ABSTRACT

Internet was intended with functionality and not Security in mind. For this reason, its architecture has some intrinsic weaknesses and bugs called vulnerability which results in successful origin of DDOS attacks. Over the time, researchers proposed many solutions to prevent the DDOS attack from different OSI layers, on the other hand none have seen proper deployment and there were very a small number of researches on layer Seven. This paper designs two independent architectures for HTTP and FTP which uses an extended hidden semi-Markov model is proposed to describe the browsing habits of web searchers. A forward algorithm is resulting for the online implementation of the model based on the Malgorithm in order to reduce the computational amount introduced by the model’s large state space.

Keywords: - Application-layer, distributed denial of service (DDoS), Denial of Service (DOS), FTP and HTTP.