Detecting application denial-of-service attacks: A group-testing-based approach

Ying Xuan, Incheol Shin, My T. Thai, Taieb Znati

Research output: Contribution to journalArticlepeer-review

48 Citations (Scopus)

Abstract

Application DoS attack, which aims at disrupting application service rather than depleting the network resource, has emerged as a larger threat to network services, compared to the classic DoS attack. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DDoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions. To identify application DoS attack, we propose a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks. More specifically, we first extend classic GT model with size constraints for practice purposes, then redistribute the client service requests to multiple virtual servers embedded within each back-end server machine, according to specific testing matrices. Based on this framework, we propose a two-mode detection mechanism using some dynamic thresholds to efficiently identify the attackers. The focus of this work lies in the detection algorithms proposed and the corresponding theoretical complexity analysis. We also provide preliminary simulation results regarding the efficiency and practicability of this new scheme. Further discussions over implementation issues and performance enhancements are also appended to show its great potentials.

Original languageEnglish
Article number5232807
Pages (from-to)1203-1216
Number of pages14
JournalIEEE Transactions on Parallel and Distributed Systems
Volume21
Issue number8
DOIs
Publication statusPublished - 2010
Externally publishedYes

Keywords

  • Application DoS
  • group testing
  • network security

ASJC Scopus subject areas

  • Signal Processing
  • Hardware and Architecture
  • Computational Theory and Mathematics

Fingerprint

Dive into the research topics of 'Detecting application denial-of-service attacks: A group-testing-based approach'. Together they form a unique fingerprint.

Cite this