New sensing technique for detecting application layer DDoS attacks targeting back-end database resources

David Beckett, Sakir Sezer, John McCanny

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)
327 Downloads (Pure)

Abstract

Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers. In this paper we propose a new sensor located within the back-end system, which can produce additional database features. This allows for real-time insight into the actual database workload caused by each user enabling the detection of DDoS attacks targeting high database consumption resources. These resource metrics are analysed in real-time on a live website, using a decision tree classification engine. Our preliminary results show that a low rate asymmetric attack as low as 1 request every 10 seconds can be detected using these proposed features.
Original languageEnglish
Title of host publication2017 IEEE International Conference on Communications (ICC): Proceedings
Publisher IEEE
Number of pages7
ISBN (Electronic)978-1-4673-8999-0
ISBN (Print)978-1-4673-9000-2
DOIs
Publication statusPublished - 31 Jul 2017

Publication series

NameIEEE International Conference on Communications (ICC): Proceedings
PublisherIEEE
ISSN (Electronic)1938-1883

Fingerprint Dive into the research topics of 'New sensing technique for detecting application layer DDoS attacks targeting back-end database resources'. Together they form a unique fingerprint.

  • Cite this

    Beckett, D., Sezer, S., & McCanny, J. (2017). New sensing technique for detecting application layer DDoS attacks targeting back-end database resources. In 2017 IEEE International Conference on Communications (ICC): Proceedings (IEEE International Conference on Communications (ICC): Proceedings). IEEE . https://doi.org/10.1109/ICC.2017.7997376