Relevant bibliographies by topics / Amplification attack

Contents

  1. Journal articles

Academic literature on the topic 'Amplification attack'

Author: Grafiati
Published: 4 June 2021
Last updated: 12 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Amplification attack.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Amplification attack"

1

Anagnostopoulos, Marios, Georgios Kambourakis, Panagiotis Kopanos, Georgios Louloudakis, and Stefanos Gritzalis. "DNS amplification attack revisited." Computers & Security 39 (November 2013): 475–85. http://dx.doi.org/10.1016/j.cose.2013.10.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Quadir, Md Abdul, J. Christy Jackson, J. Prassanna, et al. "An efficient algorithm to detect DDoS amplification attacks." Journal of Intelligent & Fuzzy Systems 39, no. 6 (2020): 8565–72. http://dx.doi.org/10.3233/jifs-189173.

Full text
Abstract:
Domain name system (DNS) plays a critical part in the functioning of the Internet. But since DNS queries are sent using UDP, it is vulnerable to Distributed Denial of Service (DDoS) attacks. The attacker can take advantage of this and spoof the source IP address and direct the response towards the victim network. And since the network does not keep track of the number of requests going out and responses coming in, the attacker can flood the network with these unwanted DNS responses. Along with DNS, other protocols are also exploited to perform DDoS. Usage of Network Time Protocol (NTP) is to synchronize clocks on systems. Its monlist command replies with 600 entries of previous traffic records. This response is enormous compared to the request. This functionality is used by the attacker in DDoS. Since these attacks can cause colossal congestion, it is crucial to prevent or mitigate these types of attacks. It is obligatory to discover a way to drop the spoofed packets while entering the network to mitigate this type of attack. Intelligent cybersecurity systems are designed for the detection of these attacks. An Intelligent system has AI and ML algorithms to achieve its function. This paper discusses such intelligent method to detect the attack server from legitimate traffic. This method uses an algorithm that gets activated by excess traffic in the network. The excess traffic is determined by the speed or rate of the requests and responses and their ratio. The algorithm extracts the IP addresses of servers and detects which server is sending more packets than requested or which are not requested. This server can be later blocked using a firewall or Access Control List (ACL).
APA, Harvard, Vancouver, ISO, and other styles
3

Sieklik, Boris, Richard Macfarlane, and William J. Buchanan. "Evaluation of TFTP DDoS amplification attack." Computers & Security 57 (March 2016): 67–92. http://dx.doi.org/10.1016/j.cose.2015.09.006.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Widagdo, Gede Barkah. "Real-Time Early Detection NTP Amplification Attack." ACMIT Proceedings 3, no. 1 (2019): 76–84. http://dx.doi.org/10.33555/acmit.v3i1.29.

Full text
Abstract:
This paper is the initials of DDoS mitigation, the goal of this research is to detect NTP Amplification as early as possible so that the victim have a data to do further eskalation process. We knows that the goal of the attacker using NTP Amplification Attack is to exhaust the bandwidth of the victim, in this research also simulate an NTP amplification scenario and detection method; the scenario is the attacker sends requests with spoofed IP MONLIST victim to the compromised NTP server NTP server then responds the large volumes of traffic (amplified traffic) towards Victim to consume the bandwidth so as the legitimate user could not access the services. We put DDoS detection device side of the victim, we combine several monitoring tools to detect NTP amplification i.e bandwidth gauge and netflow analyzer. Netflow analyzer (flow analysis) conduct analysis IP packet header that is sent by the router as a flow-exporter. In our experiment, we could perform early detection of the NTP amplification less than 2 minute.
APA, Harvard, Vancouver, ISO, and other styles
5

Najafabadi, Maryam M., Taghi M. Khoshgoftaar, and Amri Napolitano. "Detecting Network Attacks Based on Behavioral Commonalities." International Journal of Reliability, Quality and Safety Engineering 23, no. 01 (2016): 1650005. http://dx.doi.org/10.1142/s0218539316500054.

Full text
Abstract:
Due to the great increase in the amount of attacks that occur in computer networks, there is an increasing dependence on network intrusion detection systems which monitor and analyze the network data to detect attacks. In recent years, machine learning methods have been used to build predictive models for network intrusion detection. These methods are able to automatically extract patterns from the network data to build detection models. Defining proper features, which help models to better discriminate between normal and attack data, is a critical task. While network attacks vary widely, they share some commonalities. Many attacks, by their nature, are repetitive and exhibit behaviors different from normal traffic. Among these commonalities are self-similarity between attack packets, periodicity and repetition characteristics seen in the attack traffic. In this paper, we study the common behaviors between two different attack types, called RUDY and DNS Amplification attacks, in order to propose new features for building predictive models by using machine learning algorithms. We collected Netflow traffic from an operational ISP network. We introduce a concept called “session” derived from Netflow which incorporates both sides of a network communication to define a network instance. Features are extracted for each session. To demonstrate how the newly defined features work for the task of intrusion detection, we use these features to build intrusion detection models for the detection of RUDY attack, DNS Amplification attack and the combination of these two attacks. To build predictive models we apply four machine learning classification algorithms: two versions of a decision tree algorithm, Naïve Bayes and 5-Nearest Neighbor (5-NN) algorithm. Our results show that the proposed features based on the attack commonalities provide very good prediction results for the detection of two studied attacks on real network traffic.
APA, Harvard, Vancouver, ISO, and other styles
6

Khan, Muhammad Salman, Ken Ferens, and Witold Kinsner. "A Chaotic Complexity Measure for Cognitive Machine Classification of Cyber-Attacks on Computer Networks." International Journal of Cognitive Informatics and Natural Intelligence 8, no. 3 (2014): 45–69. http://dx.doi.org/10.4018/ijcini.2014070104.

Full text
Abstract:
Today's evolving cyber security threats demand new, modern, and cognitive computing approaches to network security systems. In the early years of the Internet, a simple packet inspection firewall was adequate to stop the then-contemporary attacks, such as Denial of Service (DoS), ports scans, and phishing. Since then, DoS has evolved to include Distributed Denial of Service (DDoS) attacks, especially against the Domain Name Service (DNS). DNS based DDoS amplification attacks cannot be stopped easily by traditional signature based detection mechanisms because the attack packets contain authentic data, and signature based detection systems look for specific attack-byte patterns. This paper proposes a chaos based complexity measure and a cognitive machine classification algorithm to detect DNS DDoS amplification attacks. In particular, this paper computes the Lyapunov exponent to measure the complexity of a flow of packets, and classifies the traffic as either normal or anomalous, based on the magnitude of the computed exponent. Preliminary results show the proposed chaotic measure achieved a detection (classification) accuracy of about 98%, which is greater than that of an Artificial Neural Network. Also, contrary to available supervised machine learning mechanisms, this technique does not require any offline training. This approach is capable of not only detecting offline threats, but has the potential of being applied over live traffic flows using DNS filters.
APA, Harvard, Vancouver, ISO, and other styles
7

Chen, Hsien-Pu, Muneer Mohammad, and Laszlo B. Kish. "Current Injection Attack against the KLJN Secure Key Exchange." Metrology and Measurement Systems 23, no. 2 (2016): 173–81. http://dx.doi.org/10.1515/mms-2016-0025.

Full text
Abstract:
AbstractThe Kirchhoff-law-Johnson-noise (KLJN) scheme is a statistical/physical secure key exchange system based on the laws of classical statistical physics to provide unconditional security. We used the LTSPICE industrial cable and circuit simulator to emulate one of the major active (invasive) attacks, the current injection attack, against the ideal and a practical KLJN system, respectively. We show that two security enhancement techniques, namely, the instantaneous voltage/current comparison method, and a simple privacy amplification scheme, independently and effectively eliminate the information leak and successfully preserve the system’s unconditional security.
APA, Harvard, Vancouver, ISO, and other styles
8

Alfraih Abdulaziz Nasser, A., and Wen Bo Chen. "NTP DRDoS Attack Vulnerability and Mitigation." Applied Mechanics and Materials 644-650 (September 2014): 2875–80. http://dx.doi.org/10.4028/www.scientific.net/amm.644-650.2875.

Full text
Abstract:
The Network Time Protocol (NTP) is used to synchronize clocks of various computer devices such as personal computers, tablets, and phones based their set time zones. The network of devices that use these NTP servers form a huge distributed network that attracted a number of attacks from late 2013 towards early 2014. This paper presents a hands-on test of the Distributed Reflection Denial of Service (DRDoS) attack by the monlist command, provides more vulnerability in the protocol, and offers mitigation to these vulnerabilities. A Kali Linux server was used to test the monlist command on its localhost. The results showed that a request with a size of 234 bytes got a response of 4,680 bytes. A busy NTP server can return up to 600 addresses which were theoretically calculated to return approximately 48 kilobytes in 100 packets. Consequently, this results in an amplification factor of 206×. The knowledge of the way the attack can be propagated was an important step in thwarting the attack and mitigating more such threats in the same protocol.
APA, Harvard, Vancouver, ISO, and other styles
9

Malekzadeh, Mina, Moghis Ashrostaghi, and M. H. Shahrokh Abadi. "Amplification-based Attack Models for Discontinuance of Conventional Network Transmissions." International Journal of Information Engineering and Electronic Business 7, no. 6 (2015): 15–22. http://dx.doi.org/10.5815/ijieeb.2015.06.03.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Veeraraghavan, Prakash, Dalal Hanna, and Eric Pardede. "NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network." Electronics 9, no. 9 (2020): 1510. http://dx.doi.org/10.3390/electronics9091510.

Full text
Abstract:
The Internet Protocol (IP) version 4 (IPv4) has several known vulnerabilities. One of the important vulnerabilities is that the protocol does not validate the correctness of the source address carried in an IP packet. Users with malicious intentions may take advantage of this vulnerability and launch various attacks against a target host or a network. These attacks are popularly known as IP Address Spoofing attacks. One of the classical IP-spoofing attacks that cost several million dollars worldwide is the DNS-amplification attack. Currently, the availability of solutions is limited, proprietary, expensive, and requires expertise. The Internet is subjected to several other forms of amplification attacks happening every day. Even though IP-Spoofing is one of the well-researched areas since 2005, there is no holistic solution available to solve this problem from the gross-root. Also, every solution assumes that the attackers are always from outside networks. In this paper, we provide an efficient and scalable solution to solve the IP-Spoofing problem that arises from malicious or compromised inside hosts. We use a modified form of Network Address Translation (NAT) to build our solution framework. We call our framework as NAT++. The proposed infrastructure is robust, crypto-free, and easy to implement. Our simulation results have shown that the proposed NAT++ infrastructure does not consume more than the resources required by a simple NAT.
APA, Harvard, Vancouver, ISO, and other styles
More sources
You might also be interested in the extended bibliographies on the topic 'Amplification attack' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography