Journal articles on the topic 'Distributed attacks'
To see the other types of publications on this topic, follow the link: Distributed attacks.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Distributed attacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Kotey, Seth, Eric Tchao, and James Gadze. "On Distributed Denial of Service Current Defense Schemes." Technologies 7, no. 1 (January 30, 2019): 19. http://dx.doi.org/10.3390/technologies7010019.
Full textAbstract:
Distributed denial of service (DDoS) attacks are a major threat to any network-based service provider. The ability of an attacker to harness the power of a lot of compromised devices to launch an attack makes it even more complex to handle. This complexity can increase even more when several attackers coordinate to launch an attack on one victim. Moreover, attackers these days do not need to be highly skilled to perpetrate an attack. Tools for orchestrating an attack can easily be found online and require little to no knowledge about attack scripts to initiate an attack. Studies have been done severally to develop defense mechanisms to detect and defend against DDoS attacks. As defense schemes are designed and developed, attackers are also on the move to evade these defense mechanisms and so there is a need for a continual study in developing defense mechanisms. This paper discusses the current DDoS defense mechanisms, their strengths and weaknesses.
2
Sambangi, Swathi, and Lakshmeeswari Gondi. "A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression." Proceedings 63, no. 1 (December 25, 2020): 51. http://dx.doi.org/10.3390/proceedings2020063051.
Full textAbstract:
The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.
3
Chaudhary, Sachin, and Kanchan Chaudhary. "Distributed Honeypots System." International Journal of Advance Research and Innovation 1, no. 2 (2013): 5–11. http://dx.doi.org/10.51976/ijari.121302.
Full textAbstract:
Honeypot is a supplemented active defence system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system. Integrated with other security solutions, Honeypot can solve many traditional dilemmas. It has emerged as a prominent technology that helps learn new hacking techniques from attackers and intruders. Honeypots can initiatively lure hackers to attack the internet, take the record of the ways and means of their invasion, and then analyze and study them.
4
Manaseer, Saher, and Ahmad K. Al Hwaitat. "Centralized Web Application Firewall Security System." Modern Applied Science 12, no. 10 (September 29, 2018): 164. http://dx.doi.org/10.5539/mas.v12n10p164.
Full textAbstract:
In this paper we propose a centralized web firewall system for web application security which will provide a new type of synchronized system, which has the ability to detect and prevent a variety of web application attacks for a wide range of hosts at the same time , using an centralized command and control system, the attacked client then sends the information to a centralized command and control server which will distribute the attack information to all of the integrated clients connected to it. The distributed information contains all of the attack information including the type of attack, the IP address of the attacker, and the time of attack. The process of receiving the attacker's information and distributing it through the centralized web firewall is done automatically and immediately at the time of the attack. And all of the receiving clients will take actions against the threat depending on the distributed information such as banning the IP address of the attacker. The main process aims to protect multiple clients from any possible attack from the same attacker or the same type of attack. The system has been implemented to protect a real web application. Experiments showed that the attacks has been successfully prevented on multiple hosts at the time.
This paper came to provide a centralized web firewall system that connect different web firewalls in order to detect and prevent different types of web attacks and work as a fully integrated system with the different clients.
5
Gavrić, Nikola, and Živko Bojović. "Security Concerns in MMO Games—Analysis of a Potent Application Layer DDoS Threat." Sensors 22, no. 20 (October 14, 2022): 7791. http://dx.doi.org/10.3390/s22207791.
Full textAbstract:
The application layer in the Internet protocol suite offers a significant degree of freedom regarding the orchestration of distributed denial-of-service attacks due to many different and unstandardized protocols. The primary focus of defending against application-layer distributed denial-of-service attacks has traditionally been Hypertext Transfer Protocols oriented while observing individual users’ actions independently from one another. In this paper, we present and analyze a novel application-layer DDoS attack in massively multiplayer online games that utilize the cooperative efforts of the attackers to deplete the server’s or players’ bandwidth. The attack exploits in-game dependencies between players to cause a massive spike in bandwidth while the attackers’ traffic remains legitimate. We introduce a multiplayer-relations graph to model user behavior on a game server. Additionally, we demonstrate the attack’s devastating capabilities on an emulated World of Warcraft server. Lastly, we discuss flaws of the existing defense mechanisms and possible approaches for the detection of these attacks using graph theory and multiplayer-relations graphs.
6
Li, Yufeng, Le Tian, Han Qiu, and Chuanhao Zhang. "Research Notes: Distributed Shadow for Router Security Defense." International Journal of Software Engineering and Knowledge Engineering 28, no. 02 (February 2018): 193–206. http://dx.doi.org/10.1142/s021819401840003x.
Full textAbstract:
Router security defense technologies emerging in recent years could hardly detect and block the new booming threats with unknown signatures such as hardware Trojan, zero-day attacks, etc. We present a novel router defense technology, distributed router shadow, which builds a closed execution environment to deceive attacks entering into the router, thereby misleading the attackers into regarding it as the real attack target and executing the suspicious code to maximize the chances of detonating the system exploit; thus the original router is prevented from attacking and the suspicious code can be detected. Our experiment and analysis show that the router shadow can defend not only attacks with signature but also some new attacks without signature.
7
Shang, Fute, Buhong Wang, Fuhu Yan, and Tengyao Li. "Multidevice False Data Injection Attack Models of ADS-B Multilateration Systems." Security and Communication Networks 2019 (March 3, 2019): 1–11. http://dx.doi.org/10.1155/2019/8936784.
Full textAbstract:
Location verification is a promising approach among various ADS-B security mechanisms, which can monitor announced positions in ADS-B messages with estimated positions. Based on common assumption that the attacker is equipped with only a single device, this mechanism can estimate the position state through analysis of time measurements of messages using multilateration algorithm. In this paper, we propose the formal model of multidevice false data injection attacks in the ATC system against the location verification. Assuming that attackers equipped with multiple devices can manipulate the ADS-B messages in distributed receivers without any mutual interference, such attacker can efficiently construct attack vectors to change the results of multilateration. The feasibility of a multidevice false data injection attack is demonstrated experimentally. Compared with previous multidevice attacks, the multidevice false data injection attacks can offer lower cost and more covert attacks. The simulation results show that the proposed attack can reduce the attackers’ cost by half and achieve better time synchronization to bypass the existing anomaly detection. Finally, we discuss the real-world constraints that limit their effectiveness and the countermeasures of these attacks.
8
Zhang, Chunming. "Impact of Defending Strategy Decision on DDoS Attack." Complexity 2021 (March 15, 2021): 1–11. http://dx.doi.org/10.1155/2021/6694383.
Full textAbstract:
Distributed denial-of-service (DDoS) attack is a serious threat to cybersecurity. Many strategies used to defend against DDoS attacks have been proposed recently. To study the impact of defense strategy selection on DDoS attack behavior, the current study uses logistic function as basis to propose a dynamic model of DDoS attacks with defending strategy decisions. Thereafter, the attacked threshold of this model is calculated. The existence and stability of attack-free and attacked equilibria are proved. Lastly, some effective strategies to mitigate DDoS attacks are suggested through parameter analysis.
9
Tennakoon, Chaminda, and Subha Fernando. "Deep learning model for distributed denial of service (DDoS) detection." International Journal of ADVANCED AND APPLIED SCIENCES 9, no. 2 (February 2022): 109–18. http://dx.doi.org/10.21833/ijaas.2022.02.012.
Full textAbstract:
Distributed denial of service (DDoS) attacks is one of the serious threats in the domain of cybersecurity where it affects the availability of online services by disrupting access to its legitimate users. The consequences of such attacks could be millions of dollars in worth since all of the online services are relying on high availability. The magnitude of DDoS attacks is ever increasing as attackers are smart enough to innovate their attacking strategies to expose vulnerabilities in the intrusion detection models or mitigation mechanisms. The history of DDoS attacks reflects that network and transport layers of the OSI model were the initial target of the attackers, but the recent history from the cybersecurity domain proves that the attacking momentum has shifted toward the application layer of the OSI model which presents a high degree of difficulty distinguishing the attack and benign traffics that make the combat against application-layer DDoS attack a sophisticated task. Striding for high accuracy with high DDoS classification recall is key for any DDoS detection mechanism to keep the reliability and trustworthiness of such a system. In this paper, a deep learning approach for application-layer DDoS detection is proposed by using an autoencoder to perform the feature selection and Deep neural networks to perform the attack classification. A popular benchmark dataset CIC DoS 2017 is selected by extracting the most appealing features from the packet flows. The proposed model has achieved an accuracy of 99.83% with a detection rate of 99.84% while maintaining the false-negative rate of 0.17%, which has the heights accuracy rate among the literature reviewed so far.
10
Hromada, Viliam, Ladislav Öllős, and Pavol Zajac. "Using SAT solvers in large scale distributed algebraic attacks against low entropy keys." Tatra Mountains Mathematical Publications 64, no. 1 (September 1, 2015): 187–203. http://dx.doi.org/10.1515/tmmp-2015-0048.
Full textAbstract:
Abstract In this paper we study large scale distributed algebraic attacks with SAT solvers in a specific scenarios. We are interested in the complexity of finding low entropy keys with the help of SAT solvers. Moreover, we examine how to efficiently distribute this process on multiple computing nodes. Finally, we show that the average cost of the attack per key decreases, if the attacker has access to many different encryptions with different keys.
11
Asad, Muhammad, Muhammad Asim, Talha Javed, Mirza O. Beg, Hasan Mujtaba, and Sohail Abbas. "DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning." Computer Journal 63, no. 7 (July 3, 2019): 983–94. http://dx.doi.org/10.1093/comjnl/bxz064.
Full textAbstract:
Abstract At the advent of advanced wireless technology and contemporary computing paradigms, Distributed Denial of Service (DDoS) attacks on Web-based services have not only increased exponentially in number, but also in the degree of sophistication; hence the need for detecting these attacks within the ocean of communication packets is extremely important. DDoS attacks were initially projected toward the network and transport layers. Over the years, attackers have shifted their offensive strategies toward the application layer. The application layer attacks are potentially more detrimental and stealthier because of the attack traffic and the benign traffic flows being indistinguishable. The distributed nature of these attacks is difficult to combat as they may affect tangible computing resources apart from network bandwidth consumption. In addition, smart devices connected to the Internet can be infected and used as botnets to launch DDoS attacks. In this paper, we propose a novel deep neural network-based detection mechanism that uses feed-forward back-propagation for accurately discovering multiple application layer DDoS attacks. The proposed neural network architecture can identify and use the most relevant high level features of packet flows with an accuracy of 98% on the state-of-the-art dataset containing various forms of DDoS attacks.
12
Jaideep, Gera, and Bhanu Prakash Battula. "Detection of DDOS attacks in distributed peer to peer networks." International Journal of Engineering & Technology 7, no. 2.7 (March 18, 2018): 1051. http://dx.doi.org/10.14419/ijet.v7i2.7.12227.
Full textAbstract:
Peer to Peer (P2P) network in the real world is a class of systems that are made up of thousands of nodes in distributed environments. The nodes are decentralized in nature. P2P networks are widely used for sharing resources and information with ease. Gnutella is one of the well known examples for such network. Since these networks spread across the globe with large scale deployment of nodes, adversaries use them as a vehicle to launch DDoS attacks. P2P networks are exploited to make attacks over hosts that provide critical services to large number of clients across the globe. As the attacker does not make a direct attack it is hard to detect such attacks and considered to be high risk threat to Internet based applications. Many techniques came into existence to defeat such attacks. Still, it is an open problem to be addressed as the flooding-based DDoS is difficult to handle as huge number of nodes are compromised to make attack and source address spoofing is employed. In this paper, we proposed a framework to identify and secure P2P communications from a DDoS attacks in distributed environment. Time-to-Live value and distance between source and victim are considered in the proposed framework. A special agent is used to handle information about nodes, their capacity, and bandwidth for efficient trace back. A Simulation study has been made using NS2 and the experimental results reveal the significance of the proposed framework in defending P2P network and target hosts from high risk DDoS attacks.
13
K.M, Akhil, Rahul C.T, and Athira V.B. "Distributed Denial of Service (DDoS) Attacks and Defence Mechanism." International Journal of Computer Science and Mobile Computing 10, no. 3 (March 30, 2021): 83–88. http://dx.doi.org/10.47760/ijcsmc.2021.v10i03.010.
Full textAbstract:
Denial of Service (DoS) attacks is one of the major threats to Internet sites and one of the major security problems Internet faces today. The nature of threats caused by Distributed Denial of Service (DDoS) attacks on networks. With little or no warning, a DDoS attack could easily destroy its victim's communication and network resources in a short period of time. This paper outlines the problem of DDoS attacks and developing a classification of DDoS attacks and DDoS defense mechanisms. Important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to set a certain order of existence methods of attack and defense mechanisms, for the better understanding DDoS attacks can be achieved with more effective methods and means of self-defense can be developed.
14
Aridoss, Manimaran. "Defensive Mechanism Against DDoS Attack to Preserve Resource Availability for IoT Applications." International Journal of Handheld Computing Research 8, no. 4 (October 2017): 40–51. http://dx.doi.org/10.4018/ijhcr.2017100104.
Full textAbstract:
The major challenge of Internet of Things (IoT) generated data is its hypervisor level vulnerabilities. Malicious VM deployment and termination are so simple due to its multitenant shared nature and distributed elastic cloud features. These features enable the attackers to launch Distributed Denial of Service attacks to degrade cloud server performance. Attack detection techniques are applied to the VMs that are used by malicious tenants to hold the cloud resources by launching DDoS attacks at data center subnets. Traditional dataflow-based attack detection methods rely on the similarities of incoming requests which consist of IP and TCP header information flows. The proposed approach classifies the status patterns of malicious VMs and ideal VMs to identify the attackers. In this article, information theory is used to calculate the entropy value of the malicious virtual machines for detecting attack behaviors. Experimental results prove that the proposed system works well against DDoS attacks in IoT applications.
15
Liu, Zhenpeng, Ruilin Li, Dewei Miao, Lele Ren, and Yonggang Zhao. "Membership Inference Defense in Distributed Federated Learning Based on Gradient Differential Privacy and Trust Domain Division Mechanisms." Security and Communication Networks 2022 (July 14, 2022): 1–14. http://dx.doi.org/10.1155/2022/1615476.
Full textAbstract:
Distributed federated learning models are vulnerable to membership inference attacks (MIA) because they remember information about their training data. Through a comprehensive privacy analysis of distributed federated learning models, we design an attack model based on generative adversarial networks (GAN) and member inference attacks (MIA). Malicious participants (attackers) utilize the attack model to successfully reconstruct training sets of other regular participants without any negative impact on the global model. To solve this problem, we apply the differential privacy method to the training process of the model, which effectively reduces the accuracy of member inference attacks by clipping the gradient and adding noise to it. In addition, we manage the participants hierarchically through the method of trust domain division to alleviate the performance degradation of the model caused by differential privacy processing. Experimental results show that in distributed federated learning, our designed scheme can effectively defend against member inference attacks in white-box scenarios and maintain the usability of the global model, realizing an effective trade-off between privacy and usability.
16
Devi, Savita, and Taran Singh Bharti. "A Review on Detection and Mitigation Analysis of Distributed Denial of Service Attacks and Their Effects on the Cloud." International Journal of Cloud Applications and Computing 12, no. 1 (January 1, 2022): 1–21. http://dx.doi.org/10.4018/ijcac.311036.
Full textAbstract:
To save money on maintenance and administrative costs, cloud computing aims to move high-end computer equipment to the internet and put it online. Both victims and attackers may reap the advantages of cloud computing. On the other side, attacks on cloud components might lead to massive losses for cloud service providers and users. Numerous cyber-attacks have been launched as a consequence of this readily available resource. One of the most significant hazards to communication networks and applications has long been DoS and DDoS attacks. Operations, availability, and security for companies are becoming a nightmare because of these attacks. Since cloud computing resources are scalable, these resources may be dynamically scaled to recognise the attack components and immediately withstand the attack. For this cyber-attack against cloud computing, fast exploitation of the attack data is necessary. This article addresses the majority of the previously published strategies for DDoS attack avoidance, early identification, and remediation.
17
Kumar, V., A. Kumar, S. Garg, and S. R. Payyavula. "Boosting Algorithms to Identify Distributed Denial-of-Service Attacks." Journal of Physics: Conference Series 2312, no. 1 (August 1, 2022): 012082. http://dx.doi.org/10.1088/1742-6596/2312/1/012082.
Full textAbstract:
Abstract In the current pandemic situation, much work became automated using Internet of Things (IoT) devices. The security of IoT devices is a major issue because they can easily be hacked by third parties. Attackers cause interruptions in vital ongoing operations through these hacked devices. Thus, the demand for an efficient attack identification system has increased in the last few years. The present research aims to identify modern distributed denial-of-service (DDoS) attacks. To provide a solution to the problem of DDoS attacks, an openly available dataset (CICDDoS 2019) has recently been introduced and implemented. The attacks currently occurring in the dataset were identified using two machine learning methods, i.e. the light gradient boosting method (LGBM) and extreme gradient boosting (XGBoost). These methods have been selected because of their superior prediction ability in high volumes of data in less time than other methods require. The accuracy achieved by LGBM and XGBoost were 94.88% and 94.89% in 30 and 229 seconds(s), respectively.
18
Singh, Rajeev, and T. P. Sharma. "Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World." International Journal of Mathematical, Engineering and Management Sciences 4, no. 4 (August 1, 2019): 1008–17. http://dx.doi.org/10.33889/ijmems.2019.4.4-080.
Full textAbstract:
Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.
19
Bhavani, Y., V. Janaki, and R. Sridevi. "Survey on Packet Marking Algorithms for IP Traceback." Oriental journal of computer science and technology 10, no. 2 (June 6, 2017): 507–12. http://dx.doi.org/10.13005/ojcst/10.02.36.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
20
Huang, Xiaojie, Yunxia Xia, and Da-Wei Ding. "Distributed Event-Triggered Synchronization for Complex Cyber–Physical Networks under DoS Attacks." Applied Sciences 13, no. 3 (January 29, 2023): 1716. http://dx.doi.org/10.3390/app13031716.
Full textAbstract:
With the continuous development of the networked society, the ability of cyber attackers is becoming increasingly intelligent, posing a huge threat to complex cyber–physical networks (CCPNs). Therefore, how to design a security strategy for CCPNs under attack has become an urgent problem to be solved, which promotes our work. The problem of the distributed event-triggered synchronization of CCPNs in the presence of denial-of-service (DoS) attacks is investigated in this paper. Firstly, a distributed event-triggered controller is designed such that all nodes of networks are synchronized without DoS attacks by relieving the communication occupancy rate of limited bandwidths. Meanwhile, Zeno and singular triggering behaviors are excluded to illustrate the effectiveness of the proposed event-triggered strategy. Secondly, in view of the continuous switching of CCPNs topologies caused by DoS attacks, an event-triggered control (ETC) strategy is proposed to ensure the synchronization of CCPNs under DoS attacks. Meanwhile, the frequency and duration of tolerable DoS attacks that can ensure the stability of the systems are calculated. Finally, two examples are given to illustrate the effectiveness of the proposed method.
21
Wang, Yihe, Mingli Zhang, Kun Song, Tie Li, and Na Zhang. "An Optimal DoS Attack Strategy Disturbing the Distributed Economic Dispatch of Microgrid." Complexity 2021 (April 1, 2021): 1–16. http://dx.doi.org/10.1155/2021/5539829.
Full textAbstract:
As a promising method with excellent characteristics in terms of resilience and dependability, distributed methods are gradually used in the field of energy management of microgrid. However, these methods have more stringent requirements on the working conditions, which will make the system more sensitive to communication failures and cyberattacks. As a result, it is both theoretical merits and practical values to investigate the malicious effect of cyber attacks on microgrid. This paper studies the distributed economic dispatch problem (EDP) under denial-of-service (DoS) attacks for the microgrid, in which each generator can communicate with its neighbors and has the computational capability to implement local operation. Firstly, a DoS attack model is proposed, in which the DoS attacker intentionally jams the communication channel to deteriorate the performance of the microgrid. Then, the evolution mechanism of the dispatch system of the microgrid under different attack scenarios is adequately discussed. On this basis, an optimal attack strategy based on enumerating-search algorithm is presented to allocate the limited attack resources reasonably, so as to maximize the effect of DoS attacks. Finally, the validity of the theoretical studies about the attack effect under different scenarios and the effectiveness of the proposed enumerating-search-based optimal attack strategy are illustrated through the simulation examples on the IEEE 57-bus system and IEEE 39-bus system, respectively.
22
Lin, Hsiao-Chung, Ping Wang, and Wen-Hui Lin. "Implementation of a PSO-Based Security Defense Mechanism for Tracing the Sources of DDoS Attacks." Computers 8, no. 4 (December 4, 2019): 88. http://dx.doi.org/10.3390/computers8040088.
Full textAbstract:
Most existing approaches for solving the distributed denial-of-service (DDoS) problem focus on specific security mechanisms, for example, network intrusion detection system (NIDS) detection and firewall configuration, rather than on the packet routing approaches to defend DDoS threats by new flow management techniques. To defend against DDoS attacks, the present study proposes a modified particle swarm optimization (PSO) scheme based on an IP traceback (IPTBK) technique, designated as PSO-IPTBK, to solve the IP traceback problem. Specifically, this work focuses on analyzing the detection of DDoS attacks to predict the possible attack routes in a distributed network. In the proposed approach, the PSO-IPTBK identifies the source of DDoS attacks by reconstructing the probable attack routes from collected network packets. The performance of the PSO-IPTBK algorithm in reconstructing the attack route was investigated through a series of simulations using OMNeT++ 5.5.1 and the INET 4 Framework. The results show that the proposed scheme can determine the most possible route between the attackers and the victim to defend DDoS attacks.
23
Kumar, Shankar, Dr Nandeshwar Pd Singh, and Dr Narendra Kumar. "Mechanism, Tools and Techniques to Mitigate Distributed Denial of Service Attacks." International Journal for Research in Applied Science and Engineering Technology 11, no. 1 (January 31, 2023): 855–61. http://dx.doi.org/10.22214/ijraset.2023.48675.
Full textAbstract:
Abstract: Attacks such as Distributed Denial of Service (DDoS) continue to menace the Internet. Attackers are able to use larger bandwidths because they concentrate on application layers. In order to create novel prevention strategies, it is crucial to understand the nature of distributed denial of service assaults. One of the most upsetting types of attacks on the Internet today is the distributed denial of service (DDoS) attack. When fundamental Internet infrastructure and services, such as the Domain Name System, are targeted or misused, such attacks become far more powerful and deadly (DNS). The DNS is a key component of the Internet's core infrastructure, and it plays a significant role in supporting many popular Internet applications like e-mail, VoIP, etc. in addition to translating human-readable names into IP addresses. Attacks such as Distributed Denial of Service (DDoS) continue to menace the Internet. Attackers are able to use larger bandwidths because they concentrate on application layers. In order to create novel prevention strategies, it is crucial to understand the nature of distributed denial of service assaults. The development of proactive preventative techniques is a crucial area of study, just like in other security-related fields. This essay examines recently released preventative measures. Additionally, it emphasizes the cloud era and how its systems are safeguarded against DDoS assaults
24
Fakiha, Bandr. "DETECTING DISTRIBUTED DENIAL OF SERVICES USING MACHINE LANGUAGE LEARNING TECHNIQUES." Journal of Southwest Jiaotong University 57, no. 5 (October 30, 2022): 675–88. http://dx.doi.org/10.35741/issn.0258-2724.57.5.55.
Full textAbstract:
Vulnerabilities caused by cyberattacks impact negatively on the increased dependence of society on information and communication technologies (ICT) to conduct personal and business functions. An example of such an attack is the distributed denial of service (DDoS). This attack can disrupt business communication with clients and frustrate staff because of its potential to reduce connectivity and exchange of information between companies and their clients. To prevent these attacks, their modus operandi needs to be examined. Studies also must examine the latest trends of tactics used by DDoS attackers. The current paper aims to investigate several machine learning technologies for the detection of DDoS attacks. The accuracy of detection of DDoS attacks is examined using the CIC-DDoS dataset. Two techniques were used to preprocess the DDoS dataset to acquire the relevant features used to conduct the DDoS test. A total of 4 machine learning models have been used to detect DDoS. The results from the experiments show that the Random Forest machine learning model enabled DDoS detection with the highest accuracy of 99.997%, higher than Convolutional Neural Network (CNN), CatBoost, and Light GB. The novelty of the results is that they are based on empirical tests to determine the effectiveness of various machine learning models, thus improving the reliability and validity of the results and enhanced by the use of CIC-DDoS datasets associated with actual incidences of DDoS attacks, which makes the research framework easy to replicate to establish the validity of the findings.
25
Mou, Jinping. "Adaptive Consensus of Distributed Varying Scale Wireless Sensor Networks under Tolerable Jamming Attacks." Mathematical Problems in Engineering 2013 (2013): 1–11. http://dx.doi.org/10.1155/2013/931934.
Full textAbstract:
Consensus problem is investigated for a varying scale wireless sensor network (VSWSN) under tolerable jamming attacks, where the scale of the network is increasing or decreasing due to the newly joined nodes or the removed nodes, respectively; the tolerable jamming attack means that the attack strength is limited. It supposes that during the communications, all nodes may encounter with the tolerable jamming attacks; when the attack power is larger than the given value, the attacked nodes fall asleep, or otherwise the nodes are awakened. Under the sleep method, based on the Lyapunov method, it shows that if the communicating graph is the global limited intersectional connection (GLI connection) and the system has the enough dwell time in the intersectional topology, then under the designed consensus protocol, all nodes achieve the global average consensus.
26
Li, Muhai, and Ming Li. "An Adaptive Approach for Defending against DDoS Attacks." Mathematical Problems in Engineering 2010 (2010): 1–15. http://dx.doi.org/10.1155/2010/570940.
Full textAbstract:
In various network attacks, the Distributed Denial-of-Service (DDoS) attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.
27
Shurman, Mohammad, Rami Khrais, and Abdulrahman Yateem. "DoS and DDoS Attack Detection Using Deep Learning and IDS." International Arab Journal of Information Technology 17, no. 4A (July 31, 2020): 655–61. http://dx.doi.org/10.34028/iajit/17/4a/10.
Full textAbstract:
In the recent years, Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack has spread greatly and attackers make online systems unavailable to legitimate users by sending huge number of packets to the target system. In this paper, we proposed two methodologies to detect Distributed Reflection Denial of Service (DrDoS) attacks in IoT. The first methodology uses hybrid Intrusion Detection System (IDS) to detect IoT-DoS attack. The second methodology uses deep learning models, based on Long Short-Term Memory (LSTM) trained with latest dataset for such kinds of DrDoS. Our experimental results demonstrate that using the proposed methodologies can detect bad behaviour making the IoT network safe of Dos and DDoS attacks
28
Prenzel, Björn G., William G. Laidlaw, and Hal Wieser. "WITHIN-TREE DYNAMICS OF MASS ATTACK BY DENDROCTONUS PSEUDOTSUGAE (COLEOPTERA: SCOLYTIDAE) ON ITS HOST." Canadian Entomologist 131, no. 5 (October 1999): 635–43. http://dx.doi.org/10.4039/ent131635-5.
Full textAbstract:
AbstractThe within-tree scale dynamics of mass attack by the Douglas-fir beetle, Dendroctonus pseudotsugae Hopkins, on its host were investigated and quantified. Seven similarly sized Douglas-fir, Pseudotsuga menziesii (Mirb.) Franco (Pinaceae), infested as part of several pheromone-induced infestations, were monitored over an entire attack season. Ninety percent of the attacks on mass-attacked trees occurred within 3 weeks of colonization; the remaining 10% occurred gradually over the remaining 7 weeks of the attack season. Vertical attack distribution followed a Gaussian form that shifted upwards on the bole with increasing attack density. The change in attack pattern associated with increasing attack density was investigated for the central vertical portion of the bole, where most attacks occurred, and where the vertical pattern was least variable. At low density, attacks were randomly distributed. As density increased, the distance between attacks decreased, eventually resulting in a uniform distribution.
29
López Lezama, Jesús María, Bonie Johana Restrepo Cuestas, and Juan Pablo Hernández Valencia. "A Bilevel Attacker-Defender Model for Enhancing Power Systems Resilience with Distributed Generation." Scientia et Technica 25, no. 4 (December 30, 2020): 540–47. http://dx.doi.org/10.22517/23447214.23721.
Full textAbstract:
Electric transmission and distribution systems are subject not only to natural occurring outages but also to intentional attacks. These lasts performed by malicious agents that aim at maximizing the load shedding of the system. Intentional attacks are counteracted by the reaction of the system operator which deploys strategies to minimize the damage caused by such attacks. This paper presents a bilevel modeling approach for enhancing resilience of power systems with high participation of distributed generation (DG). The model describes the interaction of a disruptive agent that aims at maximizing damage to a power system and the system operator that resorts to different strategies to minimize system damage. The proposed mixed integer nonlinear programming model is solved with a hybrid genetic algorithm. Results are presented on a benchmark power system showing the optimal responses of the system operator for a set of deliberate attacks. It was observed that the higher the participation of DG the lower the impact of the attacks was. The presence of DG also influenced the optimal strategies of the attacker which in some cases deviated from optimal attack plans to suboptimal solutions. This allows concluding that the presence of DG benefits the power system in terms of less expected load shedding under intentional attacks.
30
Narote, Prof Amit, Vamika Zutshi, Aditi Potdar, and Radhika Vichare. "D-Dos Attack Prediction Using Machine Learning Algorithms." International Journal for Research in Applied Science and Engineering Technology 10, no. 3 (March 31, 2022): 2303–12. http://dx.doi.org/10.22214/ijraset.2022.41131.
Full textAbstract:
Abstract: The risk of cyber-attack keeps on growing irrespective of development of new technologies for protection. One of the most frequent cyber-attacks is the DOS attack. A Denial-of-Service (DoS) attack is an attack which tries to shut down a machine or network, by flooding the target with unwanted traffic or triggers a crash by sending it some information, which makes it challenging for the users to access their network. A higher version of DoS attacks is the DDoS attacks that have recently become quite severe in security companies. Many organizations have begun facing these issues. Such attacks are very well coordinated that disrupts the normal functioning of the networking system from large firms to small scale business. Hence, detecting such attacks has become a tedious task. However, such a classification problem can be resolved using machine learning. Also, the same problem can be addressed using the concepts of cloud computing in order to detect and identify the computational effort carried out by the attacks. A DoS is generally considered to be an organized attack by hackers that is implemented from a single source of origin and targeted towards the victim’s end. In order to attack these systems such attackers impersonate themselves as legit users and gain access from the users by asking them their personal credential and details. As compared to this, a DDoS attack is limited to a single source of origin and takes place on distributed computers all together. Hence the primary aim of this thesis is to identify such attacks caused by hackers and detect them using machine learning algorithms. Keywords: Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Machine Learning, Bots, Botnets, flooding attacks
31
Cheema, Ammarah, Moeenuddin Tariq, Adnan Hafiz, Muhammad Murad Khan, Fahad Ahmad, and Muhammad Anwar. "Prevention Techniques against Distributed Denial of Service Attacks in Heterogeneous Networks: A Systematic Review." Security and Communication Networks 2022 (May 20, 2022): 1–15. http://dx.doi.org/10.1155/2022/8379532.
Full textAbstract:
The Distributed Denial of Service (DDoS) attack is one of the most critical issues in network security. These sorts of attacks pose a noteworthy danger to the accessibility of network services for their legitimate users by flooding the bandwidth or network service using various infected computer systems. The targeted servers are overwhelmed with malicious packets or connection requests, causing them to slow down or even crash the server operations which results in preventing genuine users from accessing the service. In this paper, we discussed the detailed classification of DDoS attacks and identified attackers’ motivations behind them and their consequences. Further, the DDoS attacks on IoT devices are elaborated based on applications and network layers. A comprehensive literature review has been conducted on cutting-edge defense techniques to defend against such attacks. An in-depth analysis of each mechanism has been carried out to find the optimal solutions. We fairly evaluated the existing defense techniques for DDoS attacks and presented key findings in comparison tables. Furthermore, this paper provides recommendations for future work for new researchers.
32
D., Glăvan. "DDoS detection and prevention based on artificial intelligence techniques." Scientific Bulletin of Naval Academy XXII, no. 1 (July 15, 2019): 134–43. http://dx.doi.org/10.21279/1454-864x-19-i1-018.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks have been the major threats for the Internet and can bring great loss to companies and governments. With the development of emerging technologies, such as cloud computing, Internet of Things (IoT), artificial intelligence techniques, attackers can launch a huge volume of DDoS attacks with a lower cost, and it is much harder to detect and prevent DDoS attacks, because DDoS traffic is similar to normal traffic. Some artificial intelligence techniques like machine learning algorithms have been used to classify DDoS attack traffic and detect DDoS attacks, such as Naive Bayes and Random forest tree. In the paper, we survey on the latest progress on the DDoS attack detection using artificial intelligence techniques and give recommendations on artificial intelligence techniques to be used in DDoS attack detection and prevention.
33
Ali, Raza. "Detection of DDoS attack in cloud computing and its prevention: a systematic review." i-manager’s Journal on Cloud Computing 9, no. 1 (2022): 1. http://dx.doi.org/10.26634/jcc.9.1.18542.
Full textAbstract:
Cloud computing is one of the latest and greatest environments for delivering Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS) in digital communications infrastructure. Cloud computing helps the user remotely access the required service as needed through the Internet. But this technological advancement, due to its remote availability in the cloud, leads to new attacks. One of the biggest threats to cloud infrastructure is Distributed Denial of Service (DDoS) flooding attacks. DDoS flooding attacks are clearly trying to exploit the availability of services for a legitimate user. An attacker gains access to a large number of computers (i.e., botnets) by exploiting the vulnerabilities, and then uses the botnets to initiate an organized attack with a large number of targets. This paper analyses the latest methods for detecting and preventing Distributed Denial of Service (DDoS) attacks. It also provided methods and technologies for preventing, detecting, and responding to DDoS flood attacks.
34
Shui, Yongtao, Yu Wang, Yu Li, Yongzhi Shan, Naigang Cui, and Baojun Pang. "Consensus-Based Distributed Target Tracking with False Data Injection Attacks over Radar Network." Applied Sciences 11, no. 10 (May 17, 2021): 4564. http://dx.doi.org/10.3390/app11104564.
Full textAbstract:
For target tracking in radar network, any anomaly in a part of the system can quickly spread over the network and lead to tracking failures. False data injection (FDI) attacks can damage the state estimation mechanism by modifying the radar measurements with unknown and time-varying attack variables, therefore making traditional filters inapplicable. To tackle this problem, we propose a novel consensus-based distributed state estimation (DSE) method for target tracking with FDI attacks, which is effective even when all radars are under FDI attacks. First, a real-time residual-based detector is introduced to the DSE framework, which can effectively detect FDI attacks by analyzing the statistical properties of the residual. Secondly, a simple yet effective attack parameter estimation method is proposed to provide attack parameter estimation based on a pseudo-measurement equation, which has the advantage of decoupled estimation of state and attack parameters compared with augmented state filters. Finally, for timely attack mitigation and global consistency achievement, a novel hybrid consensus method is proposed which can compensate for the estimation error caused by FDI attacks and provide estimation accuracy improvement. The simulation results show that the proposed solution is effective and superior to the traditional DSE method for target tracking in the presence of FDI attacks.
35
Malliga, S., P. S. Nandhini, and S. V. Kogilavani. "A Comprehensive Review of Deep Learning Techniques for the Detection of (Distributed) Denial of Service Attacks." Information Technology and Control 51, no. 1 (March 26, 2022): 180–215. http://dx.doi.org/10.5755/j01.itc.51.1.29595.
Full textAbstract:
(Distributed) Denial of Service (DoS/DDoS) attacks are performed to bring down a target by flooding it withuseless traffic. Because the DoS/DDoS attackers often change their styles and attack patterns, the nature andcharacteristics of these attacks need to be examined cautiously. Developing mechanisms to detect this menaceis a challenging task. Recently, deep learning has played a major role in the growth of intrusion detection solutions. In recent years, significant attempts have been made to construct deep learning models for counteringDoS/DDoS threats. In this review, we provide a taxonomy of DoS/DDoS attacks and deep learning-based DoS/DDoS detection approaches. Then, the article focuses on the recent (from 2016 onwards) defensive methodsagainst DoS/DDoS attacks that exploit the advantages of deep learning techniques and discusses the key features of each of them. As datasets are imperative for deep learning techniques, we also review the traditional and contemporary datasets that contain traces of DoS/DDoS attacks. The findings from the review articles are as well summarized and they urge that more effort be made to strengthen the existing state-of-the-art approaches to coping with the dynamic behavior of the attackers. The imbalances in the surveyed articles are also highlighted. Finally, we outline a few key research directions that will need additional focus in the near future to ensure good security against DoS/DDoS attacks using deep learning approaches.
36
Singh, Anshuman, and Brij B. Gupta. "Distributed Denial-of-Service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms." International Journal on Semantic Web and Information Systems 18, no. 1 (January 2022): 1–43. http://dx.doi.org/10.4018/ijswis.297143.
Full textAbstract:
The demand for Internet security has escalated in the last two decades because the rapid proliferation in the number of Internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attack, lurking around the Internet today, is the Distributed Denial-of-Service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, we present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, we talk about popular performance metrics that evaluate the defense schemes. In the end, we list prevalent DDoS attack tools and open challenges.
37
Nuiaa, Riyadh Rahef, Selvakumar Manickam, and Ali Hakem Alsaeedi. "Distributed reflection denial of service attack: A critical review." International Journal of Electrical and Computer Engineering (IJECE) 11, no. 6 (December 1, 2021): 5327. http://dx.doi.org/10.11591/ijece.v11i6.pp5327-5341.
Full textAbstract:
As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.
38
Sachdev, Rithik, Shreya Mishra, and Shekhar Sharma. "Comparison of Supervised Learning Algorithms for DDOS Attack Detection." International Journal for Research in Applied Science and Engineering Technology 10, no. 8 (August 31, 2022): 1766–72. http://dx.doi.org/10.22214/ijraset.2022.46506.
Full textAbstract:
Abstract: In today’s world, when ubiquitous computing has become quite prevalent, there has been an upsurge in the number of users on the internet. The Distributed Denial of Service attack is the most widespread attack that disrupts the functioning of websites, servers, and services. In such attacks, the resources are exhausted by overwhelming requests from multiple attackers and thus become unavailable to users. Hence, it is essential to detect these attacks and prevent network security breaches. This work presents a supervised learning-based DDoS detection comparison developed using the CIC-IDS 2017 dataset [7]. Various models have been compared on different performance metrics to analyze efficiency in detecting DDoS attacks.
39
Kareem, Morenikeji Kabirat, Olaniyi Dada Aborisade, Saidat Adebukola Onashoga, Tole Sutikno, and Olaniyi Mathew Olayiwola. "Efficient model for detecting application layer distributed denial of service attacks." Bulletin of Electrical Engineering and Informatics 12, no. 1 (February 1, 2023): 441–50. http://dx.doi.org/10.11591/eei.v12i1.3871.
Full textAbstract:
The increasing advancement of technologies and communication infrastructures has been posing threats to the internet services. One of the most powerful attack weapons for disrupting web-based services is the distributed denial of service (DDoS) attack. The sophisticated nature of attack tools being created and used for launching attacks on target systems makes it difficult to distinguish between normal and attack traffic. Consequently, there is a need to detect application layer DDoS attacks from network traffic efficiently. This paper proposes a detection system coined eXtreme gradient boosting (XGB-DDoS) using a tree-based ensemble model known as XGBoost to detect application layer DDoS attacks. The Canadian institute for cybersecurity intrusion detection systems (CIC IDS) 2017 dataset consisting of both benign and malicious attacks was used in training and testing of the proposed model. The performance results of the proposed model indicate that the accuracy rate, recall, precision rate, and F1-score of XGB-DDoS are 0.999, 0.997, 0.995, and 0.996, respectively, as against those of k-nearest neighbor (KNN), support vector machine (SVM), principal component analysis (PCA) hybridized with XGBoost, and KNN with SVM. So, the XGB-DDoS detection model did better than the models that were chosen. This shows that it is good at finding application layer DDoS attacks.
40
Akanji, Oluwatobi Shadrach, Opeyemi Aderiike Abisoye, and Mohammed Awwal Iliyasu. "MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS." Journal of Information and Communication Technology 20, Number 3 (June 11, 2021): 277–304. http://dx.doi.org/10.32890/jict2021.20.3.1.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.
41
Al-Mashadani, Abdulrahman Khalid Abdullah, and Muhammad Ilyas. "Distributed Denial of Service Attack Alleviated and Detected by Using Mininet and Software Defined Network." Webology 19, no. 1 (January 20, 2022): 4129–44. http://dx.doi.org/10.14704/web/v19i1/web19272.
Full textAbstract:
The network security and how to keep it safe from malicious attacks now days is attract huge interest of the developers and cyber security experts (SDN) Software- Defined Network is simple framework for network that allow programmability and monitoring that enable the operators to manage the entire network in a consistent and comprehensive manner also used to detect and alleviate the DDoS attacks the SDN now is the trending of network security evolution there many threats that faces the networks one of them is the distributed Denial of Service (DDoS) because of the architecture weakness in traditional network SDN use new architecture and the point of power in it is the separation of control and data plane the DDoS attack prevent the users from access into resource of the network or make huge delays in the network this paper shows the impact of DDoS attacks on SDN, and how to use SDN applications written in Python and by using OpenFlow protocol to automatically detect and resist attacks with average time to response to the attack between 95-145 second.
42
Dhanapal, A., and P. Nithyanandam. "The Slow HTTP Distributed Denial of Service Attack Detection in Cloud." Scalable Computing: Practice and Experience 20, no. 2 (May 2, 2019): 285–98. http://dx.doi.org/10.12694/scpe.v20i2.1501.
Full textAbstract:
Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.
43
Oluwole Ogini, Nicholas, Wilfred Adigwe, and Noah Oghenefego Ogwara. "Distributed Denial of Service Attack Detection and Prevention Model for IoT based Computing Environment using Ensemble Machine Learning Approach." International Journal of Network Security & Its Applications 14, no. 4 (July 31, 2022): 39–53. http://dx.doi.org/10.5121/ijnsa.2022.14403.
Full textAbstract:
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
44
Yaseen, Hiba Salah, and Ahmed Al-Saadi. "Q-learning based distributed denial of service detection." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 1 (February 1, 2023): 972. http://dx.doi.org/10.11591/ijece.v13i1.pp972-986.
Full textAbstract:
<span lang="EN-US">Distributed denial of service (DDoS) attacks the target service providers by sending a huge amount of traffic to prevent legitimate users from getting the service. These attacks become more challenging in the software-defined network paradigm, due to the separation of the control plane from the data plane. Centralized software defined networks are more vulnerable to DDoS attacks that may cause the failure of all networks. In this work, a new approach is proposed based on q-learning to enhance the detection of DDoS attacks and reduce false positives and false negatives. The results of this work are compared with entropy detection in terms of the number of received packets to detect the attack and also the continuity of service for legitimate users. Moreover, these results indicate that the proposed system detects the DDoS attack from flash crowds and redirects the traffic to the edge of the data center. A second controller is used to redirect traffic to a honeypot server that works as a mirror server. This guarantees the continuity of service for both normal and suspected traffic until further analysis is done. The results indicate an increase of up to 50% in the throughput compared to other approaches.</span>
45
Manaseer, Saher, Ahmad K. Al Hwaitat, and Riad Jabri. "Distributed Detection and prevention of Web Threats in Heterogeneous Environment." Modern Applied Science 12, no. 10 (September 9, 2018): 13. http://dx.doi.org/10.5539/mas.v12n10p13.
Full textAbstract:
The growth of web Applications have increased rapidly due to the huge development of technology with very short turnaround time and with this development the protection from vulnerabilities became very difficult. There is a continuous demand for developing new methods that is able to prevent the fast growth of attacking methods and vulnerabilities. Furthermore there is a great demand to have coordination between different security infrastructure and protection applications to distribution of the attack log in order to prevent the attacker from further attacks to other web hosts. This research proposes a distributed web firewall defensive mechanism which provide a synchronized environment that is consists of several synchronized web application firewalls. Every web application is protected by a web application firewall that send feedback reports that include the type of the attack, The IP Address of the attacker and time of attack to other synchronized firewalls inside the environment to take action against the attacker.
46
Adhikary, Kaushik, Shashi Bhushan, Sunil Kumar, and Kamlesh Dutta. "Evaluating the Impact of DDoS Attacks in Vehicular Ad-Hoc Networks." International Journal of Security and Privacy in Pervasive Computing 12, no. 4 (October 2020): 1–18. http://dx.doi.org/10.4018/ijsppc.2020100101.
Full textAbstract:
The presence of either malicious vehicles or inaccessibility of network services makes vehicular ad-hoc networks (VANETs) easy targets for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as distributed DoS (DDoS) attack. A lot of works have been done by researchers in securing the vehicular communication against the DDoS attacks. In this paper, efforts have been made to simulate the DDoS attacks in VANETs as well as to study their impact on the performance of networks. The experimental results are presented using six important metrics, which are collision, jitter, delay, packet drop, ratio-in-out, and throughput. The experimental results show that the impact of distributed DoS (DDoS) attack on networks performance is very critical and must be addressed to ensure the smooth functioning of networks.
47
Liang, Jiaqi, Yibei Wu, Jun’e Li, Xiong Chen, Heqin Tong, and Ming Ni. "Security Risk Analysis of Active Distribution Networks with Large-Scale Controllable Loads under Malicious Attacks." Complexity 2021 (February 19, 2021): 1–12. http://dx.doi.org/10.1155/2021/6659879.
Full textAbstract:
With the development of distributed networks, the remote controllability of the distributed energy objects and the vulnerability of user-side information security protection measures make distributed energy objects extremely vulnerable to malicious control by attackers. Hence, the large-scale loads may produce abnormal operation performance, such as load casting/dropping synchronously or frequent and synchronous casting and dropping, and hence, it can threaten the security and stable operation of the distribution networks. First, we analyze the security threats faced by industrial controllable load, civil controllable load, and the gains and losses of attacks on the distribution networks. Considering the factors of cyber attacks, we propose a control model and cyber attack model in active distribution networks (ADNs). And, three types of attacks that the target suffered are defined on the basis of “on” and “off” modes for control. Then, the controllable load was maliciously controlled as the research object, and a suitable scenario is selected. The impact of malicious control of the controllable load on the power supply reliability and power quality of the distribution networks are simulated and analyzed, and risk consequences for different types of attacks are provided.
48
Shazly, Khadija, Dina A. Salem, Nacereddine Hammami, and Ahmed I. B. ElSeddawy. "A Review on Distributed Denial of Service Detection in Software Defined Network." International Journal of Wireless and Ad Hoc Communication 5, no. 2 (2022): 08–18. http://dx.doi.org/10.54216/ijwac.050201.
Full textAbstract:
Network security has become considerably essential because of the expansion of the internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recently numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attacks. The results have indicated that the algorithms for machine learning can be used to detect DDoS attacks in SDN efficiently. From machine learning approaches, it can be explored that the best way to detect DDoS attacks is based on utilizing deep learning procedures. Moreover, analyze the methods that combine it with other machine learning techniques. The most benefits that can be achieved from using deep learning methods are the ability to do both feature extraction along with data classification; the ability to extract specific information from partial data. Nevertheless, it is appropriate to recognize the low-rate attack, and it can get more computation resources than other machine learning where it can use a graphics processing unit (GPU) rather than a central processing unit (CPU) for carrying out the matrix operations, making the processes computationally effective and fast.
49
Zeebaree, Subhi R. M., Karzan H. Sharif, and Roshna M. Mohammed Amin. "Application Layer Distributed Denial of Service Attacks Defense Techniques : A review." Academic Journal of Nawroz University 7, no. 4 (December 21, 2018): 113. http://dx.doi.org/10.25007/ajnu.v7n4a279.
Full textAbstract:
Currently distributed denial of service (DDoS) is the most sever attack that effect on the internet convenience. The main goal of these attacks is to prevent normal users from accessing the internet services such as web servers. However the more challenge and difficult types to detect is application layer DDoS attacks because of using legitimate client to create connection with victims. In this paper we give a review on application layer DDoS attacks defense or detection mechanisms. Furthermore, we summarize several experimental approaches on detection techniques of application layer DDoS attacks. The main goal of this paper is to get a clear view and detailed summary of the recent algorithms, methods and techniques presented to tackle these serious types of attacks.
50
Li, Ming, and Wei Zhao. "Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack." Mathematical Problems in Engineering 2008 (2008): 1–11. http://dx.doi.org/10.1155/2008/475878.
Full textAbstract:
The aim of distributed denial-of-service (DDOS) flood attacks is to overwhelm the attacked site or to make its service performance deterioration considerably by sending flood packets to the target from the machines distributed all over the world. This is a kind of local behavior of traffic at the protected site because the attacked site can be recovered to its normal service state sooner or later even though it is in reality overwhelmed during attack. From a view of mathematics, it can be taken as a kind of short-range phenomenon in computer networks. In this paper, we use the Hurst parameter (H) to measure the local irregularity or self-similarity of traffic under DDOS flood attack provided that fractional Gaussian noise (fGn) is used as the traffic model. As flood attack packets of DDOS make theHvalue of arrival traffic vary significantly away from that of traffic normally arriving at the protected site, we discuss a method to statistically detect signs of DDOS flood attacks with predetermined detection probability and false alarm probability.