{"id":"https://openalex.org/W2088991609","doi":"https://doi.org/10.1145/2676723.2693632","title":"Automation of Layer 7 DDoS Attacks and Post Forensic Analysis of Server Logs","display_name":"Automation of Layer 7 DDoS Attacks and Post Forensic Analysis of Server Logs","publication_year":2015,"publication_date":"2015-02-24","ids":{"openalex":"https://openalex.org/W2088991609","doi":"https://doi.org/10.1145/2676723.2693632","mag":"2088991609"},"language":"en","primary_location":{"id":"doi:10.1145/2676723.2693632","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2676723.2693632","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 46th ACM Technical Symposium on Computer Science Education","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5035600824","display_name":"Barry Hamilton","orcid":null},"institutions":[{"id":"https://openalex.org/I36075867","display_name":"Jacksonville University","ror":"https://ror.org/050rkhq40","country_code":"US","type":"education","lineage":["https://openalex.org/I36075867"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Barry Hamilton","raw_affiliation_strings":["Jacksonville University, Jacksonville, FL, USA","[Jacksonville University, Jacksonville, FL, USA.]"],"affiliations":[{"raw_affiliation_string":"Jacksonville University, Jacksonville, FL, USA","institution_ids":["https://openalex.org/I36075867"]},{"raw_affiliation_string":"[Jacksonville University, Jacksonville, FL, USA.]","institution_ids":["https://openalex.org/I36075867"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5035600824"],"corresponding_institution_ids":["https://openalex.org/I36075867"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.08396519,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"716","last_page":"716"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.908693790435791},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8005601167678833},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7176372408866882},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.6254720687866211},{"id":"https://openalex.org/keywords/application-layer","display_name":"Application layer","score":0.5548275709152222},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5342923998832703},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.4851280152797699},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.48125526309013367},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.43278104066848755},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.4319566786289215},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4202854335308075},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.2572295665740967},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.18950718641281128},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.18797767162322998},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.11423325538635254},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10330110788345337}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.908693790435791},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8005601167678833},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7176372408866882},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.6254720687866211},{"id":"https://openalex.org/C190793597","wikidata":"https://www.wikidata.org/wiki/Q189768","display_name":"Application layer","level":3,"score":0.5548275709152222},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5342923998832703},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.4851280152797699},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.48125526309013367},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.43278104066848755},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.4319566786289215},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4202854335308075},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2572295665740967},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.18950718641281128},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.18797767162322998},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.11423325538635254},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10330110788345337}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2676723.2693632","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2676723.2693632","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 46th ACM Technical Symposium on Computer Science Education","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.6499999761581421}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2292210693","https://openalex.org/W2908108831","https://openalex.org/W2375951120","https://openalex.org/W3005836778","https://openalex.org/W2754163055","https://openalex.org/W2552641916","https://openalex.org/W4254515188","https://openalex.org/W2784282778","https://openalex.org/W2954653956","https://openalex.org/W2591571751"],"abstract_inverted_index":{"Application":[0],"layer":[1],"(L7)":[2],"Distributed":[3],"Denial":[4],"of":[5,21,37,47,66,99,139,157,162,172,196,216],"Service":[6],"attacks":[7,23,71,80,105,116,173,183,199],"are":[8,81],"becoming":[9],"more":[10],"common":[11],"and":[12,43,68,86,108,126,155,159,179,192,202],"an":[13,63],"emerging":[14],"threat":[15],"to":[16,25,34,56,113,123,152,174,209],"legitimate":[17,27],"sites.":[18],"The":[19],"goal":[20],"these":[22,58,70,104],"is":[24,54,62,90,121,131],"prevent":[26],"users":[28],"from":[29,50],"accessing":[30],"a":[31,82,137,170,214],"website.":[32],"Due":[33],"the":[35,38,40,44,142],"nature":[36],"attacks,":[39],"low":[41],"rate,":[42],"sophisticated":[45],"imitation":[46],"user":[48],"behavior":[49],"automated":[51],"bots,":[52],"it":[53,120],"difficult":[55,122],"diagnose":[57],"on":[59,141,185],"time.":[60],"There":[61],"evolving":[64],"'industry'":[65],"blackmailing":[67],"using":[69,213],"for":[72,117,146,200],"illegal":[73],"profit":[74],"[1].":[75],"Even":[76],"though":[77],"L7":[78,163,181,197],"DDoS":[79,164,182,198],"serious":[83],"threat,":[84],"studying":[85],"experimenting":[87],"with":[88],"them":[89],"challenging.":[91],"Organizations":[92],"do":[93],"not":[94],"share":[95],"server":[96],"logs":[97],"because":[98],"privacy":[100],"concerns.":[101],"Furthermore,":[102],"implementing":[103],"requires":[106],"instrumentation":[107],"real":[109],"testbeds":[110,140],"in":[111],"order":[112],"produce":[114],"realistic":[115],"analysis.":[118],"Therefore,":[119],"evaluate":[124],"mitigation":[125,160],"detection":[127,158],"techniques.":[128],"Our":[129,189],"contribution":[130],"twofold.":[132],"First,":[133],"we":[134,167],"have":[135,168],"developed":[136],"set":[138],"GENI":[143],"(Global":[144],"Environment":[145],"Network":[147],"Infrastructure)":[148],"cloud":[149],"infrastructure":[150],"[2]":[151],"facilitate":[153],"research":[154,201],"development":[156],"techniques":[161],"attacks.":[165,217],"Second,":[166],"used":[169],"library":[171,215],"perform":[175],"post":[176],"forensic":[177],"analysis":[178],"classify":[180],"based":[184],"their":[186],"individual":[187],"characteristics.":[188],"work":[190],"automates":[191],"simplifies":[193],"log":[194],"generation":[195],"experimentation,":[203],"as":[204,206],"well":[205],"provides":[207],"criteria":[208],"detect":[210],"abnormal":[211],"requests":[212]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}