Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks

Ghaben, Ayman Ibrahim Ali (2023) Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks. PhD thesis, Universiti Sains Malaysia.

[img]
Preview
 PDF
Download (715kB) | Preview

Abstract

This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets.

Item Type: Thesis (PhD)
Subjects: T Technology > T Technology (General) > T1-995 Technology(General)
Divisions: Pusat IPv6 Termaju Negara (National Advanced IPv6 Centre of Excellence NAv6) > Thesis
Depositing User: Mr Aizat Asmawi Abdul Rahim
Date Deposited: 13 Mar 2024 07:40
Last Modified: 13 Mar 2024 07:40
URI: http://eprints.usm.my/id/eprint/60176

Actions (login required)

View Item View Item
USM Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.
Share