Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks
This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | http://eprints.usm.my/60176/ http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf |
| _version_ | 1848884372220936192 |
|---|---|
| author | Ghaben, Ayman Ibrahim Ali |
| author_facet | Ghaben, Ayman Ibrahim Ali |
| author_sort | Ghaben, Ayman Ibrahim Ali |
| building | USM Institutional Repository |
| collection | Online Access |
| description | This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets. |
| first_indexed | 2025-11-15T19:05:39Z |
| format | Thesis |
| id | usm-60176 |
| institution | Universiti Sains Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T19:05:39Z |
| publishDate | 2023 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | usm-601762024-03-13T07:40:08Z http://eprints.usm.my/60176/ Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks Ghaben, Ayman Ibrahim Ali T1-995 Technology(General) This thesis proposes an approach to detect HTTP flooding DDoS attacks on web servers. The proposed approach consists of five phases to achieve the goal of the research, as follows: (1) Data pre-processing, (ii) Aggregated packets attributes aim to aggregate the packets every (t) time based on three attributes which are (a) packet size, (b) regularity (inter arrival time), and (c) number of packets (iii) Anomaly-based detection using four indicators which are : (a) summation rows-columns, (b) Bayes- entropy, (c) skew of the packets distribution, and (d) Reynolds number) (iv) voting- based mechanism, and (v) statistical based mechanism. The proposed mechanism has been evaluated using two benchmark datasets (CIC DDoS and ISCX) and the results reveal that the detection accuracy rates are 96.03% and 94.28% when evaluated over CIC DDoS and ISCX datasets, respectively. Furthermore, the false positive rates are 14.28%, 10.00% when evaluated over those datasets. 2023-01 Thesis NonPeerReviewed application/pdf en http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf Ghaben, Ayman Ibrahim Ali (2023) Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks. PhD thesis, Universiti Sains Malaysia. |
| spellingShingle | T1-995 Technology(General) Ghaben, Ayman Ibrahim Ali Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title | Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title_full | Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title_fullStr | Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title_full_unstemmed | Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title_short | Statistical-Based Mechanism For Detecting Hyper Text Transfer Protocol Ddos Attacks |
| title_sort | statistical-based mechanism for detecting hyper text transfer protocol ddos attacks |
| topic | T1-995 Technology(General) |
| url | http://eprints.usm.my/60176/ http://eprints.usm.my/60176/1/Pages%20from%20AYMAN%20IBRAHIM%20ALI%20GHABEN%20-%20TESIS.pdf |