Academy & Industry Research Collaboration Center
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. Recently, there are an increasing number of DDoS attacks against online services and Web applications. These attacks are targeting the application level. Detecting application layer DDOS attack is not an easy task. A more sophisticated mechanism is required to distinguish the malicious flow from the legitimate ones. This paper proposes a detection scheme based on the information theory based metrics. The proposed scheme has two phases: behaviour monitoring and detection.