A Case Study of Intelligent IDS False Alarm Reduction in Cloud Environments: Challenges and Trends ............................................................................................. YUXIN MENG, WENJUAN LI, AND LAM-FOR KWOK

A recent escalation of application layer Denial of Service attacks (DoS) on the Internet has quickly shifted the focus of the research community from traditional network-based denial of service. As a result, new varieties of attacks were explored: slow-rate and low-rate application layer DoS attacks. In this chapter, after a brief introduction of application layer DoS attacks, we discuss the characteristics of the newly proposed application layer attacks and illustrate their impact on modern web servers.

[1]  Shunzheng Yu,et al.  A Novel Model for Detecting Application Layer DDoS Attacks , 2006, First International Multi-Symposiums on Computer and Computational Sciences (IMSCCS'06).

[2]  Chengxu Ye,et al.  Detection of application layer distributed denial of service , 2011, Proceedings of 2011 International Conference on Computer Science and Network Technology.

[3]  Gabriel Maciá-Fernández,et al.  Defense techniques for low-rate DoS attacks against application servers , 2010, Comput. Networks.

[4]  Gabriel Maciá-Fernández,et al.  Evaluation of a low-rate DoS attack against iterative servers , 2007, Comput. Networks.

[5]  George M. Mohay,et al.  Ensemble-based DDoS detection and mitigation model , 2012, SIN '12.

[6]  Geert Deconinck,et al.  Analyzing well-known countermeasures against distributed denial of service attacks , 2012, Comput. Commun..

[7]  Taieb Znati,et al.  Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach , 2010, IEEE Transactions on Parallel and Distributed Systems.

[8]  Weifeng Chen,et al.  Flow level detection and filtering of low-rate DDoS , 2012, Comput. Networks.

[9]  Mudhakar Srivatsa,et al.  Mitigating application-level denial of service attacks on Web servers: A client-transparent approach , 2008, TWEB.

[10]  Balachander Krishnamurthy,et al.  Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites , 2002, WWW.

[11]  Jie Yu,et al.  A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks , 2007, International Conference on Networking and Services (ICNS '07).

[12]  Jitendra Malik,et al.  Recognizing objects in adversarial clutter: breaking a visual CAPTCHA , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[13]  Mina Guirguis,et al.  On the Impact of Low-Rate Attacks , 2006, 2006 IEEE International Conference on Communications.

[14]  Mayank Agarwal,et al.  Mitigating denial of service attack using CAPTCHA mechanism , 2011, ICWET.

[15]  Seung Yeob Nam,et al.  Memory-Efficient IP Filtering for Countering DDoS Attacks , 2009, APNOMS.

[16]  Yajuan Tang Countermeasures on Application Level Low-Rate Denial-of-Service Attack , 2012, ICICS.

[17]  M. Uysal,et al.  DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks , 2009, IEEE/ACM Transactions on Networking.

[18]  Gabriel Maciá-Fernández,et al.  LoRDAS: A Low-Rate DoS Attack against Application Servers , 2007, CRITIS.

[19]  Shun-Zheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[20]  Supranamaya Ranjan,et al.  DDoS-Resilient Scheduling to Counter Application Layer Attacks Under Imperfect Detection , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[21]  Gabriel Maciá-Fernández,et al.  Assessment of a Vulnerability in Iterative Servers Enabling Low-Rate DoS Attacks , 2006, ESORICS.

[22]  Gabriel Maciá-Fernández,et al.  Mathematical Model for Low-Rate DoS Attacks Against Application Servers , 2009, IEEE Transactions on Information Forensics and Security.