CASPIAN JOURNAL
MANAGEMENT AND HIGH TECHNOLOGIES
IDENTIFICATION OF DDOS ATTACKS ON WEB SERVERS
 |
Read | Vlasenko Alexandra V., Dzoban Pavel I. IDENTIFICATION OF DDOS ATTACKS ON WEB SERVERS // Caspian journal : management and high technologies. — 2019. — №1. — pp. 181-187. |
/181-187.jpg)
Vlasenko Alexandra V. - Cand. Sci. (Engineering), Head of the Department of Computer Technologies and Information Security of the Institute of Information Technology and Security, Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation, Vlasenko@kubstu.ru
Dzoban Pavel I. - Cand. Sci. (Engineering), Senior Lecturer, Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation, antiemoboy@mail.ru
Currently, the life of an ordinary person is associated with all kinds of online services that help not only to increase the speed of obtaining services, but also to the quality of life. It is accepted to pay for comfort and the relevance of the security issues of online services is not in doubt. Inability to use the service leads to moral damage and in some cases to significant material losses. One of the possible violations of the usual work of the web-server can be DOS/DDOS attacks. This scientific article proposes a mechanism for detecting DDOS attacks. To reduce the complexity of intrusion detection, it is proposed to carry out automated monitoring of the state of security of information and telecommunication resources, carrying out on a permanent basis a set of the following activities: a) the analysis of the log files of the web server (an example of the Apache server); b) detection of various parameters from unprocessed requests (used to recognize an incoming request to the web server as “allowed” and “malicious”); с) check each incoming request (its parameters) to the web-server by correlation with the identified parameters from the log files. This stage leads to the detection of a malicious request to the web server, which makes possible a potential DDOS attack
Key words: протокол, отказ в обслуживании (DOS), распределенный отказ в обслуживании (DDOS), IP-спуфинг, log-файлы, flood, web-серверы, информационная безопасность, protocol, denial of service (DOS), distributed denial of service (DDOS), IP spoofing, log files, floo