access icon free HAP: detection of HTTP flooding attacks in cloud using diffusion map and affinity propagation clustering

The extreme growth of Internet resources leads to several kinds of attacks. Cybercrime is one of the dominant threats apart from data defence mechanism, which enhances the economy, resource management, and service quality. Among them, HTTP flooding attacks in the cloud are one of the most prevalent threats as it depletes the cloud resources and services. It is difficult to distinguish the anomalous traffic by extracting the actual payload since most of the payload could not be accessed as they are encrypted and varies dynamically based on the user input. Hence, the proposed method uses web server logs that can be easily accessed to detect the attacks. This study highlights the detection methods by extracting the features from the web server logs and also deals with the reduction in the dimensionality of the features using diffusion map. The anomalies are detected by affinity propagation clustering technique and also by monitoring the status of the virtual machine. Furthermore, the Dempster–Shafer theory focuses on the identification of the suspicious user. It is inferred from the experimental results that the proposed method enhances the detection performance with very few false alarms than existing methods.

Inspec keywords: pattern clustering; inference mechanisms; Internet; computer crime; security of data; computer network security; file servers

Other keywords: detection methods; dominant threats; diffusion map; actual payload; extreme growth; prevalent threats; data defence mechanism; detection performance; affinity propagation clustering technique; service quality; services; resource management; HTTP flooding attacks; Internet resources; web server logs; cloud resources

Subjects: Data security; Other topics in statistics; Knowledge engineering techniques; Information networks; Computer communications

http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2018.5382
Loading

Related content

content/journals/10.1049/iet-ifs.2018.5382
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading