Abstract
Denial Of Service attacks are notorious attack methods used to target servers of IT systems and Industrial Control Systems to prevent them from working or to reduce efficiency, hence decreasing user experience. Visualization is the method of taking data, processing and displaying data in an easy to view format. Visualization could be used to identify Denial Of Service attacks by monitoring the data sent to clients and being displayed to the users. Manipulating the type of data shown and the format it is shown in can help users spot potential attacks by seeing outliers in the data sets. This research develops novel software that can run on an web server. It processes the web access logs, displays the data to users and identify potential attacks in access logs. The software has been tested, with the majority of tests passing. Further development of the project is discussed and the main areas for development are also explored.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bartholemy, A., Chen, W.: An examination of distributed denial of service attacks. In: 2015 IEEE International Conference on Electro/Information Technology (EIT), pp. 274–279. IEEE (2015)
Garber, L.: Denial-of-service attacks rip the Internet. Computer 33(4), 12–17 (2000)
Wan Mohd Ghazali, K., Hassan, R.: Flooding distributed denial of service attacks-a review. J. Comput. Sci. 7(8), 1218–1223 (2011)
Lemon, J.: Resisting SYN flood DoS attacks with a SYN cache. In: BSDCon, vol. 2002, pp. 89–97 (2002)
Yatagai, T., Isohara, T., Sasase, I.: Detection of HTTP-GET flood attack based on analysis of page access behavior. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, PacRim 2007, pp. 232–235. IEEE (2007)
Kenney, M.: Ping of death. Insecure.org (1996)
Logstalgia (2015). http://logstalgia.io/. Accessed 31 Oct 2015
Nginx: Logging AND monitoring (2015). https://www.nginx.com/resources/admin-guide/logging-and-monitoring/. Accessed 31 Oct 2015
Webalizer: The Webalizer (2014). http://www.webalizer.org/. Accessed 30 Oct 2015
Imperva: Why Incapsula? (2015). https://www.incapsula.com/ddos/why-incapsula/. Accessed 13 Nov 2015
The Apache Software Foundation: Log files (2015). https://httpd.apache.org/docs/trunk/logs.html#page-header. Accessed 30 Oct 2015
Netcraft: January 2015 web server survey (2015). http://news.netcraft.com/archives/2015/01/15/ january-2015-web-server-survey.html. Accessed 20 Oct 2015
SolveDNS statistics (2015). http://www.solvedns.com/statistics/. Accessed 27 Oct 2015
World Wide Web Consortium: Logging control In W3C httpd (1995). http://www.w3.org/Daemon/User/Config/Logging.html#common-logfile-format. Accessed 30 Oct 2015
World Wide Web Consortium: Extended log file format (2015). http://www.w3.org/TR/WD-logfile.html. Accessed 31 Oct 2015
Ogbuji, U.: Working with web server logs (2009). IBM. http://www.ibm.com/developerworks/library/wa-apachelogs/. Accessed 01 Nov 2015
Sauter, M.: LOIC will tear us apart the impact of tool design and media portrayals in the success of activist DDOS attacks. Am. Behav. Sci. 57(7), 983–1007 (2013)
Kenkre, P.S., Pai, A., Colaco, L.: Real time intrusion detection and prevention system. In: Satapathy, S.C., Biswal, B.N., Udgata, S.K., Mandal, J.K. (eds.) Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014. AISC, vol. 327, pp. 405–411. Springer, Heidelberg (2015). doi:10.1007/978-3-319-11933-5_44
Qiu, B., Gooi, H.B.: Web-based SCADA display systems (WSDS) for access via Internet. IEEE Trans. Power Syst. 15(2), 681–686 (2000)
Leou, R.-C., Chang, Y.-C., Teng, J.-H.: A web-based power quality monitoring system. In: Power Engineering Society Summer Meeting, vol. 3. IEEE (2001)
Maglaras, L.A., Jiang, J.: Intrusion detection in SCADA systems using machine learning techniques. In: Science and Information Conference (SAI). IEEE (2014)
Zuech, R., Khoshgoftaar, T.M., Wald, R.: Intrusion detection and big heterogeneous data: a survey. J. Big Data 2(1), 1–41 (2015)
Maglaras, L.A., Jiang, J., Cruz, T.J.: Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems. J. Inf. Secur. Appl., 4 May 2016. ISSN 2214-2126
Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: SCADA security in the light of cyber-warfare. Comput. Secur. 31(4), 418–436 (2012)
Johnson, J.: Designing with the Mind in Mind: Simple Guide to Understanding User Interface Design Guidelines. Elsevier, Amsterdam (2013)
Syromiatnikov, A., Weyns, D.: A journey through the land of model-view-design patterns. In: 2014 IEEE/IFIP Conference on Software Architecture (WICSA), pp. 21–30, IEEE, April 2014
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Hawthorne, G., He, Y., Maglaras, L., Janicke, H. (2017). Security Visualization: Detecting Denial of Service. In: Maglaras, L., Janicke, H., Jones, K. (eds) Industrial Networks and Intelligent Systems. INISCOM 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 188. Springer, Cham. https://doi.org/10.1007/978-3-319-52569-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-52569-3_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52568-6
Online ISBN: 978-3-319-52569-3
eBook Packages: Computer ScienceComputer Science (R0)