Publication:
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks

Loading...
Thumbnail Image
Date
2023-01
Authors
Ayman Ibrahim Ali Ghaben
Journal Title
Journal ISSN
Volume Title
Publisher
Research Projects
Organizational Units
Journal Issue
Abstract
This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets.
Description
Keywords
Statistical-Based Mechanism , Detecting Hyper Text Transfer Protocol Ddos Attacks
Citation