Interposition agents: transparently interposing user code at the system interface
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Internet Web servers: workload characterization and performance implications
IEEE/ACM Transactions on Networking (TON)
Generating representative Web workloads for network and server performance evaluation
SIGMETRICS '98/PERFORMANCE '98 Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
Adaptive web caching: towards a new global caching architecture
Computer Networks and ISDN Systems - Selected papers of the 3rd international caching workshop
On network-aware clustering of Web clients
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A performance study of the Squid proxy on HTTP/1.0
World Wide Web
WWW Proxy Traffic Characterization with Application to Caching
WWW Proxy Traffic Characterization with Application to Caching
PRO-COW: Protocol compliance on the web-a longitudinal study
USITS'01 Proceedings of the 3rd conference on USENIX Symposium on Internet Technologies and Systems - Volume 3
Connection scheduling in web servers
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
Rate of change and other metrics: a live study of the world wide web
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
A hierarchical internet object cache
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
A workload characterization study of the 1998 World Cup Web site
IEEE Network: The Magazine of Global Internetworking
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Persistent dropping: an efficient control of traffic aggregates
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Characterization of a large web site population with implications for content delivery
Proceedings of the 13th international conference on World Wide Web
Defending Against Flash Crowds and Malicious Traffic Attacks with An Auction-Based Method
WI '04 Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence
On the responsiveness of DNS-based network control
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Characterization of network-wide anomalies in traffic flows
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Replication for web hosting systems
ACM Computing Surveys (CSUR)
Replication for web hosting systems
ACM Computing Surveys (CSUR)
Monitoring and controlling QoS network domains
International Journal of Network Management
Traffic-based Load Balance for Scalable Network Emulation
Proceedings of the 2003 ACM/IEEE conference on Supercomputing
Content Delivery Networks: Status and Trends
IEEE Internet Computing
Maintaining Implicated Statistics in Constrained Environments
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
ATMEN: a triggered network measurement infrastructure
WWW '05 Proceedings of the 14th international conference on World Wide Web
A methodology for studying persistency aspects of internet flows
ACM SIGCOMM Computer Communication Review
Selective Replication for Content Management Environments
IEEE Internet Computing
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Flash crowd mitigation via adaptive admission control based on application-level observations
ACM Transactions on Internet Technology (TOIT)
Performance Analysis of Server Sharing Collectives for Content Distribution
IEEE Transactions on Parallel and Distributed Systems
Insight and perspectives for content delivery networks
Communications of the ACM - Personal information management
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Proceedings of the twentieth ACM symposium on Operating systems principles
IEEE Transactions on Dependable and Secure Computing
FCAN: Flash Crowds Alleviation Network
Proceedings of the 2006 ACM symposium on Applied computing
Towards scalable and robust distributed intrusion alert fusion with good load balancing
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Protecting TCP services from denial of service attacks
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
One step ahead to multisensor data fusion for DDoS detection
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Impact of packet sampling on anomaly detection metrics
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Load prediction models in web-based systems
valuetools '06 Proceedings of the 1st international conference on Performance evaluation methodolgies and tools
On the role and controllability of persistent clients in traffic aggregates
IEEE/ACM Transactions on Networking (TON)
Network intrusion detection in covariance feature space
Pattern Recognition
Computer Networks: The International Journal of Computer and Telecommunications Networking
Making scheduling "cool": temperature-aware workload placement in data centers
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Should internet service providers fear peer-assisted content distribution?
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Joint data streaming and sampling techniques for detection of super sources and destinations
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Combining filtering and statistical methods for anomaly detection
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Stress testing traffic to infer its legitimacy
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Non-Gaussian and Long Memory Statistical Characterizations for Internet Traffic with Anomalies
IEEE Transactions on Dependable and Secure Computing
Journal of Network and Systems Management
Exploiting nonstationarity for performance prediction
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Network traffic analysis using singular value decomposition and multiscale transforms
Information Sciences: an International Journal
A network mitigation system against distributed denial of service: a linux-based prototype
IMSA'07 IASTED European Conference on Proceedings of the IASTED European Conference: internet and multimedia systems and applications
Using uncleanliness to predict future botnet addresses
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Collaborative Detection of DDoS Attacks over Multiple Network Domains
IEEE Transactions on Parallel and Distributed Systems
Keeping Denial-of-Service Attackers in the Dark
IEEE Transactions on Dependable and Secure Computing
Using mini-flash crowds to infer resource constraints in remote web servers
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Pollution attacks and defenses for Internet caching systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 2007 workshop on Large scale attack defense
Proceedings of the 17th international conference on World Wide Web
Mitigating application-level denial of service attacks on Web servers: A client-transparent approach
ACM Transactions on the Web (TWEB)
Models and framework for supporting runtime decisions in Web-based systems
ACM Transactions on the Web (TWEB)
Securing peer-to-peer media streaming systems from selfish and malicious behavior
Proceedings of the 4th on Middleware doctoral symposium
Remote profiling of resource constraints of web servers using mini-flash crowds
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Agility in virtualized utility computing
VTDC '07 Proceedings of the 2nd international workshop on Virtualization technology in distributed computing
Tuning mechanisms for two major parameters of Apache web servers
Software—Practice & Experience
Distinguishing between FE and DDoS Using Randomness Check
ISC '08 Proceedings of the 11th international conference on Information Security
Workflow-based resource allocation to optimize overall performance of composite services
Future Generation Computer Systems
Profit-aware overload protection in E-commerce Web sites
Journal of Network and Computer Applications
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
Monitoring the application-layer DDoS attacks for popular websites
IEEE/ACM Transactions on Networking (TON)
DDoS-shield: DDoS-resilient scheduling to counter application layer attacks
IEEE/ACM Transactions on Networking (TON)
A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors
IEEE/ACM Transactions on Networking (TON)
A middleware system for protecting against application level denial of service attacks
Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware
Soft Computing Techniques for Internet Backbone Traffic Anomaly Detection
EvoWorkshops '09 Proceedings of the EvoWorkshops 2009 on Applications of Evolutionary Computing: EvoCOMNET, EvoENVIRONMENT, EvoFIN, EvoGAMES, EvoHOT, EvoIASP, EvoINTERACTION, EvoMUSART, EvoNUM, EvoSTOC, EvoTRANSLOG
Decentralized multi-dimensional alert correlation for collaborative intrusion detection
Journal of Network and Computer Applications
An adaptive approach to granular real-time anomaly detection
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Inside the bird's nest: measurements of large-scale live VoD from the 2008 olympics
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
On content delivery network implementation
Computer Communications
Short-term prediction models for server management in Internet-based contexts
Decision Support Systems
StatStream: providing statistical reliability guarantees in peer-to-peer live video streaming
International Journal of Advanced Media and Communication
A network mitigation system against distributed denial of service: a Linux-based prototype
EurolMSA '07 Proceedings of the Third IASTED European Conference on Internet and Multimedia Systems and Applications
Effective high speed traffic replay based on IP space
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 1
Protecting SIP server from CPU-based DoS attacks using history-based IP filtering
IEEE Communications Letters
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Defending DDoS attacks using hidden Markov models and cooperative reinforcement learning
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Real-time behaviour profiling for network monitoring
International Journal of Internet Protocol Technology
Performance analysis of server sharing collectives for content distribution
IWQoS'03 Proceedings of the 11th international conference on Quality of service
Computer Networks: The International Journal of Computer and Telecommunications Networking
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
Characterizing, modeling, and generating workload spikes for stateful services
Proceedings of the 1st ACM symposium on Cloud computing
FairE9: fair file distribution over mesh-only peer-to-peer
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Content delivery networks: protection or threat?
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Lightweight traffic monitoring and analysis using video compression techniques
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Memory-efficient IP filtering for countering DDoS attacks
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Modeling human behavior for defense against flash-crowd attacks
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
p2pWeb: An open, decentralized infrastructure of Web servers for sharing ephemeral Web content
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detect DDoS flooding attacks in mobile ad hoc networks
International Journal of Security and Networks
WDA: A Web farm Distributed Denial Of Service attack attenuator
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dynamic landmark triangles: A simple and efficient mechanism for inter-host latency estimation
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Practical Architecture for an Anycast CDN
ACM Transactions on the Web (TWEB)
Flooding-resilient broadcast authentication for VANETs
MobiCom '11 Proceedings of the 17th annual international conference on Mobile computing and networking
Parametric methods for anomaly detection in aggregate traffic
IEEE/ACM Transactions on Networking (TON)
Detecting fraudulent use of cloud resources
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Computer Networks: The International Journal of Computer and Telecommunications Networking
Streaming Solutions for Fine-Grained Network Traffic Measurements and Analysis
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Going viral: flash crowds in an open CDN
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Review: A survey on content-centric technologies for the current Internet: CDN and P2P solutions
Computer Communications
A practical approach to automatic parameter-tuning of web servers
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Packet marking based cooperative attack response service for effectively handling suspicious traffic
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
A middleware system for protecting against application level denial of service attacks
Middleware'06 Proceedings of the 7th ACM/IFIP/USENIX international conference on Middleware
Dynamic grid load sharing with adaptive dissemination protocols
The Journal of Supercomputing
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
RCS: a distributed mechanism against link flooding DDoS attacks
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
An adaptive probabilistic replication method for unstructured p2p networks
ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part I
Keeping denial-of-service attackers in the dark
DISC'05 Proceedings of the 19th international conference on Distributed Computing
Surviving a search engine overload
Proceedings of the 21st international conference on World Wide Web
DDoS flooding attack detection scheme based on F-divergence
Computer Communications
Performance of PCN-based admission control under challenging conditions
IEEE/ACM Transactions on Networking (TON)
A hybrid defense mechanism for DDoS attacks using cluster analysis in MANET
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Distributed denial-of-service attack detection scheme-based joint-entropy
Security and Communication Networks
Ensemble-based DDoS detection and mitigation model
Proceedings of the Fifth International Conference on Security of Information and Networks
Detection and identification of neptune attacks and flash crowds
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
DBalancer: distributed load balancing for NoSQL data-stores
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Detection of HTTP-GET attack with clustering and information theoretic measurements
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Autonomic cloud resource sharing for intercloud federations
Future Generation Computer Systems
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
An analysis of Facebook photo caching
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
DDoS mitigation in content distribution networks
International Journal of Wireless and Mobile Computing
Spread Identity: A new dynamic address remapping mechanism for anonymity and DDoS defense
Journal of Computer Security
Hi-index | 0.00 |
The paper studies two types of events that often overload Web sites to a point when their services are degraded or disrupted entirely - flash events (FEs) and denial of service attacks (DoS). The former are created by legitimate requests and the latter contain malicious requests whose goal is to subvert the normal operation of the site. We study the properties of both types of events with a special attention to characteristics that distinguish the two. Identifying these characteristics allows a formulation of a strategy for Web sites to quickly discard malicious requests. We also show that some content distribution networks (CDNs) may not provide the desired level of protection to Web sites against flash events. We therefore propose an enhancement to CDNs that offers better protection and use trace-driven simulations to study the effect of our enhancement on CDNs and Web sites.