Title:Sustaining Web Services by Differentiating Ddos Attacks from Flash Crowds Authors: P. Krishna Kumar; K. Vijayalakshmi; R. Bharathi DOI: Aff: PET Engineering College,Vallioor, Tamilnadu, India Author Email: firstname.lastname@example.org Keywords: Distributed Denial of Service (DDoS) Proxy Server; HTTP Request; Flash Crowd URLs:ABSTRACT-HTML | FULLTEXT-PDF | Abstract:The recent Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks on popular websites and web servers shows how defenseless the Internet is under such attacks. This paper presents a novel technique to detect the application layer-based DDoS attacks which become more serious during flash crowd event. This approach deals with the inter-arrival time between two successive HTTP requests from a client, popularity of web page and the maximum request that could be made by a human in a particular duration of time for a particular web page to differentiate flash crowds from DDoS attacks. This technique is applied online for an efficient detection of DDoS attacks and it is seen that this technique prevents 99.9% of attacks. The simulation work is carried out with DARPA 1999 and DARPA 1998 data sets.