Optimal thresholds of algorithm and expansion of Application-Layer attack detection block ALAB in ALADDIN


The KIPS Transactions:PartC, Vol. 18, No. 3, pp. 127-134, Jun. 2011
10.3745/KIPSTC.2011.18.3.127,   PDF Download:

Abstract

Malicious botnet has been used for more malicious activities, such as DDoS attacks, sending spam messages, steal personal information, etc. To prevent this, many studies have been preceded. But malicious botnets have evolved and evaded detection systems. In particular, HTTP GET Request attack that exploits the vulnerability of the application layer is used. ALAB of ALADDIN proposed by ETRI is DDoS attack detection system that HTTP GET, Incomplete GET request flooding attack detection algorithm is applied. In this paper, we extend Incomplete GET detection algorithm of ALAB and derive the optimal configuration parameters to verify the validity of the algorithm ALAB by the study of the normal and attack packets.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
S. Y. Yoo, D. G. Park, J. T. Oh, I. H. Jeon, "Optimal thresholds of algorithm and expansion of Application-Layer attack detection block ALAB in ALADDIN," The KIPS Transactions:PartC, vol. 18, no. 3, pp. 127-134, 2011. DOI: 10.3745/KIPSTC.2011.18.3.127.

[ACM Style]
Seung Yeop Yoo, Dong Gue Park, Jin Tae Oh, and In Ho Jeon. 2011. Optimal thresholds of algorithm and expansion of Application-Layer attack detection block ALAB in ALADDIN. The KIPS Transactions:PartC, 18, 3, (2011), 127-134. DOI: 10.3745/KIPSTC.2011.18.3.127.