A survey and meta-analysis of application-layer distributed denial-of-service attack

No Thumbnail Available

Date

2020

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Wiley

Research Projects

Organizational Units

Thumbnail Image
Organizational Unit
Computer Engineering
(1998)
The Atılım University Department of Computer Engineering was founded in 1998. The department curriculum is prepared in a way that meets the demands for knowledge and skills after graduation, and is subject to periodical reviews and updates in line with international standards. Our Department offers education in many fields of expertise, such as software development, hardware systems, data structures, computer networks, artificial intelligence, machine learning, image processing, natural language processing, object based design, information security, and cloud computing. The education offered by our department is based on practical approaches, with modern laboratories, projects and internship programs. The undergraduate program at our department was accredited in 2014 by the Association of Evaluation and Accreditation of Engineering Programs (MÜDEK) and was granted the label EUR-ACE, valid through Europe. In addition to the undergraduate program, our department offers thesis or non-thesis graduate degree programs (MS).

Journal Issue

Abstract

Background One of the significant attacks targeting the application layer is the distributed denial-of-service (DDoS) attack. It degrades the performance of the server by usurping its resources completely, thereby denying access to legitimate users and causing losses to businesses and organizations. Aim This study aims to investigate existing methodologies for application-layer DDoS (APDDoS) attack defense by using specific measures: detection methods/techniques, attack strategy, and feature exploration of existing APDDoS mechanisms. Methodology The review is carried out on a database search of relevant literature in IEEE Xplore, ACM, Science Direct, Springer, Wiley, and Google Search. The search dates to capture journals and conferences are from 2000 to 2019. Review papers that are not in English and not addressing the APDDoS attack are excluded. Three thousand seven hundred eighty-nine studies are identified and streamlined to a total of 75 studies. A quantifiable assessment is performed on the selected articles using six search procedures, namely: source, methods/technique, attack strategy, datasets/corpus, status, detection metric, and feature exploration. Results Based on existing methods/techniques for detection, the results show that machine learning gave the highest proportion with 36%. However, assessment based on attack strategy shows that several studies do not consider an attack form for deploying their solution. Result based on existing features for the APDDoS detection technique shows request stream during a user session and packet pattern gave the highest result with 47%. Unlike packet header information with 33%, request stream during absolute time interval with 12% and web user features 8%. Conclusion Research findings show that a large proportion of the solutions for APDDoS attack detection utilized features based on request stream during user session and packet pattern. The optimization of features will improve detection accuracy. Our study concludes that researchers need to exploit all attack strategies using deep learning algorithms, thus enhancing effective detection of APDDoS attack launch from different botnets.

Description

Misra, Sanjay/0000-0002-3556-9331; Fernandez-Sanz, Luis/0000-0003-0778-0073; Abayomi-Alli, Olusola/0000-0003-2513-5318; Abayomi-Alli, Adebayo/0000-0002-3875-1606

Keywords

application-layer DDoS, application-layer flooding attack, DDoS attack, extensive review, network security

Turkish CoHE Thesis Center URL

Citation

8

WoS Q

Q3

Scopus Q

Q2

Source

Volume

33

Issue

18

Start Page

End Page

URI

https://doi.org/10.1002/dac.4603
 https://hdl.handle.net/20.500.14411/3257

Collections

WOS
Scopus