期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2011
卷号:2
期号:3
页码:1197-1201
出版社:TechScience Publications
摘要:CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is widespread security on the World Wide Web to prevent Application layer DDOS attacks and abusing online services. Generating of CAPTCHA statically to WebPages in the website might annoy users and introduce additional service delays for legitimate users.”Puzzle” also has the effect of denying web crawlers access to the site. That causes denying the search engines indexing the content of the websites. In this paper, we introduce a new scheme to achieve early attack detection and countering the attack by generating CAPTCHA dynamically for abnormal HTTP requests of the website, on a popular event generation in the corresponding WebPages. A Hidden semi-Markov model used to describe the browsing behaviors of different users. A novel P-algorithm is introduced for serving the CAPTCHA to attacker to a specific WebPages, based on entropy of the users’ HTTP request rate, page viewing time, Page request sequence. If users are requesting for service from proxy servers, any user fall in to the deviated behavior category we generate CAPTCHA dynamically instead of dropping all the requests from behind the proxy server.
