24x7 Service; AnyTime; AnyWhere

Mitigating Slow Hypertext Transfer Protocol Distributed Denial of Service Attacks in Software Defined Networks

Akanji, Oluwatobi Shadrach and Abisoye, Opeyemi Aderiike and Iliyasu, Mohammed Awwal (2021) Mitigating Slow Hypertext Transfer Protocol Distributed Denial of Service Attacks in Software Defined Networks. Journal of Information and Communication Technology, 20 (03). pp. 277-304. ISSN 2180-3862

[thumbnail of JICT 20 03 2021 277-304.pdf]
PDF - Published Version
Available under License Attribution 4.0 International (CC BY 4.0).

Download (641kB) | Preview


Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.

Item Type: Article
Additional Information: Printed by UUM Press
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: College of Arts and Sciences
Depositing User: Mrs Nurin Jazlina Hamid
Date Deposited: 31 Jul 2022 07:56
Last Modified: 17 May 2023 15:02

Actions (login required)

View Item View Item