S. Mary Saira Bhanu

Work place: Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli - 629501, India.

E-mail:

Website:

Research Interests: Computer systems and computational processes, Autonomic Computing, Real-Time Computing, Systems Architecture, Distributed Computing, Data Structures and Algorithms

Biography

S. Mary Saira Bhanu received her B.E. in Electronics and communication from Madurai Kamaraj University in 1986, M.E. in Computer Science from Bharathidasan University in 1989 and Ph.D. degree from the Department of Computer Science and Engineering from National Institute of Technology, Tiruchirappalli in 2009. Currently, she is an Associate Professor at the Department of Computer Science and Engineering in National Institute of Technology, Tiruchirappalli, India. Her research interests include OS, Real-Time Systems, Distributed Computing, Grid Computing, Cloud Computing, Big Data and Cloud Forensics.

Author Articles
Investigation of Application Layer DDoS Attacks Using Clustering Techniques

By T. Raja Sree S. Mary Saira Bhanu

DOI: https://doi.org/10.5815/ijwmt.2018.03.01, Pub. Date: 8 May 2018

The exponential usage of internet attracts cyber criminals to commit crimes and attacks in the network. The forensic investigator investigates the crimes by determining the series of actions performed by an attacker. Digital forensic investigation can be performed by isolating the hard disk, RAM images, log files etc. It is hard to identify the trace of an attack by collecting the evidences from network since the attacker deletes all possible traces. Therefore, the possible way to identify the attack is from the access log traces located in the server. Clustering plays a vital role in identifying attack patterns from the network traffic. In this paper, the performance of clustering techniques such as k-means, GA k-means and Self Organizing Map (SOM) are compared to identify the source of an application layer DDoS attack. These methods are evaluated using web server log files of an apache server and the results demonstrate that the SOM based method achieves high detection rate than k-means and GA k-means with less false positives.

[...] Read more.
Other Articles