Detect Web Denial of Service Attacks Using Entropy and Support Vector Machine Algorithm

Message:
Article Type:
Research/Original Article (دارای رتبه معتبر)
Abstract:
By expanding Internet-based services and developing websites, cyber threats are also increasing. One of these threats is to perform denial-of-service attacks and interfere with the services of a website. Web or  application-layer service blocking attacks by creation of artificial traffic impose a heavy traffic on the web server and thus disrupt the Web service. In this research, to detect these attacks, Web server logs are     classified by applying 20 second time windows and calculating the activity level and the entropy of different IPs in each time window. Using entropy variance, time windows with continuity are determined. In the next stage, through the backup machine algorithm, the network is trained to store abnormal time windows, and ultimately IP addresses that lead to blocked service attacks or service disruptions are classified and       labelled. The proposed model was implemented on the EPA-HTTP standard dataset indicating improvement compared to previous studies.
Language:
Persian
Published:
Journal of Electronic and Cyber Defense, Volume:6 Issue: 4, 2019
Pages:
79 to 89
https://www.magiran.com/p1967212