Advanced Random Time Queue Blocking with Traffic Prediction for Defense of Low-rate Dos Attacks against Application Servers. | [International Journal of Communication Networks and Information Security • 2017]

Author(s):

1. R Kavitha: Department of Computer Science, Avinashilingam Institute of Home Science and Higher Education for Women; Department of Computer Science, Sri Krishna Arts and Science College, Coimbatore, Tamilnadu, India

2. G Padmavathi: Department of Computer Science, Avinashilingam Institute of Home Science and Higher Education for Women, Coimbatore, Tamilnadu, India

Abstract:

Among many strategies of Denial of Services, lowrate traffic denial-of-service (DoS) attacks are more significant. This strategy denies the services of a network by detection of the vulnerabilities in performance of the application. In this research, an efficient defense methodology is developed against low-rate DoS attack in the application servers. Though, the Improved Random Time Queue Blocking (IRTQB) technique can eliminate the vulnerabilities in the network and also avoiding the attacker from capturing all the server queue positions by defining a spatial similarity metric (SSM). However, the differentiation of the attack requests from the legitimate users' is not always efficient since only the source IP addresses and the record timestamp are considered in the SSM. It was improved by using Advanced Random Time Queue Blocking (ARTQB) scheme that employed Bandwidth utilization of attacker in IRTQB to detect the DoS attack that normally consumes a huge number of resources of the server. However, this method becomes ineffective when the attack consumes more network traffic. In this paper, an efficient detection technique called Advanced Random Time Queue Blocking with Traffic Prediction (ARTQB-TP) is proposed for defining SSM which contains, Source IP, timestamp, Bandwidth between two requests and the difference between the attack traffic and legitimate traffic. The ARTQB-TP technique is utilized to reduce the attack efficiency in 18 different server configurations which are more vulnerable to the DoS attacks and where the attacks may also have a chance to improve its effectiveness. Experimental results show that the proposed system performs better protection of application servers against the LRDoS attacks by solving its impacts on any kind of server architectures and reduced the attack efficiencies of all the types of attack strategies.

Page(s): 95-104

DOI: DOI not available

Published: Journal: International Journal of Communication Networks and Information Security, Volume: 9, Issue: 1, Year: 2017

Keywords:

Lowrate denialofservice , Spatial Similarity Metric , IRTQB , Traffic prediction , Attack efficiency , Application server

References:

[1] Iyengar , N. C. S.,Banerjee , A.,Ganapathy , G,M. H. , Bhattacharyya,D. K. , & Kalita,J. K, 2015."An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection," Pattern Recognition Letters,International Journal of Communication Networks and Information Security (IJCNIS) 51 1 -7

[2] Alomari , E.,Manickam , S.,Gupta , B. B.,Karuppayah , S.,Alfaris , R, 2012.Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art,International Journal of Computer Applications 49 24 -32

[3] Tanha , M.,Torshizi , S. D. S.,Shamala , S, 2012.A discrete event simulator for extensive defense mechanism for denial of service attacks analysis,” American Journal of Applied Sciences 9 909 -

[4] M.Sharma,N.Unde,K.Borude,A.Paradkar, 2014."A data mining based approach towards detection of low rate DoS attack," International Conference for Convergence for Technology, 1 -6

[5] Bhuyan, M. H., Bhattacharyya, D. K., & Kalita, J. K, "An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection," Pattern Recognition Letters, Vol. 51, pp. 1-7, 2015.

Citations

Downloads

Views