KABAKUŞ, Abdullah Talha Abant İzzet Baysal Üniversitesi - Bilgi İşlem Daire Başkanlığı, Turkey , KARA, Resul Düzce Üniversitesi - Mühendislik Fakültesi - Bilgisayar Mühendisliği Bölümü, Turkey

ddosdaps4web: DDoS Detection and Protection System for Web

28315

Protection starts with detection. Distributed denial of service (DDoS) attacks flood networks or computers in order to deny their services. Due to advances in the modern computers in terms of hardware and software, a small amount of time is enough to complete their malicious actions. Therefore, a real-time detection and protection is required in order to prevent DDoS attacks. Traditional network based protection systems are not able to provide a security for application layer DDoS attacks. In this paper, we propose a DDoS detection and protection system namely ddosdaps4web in order to detect and protect the system from HTTP based DDoS attacks. ddosdaps4web uses three services: (1) Storage service stores all HTTP requests and extracts information from request headers for further analysis, (2) Monitoring service runs every minute to detect malicious requests through predefined request limits and constructs rules in order to prevent current and upcoming attacks, and (3) Interceptor service filters all incoming requests to eliminate malicious ones through the constructed rules. ddosdaps4web is evaluated by randomly generated 10000 HTTP requests and its accuracy is calculated as 94%.

1

Denial of Service , Distributed Denial of Service , Security , Web , HTTP , DoS , DDoS

Erciyes University Journal Of The Institute Of Science an‎d Technology

9