Application-layer DDoS in dynamic Web-domains: Building defenses against next-generation attack behavior

Author

Stevanovic, Dusan ; Vlajic, Natalija

Author_Institution

Dept. of Comput. Sci. & Eng., York Univ., Toronto, ON, Canada

fYear

2014

fDate

29-31 Oct. 2014

Firstpage

490

Lastpage

491

Abstract

Current state-of-the art in the field of application-layer DDoS protection is generally designed, and thus effective, only for static Web-domains. To the best of our knowledge, our work is the first one to study the problem of application-layer DDoS defense in Web-domains of dynamic content and/or organization, and under next-generation bot/attack behavior. The main contributions of this paper are twofold: (1) we discuss the relevance of a branch of data mining theory - known as data streams with concept drift - to the problem of application-layer DDoS defense in dynamic Web-domains, (2) we present the outline of our next-generation anti-DDoS system that is intended for dynamic Web-domains facing different sophisticated variants of application-layer DDoS attacks.

Keywords

computer network security; data mining; next generation networks; application-layer DDoS attack protection; application-layer DDoS defense; concept drift; data mining theory; data streams; dynamic Web-domains; next-generation antiDDoS system; next-generation attack behavior; next-generation bot behavior; static Web-domains; Computer crime; Data mining; Data models; IP networks; Next generation networking; Organizations; Real-time systems; application-layer DDoS; data streams with concept drift; dynamic web domain; intrusion detection and defense;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications and Network Security (CNS), 2014 IEEE Conference on

Conference_Location

San Francisco, CA

Type

conf

DOI

10.1109/CNS.2014.6997519

Filename

6997519