ABSTRACT
Network cyber attacks have become commonplace in today’s world. These attacks have become very sophisticated and difficult to prevent. Many of the stealthy attacks target the application layer where they take advantage of vulnerabilities on web servers. This chapter details a common Slow Read attack method and Netflow. It discusses related works associated with the collection and detection of a Slow Read attack and feature selection. The chapter outlines collection procedure, classification algorithms, and feature selection. It also discusses findings for feature selection and learners. The chapter explains the Slow Read attack, data collection process, and Netflow traffic. The Slow Read Hypertext Transfer Protocol (HTTP) attack, also known as a “low and slow” attack, sends a legitimate HTTP request and reads the response slowly, aiming to keep as many connections active as possible to tie up resources on the server until it cannot handle any further requests.
