The main aim of the proposed Paper is to implement a
heuristic method to monitor and mitigate the Application-Layer
DDoS Attacks for popular websites where even a legitimate HTTP request can cause flooding in web servers and also a method to identify whether the surge in traffic is caused by App-DDoS attackers or by normal web users. Rather than adapting to the traditional methods of DDoS Mitigation, our proposal aims at identifying the attackers attacking technique and provides an optimal solution.

YI XIE and SHUN-SHENG YU. Monitoring the Application-Layer

DDoS Attacks for Popular Websites. In IEEE/ACM TRANSACTIONS

ON NETWORKING, VOL. 17, NO. 1, 2009.

J. YU, C. FANG, L. LU, Z. LI, Mitigating application layer distributed

denial of service attacks via effective trust management In IET

Commun., 2010, Vol. 4.

MIRKOVIC J., DIETRICH S., DITTRICH D., REIHER P.: ‘Internet

denial of service: attack and defense mechanisms’ (Prentice-Hall PTR,

.

RANJAN S., SWAMINATHAN R., UYSAL M., KNIGHTLY E.:

‘DDoS resilient scheduling to counter application layer attacks under

imperfect detection’. Proc. INFOCOM’06, 2006.

http://en.wikipedia.org/wiki/Reflection_attack

https://www.owasp.org/index.php/Reflection_attack_in_an_auth_protoc

ol

WALFISH M., VUTUKURU M., BALAKRISHNAN H., KARGER D.,

SHENKER S. ‘DDoS Defense by offense’ . Proc. SIGCOMM’06, 2006.

KHATTAB S., GOBRIEL S., MELHEM R., MOSSE D.: ‘Live baiting

for service-level DoS attackers’. Proc. INFOCOM’08, 2008 .

SRIVATSA M., IYENGAR A., YIN J., LIU L.: ‘Mitigating applicationlevel

denial of service attacks on web servers: a client-transparent

approach’, ACM Trans. Web, 2008, 18, (12), pp. 1649–1662.

YEN W., LEE M.: ‘A framework for defending application layer DDoS

attacks using an AI approach’. Proc. IASTED Int. Conf. on Artificial

Intelligence and Applications, 2007.