Open Access  Subscription or Fee Access

The Denial of Service (DoS) attack is an explicit attempt by a single or group of users (Attackers) to block the resources a victim system. The victim system may be either individual system or server. Flooding attacks under the DoS are dangerous threats to the internet users. In this paper we present r a method for detecting Denial of Service attacks (DoS) i.e. flooding attacks on web services are presented and evaluated by using decoy hyperlinks embedded in web pages. Here flooding attacks are generated in three ways such as direct, spoofing and distributed direct attacks. The flooding attacks can be detected when it is distinguished from normal user patterns by inserting decoy hyperlinks into some key pages in the Website. The flooding attacks are detected by using simple threshold techniques. The Decoys are hyperlinks without semantic information or are invisible to the human user. This approach has significant advantages over other approaches like graphic Turing tests, it is transparent to the user, it can be used on general-purpose web sites and retains the web site’s usability.

Denial of Service, Flooding Attacks, Graphs, Decoy Hyperlinks

K. Poulsen, “FBI Busts Alleged DDoS Mafia” , http://www.securityfocus.com/news/9411/

Mukund Deshpande and George Karypis, “Selective Markov for Predicting Web-Page Accesses”, Technical Report #00-056, University of Minessota, 2000.

Acharyya Sreangsu, Ghosh Joydeep, “Context-Sensitive Modeling of Web-Surfing Behaviour using Concept Trees”, in Proceedings of the 5th WEBKDD Workshop, Washington, 2003.

Alexander Ypma and Tom Heskes, “Automatic Categorization of Web Pages and User Clustering with Mixtures of Hidden Markov Models”, in Proccedings in the 4th WEBKDD Workshop, Canada, 2002.

Weinan Wang and Osmar R. Zaiane, “Clustering Web Sessions by Sequence Alignment”, in Proceedings of DEXA Workshops, 2002, pp. 394-398.

William G. Morein, Angelos Stavrou, Debra L Cook, Angelos Keromytis, Vishal Misra, Dan Rubnstein, “Using Graphic Turing Tests To Counter Automated DdoS Attacks Against Web Servers”, Proceedings of the 10th ACM International Conference on Computers & Communications Security, Washington 2003.

D.L. Cook, W.G. Morein, A.D. Keromytis, V. Misra, D. Rubenstein, “WebSOS: protecting web servers from DDoS attacks”, Proceedings of the 11th IEEE International Conference on Networks (ICON), 2003, pp. 455-460.

Jonathan A. Zdziarski, “mod_evasive”, http://www.nuclearelephant.com/ projects/mod_evasive/.

Dimitris Gavrilis, Evangelos Dermatas, “Detection of Web Denial-of-Service Attacks using decoy hyperlinks”, 5th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP), Patras, 2006 .

Dimitris Gavrilis, Ioannis Chatzis and Evangelos Dermatas ,” Flash Crowd Detection Using Decoy Hyperlinks”,2007.

Bin Xiao, Wei Chen, Yanxiang He, Edwin H.-M. Sha,” An Active Detecting Method Against SYN Flooding Attack”,2001.

S.Gavaskar, R.Surendiran, Dr.E.Ramaraj,”Three Counter Defense Mechanism for TCP SYN Flooding Attacks” International Journal of Computer Applications (0975 – 8887), Volume 6– No.6, September 2010.

C. Patrikakis, M. Masikos, and O. Zouraraki, “Distributed Denial of Service Attacks,” The Internet Protocol J., vol. 7, no. 4, pp. 13-35, 2004..