Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks
This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2023
|
Subjects: | |
Online Access: | http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-usm-ep.60176 |
---|---|
record_format |
uketd_dc |
spelling |
my-usm-ep.601762024-03-13T07:40:08Z Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks 2023-01 Ghaben, Ayman Ibrahim Ali T1-995 Technology(General) This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets. 2023-01 Thesis http://eprints.usm.my/60176/ http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf application/pdf en public phd doctoral Universiti Sains Malaysia Pusat IPv6 Termaju Negara (National Advanced IPv6 Centre of Excellence NAv6) |
institution |
Universiti Sains Malaysia |
collection |
USM Institutional Repository |
language |
English |
topic |
T1-995 Technology(General) |
spellingShingle |
T1-995 Technology(General) Ghaben, Ayman Ibrahim Ali Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
description |
This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets. |
format |
Thesis |
qualification_name |
Doctor of Philosophy (PhD.) |
qualification_level |
Doctorate |
author |
Ghaben, Ayman Ibrahim Ali |
author_facet |
Ghaben, Ayman Ibrahim Ali |
author_sort |
Ghaben, Ayman Ibrahim Ali |
title |
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
title_short |
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
title_full |
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
title_fullStr |
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
title_full_unstemmed |
Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
title_sort |
statistical-based mechanism for detecting hyper text transfer protocol ddos attacks |
granting_institution |
Universiti Sains Malaysia |
granting_department |
Pusat IPv6 Termaju Negara (National Advanced IPv6 Centre of Excellence NAv6) |
publishDate |
2023 |
url |
http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf |
_version_ |
1794024100493000704 |