Work place: University Institute of Engineering & Technology, Panjab University, Chandigarh, India
E-mail: k.salujauiet@gmail.com
Website:
Research Interests: Solid Modeling, Information Security, Network Architecture, Network Security
Biography
Krishan Kumar received the Ph.D. degree in electronics and computer engineering from Indian Institute of Technology, Roorkee, India. He is currently with the Department of Information Technology, University Institute of Engineering and Technology, Panjab University, Chandigarh, India. His research interests include network security, network measurement/modeling, manets and WSNs. He has published more than 70 papers in refereed international journals and conference proceedings. He is on editorial board of many reputed international journal and conferences in the field of networking.
By Karanpreet Singh Paramvir Singh Krishan Kumar
DOI: https://doi.org/10.5815/ijisa.2018.04.04, Pub. Date: 8 Apr. 2018
Internet was designed to serve the basic requirement of data transfer between systems. The security perspectives were therefore overlooked due to which the Internet remains vulnerable to a variety of attacks. Among all the possible attacks, Distributed Denial of Service (DDoS) attack is one of the eminent threats that target the availability of the online services to the intended clients. Now-a-days, attackers target application layer of the network stack to orchestrate attacks having a high degree of sophistication. GET flood attacks have been very much prevalent in recent years primarily due to advancement of bots allowing impersonating legitimate client behavior. Differentiating between a human client and a bot is therefore necessary to mitigate an attack. This paper introduces a mitigation framework based on Fuzzy Control System that takes as input two novel detection parameters. These detection parameters make use of clients' behavioral characteristic to measure their respective legitimacy. We design an experimental setup that incorporates two widely used benchmark web logs (Clarknet and WorldCup) to build legitimate and attack datasets. Further, we use these datasets to assess the performance of the proposed through well-known evaluation metrics. The results obtained during this work point towards the efficiency of our proposed system to mitigate a wide range of GET flood attack types.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals