We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
HTTPScout: A Machine Learning based Countermeasure for HTTP Flood Attacks in SDN.
- Authors
Mohammadi, Reza; Lal, Chhagan; Conti, Mauro
- Abstract
Nowadays, the number of Distributed Denial of Service (DDoS) attacks is growing rapidly. The aim of these type of attacks is to make the prominent and critical services unavailable for legitimate users. HTTP flooding is one of the most common DDoS attacks and because of its implementation in application layer, it is difficult to detect and prevent by the current defense mechanisms. This attack not only makes the web servers unavailable, but consumes the computational resources of the network equipment and congests communication links. Recently, the advent of Software Defined Networking (SDN) paradigm has enabled the network providers to detect and mitigate application layer DDoS attacks such as HTTP flooding. In this paper, we propose a defense mechanism named HTTPScout which leverages the benefits of SDN together with Machine Learning (ML) techniques to detect and mitigate HTTP flooding attack. HTTPScout is implemented as a security module in RYU controller and monitors the behavior of HTTP traffic flows. Upon detecting a malicious flow, it blocks the source of the attack at the edge switch and preserves the network resources from the adversarial effects of the attack. Simulation results confirm that HTTPScout brings a significant improvement of 64% in bandwidth consumption and 80% in the number of forwarding rules compared to normal SDN.
- Subjects
DENIAL of service attacks; HTTP (Computer network protocol); MACHINE learning; SOFTWARE-defined networking; INTERNET servers; TRAFFIC flow
- Publication
International Journal of Information Security, 2023, Vol 22, Issue 2, p367
- ISSN
1615-5262
- Publication type
Article
- DOI
10.1007/s10207-022-00641-3