Using CAPTCHA Selectively to Mitigate HTTP-Based Attacks

In recent years, CAPTCHA has been used as a panacea against HTTP-based Distributed Denial of Service (DDoS) attacks. However, they also cause a lot of inconvenience to legitimate users. In this paper, we present a framework to exploit the synchronized behaviour of bots to exhaust Web server resources. Clustering technique is used to form separate group of attackers and legitimate users. The clusters of attackers are identified by the high workload they generate on the server. They are challenged with CAPTCHAs to mitigate the attack while the legitimate users browse the website without any restriction. The proposed framework was tested using botnets and real web traffic. Results show our frame work has a high detection rate.