SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters.

Saved in:
Bibliographic Details
Title: SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters.
Authors: Sood, Shaurya1 (AUTHOR), Hubballi, Neminath1 (AUTHOR) neminath@iiti.ac.in
Source: Journal of Supercomputing. Jan2024, Vol. 80 Issue 2, p1788-1817. 30p.
Subjects: Denial of service attacks, HTTP (Computer network protocol)
Abstract: Denial of Service (DoS) attacks have evolved from volumetric attacks to target specific applications and can cripple different services with very limited effort. Hypertext Transfer Protocol (HTTP) is vulnerable to a slow rate DoS attack generated through prolonged connections which deliberately send incomplete requests to server. Simple detection methods which use x number of such connections in y time can be easily evaded. In this paper, we present SlowTrack which can detect slow rate DoS attacks against HTTP using a set of behavioral parameters. SlowTrack uses eight behavioral parameters which are validated to be useful in identifying the attack. We correlate these parameters to understand how their values change when attack is launched and subsequently use these observations to propose detection methods. SlowTrack is composed of three detection algorithms which make use of these observations for detecting attacks. We evaluate the detection performance of SlowTarck using experiments done in a testbed and also in a live network to show that these algorithms can detect the slow rate attacks effectively. [ABSTRACT FROM AUTHOR]
Copyright of Journal of Supercomputing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Full text is not displayed to guests.
FullText Links:
  – Type: pdflink
Text:
  Availability: 1
Header DbId: egs
DbLabel: Engineering Source
An: 174801195
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Sood%2C+Shaurya%22">Sood, Shaurya</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Hubballi%2C+Neminath%22">Hubballi, Neminath</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> neminath@iiti.ac.in</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Journal+of+Supercomputing%22">Journal of Supercomputing</searchLink>. Jan2024, Vol. 80 Issue 2, p1788-1817. 30p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Denial+of+service+attacks%22">Denial of service attacks</searchLink><br /><searchLink fieldCode="DE" term="%22HTTP+%28Computer+network+protocol%29%22">HTTP (Computer network protocol)</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Denial of Service (DoS) attacks have evolved from volumetric attacks to target specific applications and can cripple different services with very limited effort. Hypertext Transfer Protocol (HTTP) is vulnerable to a slow rate DoS attack generated through prolonged connections which deliberately send incomplete requests to server. Simple detection methods which use x number of such connections in y time can be easily evaded. In this paper, we present SlowTrack which can detect slow rate DoS attacks against HTTP using a set of behavioral parameters. SlowTrack uses eight behavioral parameters which are validated to be useful in identifying the attack. We correlate these parameters to understand how their values change when attack is launched and subsequently use these observations to propose detection methods. SlowTrack is composed of three detection algorithms which make use of these observations for detecting attacks. We evaluate the detection performance of SlowTarck using experiments done in a testbed and also in a live network to show that these algorithms can detect the slow rate attacks effectively. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Journal of Supercomputing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=174801195
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1007/s11227-023-05453-3
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 30
        StartPage: 1788
    Subjects:
      – SubjectFull: Denial of service attacks
        Type: general
      – SubjectFull: HTTP (Computer network protocol)
        Type: general
    Titles:
      – TitleFull: SlowTrack: detecting slow rate Denial of Service attacks against HTTP with behavioral parameters.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Sood, Shaurya
      – PersonEntity:
          Name:
            NameFull: Hubballi, Neminath
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 15
              M: 01
              Text: Jan2024
              Type: published
              Y: 2024
          Identifiers:
            – Type: issn-print
              Value: 09208542
          Numbering:
            – Type: volume
              Value: 80
            – Type: issue
              Value: 2
          Titles:
            – TitleFull: Journal of Supercomputing
              Type: main
ResultId 1