Application-Layer DDoS Attack Detection Using Explicit Duration Recurrent Network-Based Application-Layer Protocol Communication Models
نویسندگان
چکیده
Existing application-layer distributed denial of service (AL-DDoS) attack detection methods are mainly targeted at specific attacks and cannot effectively detect other types AL-DDoS attacks. This study presents an protocol communication model for detection, based on the explicit duration recurrent network (EDRN). The proposed method includes training detection. In phase, output each observation sequence is updated in real time. sequences keywords time intervals between adjacent keywords. Protocol extracted their identification using regular expressions. Experiments conducted datasets collected from a campus CICDDoS2019 dataset. results experiments show that EDRN superior to several popular neural networks accuracy, F1, recall, loss values. achieves accuracy 0.996, F1 0.992, recall 0.993, 0.041 detecting HTTP DDoS further our can multiple comparison test, outperforms state-of-the-art approaches.
منابع مشابه
Application Layer DDOS Attack Detection Using Hybrid Machine Learning Approach
Application Layer Distributed Denial of Service (App-DDoS) attack has become a major threat to web security. Attack detection is difficult as they mimic genuine user request. This paper proposes a clustering based correlation approach for detecting application layer DDoS attack on HTTP protocol. Proposed approach has two main modules ----Flow monitoring module and User behavior monitoring modul...
متن کاملEntropy-Based Application Layer DDoS Attack Detection Using Artificial Neural Networks
Distributed denial-of-service (DDoS) attack is one of the major threats to the web server. The rapid increase of DDoS attacks on the Internet has clearly pointed out the limitations in current intrusion detection systems or intrusion prevention systems (IDS/IPS), mostly caused by application-layer DDoS attacks. Within this context, the objective of the paper is to detect a DDoS attack using a m...
متن کاملDynamic Application-Layer Protocol Analysis for Network Intrusion Detection
Many network intrusion detection systems (NIDS) rely on protocol-specific analyzers to extract the higher-level semantic context from a traffic stream. To select the correct kind of analysis, traditional systems exclusively depend on well-known port numbers. However, based on our experience, increasingly significant portions of today’s traffic are not classifiable by such a scheme. Yet for a NI...
متن کاملSurvey on Application Layer DDoS Attacks
DDoS attacks are the process of making the target system non-responsive to the legitimate requests. They were focusing on network and transport layers initially. Now the application layer DDoS attacks are prominent and are most difficult to resolve online. This paper presents a comprehensive study on Botnet-based DDoS attacks on application layer, and the extended incidents of such attacks that...
متن کاملDetection of Application Layer Ddos Attacks Using Information Theory Based Metrics
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. Recently, there are an increasing number of DDoS attacks against online services and Web applications. These attacks are targeting the application level. Detecting application layer DDOS attack is not an easy task. A more sophisticated mechanism is required to distinguish the malicious flow from the legitimate o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Intelligent Systems
سال: 2023
ISSN: ['1098-111X', '0884-8173']
DOI: https://doi.org/10.1155/2023/2632678