查看文章

Web services are one of the most prominent forms of web presence exercised by the businesses to connect to their possible client base. GET flood attacks, commonly known as Application Layer DDoS attacks, are widely executed exploits that challenge almost all the web servers hosting such services on the Internet. The state-of-art literature provides many security mechanisms that are designed to handle such attacks, however, attackers constantly explore unique approaches for orchestrating covert GET flood attacks. The detection of such attacks requires user level monitoring due to a high resemblance among the browsing behaviors of legitimate users and modern-day sophisticated bots. In this paper, we propose four novel behavioral features to distinguish GET flood attack sources from the legitimate normal and flash traffic. Our work distinguishes itself from previous works by providing a comprehensive …