Title :
Application-layer DDoS in dynamic Web-domains: Building defenses against next-generation attack behavior
Author :
Stevanovic, Dusan ; Vlajic, Natalija
Author_Institution :
Dept. of Comput. Sci. & Eng., York Univ., Toronto, ON, Canada
Abstract :
Current state-of-the art in the field of application-layer DDoS protection is generally designed, and thus effective, only for static Web-domains. To the best of our knowledge, our work is the first one to study the problem of application-layer DDoS defense in Web-domains of dynamic content and/or organization, and under next-generation bot/attack behavior. The main contributions of this paper are twofold: (1) we discuss the relevance of a branch of data mining theory - known as data streams with concept drift - to the problem of application-layer DDoS defense in dynamic Web-domains, (2) we present the outline of our next-generation anti-DDoS system that is intended for dynamic Web-domains facing different sophisticated variants of application-layer DDoS attacks.
Keywords :
computer network security; data mining; next generation networks; application-layer DDoS attack protection; application-layer DDoS defense; concept drift; data mining theory; data streams; dynamic Web-domains; next-generation antiDDoS system; next-generation attack behavior; next-generation bot behavior; static Web-domains; Computer crime; Data mining; Data models; IP networks; Next generation networking; Organizations; Real-time systems; application-layer DDoS; data streams with concept drift; dynamic web domain; intrusion detection and defense;
Conference_Titel :
Communications and Network Security (CNS), 2014 IEEE Conference on
Conference_Location :
San Francisco, CA
DOI :
10.1109/CNS.2014.6997519
