Mitigation of HTTP-GET flood Attack
Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2014, Vol 2, Issue 11
Abstract
An HTTP GET flood is a volumetric attack that does not use malformed packets, spoofing or reflection techniques. HTTP flood attacks may be one of the most advanced non-vulnerability threats facing web servers today. It is very hard for network security devices to distinguish between legitimate HTTP traffic and malicious HTTP traffic, and if not handled correctly, it could cause a high number of false-positive detections. Rate-based detection engines are also not successful at detecting HTTP flood attacks, as the traffic volume of HTTP floods may be under detection thresholds. Because of this, it is necessary to use several parameters detection including rate-based and rate-invariant. Denial of Service attacks to web services is called HTTPGET flood attack and threats of them increase day by day. In this type of attacks, malicious clients send a large number of HTTP-GET requests to the target web server automatically. Since these HTTP-GET requests have legitimate formats and are sent via normal TCP connections, an intrusion detection system (IDS) cannot detect them. In this paper, we propose mitigation techniques of HTTP-GET flood based on log file.
Authors and Affiliations
Hally Khatri, Akanksha Gupta, Dheeraj Pal
Keywords
Related Articles
- EP ID EP19125
- DOI -
- Views 278
- Downloads 5
An Error Reduction Hybrid for Achieving Near to Exact Classification Using KSTAR and IBK Classifier
The data mining which is the source of the all the discovery of knowledge, classification always play a vital role and it really means, so without proper classification it is impossible to find the proper accuracy, so t...
slugExperimental Investigation of Shell and Tube Heat Exchanger Using Bell Delaware Method
A heat exchanger is a device that is used to transfer thermal energy between two or more fluids, between a solid surface and a fluid, or between solid particulates and a fluid, at different temperatures and in thermal c...
Data Mining Information System
Decision making between couple of things gone turn out critical for human thinking ability. Though, it is not always simple to recognize what to evaluate and what are the alternatives. To tackle this complexity, we expl...
Improved Data Integrity Public Auditing for Regenerating-Code-Based Cloud Storage
Cloud Computing is very important vision of computing as a utility. Using cloud storage, users can store their data into cloud. So they can enjoy high quality applications and services. Users can outsource data without...
Design of Smart City
Wireless technologies are in style and chop-chop developed throughout few years that are being employed in smart applications like home automation, greenhouse observance, health care and industrial management etc. The i...