of the particular virtual controller. 3. Stage 2: Four essential parameters are used which are given below: TH: This is nothing but the maximum threshold value. This value can be the connection set establish between the virtual controller and user. NUM_Period: In this section a threshold value set during the packets sent by user is more than the threshold value given. In this case the DDoS Attack Detection Module attached the certain IP address into the Pink list database. After that authentication section is achieved by the Cache-Based Turing Module. MXTH: It is also a threshold value which is set in the condition whether the number of connection time is greater than MXTH. In such condition the certain IP address is attached to the Pink list database on the same time if its value is 90 % of the Apache s Server performance or TH. Node_TH: It is also a threshold value which is set in the condition when the number of IP source connection greater than the given limit. In such condition system immediately switch 50% of the IP connection to the Pink list database. The given section must have to be done to ignore the congestion on the virtual controller; else in such condition the system may crash. There may be some condition, in which no IP attached into the Pink list for NUM_Period value, and then in this situation the DDoS Attack Detection Module status is again move to Stage 1 and further the Counting Module become disabled. 4. Stage 3: In this section, due to traffic from or to virtual controller is extremely huge that it takes 90-95 % of the virtual controller inbound or outbound network bandwidth. Any analysis in this situation may lead to a system crash or busier. Thus, to avoid this condition, we attached the public IP to destination block list to block the incoming HTTP connections coming from the user. The public IP of virtual controller is consecutive attached and blocked incoming HTTP connections until its traffic is down. Till then the traffic is switch to the Cache-Based Turing Section where authentication of the client is happened. 5. Cache-Based Turing Cache is such a verification technology in which less effort is needed and a secure side service in included. This enables user to verify through a secure server. Although a number of transaction of service is needed. It includes a few number of secure data migration. This technology is as per the result secure as well as most reliable. This Turing is done for rapid information about the user. The destination address stores a number of secure other destinations (3n 3 ). The user is being asked for give access to these destination addresses. If it is found there it moved from the black list to white list. 36 2015, IJAFRC All Rights Reserved www.ijafrc.org

Black/White Sender First Attempt Service Provider Other Attempt Limited Service Pink List Full verification (Cache Based Turing Verification) Black List White List Full Service Figure 2: Authenticating User on Basis of White Pink and Black List Concept Server Existing Server User Data in Cache The Cache based Turing consist of following steps: Step 1: Server connects to the user and gets the existing users connection in the cache with a secure server side. Server User Data in Cache 37 2015, IJAFRC All Rights Reserved www.ijafrc.org

Whenever user wants a service, it is processed in request response form. The request from user, hits to the server where user verification is done. At this stage, server looks for information stored in cache in user system. These caches information are stored in text format as temporary file in system directory where the data stored in form of name value pair. The information filled by the user is matched with these caches data. When the information in cache is correctly matched with information filled by the user then user is authorize to access the legitimate service. Step 2: Server contacts with the existing user with the credential received from the user Server Existing Server In this stage user is verified with the help of existing server. Existing server already verified the user through cache information stored in system. Step 3: Existing server once again verified with the user data present in cache. Existing Server Data in Cache Step 4: In strategy the status is given to the server from the existing server, than according to the status received by the server it decide whether to share with the user or not than its updating once again the cache. V. RESULT AND DISCUSSIONS This paper is implemented using NetBean 6.8 and Spring tool suit IDE. Apache tomcat 7.0 running as web server. Here we are using Java SE, Servlet and Html as web technology. For robot attack, we are using Swing technology. The result and discussions part are describe below: 38 2015, IJAFRC All Rights Reserved www.ijafrc.org

Figure 3: Verifying User through Answering Question In Figure 3 user is verifying through answering the security question. If user gives correct answer then user will be able to login successfully. In the case of wrong answering, user will not have access to login. Figure 4: Successfully login by user In Figure 4, user has given correct answer. Thus he/she is authorized for further services. 39 2015, IJAFRC All Rights Reserved www.ijafrc.org

Figure 5: Access Denied for Wrong Answer In Figure 5, user has given wrong answer. Thus user is not authorized for login. In this case, user is not able to get the services for further use. Figure 6: Authorized user successfully login In Figure 6, already verified user wants to register. In this case, user will directly login without any security question. 40 2015, IJAFRC All Rights Reserved www.ijafrc.org

Figure 7: User blocked for wrong answering In Figure 7, user 5 again wants to login but giving wrong answer. In this case, user will be block permanently. Figure 8: Register and Blocked User Figure 8 shows the information for list of registered user and list of blocked user. VI. CONCLUSION This paper presented a multi-stage detection system which includes cache based information Turing and question generation pool Turing tests to challenge the suspicious intruders more effectively and efficiently. In this paper, we identified the attacker through cache information. Users have to answer the security question at the time of logging. Once the user gives correct answer for the given security question. She/he is able to login successfully and can use the further services. Instead of wrong 41 2015, IJAFRC All Rights Reserved www.ijafrc.org

answering by attacker, user is not able to login and hence access will be denied for further services. Thus each time verified user will login, she/he is able to use the further services. In the case of wrong answering by attacker will result the block the user permanently. Thus only verified user will have access to use the given services. VII. REFERENCES [1] The top five DDoS attacks of 2011. [Online]. Available: http://www.itbusinessedge.com/slideshows/show.aspx?c=92910 [2] M. Goldstein, M. Reif, A. Stahl, and T. Breuel, High performance traffic shaping for DDoS mitigation, in Proceedings of the 2008 ACM CoNEXT Conference, ser. CoNEXT 08. ACM, 2008. [3] X. Liu, X. Yang, and Y. Lu, To filter or to authorize: Network-layer DoS defense against multimillion-node botnets, in ACM SIGCOMM, 2008. [4] S. H. Khor and A. Nakao, DaaS: DDoS mitigation-as-a-service, in Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet, ser. SAINT 11. IEEE Computer Society, 2011, pp. 160 171. [5] T. Peng, C. Leckie, and K. Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Comput. Surv., vol. 39, April 2007. [6] S. M. Khattab, C. Sangpachatanaruk, R. Melhem, D. Mosse, and T. Znati, Proactive Server Roaming for Mitigating Denial-of-Service Attacks, in Proceedings of the 1st International Conference on International Technology: Research and Education (ITRE 03), pp. 286-290, Aug. 2003. [7] Robert Vamosi, Study: DDoS attacks threaten ISP infrastructure, Online at http://news.cnet.com/8301-1009_3-10093699-83.html, CNET News, Nov. 2008. [8] Internet World Stats, Internet User Statistics The Big Picture: World Internet Users and Population Stats, http://www.internetworldstats.com/stats.htm. [9] A. Yaar, A. Perrig, and D. Song, PI: A path identification mechanism to defend against DDoS attacks, in proceedings of the IEEE symposium on Security and Privacy, pp. 93-109, May 2003. [10] Mofreh Salem, Amany Sarhan and Mostafa AbuBakr, A DOS Attack Intrusion Detection and Inhibition Technique for Wireless Computer Networks, ICGST- CNIR, Volume (7), Issue (I), July 2007. [11] Fei Wang, Xiaofeng Hu and Jinshu Su, Unfair Rate Limiting for DDoS Mitigation Based on Traffic Increasing Patterns, IEEE, 2012. [12] A. Md.Khamruddin and B. Dr Ch. Rupa, A Rule Based DDoS Detection and Mitigation Technique, Nirma University International Conference on Engineering, 2012. [13] Yonghong Chen, Xinlei Ma, Xinya Wu, DDoS Detection Algorithm Based on Preprocessing Network Traffic Predicted Method and Chaos Theory, IEEE Communications Letters, VOL. 17, NO. 5, MAY 2013. 42 2015, IJAFRC All Rights Reserved www.ijafrc.org

[14] S. Kiruthika Devi, G. Preetha, S. Mercy Shalinie, DDoS Detection using Host-Network based Metrics and Mitigation in Experimental Testbed, IEEE, 2012. [15] Jin Wang, Xiaolong Yang, Keping Long, Web DDoS Detection Schemes Based on Measuring User s Access Behavior with Large Deviation, IEEE Globecom, 2011. 43 2015, IJAFRC All Rights Reserved www.ijafrc.org

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information