Web-based Application Layer Distributed Denial-of-Service Attacks: A Data-Driven Machine Learning Strategy
Abstract
DDoS attacks, which aim to overwhelm a system with requests, are common place in the cyber world. In this type of assault, band width and processing resources are deliberately clogged to disrupt legitimate users' interactions. These attacks inundate the victim's system with packets, rendering it inaccessible. Diverging from the singular source of Denial of Service (DoS) attacks, DDoS attacks emanate from many servers, magnifying their impact. Over the last decade, a concentrated effort has been invested in comprehending the orchestration and authentication of DDoS attacks, resulting in valuable insights into discerning attack patterns and suspicious activities. Currently, the focus has shifted towards real-time detection within the stream of network transactions, constituting a critical research domain. Yet, this focus often sidelines the importance of benchmarking DDoS attack assertions within the streaming data framework. As a remedy, the Anomaly-based Real-Time Prevention (ARTP) framework has been formulated and designed specifically to combat application layer DDoS attacks, particularly targeting web applications. Employing advanced machine learning techniques, ARTP offers adaptable methodologies to swiftly and accurately pinpoint application-layer DDoS attacks. Rigorous testing on a representative LLDoS (Low-Level DoS) benchmark dataset has affirmed the resilience and efficiency of the proposed ARTP model, underscoring its capacity to achieve the research objectives set forth.
Keywords
Detection of App-DDoS, Denial of service (DoS) attacks, Application layer DDoS (App-DDoS), LLDoS dataset, and Distributed DoS (DDoS) attacks