To see the other types of publications on this topic, follow the link: Attack Path.
Journal articles on the topic 'Attack Path'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Attack Path.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Jaiganesh, M., G. ShivajiRao, P. Dhivya, M. Udhayamoorthi, and A. Vincent Antony Kumar. "Intrusion Optimal Path Attack detection using ACO for Cloud Computing." E3S Web of Conferences 472 (2024): 02009. http://dx.doi.org/10.1051/e3sconf/202447202009.
Full textAbstract:
As the cloud infrastructure is simultaneously shared by millions of consumers, heinous use of cloud resources are also increasing. It makes ways to attackers to set up attacks by exploiting the vulnerabilities. And obviously, these attacks are leading to severe disasters as innocent consumers are unknowingly sharing cloud resources with harmful attackers. To prevent the occurrence of cloud attacks, attack graph based framework is proposed in this paper. Here, an attack path sketches an attack scenario by a streak of threats ranging in severity rating that shows how popular a particular cloud network service is in comparison. In a dynamic cloud environment, the proposed framework can disclose an optimal attack path thereby preventing cloud attacks. In cloud system the infrastructure is shared by potentially millions of users, which benefits the attackers to exploit vulnerabilities of the cloud. An instrument for analyzing multi-stage, multi-host assault scenarios in networks is the attack graph. It might not be possible for the administrator to patch every vulnerability n a large number of assault paths in an attack graph. The administrator might not be able to fix every vulnerability. To identify the most preferred or ideal assault path from a particular attack graph in a setting Ant Colony Optimization (ACO) algorithm is used.
2
Li, Erxia, Chaoqun Kang, Deyu Huang, Modi Hu, Fangyuan Chang, Lianjie He, and Xiaoyong Li. "Quantitative Model of Attacks on Distribution Automation Systems Based on CVSS and Attack Trees." Information 10, no. 8 (July 29, 2019): 251. http://dx.doi.org/10.3390/info10080251.
Full textAbstract:
This study focuses on the problem of attack quantification in distribution automation systems (DASs) and proposes a quantitative model of attacks based on the common vulnerability scoring system (CVSS) and attack trees (ATs) to conduct a quantitative and systematic evaluation of attacks on a DAS. In the DAS security architecture, AT nodes are traversed and used to represent the attack path. The CVSS is used to quantify the attack sequence, which is the leaf node in an AT. This paper proposes a method to calculate each attack path probability and find the maximum attack path probability in DASs based on attacker behavior. The AT model is suitable for DAS hierarchical features in architecture. The experimental results show that the proposed model can reduce the influence of subjective factors on attack quantification, improve the probability of predicting attacks on the DASs, generate attack paths, better identify attack characteristics, and determine the attack path and quantification probability. The quantitative results of the model’s evaluation can find the most vulnerable component of a DAS and provide an important reference for developing targeted defensive measures in DASs.
3
Huang, Yudi, Yilei Lin, and Ting He. "Optimized Cross-Path Attacks via Adversarial Reconnaissance." Proceedings of the ACM on Measurement and Analysis of Computing Systems 7, no. 3 (December 7, 2023): 1–30. http://dx.doi.org/10.1145/3626789.
Full textAbstract:
While softwarization and virtualization technologies make modern communication networks appear easier to manage, they also introduce highly complex interactions within the networks that can cause unexpected security threats. In this work, we study a particular security threat due to the sharing of links between high-security paths and low-security paths, which enables a new type of DoS attacks, called cross-path attacks, that indirectly attack a set of targeted high-security paths (target paths) by congesting the shared links through a set of attacker-controlled low-security paths (attack paths). While the feasibility of such attacks has been recently demonstrated in the context of SDN, their potential performance impact has not been characterized. To this end, we develop an approach for designing an optimized cross-path attack under a constrained total attack rate, consisting of (i) novel reconnaissance algorithms that can provide consistent estimates of the locations and parameters of the shared links via network tomography, and (ii) efficient optimization methods to design the optimal allocation of attack rate over the attack paths to maximally degrade the performance of the target paths. The proposed attack has achieved a significantly larger performance impact than its non-optimized counterparts in extensive evaluations based on multiple network settings, signaling the importance of addressing such intelligent attacks in network design.
4
Huang, Yudi, Yilei Lin, and Ting He. "Optimized Cross-Path Attacks via Adversarial Reconnaissance." ACM SIGMETRICS Performance Evaluation Review 52, no. 1 (June 11, 2024): 51–52. http://dx.doi.org/10.1145/3673660.3655075.
Full textAbstract:
While softwarization and virtualization technologies make modern communication networks appear easier to manage, they also introduce highly complex interactions within the networks that can cause unexpected security threats. In this work, we study a particular security threat due to the sharing of links between high-security paths and low-security paths, which enables a new type of DoS attacks, called cross-path attacks, that indirectly attack a set of targeted high-security paths (target paths) by congesting the shared links through a set of attacker-controlled low-security paths (attack paths). While the feasibility of such attacks has been recently demonstrated in the context of SDN, their potential performance impact has not been characterized. To this end, we develop an approach for designing an optimized cross-path attack under a constrained total attack rate, consisting of (i) novel reconnaissance algorithms that can provide consistent estimates of the locations and parameters of the shared links via network tomography, and (ii) efficient optimization methods to design the optimal allocation of attack rate over the attack paths to maximally degrade the performance of the target paths. The proposed attack has achieved a significantly larger performance impact than its non-optimized counterparts in extensive evaluations based on multiple network settings, signaling the importance of addressing such intelligent attacks in network design. For more detail, see the full paper [4].
5
Li, Xinzhan, Yang Zhou, Xin Li, Lijuan Xu, and Dawei Zhao. "Protection Strategy Selection Model Based on Genetic Ant Colony Optimization Algorithm." Mathematics 10, no. 21 (October 24, 2022): 3938. http://dx.doi.org/10.3390/math10213938.
Full textAbstract:
Industrial control systems (ICS) are facing an increasing number of sophisticated and damaging multi-step attacks. The complexity of multi-step attacks makes it difficult for security protection personnel to effectively determine the target attack path. In addition, most of the current protection models responding to multi-step attacks have not deeply studied the protection strategy selection method in the case of limited budget. Aiming at the above problems, we propose a protection strategy selection model based on the Genetic Ant Colony Optimization Algorithm. The model firstly evaluates the risk of ICS through the Bayesian attack graph; next, the target attack path is predicted from multiple angles through the maximum probability attack path and the maximum risk attack path; and finally, the Genetic Ant Colony Optimization Algorithm is used to select the most beneficial protection strategy set for the target attack path under limited budget. Compared with the Genetic Algorithm and Ant Colony Optimization Algorithm, the Genetic Ant Colony Optimization Algorithm proposed in this paper can handle the local optimal problem well. Simulation experiments verify the feasibility and effectiveness of our proposed model.
6
Levner, Eugene, and Dmitry Tsadikovich. "Fast Algorithm for Cyber-Attack Estimation and Attack Path Extraction Using Attack Graphs with AND/OR Nodes." Algorithms 17, no. 11 (November 4, 2024): 504. http://dx.doi.org/10.3390/a17110504.
Full textAbstract:
This paper studies the security issues for cyber–physical systems, aimed at countering potential malicious cyber-attacks. The main focus is on solving the problem of extracting the most vulnerable attack path in a known attack graph, where an attack path is a sequence of steps that an attacker can take to compromise the underlying network. Determining an attacker’s possible attack path is critical to cyber defenders as it helps identify threats, harden the network, and thwart attacker’s intentions. We formulate this problem as a path-finding optimization problem with logical constraints represented by AND and OR nodes. We propose a new Dijkstra-type algorithm that combines elements from Dijkstra’s shortest path algorithm and the critical path method. Although the path extraction problem is generally NP-hard, for the studied special case, the proposed algorithm determines the optimal attack path in polynomial time, O(nm), where n is the number of nodes and m is the number of edges in the attack graph. To our knowledge this is the first exact polynomial algorithm that can solve the path extraction problem for different attack graphs, both cycle-containing and cycle-free. Computational experiments with real and synthetic data have shown that the proposed algorithm consistently and quickly finds optimal solutions to the problem.
7
Bhavani, Y., V. Janaki, and R. Sridevi. "Survey on Packet Marking Algorithms for IP Traceback." Oriental journal of computer science and technology 10, no. 2 (June 6, 2017): 507–12. http://dx.doi.org/10.13005/ojcst/10.02.36.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
8
Guo, Wei, Zhi Zhang, Liyuan Chang, Yue Song, and Liuguo Yin. "A DDoS Tracking Scheme Utilizing Adaptive Beam Search with Unmanned Aerial Vehicles in Smart Grid." Drones 8, no. 9 (August 28, 2024): 437. http://dx.doi.org/10.3390/drones8090437.
Full textAbstract:
As IoT technology advances, the smart grid (SG) has become crucial to industrial infrastructure. However, SG faces security challenges, particularly from distributed denial of service (DDoS) attacks, due to inadequate security mechanisms for IoT devices. Moreover, the extensive deployment of SG exposes communication links to attacks, potentially disrupting communications and power supply. Link flooding attacks (LFAs) targeting congested backbone links have increasingly become a focal point of DDoS attacks. To address LFAs, we propose integrating unmanned aerial vehicles (UAVs) into the Smart Grid (SG) to offer a three-dimensional defense perspective. This strategy includes enhancing the speed and accuracy of attack path tracking as well as alleviating communication congestion. Therefore, our new DDoS tracking scheme leverages UAV mobility and employs beam search with adaptive beam width to reconstruct attack paths and pinpoint attack sources. This scheme features a threshold iterative update mechanism that refines the threshold each round based on prior results, improving attack path reconstruction accuracy. An adaptive beam width method evaluates the number of abnormal nodes based on the current threshold, enabling precise tracking of multiple attack paths and enhancing scheme automation. Additionally, our path-checking and merging method optimizes path reconstruction by merging overlapping paths and excluding previously searched nodes, thus avoiding redundant searches and infinite loops. Simulation results on the Keysight Ixia platform demonstrate a 98.89% attack path coverage with a minimal error tracking rate of 2.05%. Furthermore, simulations on the NS-3 platform show that drone integration not only bolsters security but also significantly enhances network performance, with communication effectiveness improving by 88.05% and recovering to 82.70% of normal levels under attack conditions.
9
Bhavani, Yerram, Vinjamuri Janaki, and Rangu Sridevi. "IP Traceback using Flow Based Classification." Recent Advances in Computer Science and Communications 13, no. 3 (August 12, 2020): 482–90. http://dx.doi.org/10.2174/2213275912666190328200635.
Full textAbstract:
Background:Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP traceback mechanism defends against DDoS attacks by tracing the path traversed by attack packets. The existing traceback techniques proposed till now are found with few short comings. The victim required many number of packets to trace the attack path. The requirement of a large number of packets resulted in more number of combinations and more false positives.Methods:To generate a unique value for the IP address of the routers in the attack path Chinese Remainder theorem is applied. This helped in combining the exact parts of the IP address at the victim. We also applied K-Nearest Neighbor (KNN) algorithm to classify the packets depending on their traffic flow, this reduced the number of packets to reconstruct the attack path.Results:The proposed approach is compared with the existing approaches and the results demonstrated that the attack graph is effectively constructed with higher precision and lower combination overhead under large scale DDoS attacks. In this approach, packets from diverse flows are separated as per flow information by applying KNN algorithm. Hence, the reconstruction procedure could be applied on each group separately to construct the multiple attack paths. This results in reconstruction of the complete attack graph with fewer combinations and false positive rate.Conclusion:In case of DDoS attacks the reconstruction of the attack path plays a major role in revealing IP addresses of the participated routers without false positives and false negatives. Our algorithm FRS enhances the feasibility of information pertaining to even the farthest routers by incorporating a flag condition while marking the packets. The rate of false positives and false negatives are drastically reduced by the application of Chinese Remainder Theorem on the IP addresses of the router. At the victim, the application of KNN algorithm reduced the combination overhead and the computation cost enormously.
10
Al-Araji, Zaid J., Sharifah Sakinah Syed Ahmad, and Raihana Syahirah Abdullah. "Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph." Karbala International Journal of Modern Science 8, no. 3 (August 2, 2022): 313–29. http://dx.doi.org/10.33640/2405-609x.3235.
Full text
11
Hu, Jian, Zhenhong Zhang, Feilu Hang, and Linjiang Xie. "Design of 0-day Vulnerability Monitoring and Defense Architecture based on Artificial Intelligence Technology." Scalable Computing: Practice and Experience 25, no. 5 (August 1, 2024): 3491–99. http://dx.doi.org/10.12694/scpe.v25i5.3035.
Full textAbstract:
In response to the difficulty in detecting attacks caused by the unknown nature of 0-day vulnerabilities, the author proposes a knowledge graph based 0-day attack path prediction method. By extracting concepts and entities related to attacks from existing research on the ontology of network security and network security databases, a network defense knowledge graph is constructed to extract discrete security data such as threats, vulnerabilities, and assets into interrelated security knowledge. Using a knowledge graph reasoning method based on path sorting algorithm to explore possible 0-day attacks in the target system. Experimental results have shown that the proposed method can rely on the knowledge system provided by the knowledge graph to provide comprehensive knowledge support for attack prediction, reduce the dependence of prediction analysis on expert models, and effectively overcome the adverse effects of unknown 0-day vulnerabilities on prediction analysis. It improves the accuracy of 0-day attack prediction and utilizes the path sorting algorithm to infer based on the explicit feature of graph structure, being able to effectively backtrack the reasons behind the formation of reasoning results, this to some extent improves the interpretability of attack prediction analysis results.
12
Wu, Runze, Jinxin Gong, Weiyue Tong, and Bing Fan. "Network Attack Path Selection and Evaluation Based on Q-Learning." Applied Sciences 11, no. 1 (December 30, 2020): 285. http://dx.doi.org/10.3390/app11010285.
Full textAbstract:
As the coupling relationship between information systems and physical power grids is getting closer, various types of cyber attacks have increased the operational risks of a power cyber-physical System (CPS). In order to effectively evaluate this risk, this paper proposed a method of cross-domain propagation analysis of a power CPS risk based on reinforcement learning. First, the Fuzzy Petri Net (FPN) was used to establish an attack model, and Q-Learning was improved through FPN. The attack gain was defined from the attacker’s point of view to obtain the best attack path. On this basis, a quantitative indicator of information-physical cross-domain spreading risk was put forward to analyze the impact of cyber attacks on the real-time operation of the power grid. Finally, the simulation based on Institute of Electrical and Electronics Engineers (IEEE) 14 power distribution system verifies the effectiveness of the proposed risk assessment method.
13
Abujassar, Radwan, Mohamed Sayed, and Husam Yaseen. "A new algorithm to enhance security against cyber threats for internet of things application." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 4 (August 1, 2023): 4452. http://dx.doi.org/10.11591/ijece.v13i4.pp4452-4466.
Full textAbstract:
<p>One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.</p>
14
AlArnaout, Zakwan, Nour Mostafa, Samer Alabed, Wael Hosny Fouad Aly, and Ahmed Shdefat. "RAPT: A Robust Attack Path Tracing Algorithm to Mitigate SYN-Flood DDoS Cyberattacks." Sensors 23, no. 1 (December 22, 2022): 102. http://dx.doi.org/10.3390/s23010102.
Full textAbstract:
In the recent past, Distributed Denial of Service (DDoS) attacks have become more abundant and present one of the most serious security threats. In a DDoS attack, the attacker controls a botnet of daemons residing in vulnerable hosts that send a significant amount of traffic to flood the victim or the network infrastructure. In this paper, a common type of DDoS attacks known as “TCP SYN-Flood” is studied. This type of attack uses spoofed Internet Protocol (IP) addresses for SYN packets by exploiting the weakness in Transmission Control Protocol (TCP) 3-Way handshake used by the TCP/IP suite of protocols, which make the web servers unreachable for legitimate users or even worse, it might lead to server crash. In this paper, a resilient, efficient, lightweight, and robust IP traceback algorithm is proposed using an IP tracing packet for each attack path. The proposed algorithm suggests that edge routers—where the attack starts from—observe the traffic pattern passing through, and if the observed traffic carries the signature of TCP SYN-Flood DDoS attack and a high percentage of it is destined to a particular web server(s), it starts the tracing process by generating an IP trace packet, which accompanies the attack path recording the routers’ IP addresses on the path between the attacker/daemon and the victim, which can extract the path and react properly upon receiving it by discarding any SYN packets originating from that attacker/daemon. To our knowledge, this is the first research that efficiently traces these kinds of attacks while they are running. The proposed solution has low computation and message overhead, efficient detection and tracing time, and converges in near optimal time. The results are validated using extensive simulation runs.
15
V, Suresh Kumar, Rajesh Khanna M, and Saravanan R. "Security Concerns and Remedial Measures in MANETs Using Intrusion Detection." ECS Transactions 107, no. 1 (April 24, 2022): 1459–66. http://dx.doi.org/10.1149/10701.1459ecst.
Full textAbstract:
In this research paper, we discussed the guaranteed reliable communication between nodes by constructing the black hole attack free route in MANET. To achieve this, a Hybrid Intrusion Detection System (HIDS) technique has been proposed to detect and remove the black hole attack nodes in the routing path. In MANETs, a novel cluster leader election process has been proposed. This election process is based on the node with maximum energy level. One of the important functionality is security in MANET. Due to many different attacks in the routing path, MANET becomes unsecure. Understanding the form of attacks is always the main step towards the secured communication between mobile nodes. Routing protocols are significant to guarantee proper functioning of the path from source to destination nodes. This preserves the security of MANET from attacks.
16
An, Hyok, Yoonjong Na, Heejo Lee, and Adrian Perrig. "Resilience Evaluation of Multi-Path Routing against Network Attacks and Failures." Electronics 10, no. 11 (May 24, 2021): 1240. http://dx.doi.org/10.3390/electronics10111240.
Full textAbstract:
The current state of security and availability of the Internet is far from being commensurate with its importance. The number and strength of DDoS attacks conducted at the network layer have been steadily increasing. However, the single path (SP) routing used in today’s Internet lacks a mitigation scheme to rapidly recover from network attacks or link failure. In case of a link failure occurs, it can take several minutes until failover. In contrast, multi-path routing can take advantage of multiple alternative paths and rapidly switch to another working path. According to the level of available path control, we classfy the multi-path routing into two types, first-hop multi-path (FMP) and multi-hop multi-path (MMP) routing. Although FMP routing supported by networks, such as SD-WAN, shows marginal improvements over the current SP routing of the Internet, MMP routing supported by a global Internet architecture provides strong improvement under network attacks and link failure. MMP routing enables changing to alternate paths to mitigate the network problem in other hops, which cannot be controlled by FMP routing. To show this comparison with practical outcome, we evaluate network performance in terms of latency and loss rate to show that MMP routing can mitigate Internet hazards and provide high availability on global networks by 18 participating ASes in six countries. Our evaluation of global networks shows that, if network attacks or failures occur in other autonomous systems (ASes) that FMP routing cannot avoid, it is feasible to deal with such problems by switching to alternative paths by using MMP routing. When the global evaluation is under a transit-link DDoS attack, the loss rates of FMP that pass the transit-link are affected significantly by a transit-link DDoS attack, but the other alternative MMP paths show stable status under the DDoS attack with proper operation.
17
Koo, Kijong, Daesung Moon, Jun-Ho Huh, Se-Hoon Jung, and Hansung Lee. "Attack Graph Generation with Machine Learning for Network Security." Electronics 11, no. 9 (April 22, 2022): 1332. http://dx.doi.org/10.3390/electronics11091332.
Full textAbstract:
Recently, with the discovery of various security threats, diversification of hacking attacks, and changes in the network environment such as the Internet of Things, security threats on the network are increasing. Attack graph is being actively studied to cope with the recent increase in cyber threats. However, the conventional attack graph generation method is costly and time-consuming. In this paper, we propose a cheap and simple method for generating the attack graph. The proposed approach consists of learning and generating stages. First, it learns how to generate an attack path from the attack graph, which is created based on the vulnerability database, using machine learning and deep learning. Second, it generates the attack graph using network topology and system information with a machine learning model that is trained with the attack graph generated from the vulnerability database. We construct the dataset for attack graph generation with topological and system information. The attack graph generation problem is recast as a multi-output learning and binary classification problem. It shows attack path detection accuracy of 89.52% in the multi-output learning approach and 80.68% in the binary classification approach using the in-house dataset, respectively.
18
Qiu, Shenjian, Zhipeng Shao, Jian Wang, Shiyou Xu, and Jiaxuan Fei. "Research on Power Cyber-Physical Cross-Domain Attack Paths Based on Graph Knowledge." Applied Sciences 14, no. 14 (July 16, 2024): 6189. http://dx.doi.org/10.3390/app14146189.
Full textAbstract:
Against the background of the construction of new power systems, power generation, transmission, distribution, and dispatching services are open to the outside world for interaction, and the accessibility of attack paths has been significantly enhanced. We are facing cyber-physical cross-domain attacks with the characteristics of strong targeting, high concealment, and cross-space threats. This paper proposes a quantitative analysis method for the influence of power cyber-physical cross-domain attack paths based on graph knowledge. First, a layered attack graph was constructed based on the cross-space and strong coupling characteristics of the power cyber-physical system business and the vertical architecture of network security protection focusing on border protection. The attack graph included cyber-physical cross-domain attacks, control master stations, measurement and control equipment failures, transient stable node disturbances, and other vertices, and achieved a comprehensive depiction of the attack path. Second, the out-degree, in-degree, vertex betweenness, etc., of each vertex in the attack graph were comprehensively considered to calculate the vertex vulnerability, and by defining the cyber-physical coupling degree and edge weights, the risk of each attack path was analyzed in detail. Finally, the IEEE RTS79 and RTS96 node systems were selected, and the impact of risk conduction on the cascading failures of the physical space system under typical attack paths was analyzed using examples, verifying the effectiveness of the proposed method.
19
Panda, Niranjan, and Binod Kumar Pattanayak. "Defense Against Co-Operative Black-hole Attack and Gray-hole Attack in MANET." International Journal of Engineering & Technology 7, no. 3.4 (June 25, 2018): 84. http://dx.doi.org/10.14419/ijet.v7i3.4.16752.
Full textAbstract:
Mobile Ad-hoc networks (MANETs) can be termed as an autonomous system created by the collaboration of a set of motile nodes communicating with one another through available wireless media and each node behaves as an end system, as well as a router for packet forwarding. Each node is allowed to move freely, change locations and configure them to form a network. Finding an optimal and efficient path between the sender and receiver node is the main aim of routing protocols. Multipath routing protocols show a better result in comparison to single path routing protocols, for data transmission from source to destination extending lifetime of the network. Along with that security in routing for a protected communication between nodes has become a prime concern as any attack during routing may interrupt data transmission, paralyzing the whole network. During packet transmission through multiple paths a number of attacks make come into action by the unauthenticated and compromised nodes present within the network and black-hole attack is one of them. So our objective is to design a multipath routing protocol that detects and avoids the path containing black-hole. Our paper proposes a way to defense the black-hole and gray-hole attacks with the help of intelligence in MANET.
20
Hsieh, Chih-Hsiang, Wei-Kuan Wang, Cheng-Xun Wang, Shi-Chun Tsai, and Yi-Bing Lin. "Efficient Detection of Link-Flooding Attacks with Deep Learning." Sustainability 13, no. 22 (November 12, 2021): 12514. http://dx.doi.org/10.3390/su132212514.
Full textAbstract:
The DDoS attack is one of the most notorious attacks, and the severe impact of the DDoS attack on GitHub in 2018 raises the importance of designing effective defense methods for detecting this type of attack. Unlike the traditional network architecture that takes too long to cope with DDoS attacks, we focus on link-flooding attacks that do not directly attack the target. An effective defense mechanism is crucial since as long as a link-flooding attack is undetected, it will cause problems over the Internet. With the flexibility of software-defined networking, we design a novel framework and implement our ideas with a deep learning approach to improve the performance of the previous work. Through rerouting techniques and monitoring network traffic, our system can detect a malicious attack from the adversary. A CNN architecture is combined to assist in finding an appropriate rerouting path that can shorten the reaction time for detecting DDoS attacks. Therefore, the proposed method can efficiently distinguish the difference between benign traffic and malicious traffic and prevent attackers from carrying out link-flooding attacks through bots.
21
Wan, Gerry, Aaron Johnson, Ryan Wails, Sameer Wagh, and Prateek Mittal. "Guard Placement Attacks on Path Selection Algorithms for Tor." Proceedings on Privacy Enhancing Technologies 2019, no. 4 (October 1, 2019): 272–91. http://dx.doi.org/10.2478/popets-2019-0069.
Full textAbstract:
Abstract The popularity of Tor has made it an attractive target for a variety of deanonymization and fingerprinting attacks. Location-based path selection algorithms have been proposed as a countermeasure to defend against such attacks. However, adversaries can exploit the location-awareness of these algorithms by strategically placing relays in locations that increase their chances of being selected as a client’s guard. Being chosen as a guard facilitates website fingerprinting and traffic correlation attacks over extended time periods. In this work, we rigorously define and analyze the guard placement attack. We present novel guard placement attacks and show that three state-of-the-art path selection algorithms—Counter-RAPTOR, DeNASA, and LASTor—are vulnerable to these attacks, overcoming defenses considered by all three systems. For instance, in one attack, we show that an adversary contributing only 0.216% of Tor’s total bandwidth can attain an average selection probability of 18.22%, 84× higher than what it would be under Tor currently. Our findings indicate that existing location-based path selection algorithms allow guards to achieve disproportionately high selection probabilities relative to the cost required to run the guard. Finally, we propose and evaluate a generic defense mechanism that provably defends any path selection algorithm against guard placement attacks. We run our defense mechanism on each of the three path selection algorithms, and find that our mechanism significantly enhances the security of these algorithms against guard placement attacks with only minimal impact to the goals or performance of the original algorithms.
22
Kasturi, Santanam, Xiaolong Li, Peng Li, and John Pickard. "Predicting Attack Paths from Application Security Vulnerabilities Using a Multi-Layer Perceptron." American Journal of Software Engineering and Applications 12, no. 1 (May 30, 2024): 23–35. http://dx.doi.org/10.11648/j.ajsea.20241201.14.
Full textAbstract:
This paper is in the series of continuing research and proposes an approach to predicting possible attack paths from application security vulnerability-based attack trees. The attack trees are formed by stringing together weaknesses discovered in an application code and a group of applications within a domain. The Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) linked together as a string of vulnerabilities in the attack trees can be visualized as pathways for attacks. These pathways become potential attacks that can spread vertically and horizontally leading to a multi-path attack that can involve multiple software applications. With more data, and huge number of vulnerabilities, it will become impossible to identify all attack paths unless a full-scale implementation of an autonomous processing mechanism is in place. Machine Learning (ML) and Deep Learning (DL) techniques have been adopted in the cybersecurity space for decades, however all the studies have been around networks, endpoints, and device monitoring. This paper focuses on application security and building on earlier work cited, the use of a vulnerability map that uses attack vectors in a Deep Learning (DL) method implementing a Multi-Layer Perceptron (MLP) forms the basis for developing a predictive model that relates a set of linked vulnerabilities to an attack path. The results are encouraging, and this approach will help in identifying successful or failed attack paths involving multiple applications, isolated or grouped, and will help focus on the right applications and the vulnerabilities associated as priority for remediation.
23
Zhang, Shuqin, Peiyu Shi, Tianhui Du, Xinyu Su, and Yunfei Han. "Threat Attribution and Reasoning for Industrial Control System Asset." International Journal of Ambient Computing and Intelligence 15, no. 1 (November 17, 2023): 1–27. http://dx.doi.org/10.4018/ijaci.333853.
Full textAbstract:
Due to the widespread use of the industrial internet of things, the industrial control system has steadily transformed into an intelligent and informational one. To increase the industrial control system's security, based on industrial control system assets, this paper provides a method of threat modeling, attributing, and reasoning. First, this method characterizes the asset threat of an industrial control system by constructing an asset security ontology based on the asset structure. Second, this approach makes use of machine learning to identify assets and attribute the attacker's attack path. Subsequently, inference rules are devised to replicate the attacker's attack path, thereby reducing the response time of security personnel to threats and strengthening the semantic relationship between asset security within industrial control systems. Finally, the process is used in the simulation environment and real case scenario based on the power grid, where the assets and attacks are mapped. The actual attack path is deduced, and it demonstrates the approach's effectiveness.
24
He, Jiaji, Haocheng Ma, Kaiyue Song, and Yiqiang Zhao. "An Enhanced Logic Encryption Method with a Fully Correlated Key Interdependency Block." Electronics 8, no. 12 (November 22, 2019): 1392. http://dx.doi.org/10.3390/electronics8121392.
Full textAbstract:
Logic encryption, as a hardware security technique, can protect integrated circuits (ICs) by inserting additional gates. The inserted gates guarantee that predefined outputs are only generated when correct key inputs are provided, preventing IC counterfeiting, intellectual property (IP) theft, and IC overproduction. To evaluate the logic encryption’s robustness, two major criteria are usually utilized, which are (1) the interdependency between the keys and (2) the output corruption against attacks, including path sensitization attack, SATbased attack, hill-climbing attack, etc. However, the majority of existing logic encryption methods emphasize one criterion over the other. In this paper, an enhanced logic encryption method with a fully correlated key interdependency block is proposed. The method enhances the interdependency of keys and determines the locations of key-gates utilizing a rare node analysis method. Experimental results validate that the proposed method can withstand path sensitization attack and ensure 50% Hamming distance with reasonable design overheads.
25
Liao, Yan. "Enhancing Industrial Control Network Security Through Vulnerability Detection and Attack Graph Analysis." Scalable Computing: Practice and Experience 25, no. 1 (January 4, 2024): 65–74. http://dx.doi.org/10.12694/scpe.v25i1.2254.
Full textAbstract:
Insufficient communication attack defense capabilities within industrial control networks is a serious problem that is addressed in this study. The author proposes a methodology that focuses on creating attack graphs to ease security and vulnerability studies in industrial control network systems in order to address this issue. The article provides thorough construction guidance and techniques for attack graphs, which are used for penetration testing and vulnerability analysis of networks for industrial control systems. On the created attack graph, experimental evaluations utilizing the ``earthquake net'' virus were carried out. The findings point to four main attack routes where the ``Zhenwang'' virus is most likely going to attack and cause the most damage. With a loss value of 12.2 and an attack success chance of 0.096, the first path involves cumulative attack stages. The second path consists of cumulative attack steps, with a loss value of 10.2 and an attack success probability of 0.072. The third path encompasses cumulative attack steps, with a loss value of 16.6 and an attack success probability of 0.063. The fourth path comprises cumulative attack steps, with a loss value of 18.6 and an attack success probability of 0.084.
26
Chaves, Cesar, Siavoosh Azad, Thomas Hollstein, and Johanna Sepúlveda. "DoS Attack Detection and Path Collision Localization in NoC-Based MPSoC Architectures." Journal of Low Power Electronics and Applications 9, no. 1 (February 5, 2019): 7. http://dx.doi.org/10.3390/jlpea9010007.
Full textAbstract:
Denial of Service (DoS) attacks are an increasing threat for Multiprocessor System-on-Chip (MPSoC) architectures. By exploiting the shared resources on the chip, an attacker is able to prevent completion or degrade the performance of a task. This is extremely dangerous for MPSoCs used in critical applications. The Network-on-Chip (NoC), as a central MPSoC infrastructure, is exposed to this attack. In order to maintain communication availability, NoCs should be enhanced with an effective and precise attack detection mechanism that allows the triggering of effective attack mitigation mechanisms. Previous research works demonstrate DoS attacks on NoCs and propose detection methods being implemented in NoC routers. These countermeasures typically led to a significantly increased router complexity and to a high degradation of the MPSoC’s performance. To this end, we present two contributions. First, we provide an analysis of information that helps to narrow down the location of the attacker in the MPSoC, achieving up to a 69% search space reduction for locating the attacker. Second, we propose a low cost mechanism for detecting the location and direction of the interference, by enhancing the communication packet structure and placing communication degradation monitors in the NoC routers. Our experiments show that our NoC router architecture detects single-source DoS attacks and determines, with high precision, the location and direction of the collision, while incurring a low area and power overhead.
27
Yi, Junkai, and Xiaoyan Liu. "Deep Reinforcement Learning for Intelligent Penetration Testing Path Design." Applied Sciences 13, no. 16 (August 21, 2023): 9467. http://dx.doi.org/10.3390/app13169467.
Full textAbstract:
Penetration testing is an important method to evaluate the security degree of a network system. The importance of penetration testing attack path planning lies in its ability to simulate attacker behavior, identify vulnerabilities, reduce potential losses, and continuously improve security strategies. By systematically simulating various attack scenarios, it enables proactive risk assessment and the development of robust security measures. To address the problems of inaccurate path prediction and difficult convergence in the training process of attack path planning, an algorithm which combines attack graph tools (i.e., MulVAL, multi-stage vulnerability analysis language) and the double deep Q network is proposed. This algorithm first constructs an attack tree, searches paths in the attack graph, and then builds a transfer matrix based on depth-first search to obtain all reachable paths in the target system. Finally, the optimal path for target system attack path planning is obtained by using the deep double Q network (DDQN) algorithm. The MulVAL double deep Q network(MDDQN) algorithm is tested in different scale penetration testing environments. The experimental results show that, compared with the traditional deep Q network (DQN) algorithm, the MDDQN algorithm is able to reach convergence faster and more stably and improve the efficiency of attack path planning.
28
Shen, Limin, Hui Li, Hongyi Wang, and Yihuan Wang. "Multifeature-Based Behavior of Privilege Escalation Attack Detection Method for Android Applications." Mobile Information Systems 2020 (June 5, 2020): 1–16. http://dx.doi.org/10.1155/2020/3407437.
Full textAbstract:
This study proposed an application behavior-detection method based on multifeature and process algebra for detecting privilege escalation attacks in Android applications. The five features of application that constituted the attack were determined through an analysis of the privilege escalation attack model. On the basis of the extraction of multiple features, process algebra was used to build the application-behavior model and the attack model. Strong equivalence relation was used to verify the application behavior. Finally, dataflow path detection is conducted among the applications that can constitute privilege escalation attacks to determine those apps constituted a privilege escalation attack. The accuracy and effectiveness of the proposed method were verified using the DroidBench benchmark test and the test set that includes 55 APKs of 22 types.
29
Zhang, Xiaojian, Qi Wang, Xiangqun Wang, and Run Zhang. "Attack path analysis of power monitoring system based on attack graph." IOP Conference Series: Earth and Environmental Science 645 (January 26, 2021): 012064. http://dx.doi.org/10.1088/1755-1315/645/1/012064.
Full text
30
Khlobystova, A. O., M. V. Abramov, A. L. Tulupyev, and A. A. Zolotin. "Search for the shortest trajectory of a social engeneering attack between a pair of users in a graph with transition probabilities." Information and Control Systems, no. 6 (December 18, 2018): 74–81. http://dx.doi.org/10.31799/1684-8853-2018-6-74-81.
Full textAbstract:
Introduction: Social engineering attacks can be divided into two types: direct (one-way) and multi-pass ones, passing through a chain of users. Normally, there are several propagation paths for a multi-pass social engineering attack between two users. Estimates of the probabilities of an attack to spread along different trajectories will differ. Purpose: Identification of the most critical (most probable) trajectory for a multi-pass social engineering attack between two users. Methods: Methods of searching, matching and algorithm analysis are used to identify the most critical trajectory of attack propagation. They apply the information about the intensity of the interaction between employees in companies based on data extracted from social networks. These algorithms are reduced, using a number of transformations of the original data, to the algorithms of finding the shortest path in a graph. The estimates of a multi-path social engineering attack success probability are calculated with the methods of constructing an estimate of a complex event probability. Results: We have proposed an approach to identifying the most critical trajectories, whose estimate of the attack success probability is the highest. In the simplest case, the problem can be reduced to finding a path in the graph with the maximum product of the weights of all the edges involved. The resource intensity of the algorithm when searching for the most critical trajectory on a complete graph with a large number of vertices can be reduced with a specially developed technique. A brief overview of the methods and algorithms providing automated search for the most critical propagation path of a social engineering attack showed that in a general case it can be reduced, with some transformations, to the problem of finding the most critical trajectory using the configuration of Dijkstra and Bellman — Ford algorithms. The chosen algorithm was adapted for the specified context, and an approach was proposed to thin out the graph when searching for the most critical trajectory. The presented methods and algorithms are implemented in software code. Numerical experiments were performed to verify the calculation results. Practical relevance: The developed software based on the method and algorithm proposed in this article complements the functionality of the previous versions of software prototypes for analyzing the protection of information system users against social engineering attacks. It allows you to take into account a wider range of factors affecting the assessment of social engineering attack success probability.
31
Zhang, Yan, Yong Wang, Yihua Hu, Zhi Lin, Yadi Zhai, Lei Wang, Qingsong Zhao, Kang Wen, and Linshuang Kang. "Security Performance Analysis of LEO Satellite Constellation Networks under DDoS Attack." Sensors 22, no. 19 (September 26, 2022): 7286. http://dx.doi.org/10.3390/s22197286.
Full textAbstract:
Low Earth orbit satellite constellation networks (LSCNs) have attracted significant attention around the world due to their great advantages of low latency and wide coverage, but they also bring new challenges to network security. Distributed denial of service (DDoS) attacks are considered one of the most threatening attack methods in the field of Internet security. In this paper, a space-time graph model is built to identify the key nodes in LSCNs, and a DDoS attack is adopted as the main means to attack the key nodes. The scenarios of two-satellite-key-node and multi-satellite-key-node attacks are considered, and their security performance against DDoS attacks is also analyzed. The simulation results show that the transmission path of key satellite nodes will change rapidly after being attacked, and the average end-to-end delay and packet loss are linearly related to the number of key-node attacks. This work provides a comprehensive analysis of the security performance of LSCNs under a DDoS attack and theoretical support for future research on anti-DDoS attack strategies for LSCNs.
32
Li, Yanna. "The Cyber Attack in the Use of Force." Lecture Notes in Education Psychology and Public Media 69, no. 1 (November 15, 2024): 122–30. http://dx.doi.org/10.54254/2753-7048/69/20240165.
Full textAbstract:
Abstract: It is controversial whether cyber attacks can constitute the use of force, and it is also difficult to reduce cyber attacks in the use of force. This article will start from arguing the definition of using force, then discuss how can cyber attacks be interpreted as a form of using force and how to regulate cyber attacks from three orientations, which is a cyber attack that attributable to individuals, attributable to organizations, and attributable to countries. Finally, this article will focus on finding out a recommendation on how to identify a cyber attack with the one that can attributed to a country with the purpose of reducing the cyber attack in the use of force, that is, reverse the burden of proof in the investigation of an international cyber attack. This method aims at increasing the possibility of bearing state responsibility. And this article will explore the feasibility and improvement path of this method in order to make the idea more practical.
33
Yang, Jinwei, and Yu Yang. "Optimal Security Protection Selection Strategy Based on Markov Model Attack Graph." Journal of Physics: Conference Series 2132, no. 1 (December 1, 2021): 012020. http://dx.doi.org/10.1088/1742-6596/2132/1/012020.
Full textAbstract:
Abstract Intrusion intent and path prediction are important for security administrators to gain insight into the possible threat behavior of attackers. Existing research has mainly focused on path prediction in ideal attack scenarios, yet the ideal attack path is not always the real path taken by an intruder. In order to accurately and comprehensively predict the path information of network intrusion, a multi-step attack path prediction method based on absorbing Markov chains is proposed. Firstly, the node state transfer probability normalization algorithm is designed by using the nil posteriority and absorption of state transfer in absorbing Markov chain, and it is proved that the complete attack graph can correspond to absorbing Markov chain, and the economic indexes of protection cost and attack benefit and the index quantification method are constructed, and the optimal security protection policy selection algorithm based on particle swarm algorithm is proposed, and finally the experimental verification of the model in protection Finally, we experimentally verify the feasibility and effectiveness of the model in protection policy decision-making, which can effectively reduce network security risks and provide more security protection guidance for timely response to network attack threats.
34
Braimah, Joseph Odunayo, Tendai Makoni, and Fabio Mathias Correa. "Predicting the Path of Insurgency: Data-Driven Strategies to Counter Boko Haram in Nigeria." F1000Research 13 (September 2, 2024): 989. http://dx.doi.org/10.12688/f1000research.153978.1.
Full textAbstract:
Background While Boko Haram insurgency’s dangers are well documented, existing research lacks methods for effective monitoring and prediction, of their activities. This study addresses this gap by analyzing data from Nigerian Security Tracker website (https://www.cfr.org/nigeria/nigeria-security-tracker/p29483) from year 2011 to 2023 and geolocated information on Boko Haram activity. Methods The research employs a mixed-methods approach. It uses descriptive statistics to understand attack trends and time series models (ARIMA/SARIMA) to forecast future attacks. Additionally, control charts identify periods of heightened insurgency. Results The findings confirm the Northeast region, as the epicenter of Boko Haram activities. The average monthly attack rate was 18 incidents, leading to 682 deaths over 12 years. 2014 and 2015 witnessed the peak of the insurgency. The forecasting models suggest a potential decrease in attack frequency in the coming years, with an average of nine attacks per month. This predicted decline might be linked to intervention efforts. Control charts reveal periods where attacks surpassed expected levels, highlighting critical moments for intensified counter-insurgency measures. These periods include July 2012-May 2014 and June 2014-August 2015, with a period of regained control. Conclusion This research provides valuable insights for stakeholders working to fight against Boko Haram’s insurgency. It offers forecasting capabilities and identifies critical periods, potentially informing targeted interventions and improving overall counter-insurgency strategies.
35
Li, Xiaohong, Ran Liu, Zhiyong Feng, and Ke He. "Threat modeling-oriented attack path evaluating algorithm." Transactions of Tianjin University 15, no. 3 (June 2009): 162–67. http://dx.doi.org/10.1007/s12209-009-0029-y.
Full text
36
Chandran, Rahul, and Wei Q. Yan. "Attack Graph Analysis for Network Anti-Forensics." International Journal of Digital Crime and Forensics 6, no. 1 (January 2014): 28–50. http://dx.doi.org/10.4018/ijdcf.2014010103.
Full textAbstract:
The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from being tracked by destroying and distorting evidences. To detect and prevent network attacks, the main modus of operandi in network forensics is the successful implementation and analysis of attack graph from gathered evidences. This paper conveys the main concepts of attack graphs, requirements for modeling and implementation of graphs. It also contributes the aspect of incorporation of anti-forensic techniques in attack graph which will help in analysis of the diverse possibilities of attack path deviations and thus aids in recommendation of various defense strategies for better security. To the best of our knowledge, this is the first time network anti-forensics has been fully discussed and the attack graphs are employed to analyze the network attacks. The experimental analysis of anti-forensic techniques using attack graphs were conducted in the proposed test-bed which helped to evaluate the model proposed and suggests preventive measures for the improvement of security of the networks.
37
Chen, Yun, Kun Lv, and Changzhen Hu. "A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments." Security and Communication Networks 2018 (2018): 1–12. http://dx.doi.org/10.1155/2018/2058429.
Full textAbstract:
Currently, many methods are available to improve the target network’s security. The vast majority of them cannot obtain an optimal attack path and interdict it dynamically and conveniently. Almost all defense strategies aim to repair known vulnerabilities or limit services in target network to improve security of network. These methods cannot response to the attacks in real-time because sometimes they need to wait for manufacturers releasing corresponding countermeasures to repair vulnerabilities. In this paper, we propose an improved Q-learning algorithm to plan an optimal attack path directly and automatically. Based on this path, we use software-defined network (SDN) to adjust routing paths and create hidden forwarding paths dynamically to filter vicious attack requests. Compared to other machine learning algorithms, Q-learning only needs to input the target state to its agents, which can avoid early complex training process. We improve Q-learning algorithm in two aspects. First, a reward function based on the weights of hosts and attack success rates of vulnerabilities is proposed, which can adapt to different network topologies precisely. Second, we remove the actions and merge them into every state that reduces complexity from O(N3) to O(N2). In experiments, after deploying hidden forwarding paths, the security of target network is boosted significantly without having to repair network vulnerabilities immediately.
38
Al-janabi, Rana Jumaa Surayh. "Messenger Attack(Problems and Solutions)." Journal of Kufa for Mathematics and Computer 1, no. 2 (October 30, 2010): 12–22. http://dx.doi.org/10.31642/jokmc/2018/010202.
Full textAbstract:
For years, people think that the major threat to various companies' computer networks doesn't come from outside hackers,but from internal(often disgruntled) employees. However, a new study disputes that, saying that outside hack attacks are the largest threat. In fact, the outside hackers usethe ability of messenger to not only transfer text messages,but also to files transferring. Consequently, messengers can transfer worms and other malicious software ( malware).This research includes many practical methods and tricks to attack yahoo messenger by sending executable files that are compressed and masqueraded, that files are responsible for converting Yahoo! Musicand other options to malicious web site, and also it is possible to insert messenger into infinite loop, delete messenger after forcing it to close, or convert its path into malicious program path, insuring that done even after restart computer. And also it containsmprotection methods for that attack which are responsible for disabling system program such as (task manager, system restore, system configuration utility etc) to ensure that the user couldn't remove the program that caused attack.Finally in this research, software is designed to break that attack by enabling system tools and that will lead to facilitate the task of ending attack. Actually, this software is considered as a solution towidespread problem caused by many malware.
39
Yang, Rong, Fang Ming Huang, and Hua Jun Gong. "Best Attack Position Model for BVR Multi-Target Air Combat." Advanced Materials Research 1016 (August 2014): 511–15. http://dx.doi.org/10.4028/www.scientific.net/amr.1016.511.
Full textAbstract:
Refer to the characteristics of BVR air combat and multi-target attack for the Fourth Generation Fighters, this paper constructs and computes the model of probability distributions in multi-target kill zone, the model of the best attack path/attack position of multi-target attack. The model of probability distributions in multi-target kill zone considers heading angle and approaching angle of target, distance between fighter and target, maximum off-boresight launching angle and killing angle. The model of the best attack path/attack position considers damage probability to targets by missiles, threat degree to fighter of targets, and threat degree to fighter of residual targets. The paper calculates the simulation data according to the models, analyzes probability distributions in multi-target kill zone of missiles, the best attack path/attack position. The models and simulated results show that the method, which uses kill zone probability model, can improve the damage probability and reduce threat degree from enemy targets.
40
Vitali, Maycon. "Web Cache Deception Attack." H2HC Magazine, no. 16 (October 22, 2022): 34–40. http://dx.doi.org/10.47986/16/2.
Full textAbstract:
Este artigo tem por finalidade apresentar uma classe de ataque não muito nova (apresentada inicialmente em 2017 por Omer Gil mas que, apesar de simples, é pouco explorada no cotidiano. Estamos falando do Web Cache Deception Attack, um ataque que tem por finalidade principal obter dados sensíveis de usuários legítimos de uma determinada aplicação afetada. Será apresentado uma fundamentação básica sobre serviços de cache, cujo conhecimento é necessário para o sucesso no ataque, além da vulnerabilidade de Path Confusion, que é a classe de vulnerabilidade utilizada para a execução do ataque apresentado. Dito isto, nota-se que o Web Cache Deception Attack é, como o próprio nome sugere, uma classe de ataque e não a vulnerabilidade propriamente dita, sendo essa a Path Confusion.
41
Harmeet Singh, Er, and Dr Vijay Dhir. "A Novel Hybrid and Secure Clustering Black hole Attacks Mitigation Technique in Wireless LAN." International Journal of Engineering & Technology 7, no. 4.7 (September 27, 2018): 389. http://dx.doi.org/10.14419/ijet.v7i4.7.23035.
Full textAbstract:
Wireless LAN is a dynamic network with large number of mobile nodes. As the traffic increases over the wireless, it will lead to number of problems like congestion and packet loss. This congestion and packet loss problems occurs due to the attacks in wireless LAN.Out of the various attacks black hole attack is most dangerous attack which drops all of the packets received from the source node and which act as a black hole in the universe. In this paper we are providing solution against this attack. We propose a Novel Hybrid and Secure Clustering Black hole Attack Mitigation Technique in Wireless LAN. This technique firstly detects the black hole attack by using threshold values against different parameters, after this clustering approach is used for secure path from source to destination by reducing overhead in the network. Most of existing mechanisms are not as efficient because by isolating black hole attack overhead is increased. A HSBM approach has remarkable advantage over these existing techniques. We simulate the proposed technique by using NS2 simulator and proved that our technique effectively detects the black hole attack in terms of throughput, packet loss, end to end packet delivery ratio, delay.
42
Elavarasan, R., K. Chitra, and Amsalu Gosu Adigo. "Enhanced Lion Optimization with Efficient Path Routing Equalization Technique against DoS Attack in Wireless Sensor Network." Wireless Communications and Mobile Computing 2022 (June 14, 2022): 1–9. http://dx.doi.org/10.1155/2022/3321870.
Full textAbstract:
In WSN, DoS (denial of service) attack makes shortcoming system. The packets travel over and over in the sensor network. By that, all the assets like data transmission, memory, and vitality are squandered by this attack. However, the attacker ought to optimize its attacker plan for request to boost the impact on the system performance because of the deficiency of vitality at the aggressor side. Denial of service (DoS) attack on the Internet has become a squeezing issue. By staying away from these sorts of attacks, network performance can be improved. Therefore, security is a fundamental requirement for these networks. Effective routing is necessary in order to overcome the issued faced by the crosslayer in the DOS attack of the WSN network for the purpose of good transmission. This research work mainly focuses on performance evaluation using optimization methods. To establish the efficient path in the crosslayer against DoS attack, this paper has proposed enhanced lion optimization with an efficient path routing equalization technique (LOEPRE). If any failure node occurs in the network, then the node is recognized and the transfer of the data packet is done to the other node. Retransmission of data causes overload in the network. The proposed model focuses on these issues and overcomes these issues by improving the path efficiently with robust security. It consists of three phases: the initial phase includes the route discovery in the network. In the second phase, the transfer of data is done in the high router path for security purposes. Finally, the efficient path routing equalization technique is used for minimizing the overload in the network; it provides the equalized path length in the network and is highly efficient. Hence, the proposed LOEPRE technique is used to achieve energy efficiency in wireless network for prolonged network lifetime and minimum packet latency and minimize consumption of energy. Moreover, the simulation outcome of the proposed LOEPRE method is highly robust while comparing to the existing methods EFCRS, SSPRA ELOER, EFLOR, and TSTP. It achieves better performance than existing algorithms in comparing metric connectivity ratio, end-to-end delay, overhead, throughput, and packet delivery ratio.
43
Guo, Mingyu, Jialiang Li, Aneta Neumann, Frank Neumann, and Hung Nguyen. "Practical Fixed-Parameter Algorithms for Defending Active Directory Style Attack Graphs." Proceedings of the AAAI Conference on Artificial Intelligence 36, no. 9 (June 28, 2022): 9360–67. http://dx.doi.org/10.1609/aaai.v36i9.21167.
Full textAbstract:
Active Directory is the default security management system for Windows domain networks. We study the shortest path edge interdiction problem for defending Active Directory style attack graphs. The problem is formulated as a Stackelberg game between one defender and one attacker. The attack graph contains one destination node and multiple entry nodes. The attacker's entry node is chosen by nature. The defender chooses to block a set of edges limited by his budget. The attacker then picks the shortest unblocked attack path. The defender aims to maximize the expected shortest path length for the attacker, where the expectation is taken over entry nodes. We observe that practical Active Directory attack graphs have small maximum attack path length and are structurally close to trees. We first show that even if the maximum attack path length is a constant, the problem is still w[1]-hard with respect to the defender's budget. Having a small maximum attack path length and a small budget is not enough to design fixed-parameter algorithms. If we further assume that the number of entry nodes is small, then we derive a fixed-parameter tractable algorithm. We then propose two other fixed-parameter algorithms by exploiting the tree-like features. One is based on tree decomposition and requires a small tree width. The other assumes a small number of splitting nodes (nodes with multiple out-going edges). Finally, the last algorithm is converted into a graph convolutional neural network based heuristic, which scales to larger graphs with more splitting nodes.
44
Lin, Hsiao-Chung, Ping Wang, Wen-Hui Lin, and Yu-Hsiang Huang. "A Multiple-Swarm Particle Swarm Optimisation Scheme for Tracing Packets Back to the Attack Sources of Botnet." Applied Sciences 11, no. 3 (January 26, 2021): 1139. http://dx.doi.org/10.3390/app11031139.
Full textAbstract:
Network intrusion detection systems that employ existing IP traceback (IPTBK) algorithms are generally unable to trace multiple attack sources. In these systems, the sampling mechanism only screens parts of the routing information, which leads to the tracing of the neighbour of the attack source and fails to identify the attack source. Theoretically, the multimodal optimisation problem cannot be solved for all of its multiple solutions using the traditional particle swarm optimisation (PSO) algorithm. The present study focuses on the use of multiple-swarm PSO (MSPSO) for recursively tracing attack paths back to a botnet’s multiple attack sources using the subgroup strategy. Specifically, the fitness of each path was calculated using a quasi-Newton gradient descent method to confirm the crucial path for successfully tracing the attack source. For multimodal optimisation problems, the MSPSO algorithm achieves an effective balance between individual particle exploitation and multiswarm exploration when premature convergence occurs. Thus, this algorithm accurately traces multiple attack sources. To verify the effectiveness of identifying Distributed Denial-Of-Service (DDoS) control centres, networks with various topology sizes (32–64 nodes) were simulated using ns-3 with the Boston University Representative Internet Topology Generator. The proposed A* search algorithm (minimal cost pathfinding algorithm) and MSPSO were used to identify the sources of simulated DDoS attacks. Compared with commonly available systems, the MSPSO algorithm performs better in multimodal optimisation problems, improves the accuracy of traceability analysis and reduces false responses for IPTBK problems.
45
Umaparvathi, M., and Dharmishtan K. Varughese. "Secure Video Transmission Against Black Hole Attack in MANETs." International Journal of Business Data Communications and Networking 7, no. 4 (October 2011): 1–17. http://dx.doi.org/10.4018/jbdcn.2011100101.
Full textAbstract:
Mobile Adhoc Networks (MANETs) are open to a wide range of attacks due to their unique characteristics like dynamic topology, shared medium, absence of infrastructure, and resource constraints. Data packets sent by a source node may reach destination through a number of intermediate nodes. In the absence of security mechanism, it is easy for an intermediate node to intercept or modify the messages, thus attacking the normal operation of MANET. One such attack is Black hole attack, in which, a malicious node called Black hole node attracts all the traffic of the network towards itself, and discards all the packets without forwarding them to the intended recipients. This paper evaluates the performance of Adhoc on-demand Distance Vector (AODV) and its multi-path variant Adhoc On-demand Multi-path Distance Vector (AOMDV) routing protocols under black hole attack. Non-cryptographic solutions Secure Blackhole AODV (SBAODV) and Secure Blackhole AOMDV (SBAOMDV) have been proposed to mitigate the effect of black hole attack. Through NS-2 simulations, the performance of the proposed protocols with video streaming is analyzed. The results show that the proposed solutions provide better performance than the conventional AODV and AOMDV.
46
Singh, Rupinder, Jatinder Singh, and Ravinder Singh. "WRHT: A Hybrid Technique for Detection of Wormhole Attack in Wireless Sensor Networks." Mobile Information Systems 2016 (2016): 1–13. http://dx.doi.org/10.1155/2016/8354930.
Full textAbstract:
Wormhole attack is a challenging security threat to wireless sensor networks which results in disrupting most of the routing protocols as this attack can be triggered in different modes. In this paper, WRHT, a wormhole resistant hybrid technique, is proposed, which can detect the presence of wormhole attack in a more optimistic manner than earlier techniques. WRHT is based on the concept of watchdog and Delphi schemes and ensures that the wormhole will not be left untreated in the sensor network. WRHT makes use of the dual wormhole detection mechanism of calculating probability factor time delay probability and packet loss probability of the established path in order to find the value of wormhole presence probability. The nodes in the path are given different ranking and subsequently colors according to their behavior. The most striking feature of WRHT consists of its capacity to defend against almost all categories of wormhole attacks without depending on any required additional hardware such as global positioning system, timing information or synchronized clocks, and traditional cryptographic schemes demanding high computational needs. The experimental results clearly indicate that the proposed technique has significant improvement over the existing wormhole attack detection techniques.
47
Srinivas, T. Aditya Sai, and S. S. Manivannan. "Black Hole and Selective Forwarding Attack Detection and Prevention in IoT in Health Care Sector: Hybrid meta-heuristic-based shortest path routing." Journal of Ambient Intelligence and Smart Environments 13, no. 2 (March 26, 2021): 133–56. http://dx.doi.org/10.3233/ais-210591.
Full textAbstract:
In the current health care scenario, security is the major concern in IoT-WSN with more devices or nodes. Attack or anomaly detection in the IoT infrastructure is increasing distress in the field of medical IoT. With the enormous usage of IoT infrastructure in every province, threats and attacks in these infrastructures are also mounting commensurately. This paper intends to develop a security mechanism to detect and prevent the black hole and selective forwarding attack from medical IoT-WSN. The proposed secure strategy is developed in five stages: First is selecting the cluster heads, second is generating k-routing paths, third is security against black hole attack, fourth is security against the selective forwarding attack, and the last is optimal shortest route path selection. Initially, a topology is developed for finding the cluster heads and discovering the best route. In the next phase, the black hole attacks are detected and prevented by the bait process. For detecting the selective forwarding attacks, the packet validation is done by checking the transmitted packet and the received packet. For promoting the packet security, Elliptic Curve Cryptography (ECC)-based hashing function is deployed. As the main contribution of this paper, optimal shortest route path is determined by the proposed hybrid algorithm with the integration of Deer Hunting Optimization Algorithm (DHOA), and DragonFly Algorithm (DA) termed Dragonfly-based DHOA (D-DHOA) by concerting the parameters like trust, distance, delay or latency and packet loss ratio in the objective model. Hence, the entire phases will be very active in detecting and preventing the two fundamental attacks like a black hole and selective forwarding from IoT-WSN in the health care sector.
48
Fortilla, Zeny Arsya, and Muhammad Syauqi Jazuli. "Developing a 3D Virus Attack Simulation in Unity: A Case Study for Healthcare Education." Gameology and Multimedia Expert 1, no. 2 (April 1, 2024): 33. http://dx.doi.org/10.29103/game.v1i2.15885.
Full textAbstract:
Virus Attack 3D is a 3D platformer game that visualizes humans running to avoid Coronavirus attacks encountered on a path with increasing speed at each level. The player's character dies upon collision, but the game continues with increasing score and level if the player successfully avoids the viruses. This research aims to design Virus Attack 3D, incorporating health-themed education. The application is built using the C# programming language in the Unity application for a more strategic experience. Virus Attack 3D is a platformer game that serves as the research output. The entertaining Virus Attack application offers a game enjoyable for all ages, training players' spontaneous response and dexterity in overcoming challenges while providing entertainment on desktops in single-player mode.
49
Zhang, Bing, Hui Li, Shuai Zhang, Jing Sun, Ning Wei, Wenhong Xu, and Huan Wang. "Multi-Constraint and Multi-Policy Path Hopping Active Defense Method Based on SDN." Future Internet 16, no. 4 (April 22, 2024): 143. http://dx.doi.org/10.3390/fi16040143.
Full textAbstract:
Path hopping serves as an active defense mechanism in network security, yet it encounters challenges like a restricted path switching space, the recurrent use of similar paths and vital nodes, a singular triggering mechanism for path switching, and fixed hopping intervals. This paper introduces an active defense method employing multiple constraints and strategies for path hopping. A depth-first search (DFS) traversal is utilized to compute all possible paths between nodes, thereby broadening the path switching space while simplifying path generation complexity. Subsequently, constraints are imposed on residual bandwidth, selection periods, path similitude, and critical nodes to reduce the likelihood of reusing similar paths and crucial nodes. Moreover, two path switching strategies are formulated based on the weights of residual bandwidth and critical nodes, along with the calculation of path switching periods. This facilitates adaptive switching of path hopping paths and intervals, contingent on the network’s residual bandwidth threshold, in response to diverse attack scenarios. Simulation outcomes illustrate that this method, while maintaining normal communication performance, expands the path switching space effectively, safeguards against eavesdropping and link-flooding attacks, enhances path switching diversity and unpredictability, and fortifies the network’s resilience against malicious attacks.
50
Tan, Sery Vuth, Minh Yuk Choi, and Kee Cheon Kim. "The New Mechanism to Detect and Prevent BlackHole Attacks on AODV-Based MANET." Advanced Materials Research 684 (April 2013): 547–50. http://dx.doi.org/10.4028/www.scientific.net/amr.684.547.
Full textAbstract:
Mobile Ad-hoc Network (MANET) is a dynamic wireless network without any infrastructures. The network is weak and vulnerable to many types of attacks. One of these attacks is BlackHole. In this attack, a malicious node advertises itself as having a high sequence number and a shortest path to a specific node to absorb packets. The effect of BlackHole attack on ad-hoc network using AODV as a routing protocol will be examined in this research. We also propose a new mechanism, called DPBA-AODV, to detect and prevent BlackHole attacks on AODV protocol. Simulation result, by using NS2, depicts the efficiency of our proposed mechanism in packet delivery ratio under the presence of BlackHole nodes.