SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters.
Saved in:
| Title: | SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters. |
|---|---|
| Authors: | Sood, Shaurya1 (AUTHOR), Hubballi, Neminath1 (AUTHOR) neminath@iiti.ac.in |
| Source: | Journal of Supercomputing. Jan2024, Vol. 80 Issue 2, p1788-1817. 30p. |
| Subjects: | Denial of service attacks, HTTP (Computer network protocol) |
| Abstract: | Denial of Service (DoS) attacks have evolved from volumetric attacks to target specific applications and can cripple different services with very limited effort. Hypertext Transfer Protocol (HTTP) is vulnerable to a slow rate DoS attack generated through prolonged connections which deliberately send incomplete requests to server. Simple detection methods which use x number of such connections in y time can be easily evaded. In this paper, we present SlowTrack which can detect slow rate DoS attacks against HTTP using a set of behavioral parameters. SlowTrack uses eight behavioral parameters which are validated to be useful in identifying the attack. We correlate these parameters to understand how their values change when attack is launched and subsequently use these observations to propose detection methods. SlowTrack is composed of three detection algorithms which make use of these observations for detecting attacks. We evaluate the detection performance of SlowTarck using experiments done in a testbed and also in a live network to show that these algorithms can detect the slow rate attacks effectively. [ABSTRACT FROM AUTHOR] |
| Copyright of Journal of Supercomputing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
|
Full text is not displayed to guests.
Login for full access.
|
|
| FullText | Links: – Type: pdflink Text: Availability: 1 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 174801195 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Sood%2C+Shaurya%22">Sood, Shaurya</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Hubballi%2C+Neminath%22">Hubballi, Neminath</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> neminath@iiti.ac.in</i> – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22Journal+of+Supercomputing%22">Journal of Supercomputing</searchLink>. Jan2024, Vol. 80 Issue 2, p1788-1817. 30p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Denial+of+service+attacks%22">Denial of service attacks</searchLink><br /><searchLink fieldCode="DE" term="%22HTTP+%28Computer+network+protocol%29%22">HTTP (Computer network protocol)</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: Denial of Service (DoS) attacks have evolved from volumetric attacks to target specific applications and can cripple different services with very limited effort. Hypertext Transfer Protocol (HTTP) is vulnerable to a slow rate DoS attack generated through prolonged connections which deliberately send incomplete requests to server. Simple detection methods which use x number of such connections in y time can be easily evaded. In this paper, we present SlowTrack which can detect slow rate DoS attacks against HTTP using a set of behavioral parameters. SlowTrack uses eight behavioral parameters which are validated to be useful in identifying the attack. We correlate these parameters to understand how their values change when attack is launched and subsequently use these observations to propose detection methods. SlowTrack is composed of three detection algorithms which make use of these observations for detecting attacks. We evaluate the detection performance of SlowTarck using experiments done in a testbed and also in a live network to show that these algorithms can detect the slow rate attacks effectively. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of Journal of Supercomputing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=174801195 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1007/s11227-023-05453-3 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 30 StartPage: 1788 Subjects: – SubjectFull: Denial of service attacks Type: general – SubjectFull: HTTP (Computer network protocol) Type: general Titles: – TitleFull: SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Sood, Shaurya – PersonEntity: Name: NameFull: Hubballi, Neminath IsPartOfRelationships: – BibEntity: Dates: – D: 15 M: 01 Text: Jan2024 Type: published Y: 2024 Identifiers: – Type: issn-print Value: 09208542 Numbering: – Type: volume Value: 80 – Type: issue Value: 2 Titles: – TitleFull: Journal of Supercomputing Type: main |
| ResultId | 1 |