Abstract
Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers. In this paper we propose a new sensor located within the back-end system, which can produce additional database features. This allows for real-time insight into the actual database workload caused by each user enabling the detection of DDoS attacks targeting high database consumption resources. These resource metrics are analysed in real-time on a live website, using a decision tree classification engine. Our preliminary results show that a low rate asymmetric attack as low as 1 request every 10 seconds can be detected using these proposed features.
| Original language | English |
|---|---|
| Title of host publication | 2017 IEEE International Conference on Communications (ICC): Proceedings |
| Publisher | IEEE |
| Number of pages | 7 |
| ISBN (Electronic) | 978-1-4673-8999-0 |
| ISBN (Print) | 978-1-4673-9000-2 |
| DOIs | |
| Publication status | Published - 31 Jul 2017 |
Publication series
| Name | IEEE International Conference on Communications (ICC): Proceedings |
|---|---|
| Publisher | IEEE |
| ISSN (Electronic) | 1938-1883 |
Fingerprint Dive into the research topics of 'New sensing technique for detecting application layer DDoS attacks targeting back-end database resources'. Together they form a unique fingerprint.
Cite this
Beckett, D., Sezer, S., & McCanny, J. (2017). New sensing technique for detecting application layer DDoS attacks targeting back-end database resources. In 2017 IEEE International Conference on Communications (ICC): Proceedings (IEEE International Conference on Communications (ICC): Proceedings). IEEE . https://doi.org/10.1109/ICC.2017.7997376