@inproceedings{eee6a9088b694401b25af6b44cfd862b,
title = "New sensing technique for detecting application layer DDoS attacks targeting back-end database resources",
abstract = "Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers. In this paper we propose a new sensor located within the back-end system, which can produce additional database features. This allows for real-time insight into the actual database workload caused by each user enabling the detection of DDoS attacks targeting high database consumption resources. These resource metrics are analysed in real-time on a live website, using a decision tree classification engine. Our preliminary results show that a low rate asymmetric attack as low as 1 request every 10 seconds can be detected using these proposed features.",
author = "David Beckett and Sakir Sezer and John McCanny",
year = "2017",
month = jul,
day = "31",
doi = "10.1109/ICC.2017.7997376",
language = "English",
isbn = "978-1-4673-9000-2",
series = "IEEE International Conference on Communications (ICC): Proceedings",
publisher = " IEEE ",
booktitle = "2017 IEEE International Conference on Communications (ICC): Proceedings",
}