Mouse features for DDoS attacks detection in the application layer

Silvia Bravo, David Mauricio, Ángel H. Moreno

Research output: Contribution to conferencePaper

1 Scopus citations


© 2017 Association for Computing Machinery. DDoS attacks are a threat to the security of the network. In recent years these attacks have been directed especially against the application layer. This phenomenon is mainly due to the large number of existing tools available for the easy generation of this type of attack. The methods used in the application layer reach detection rates of between 98.5 and 98.32%. Therefore, the problem of detecting DDoS attacks persists. In this work we propose a detection alternative based on the dynamism of the web user. To do this, two mouse characteristics are evaluated: movement and right click. A dataset of 11055 applications was also used, from which the two characteristics were extracted and entered into a classification algorithm. To this end, a Java application was developed for the classification of real users and those behind DDoS attacks. The results show that the proposed characteristics achieve an efficiency of 100%. It is concluded that these characteristics reveal the dynamism of the user and can be used as a method of detection of DDoS attacks.
Original languageAmerican English
Number of pages5
StatePublished - 9 Oct 2017
EventACM International Conference Proceeding Series -
Duration: 19 Jan 2019 → …


ConferenceACM International Conference Proceeding Series
Period19/01/19 → …


Dive into the research topics of 'Mouse features for DDoS attacks detection in the application layer'. Together they form a unique fingerprint.

Cite this