Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Hi-index | 0.00 |
Neptune attack and Flash Crowd are two typical threats to web servers. These two anomalies have many identical features that make them difficult to distinguish. In this paper, we propose a statistical packet-based method to detect Neptune attacks and Flash Crowds and more importantly, by performing separate analysis by source address aggregation, we also propose additional efficient means to differentiate these two similar anomalies.