A novel approach for countering application layer DDoS attacks

With the vast resource and techniques increasingly available to attackers, application layer DDoS (App-DDoS) attacks have become a serious threat to webserver. In order to deal with this kind of complex and varied attacks, a novel approach based on time series prediction model is proposed, which includes the following work: Firstly, App-DDoS attacks are divided into flooding attacks and asymmetric attacks, based on attack resource expenditure and attack strategy. Secondly, we put forward two time series detection models: multi-features information entropy predict model for flooding attacks and second-order Markov predict model for asymmetric attacks. Finally, experimental results show that the proposed methods have a significant advantage in the detection rate and false positive rate.