Karanpreet Singh

Work place: Dr B R Ambedkar National Institute of Technology, Jalandhar 144011, Punjab, India

E-mail: karanpreet.13.cse@nitj.ac.in

Website:

Research Interests: Computer Networks, Information Security, Network Security, Distributed Computing, Data Structures and Algorithms

Biography

Karanpreet Singh received the masters’s degree in computer science and engineering, in 2013 and the bachelor’s degree in information technology, in 2011 from Punjab Technical University, Jalandhar, Punjab, India. He is currently pursuing the Ph.D. degree in computer science and engineering at National Institute of Technology Jalandhar, Punjab, India. His research interests include network security, distributed networks, and cloud computing. He is a student member of the IEEE and the IEEE Communications Society.

Author Articles
Fuzzy-based User Behavior Characterization to Detect HTTP-GET Flood Attacks

By Karanpreet Singh Paramvir Singh Krishan Kumar

DOI: https://doi.org/10.5815/ijisa.2018.04.04, Pub. Date: 8 Apr. 2018

Internet was designed to serve the basic requirement of data transfer between systems. The security perspectives were therefore overlooked due to which the Internet remains vulnerable to a variety of attacks. Among all the possible attacks, Distributed Denial of Service (DDoS) attack is one of the eminent threats that target the availability of the online services to the intended clients. Now-a-days, attackers target application layer of the network stack to orchestrate attacks having a high degree of sophistication. GET flood attacks have been very much prevalent in recent years primarily due to advancement of bots allowing impersonating legitimate client behavior. Differentiating between a human client and a bot is therefore necessary to mitigate an attack. This paper introduces a mitigation framework based on Fuzzy Control System that takes as input two novel detection parameters. These detection parameters make use of clients' behavioral characteristic to measure their respective legitimacy. We design an experimental setup that incorporates two widely used benchmark web logs (Clarknet and WorldCup) to build legitimate and attack datasets. Further, we use these datasets to assess the performance of the proposed through well-known evaluation metrics. The results obtained during this work point towards the efficiency of our proposed system to mitigate a wide range of GET flood attack types.

[...] Read more.
Other Articles