A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks
The growth of web technology has brought convenience to our life, since it has become the most important communication channel. However, now this merit is threatened by complicated network-based attacks, such as denial of service (DoS) and distributed denial of service (DDoS) attacks. Despite many r...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Published: |
Hindawi Publishing Corporation
2015
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/55784/ http://dx.doi.org/10.1155/2015/238230 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.55784 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.557842017-02-15T01:16:02Z http://eprints.utm.my/id/eprint/55784/ A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks Saleh, Mohammed A. Abdul Manaf, Azizah QA75 Electronic computers. Computer science The growth of web technology has brought convenience to our life, since it has become the most important communication channel. However, now this merit is threatened by complicated network-based attacks, such as denial of service (DoS) and distributed denial of service (DDoS) attacks. Despite many researchers' efforts, no optimal solution that addresses all sorts of HTTP DoS/DDoS attacks is on offer. Therefore, this research aims to fix this gap by designing an alternative solution called a flexible, collaborative, multilayer, DDoS prevention framework (FCMDPF). The innovative design of the FCMDPF framework handles all aspects of HTTP-based DoS/DDoS attacks through the following three subsequent framework's schemes (layers). Firstly, an outer blocking (OB) scheme blocks attacking IP source if it is listed on the black list table. Secondly, the service traceback oriented architecture (STBOA) scheme is to validate whether the incoming request is launched by a human or by an automated tool. Then, it traces back the true attacking IP source. Thirdly, the flexible advanced entropy based (FAEB) scheme is to eliminate high rate DDoS (HR-DDoS) and flash crowd (FC) attacks. Compared to the previous researches, our framework's design provides an efficient protection for web applications against all sorts of DoS/DDoS attacks. Hindawi Publishing Corporation 2015 Article PeerReviewed Saleh, Mohammed A. and Abdul Manaf, Azizah (2015) A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks. Scientific World Journal, 2015 (238230). ISSN 2356-6140 http://dx.doi.org/10.1155/2015/238230 DOI:10.1155/2015/238230 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Saleh, Mohammed A. Abdul Manaf, Azizah A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| description |
The growth of web technology has brought convenience to our life, since it has become the most important communication channel. However, now this merit is threatened by complicated network-based attacks, such as denial of service (DoS) and distributed denial of service (DDoS) attacks. Despite many researchers' efforts, no optimal solution that addresses all sorts of HTTP DoS/DDoS attacks is on offer. Therefore, this research aims to fix this gap by designing an alternative solution called a flexible, collaborative, multilayer, DDoS prevention framework (FCMDPF). The innovative design of the FCMDPF framework handles all aspects of HTTP-based DoS/DDoS attacks through the following three subsequent framework's schemes (layers). Firstly, an outer blocking (OB) scheme blocks attacking IP source if it is listed on the black list table. Secondly, the service traceback oriented architecture (STBOA) scheme is to validate whether the incoming request is launched by a human or by an automated tool. Then, it traces back the true attacking IP source. Thirdly, the flexible advanced entropy based (FAEB) scheme is to eliminate high rate DDoS (HR-DDoS) and flash crowd (FC) attacks. Compared to the previous researches, our framework's design provides an efficient protection for web applications against all sorts of DoS/DDoS attacks. |
| format |
Article |
| author |
Saleh, Mohammed A. Abdul Manaf, Azizah |
| author_facet |
Saleh, Mohammed A. Abdul Manaf, Azizah |
| author_sort |
Saleh, Mohammed A. |
| title |
A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| title_short |
A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| title_full |
A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| title_fullStr |
A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| title_full_unstemmed |
A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks |
| title_sort |
novel protective framework for defeating http-based denial of service and distributed denial of service attacks |
| publisher |
Hindawi Publishing Corporation |
| publishDate |
2015 |
| url |
http://eprints.utm.my/id/eprint/55784/ http://dx.doi.org/10.1155/2015/238230 |
| _version_ |
1643653900303073280 |
| score |
13.209306 |