A Hybrid Approach to Counter Application Layer DDOS Attacks
Distributed Denial-of-Service (DDoS) attacks are a growing threat across Internet, disrupting access to Information and services. Now-a-days, these attacks are targeting the application layer. Attackers are employing techniques that are very difficult to detect and mitigate. This paper proposes a hybrid detection scheme based on the trust information and information theory based metrics. Initial filtering is based on the trust value scored by the client. Then the information based metric, entropy, is applied for final filtering of suspicious flow. Trust value for a client is assigned by the server based on the access pattern of the client and updated every-time when the client contacts the server. The request from the client always includes this trust value to identify itself to the server.