Resisting web proxy-based HTTP attacks by temporal and spatial locality behavior
Data(s) |
01/01/2013
|
---|---|
Resumo |
A novel server-side defense scheme is proposed to resist the Web proxy-based distributed denial of service attack. The approach utilizes the temporal and spatial locality to extract the behavior features of the proxy-to-server traffic, which makes the scheme independent of the traffic intensity and frequently varying Web contents. A nonlinear mapping function is introduced to protect weak signals from the interference of infrequent large values. Then, a new hidden semi-Markov model parameterized by Gaussian-mixture and Gamma distributions is proposed to describe the time-varying traffic behavior of Web proxies. The new method reduces the number of parameters to be estimated, and can characterize the dynamic evolution of the proxy-to-server traffic rather than the static statistics. Two diagnosis approaches at different scales are introduced to meet the requirement of both fine-grained and coarse-grained detection. Soft control is a novel attack response method proposed in this work. It converts a suspicious traffic into a relatively normal one by behavior reshaping rather than rudely discarding. This measure can protect the quality of services of legitimate users. The experiments confirm the effectiveness of the proposed scheme. |
Identificador | |
Idioma(s) |
eng |
Publicador |
IEEE |
Relação |
http://dro.deakin.edu.au/eserv/DU:30055402/xie-resistingwebproxy-2013.pdf http://doi.org/10.1109/TPDS.2012.232 |
Direitos |
2013, IEEE |
Palavras-Chave | #attack detection #attack response #distributed denial of service attack #Traffic analysis #traffic modeling |
Tipo |
Journal Article |