位置:成果数据库 > 期刊 > 期刊详情页
HTTP-sCAN:Detecting HTTP-Flooding Attack by Modeling Multi-Features of Web Browsing Behavior from Noisy Web-Logs
  • ISSN号:1673-5447
  • 期刊名称:《中国通信:英文版》
  • 时间:0
  • 分类:TP393.08[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术] TP393[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]School of Computer and Communications Engineering, University of Science and Technology Beijing, Beijing 100083, P. R. China, [2]Research Center for Optical Intemet & Mobile Information Network, School of Communication & Information Engineer,University of Electronic Science & Technology of China, Chengdu 611731, P. R. China, [3]Network Center of Chengdu University, Chengdu 610106, Sichuan Province, P. R. China
  • 相关基金:supported by National Key Basic Research Program of China(973 program)under Grant No.2012CB315905; National Natural Science Foundation of China under grants 61172048,61100184,60932005 and 61201128; the Fundamental Research Funds for the Central Universities under Grant No ZYGX2011J007
作者: WANG Jin[1,3], ZHANG Min[1], YANG Xiaolong[1], LONG Keping[1], XU Jie[2]
关键词: Flooding攻击, Web服务器, 检测性能, HTTP, 网络日志, 浏览行为, 扫描, flooding攻击, IP network DDoS relative entropy cluster algorithm
中文摘要:

HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.

英文摘要:

HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.

同期刊论文项目
CDN-P2P融合分发网络服务高可用性模型与关键机制研究
期刊论文 51 会议论文 6
非对称广域覆盖信息共享网络理论与技术
期刊论文 60 会议论文 24 专利 13 著作 1
面向内容安全监控应用的视频指纹实时获取与快速检索技术研究
期刊论文 8 会议论文 6
面向ISP与用户协作的内容分发网络体系结构与关键技术研究
期刊论文 17 会议论文 4
同项目期刊论文
IUKF neural network modeling for FOG temperature drift
<span style="color:#0070C0;font-family:宋体;font-size:12pt;">用户兴趣感知的内容副本优化放置算法</spa
基于尖点突变模型的IP网络异常行为检测方法
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
支持业务均衡的OBS网络分布式回退偏射路由算法
基于细胞适应机制的自组网多路径路由协议
一种基于仿生学的MANET拥塞节点自适应回避路由协议
基于内容流行度差异性的CDN-P2P融合分发网络缓存替换机制研究
用户兴趣感知的内容副本优化放置算法
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
认知无线电网络中宽频谱的信号分离算法
基于分组特性的冗余流量消除算法
基于加权二分网络的冗余流量演化模型研究
Analysis of chaotic dynamics in a two-dimensional sine square map
HTTP-SCAN: detecting HTTP-flooding attack by modeling multi-features of web browsing behavior from N
uSensing: a Universal Platform to Support Smartphones Accessing Wireless Sensor Networks
RAVS: Remote attestation of video security based on trusted platform module
基于数据包分析的流媒体多语义流行度模型. 计算机应用研究
基于节点连接度的P2P流量快速识别方法
基于张量神经网络的音频多语义分类方法
基于TPM的视频安全远程取证
File-Sharing Preference in a Peer-to-Peer Network
Popularity based network statistical analysis in peer-to-peer application
基于物理干扰模型的分布式传输调度算法
未来网络的研究进展和发展趋势
一种P2P文件共享网络流量分析模型
Network statistical analysis in peer-to-peer application
一种非对称广域覆盖的信息共享网络结构
Covariances of Linear Stochastic Differential Equations for Analyzing Computer Networks
基于时滞混沌系统的带密钥Hash函数的设计与分析
Authentication Strategy for Information Resources of Asymmetric Information Sharing Network
Tensor semantic model for an audio classification system
HTTP-SOLDIER: a HTTP-flooding attack detection scheme with the large deviation principle
基于神经网络的数字音频双重语义水印算法
A Semantic Classification Method of Digital Image Based on Cloud Model
A Novel Trusted Computing Model of Network Security Authentication
Efficient Multicast Authentication Using Proportional Grouped Tree-Chain
A Data Migration Strategy for HSM Based on Data Value
基于尖点突变模型的IP网络异常行为检测方法
ISM:漂移意图可感知的IP网络生存性服务提供模型
Distributed adaptive filtering: a graphical evolutionary game theoretic view
A topology control algorithm based on D-region fault tolerance
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
基于数据包分析的流媒体多语义流行度模型
一种基于仿生学的MANET拥塞节点自适应回避路由协议
Chaos generator for secure transmission using a sine map and an RLC series circuit
ESTIMATION OF THE VARIANCES OF TCP/RED USING STOCHASTIC DIFFERENTIAL EQUATION
Chaotic Dynamics in a Sine Square Map: High-Dimensional Case (N ≥ 3)
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
基于随机矩阵理论的城市人群移动行为分析
基于UCL的个性化主动信息服务实验研究
新一代广播型网络实验系统的构建与实现
基于视频解码依赖性的低延时无线视频广播纠删编码
WDM光网络中节能的1∶1保护路由波长分配算法研究
Topology Control Algorithm Using Fault-Tolerant 1-Spanner for Wireless Ad Hoc Networks
对等网络应用中的网络统计特征分析
基于资源流行度的对等网络统计特征分析
分层次的无状态单分组IP溯源技术
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
Atmospheric Pressure-Aware Seamless 3-D Localization and Navigation for Mobile Internet Devices
Distributed link scheduling method with physical interference model in wireless multi-hop networks
On a Mathematical Model for Low-Rate Shrew DDoS
Nonlinear Analysis and Optimal Control of an Improved SIR Rumor Spreading Model
HTTP-SoLDiER: An HTTP-flooding attack detection scheme with the large deviation principle
一种基于改进SURF的视频DNA生成算法研究
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
Efficient joint carrier frequency offset and phase noise compensation scheme for high-speed coherent
A novel rateless codes design scheme based on two-stage encoding and forward equal probability
An adaptive path selection model for WSN multipath routing inspired by metabolism behaviors
On a Mathematical Model for Low-Rate Shrew DDoS
Multi-path routing protocol based on adaptation mechanism of cell in ad hoc networks
A simple and efficient frequency offset estimation algorithm for high-speed coherent optical OFDM sy
Double-Auction-Based Optimal User Assignment for Multisource-Multirelay Cellular Networks
面向CCN的路由转发方案设计
A load balancing multi-path routing scheme based on effective voids for optical burst switching netw
A Bioinspired adaptive congestion-avoidance routing for mobile ad hoc networks
ABio-inspired OSPF Path Selection Scheme Based on An Adaptive AttractorSelection Model
RMI-DRE:A Redundancy-Maximizing Identification Scheme for Data Redundancy Elimination
Network coding-based protection strategy against multiple link failures
A survivability network model with Min{ds, dd} node-disjoint paths
Influence of stochastic delay contaminations on IP network coordinate system and contamination mitig
基于尖点突变模型的IP网络异常行为检测方法
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
支持业务均衡的OBS网络分布式回退偏射路由算法
基于细胞适应机制的自组网多路径路由协议
一种基于仿生学的MANET拥塞节点自适应回避路由协议
基于内容流行度差异性的CDN-P2P融合分发网络缓存替换机制研究
用户兴趣感知的内容副本优化放置算法
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
期刊信息
  • 《中国通信:英文版》
  • 中国科技核心期刊
  • 主管单位:中国科学技术协会
  • 主办单位:中国通信学会
  • 主编:刘复利
  • 地址:北京市东城区广渠门内大街80号6层608
  • 邮编:100062
  • 邮箱:editor@ezcom.cn
  • 电话:010-64553845
  • 国际标准刊号:ISSN:1673-5447
  • 国内统一刊号:ISSN:11-5439/TN
  • 邮发代号:2-539
  • 获奖情况:
  • 国内外数据库收录:
  • 被引量:187