Abstract
Web services have become an indispensable part of the Internet and the world. We have learned their applicability in every aspects of human life which lead to the huge amount of Web traffic exchanged over the Internet everyday. This excessive popularity is also the cause that led to some troubles. Among them, Flash crowds and Denial of Service (DoS) attacks are the two major concerns for the stability and safety of the Web services. So far, there are some methods that can detect the occurrences of these incidents in network traffic, however it still remains unclear how to explicitly distinguish DoS attacks and Flash crowds as these anomalies are very much alike. In this paper, we present various analyses on traffic traces of DoS attacks and Flash crowds to prove that even though DoS attacks mimic Flash crowds, there are still several differences in various aspects of these two incidents. As long as Flash crowd is an unusual traffic phenomenon of web user communities, there must be some features that a single DoS attacker cannot imitate. We specially focused on the source distribution and the variation pattern in traffic and archived remarkable results.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
