ADBU Journal of Engineering Technology

DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks are some of the vicious network layer attacks present in the world. More than 5.4 million DDoS attacks were reported in the first half of 2021. HTTP based Dos and DDoS attack, a type of DoS and DDoS attack, is a threat to the web applications as it brings damage to the application and the business. This paper sheds light on the current detection mechanisms of HTTP based DoS and DoS attacks and the limitations identified in these detection mechanisms. This paper focuses on the mitigation strategies for the HTTP based DoS and DDoS attacks. It is imperative to create efficient solutions to defend against such cyber-attacks and ensure proper network security in workplaces.

G Saleh, M. A., & Abdul Manaf, A. (2014). ”Optimal specifications for a protective framework against HTTP-based DoS and DDoS attacks”.2014 International Symposium on Biometrics and Security Technologies(ISBAST).

Cloudflare (2021). ”DDoS Attack Trends for 2021 Q2” .The Cloudflare Blog.

Praseed, A., & Thilagam, P. S. (2018). ”DDoS Attacks at the Application Layer: Challenges and Research Perspectives for Safeguarding Web Applications”. IEEE Communications Surveys & Tutorials, 1–1.

Oluwatobi Shadrach Akanji and Opeyemi Aderiike Abisoye and Sulaimon A. Bashir and Oluwaseun Adeniyi Ojerinde (2020). ”A Survey on Slow DDoS Attack Detection Techniques”.

Zargar, Saman Taghavi; Joshi, James; Tipper, David (2013).” A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks”. IEEE Communications Surveys & Tutorials, 15(4), 2046–2069

Khalaf, B. A., Mostafa, S. A., Mustapha, A., Mohammed, M. A., & Abduallah, W. M.(2019). ”Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods”.

Muhammad Yeasir Arafat and Muhammad Morshed Alam and Mohammad Fakrul Alam (2015). ”A Practical Approach and Mitigation Techniques on Application Layer DDoS Attack in Web Server.”

Ndibwile, J. D., Govardhan, A., Okada, K., & Kadobayashi, Y. (2015).”Web Server Protection against Application Layer DDoS Attacks Using Machine Learning and Traffic Authentication”.2015 IEEE 39th Annual Computer Software and Applications Conference.

Yadav, S., & Selvakumar, S. (2015). ”Detection of application layer DDoS attack by modeling user behavior using logistic regression”. 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions).

Chengxu Ye & Keshong Zheng & Chuyu She (2012). ”Application layer ddos detection using clustering analysis.”

Luis Campo Giralte and Cristina Conde and Isaac Martin de Diego and Enrique Cabello(2013). ”Detecting denial of service by modelling web-server behaviour.”

Ranjan, Supranamaya & Swaminathan, Ram & Uysal, Mustafa & Nucci,Antonio & Knightly, Edward(2009). ”DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks.”

Tongguang Ni & Xiaoqing Gu & Hongyuan Wang & Yu Li (2013). ”Real-Time Detection of Application-Layer DDoS Attack Using Time Series Analysis”.

Saleh, M. A., & Abdul Manaf, A. (2015). ”A Novel Protective Frame-work for Defeating HTTP-Based Denial of Service and Distributed Denial of Service Attacks”.

Karnwal, T., Sivakumar, T., & Aghila, G. (2012). ”A Comber Approach to Protect Cloud Computing against XML DDoS and HTTP DDoS attack”.

Mahsa Emami-Taba and M. Amoui and L. Tahvildari(2015). ”Strategy Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks.”

Dataset used for Detection Mechanism-1. https://www.kaggle.com/jacobvs/ddos-attack-network-logs.

Dataset used for Detection Mechanism 1.https://www.kaggle.com/datasets/wardac/applicationlayer-ddos-dataset

Verma, Vishal and Kumar, Vasudha, DOS/DDOS Attack Detection using Machine Learning: A Review (April 24, 2021). Proceedings of the International Conference on Innovative Computing & Communication (ICICC) 2021.

Ivandro Ortet Lopes, Deqing Zou, Francis A Ruambo, Saeed Akbar, Bin Yuan, "Towards Effective Detection of Recent DDoS Attacks: A Deep Learning Approach", Security and Communication Networks, vol. 2021, Article ID 5710028, 14 pages, 2021.