To see the other types of publications on this topic, follow the link: Availability Attack.
Journal articles on the topic 'Availability Attack'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Availability Attack.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Houmer, Meriem, and Moulay Lahcen Hasnaoui. "A risk and security assessment of VANET availability using attack tree concept." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 6 (December 1, 2020): 6039. http://dx.doi.org/10.11591/ijece.v10i6.pp6039-6044.
Full textAbstract:
The challenging nature of insecure wireless channels and the open-access environment make the protection of vehicular ad hoc network (VANET) a particularly critical issue. Researchers and interested authorities have therefore paid more attention to this issue. Therefore, robust approaches to protect this network's security and privacy against adversaries and attacks need to be improved, trying to achieve an adequate level, to secure the confidential information of drivers and passengers. Accordingly, to improve the security of VANET, it is necessary to carry out a risk assessment, in order to evaluate the risk that faces this network. This paper focuses on the security threats in vehicular network especially on the availability of this network. We propose a novel risk assessment approach to evaluate the risk of the attack that the attacker can lead against the availability of VANET. We adopt a tree structure called attack tree to model the attacker's potential attack strategies. Based on this attack tree model, we can estimate the degree that a certain threat can lead to the VANET and identify possible attack sequences that an attacker may launch against the availability of this network. Then we utilize the multi-attribute utility theory to calculate the system’s total risk value also the probabilities of each attack sequence. The analysis results can provide support for decision-makers to make corresponding protection measures against the attack on the availability of this network.
2
Ahmed, Abdulghani Ali. "Investigation Approach for Network Attack Intention Recognition." International Journal of Digital Crime and Forensics 9, no. 1 (January 2017): 17–38. http://dx.doi.org/10.4018/ijdcf.2017010102.
Full textAbstract:
Sensitive information has critical risks when transmitted through computer networks. Existing protection systems still have limitations with treating network information with sufficient confidentiality, integrity, and availability. The rapid development of network technologies helps increase network attacks and hides their malicious intentions. Attack intention is the ultimate attack goal that the attacker attempts to achieve by executing various intrusion methods or techniques. Recognizing attack intentions helps security administrator develop effective protection systems that can detect network attacks that have similar intentions. This paper analyses attack types and classifies them according to their malicious intent. An investigation approach based on similarity metric is proposed to recognize attacker plans and predict their intentions. The obtained results demonstrate that the proposed approach is capable of investigating similarity of attack signatures and recognizing the intentions of Network attack.
3
D, Sheethal, and Chandrashekhar H.K. "A Novel Mechanism for Detecting DOS Attack in VANET Using EAPDA." International Journal of Emerging Research in Management and Technology 6, no. 7 (June 29, 2018): 286. http://dx.doi.org/10.23956/ijermt.v6i7.227.
Full textAbstract:
Security is the major concern with respect to the critical information shared between the vehicles. Vehicular ad hoc network is a sub class of Mobile ad hoc network in which the vehicles move freely and communicate with each other and with the roadside unit (RSU) as well. Since the nodes are self organized, highly mobile and free to move therefore any nodes can interact with any other node which may or may not be trustworthy. This is the area of concern in the security horizon of VANETs. It is the responsibility of RSU to make the network available all the time to every node for secure communication of critical information. For this, network availability occurs as the major security requirement, which may be exposed to several threats or attacks. The vehicles and the RSU are prone to several security attacks such as masquerading, Sybil attack, alteration attack, Selfish driver attack, etc. Among these Denial of Service attack is the major threat to the availability of network. In order to shelter the VANET from DoS attack we have proposed Enhanced Attacked Packet Detection Algorithm which prohibits the deterioration of the network performance even under this attack. EAPDA not only verify the nodes and detect malicious nodes but also improves the throughput with minimized delay thus enhancing security. The simulation is done using NS2 and the results are compared with earlier done work.
4
Aridoss, Manimaran. "Defensive Mechanism Against DDoS Attack to Preserve Resource Availability for IoT Applications." International Journal of Handheld Computing Research 8, no. 4 (October 2017): 40–51. http://dx.doi.org/10.4018/ijhcr.2017100104.
Full textAbstract:
The major challenge of Internet of Things (IoT) generated data is its hypervisor level vulnerabilities. Malicious VM deployment and termination are so simple due to its multitenant shared nature and distributed elastic cloud features. These features enable the attackers to launch Distributed Denial of Service attacks to degrade cloud server performance. Attack detection techniques are applied to the VMs that are used by malicious tenants to hold the cloud resources by launching DDoS attacks at data center subnets. Traditional dataflow-based attack detection methods rely on the similarities of incoming requests which consist of IP and TCP header information flows. The proposed approach classifies the status patterns of malicious VMs and ideal VMs to identify the attackers. In this article, information theory is used to calculate the entropy value of the malicious virtual machines for detecting attack behaviors. Experimental results prove that the proposed system works well against DDoS attacks in IoT applications.
5
Thaper, Rohit, and Amandeep Verma. "Enhanced-Adaptive Pattern Attack Recognition Technique (E-APART) Against EDoS Attacks in Cloud Computing." Journal of Cases on Information Technology 17, no. 3 (July 2015): 41–55. http://dx.doi.org/10.4018/jcit.2015070105.
Full textAbstract:
Cloud Computing is most widely used in current technology. It provides a higher availability of resources to greater number of end users. In the cloud era, security has develop a reformed source of worries. Distributed Denial of Service (DDoS) and Economical Denial of Sustainability (EDoS) are attacks that can affect the ‘pay-per-use' model. This model automatically scales the resources according to the demand of consumers. The functionality of this model is to mitigate the EDoS attack by some tactical attacker/s, group of attackers or zombie machine network (BOTNET) to minimize the availability of the target resources, which directly or indirectly reduces the profits and increase the cost for the cloud operators. This paper presents a model called Enhanced-APART which is step further of the authors' previous model (APART) that can be used to mitigate the EDoS attack from the cloud platform and shows the nature of the attack. Enhanced-APART model offers pre-shared security mechanism to ensure the access of legitimate users on the cloud services. It also performs pattern analysis in order to detect the EDoS caused by BOTNET mechanism and includes time-based and key-sharing post-setup authentication scheme to prevent the replication or replay attacks and thus results in mitigation of EDoS attack.
6
Klymash, M. M., O. M. Shpur, and N. V. Pelekh. "WEB SERVICE AVAILABILITY MONITORING IN DISTRIBUTED INFOCOMMUNICATION SYSTEMS." Visnyk Universytetu “Ukraina”, no. 1 (28) 2020 (2020): 137–50. http://dx.doi.org/10.36994/2707-4110-2020-1-28-12.
Full textAbstract:
In this paper has been improved technique of security of web services against DDOS attacks based on the analysis of service information, which is based on monitoring of session duration spelled out in log files. This will increase the effectiveness of monitoring the security of web applications in distributed information systems after the attack of the first stage of its protection. The algorithm for monitoring the status of system based on log messages that are written to a file during the firewall stage has been proposed. Each message receives information such as web service request time and ip address. Using the time of access to the web service, you can track the attendance, and in the case of sharp differences with the number of visits in the previous intervals, to say about a possible attack. IP addresses us by tracking the number of requests from each request source, tracking who is causing the attack. Investigation of the effectiveness developed web application security monitoring system in distributed information communications systems has shown that at a time when the number of visits is increasing dramatically, the schedule is growing rapidly. This indicates a possible attack. If the current number of visits increases 10 times more than the average per day, the system will notify you. To do this, the data on visits for the year were uploaded to the database and the system was checked when the load increased. From the test results, we were able to verify that as the number of visits for the current hour increased, the system reported an attack. To visually check the operation of the algorithm, a graphical interface was proposed, which shows the state of the system, and a schedule of visits at 3 intervals: per day, per month, per year. Visual inspection allows you to quickly make sure that the conclusion about the attack is not wrong
7
Demarquay, G., A. Lothe, JP Royet, N. Costes, G. Mick, F. Mauguière, and P. Ryvlin. "Brainstem changes in 5-HT1A receptor availability during migraine attack." Cephalalgia 31, no. 1 (October 29, 2010): 84–94. http://dx.doi.org/10.1177/0333102410385581.
Full textAbstract:
Background: Among serotonin receptors, 5-HT1A receptors are implicated in the regulation of central serotoninergic tone and could be involved in the abnormal brain 5-HT turnover suspected in migraineurs. The aim of this study was to investigate 5-HT1A receptors’ availability during migraine attacks. Methods: Ten patients suffering from odor-triggered migraine attacks and 10 control subjects were investigated using positron emission tomography (PET) and [18F]MPPF PET tracer, a selective 5-HT1A antagonist. All subjects underwent calibrated olfactory stimulations prior to the PET study. Results: Four patients developed a migraine attack during the PET study. In these patients, statistical parametrical mapping and region of interest analyses showed an increased [18F]MPPF binding potential (BPND) in the pontine raphe when compared to headache-free migraineurs and control subjects. This ictal change was confirmed at the individual level in each of the four affected patients. In comparison with the headache-free migraineurs, patients with a migraine attack also showed significantly increased [18F]MPPF BPND in the left orbitofrontal cortex, precentral gyrus and temporal pole. No significant change in [18F]MPPF BPND was observed between headache-free migraineurs and controls. Conclusions: Our results emphasize the role of 5HT1A receptors in the pontine raphe nuclei during the early stage of migraine attacks.
8
Tavana, Madjid, Dawn A. Trevisani, and Dennis T. Kennedy. "A Fuzzy Cyber-Risk Analysis Model for Assessing Attacks on the Availability and Integrity of the Military Command and Control Systems." International Journal of Business Analytics 1, no. 3 (July 2014): 21–36. http://dx.doi.org/10.4018/ijban.2014070102.
Full textAbstract:
The increasing complexity in Military Command and Control (C2) systems has led to greater vulnerability due to system availability and integrity caused by internal vulnerabilities and external threats. Several studies have proposed measures of availability and integrity for the assets in the C2 systems using precise and certain measures (i.e., the exact number of attacks on the availability and the integrity, the number of countermeasures for the availability and integrity attacks, the effectiveness of the availability and integrity countermeasure in eliminating the threats, and the financial impact of each attack on the availability and integrity of the assets). However, these measures are often uncertain in real-world problems. The source of uncertainty can be vagueness or ambiguity. Fuzzy logic and fuzzy sets can represent vagueness and ambiguity by formalizing inaccuracies inherent in human decision-making. In this paper, the authors extend the risk assessment literature by including fuzzy measures for the number of attacks on the availability and the integrity, the number of countermeasures for the availability and integrity attacks, and the effectiveness of the availability and integrity countermeasure in eliminating these threats. They analyze the financial impact of each attack on the availability and integrity of the assets and propose a comprehensive cyber-risk assessment system for the Military C2 in the fuzzy environment.
9
Naha, Bibek, Siddhartha Banerjee, and Sayanti Mondal. "A SURVEY ON CLOUD-DENIAL OF SERVICE." American Journal of Advanced Computing 1, no. 2 (April 1, 2020): 1–5. http://dx.doi.org/10.15864/ajac.1205.
Full textAbstract:
Cloud Computing is one of the most nurtured as well as debated topic in today’s world. Billions of data of various fields ranging from personal users to large business enterprises reside in Cloud. Therefore, availability of this huge amount of data and services is of immense importance. The DOS (Denial of Service) attack is a well-known threat to the availability of data in a smaller premise. Whenever, it’s a Cloud environment this simple DOS attack takes the form of DDOS (Distributed Denial of Service) attack. This paper provides a generic insight into the various kinds of DOS as well as DDOS attacks. Moreover, a handful of countermeasures have also been depicted here. In a nutshell, it aims at raising an awareness by outlining a clear picture of the Cloud availability issues.Our paper gives a comparative study of different techniques of detecting DOS.
10
Saravanan, A., S. SathyaBama, Seifedine Kadry, and Lakshmana Kumar Ramasamy. "A new framework to alleviate DDoS vulnerabilities in cloud computing." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 5 (October 1, 2019): 4163. http://dx.doi.org/10.11591/ijece.v9i5.pp4163-4175.
Full textAbstract:
In the communication age, the Internet has growing very fast and most industries rely on it. An essential part of Internet, Web applications like online booking, e-banking, online shopping, and e-learning plays a vital role in everyday life. Enhancements have been made in this domain, in which the web servers depend on cloud location for resources. Many organizations around the world change their operations and data storage from local to cloud platforms for many reasons especially the availability factor. Even though cloud computing is considered a renowned technology, it has many challenges, the most important one is security. One of the major issue in the cloud security is Distributed Denial of Service attack (DDoS), which results in serious loss if the attack is successful and left unnoticed. This paper focuses on preventing and detecting DDoS attacks in distributed and cloud environment. A new framework has been suggested to alleviate the DDoS attack and to provide availability of cloud resources to its users. The framework introduces three screening tests VISUALCOM, IMGCOM, and AD-IMGCOM to prevent the attack and two queues with certain constraints to detect the attack. The result of our framework shows an improvement and better outcomes and provides a recovered from attack detection with high availability rate. Also, the performance of the queuing model has been analysed.
11
Chaves, Cesar, Siavoosh Azad, Thomas Hollstein, and Johanna Sepúlveda. "DoS Attack Detection and Path Collision Localization in NoC-Based MPSoC Architectures." Journal of Low Power Electronics and Applications 9, no. 1 (February 5, 2019): 7. http://dx.doi.org/10.3390/jlpea9010007.
Full textAbstract:
Denial of Service (DoS) attacks are an increasing threat for Multiprocessor System-on-Chip (MPSoC) architectures. By exploiting the shared resources on the chip, an attacker is able to prevent completion or degrade the performance of a task. This is extremely dangerous for MPSoCs used in critical applications. The Network-on-Chip (NoC), as a central MPSoC infrastructure, is exposed to this attack. In order to maintain communication availability, NoCs should be enhanced with an effective and precise attack detection mechanism that allows the triggering of effective attack mitigation mechanisms. Previous research works demonstrate DoS attacks on NoCs and propose detection methods being implemented in NoC routers. These countermeasures typically led to a significantly increased router complexity and to a high degradation of the MPSoC’s performance. To this end, we present two contributions. First, we provide an analysis of information that helps to narrow down the location of the attacker in the MPSoC, achieving up to a 69% search space reduction for locating the attacker. Second, we propose a low cost mechanism for detecting the location and direction of the interference, by enhancing the communication packet structure and placing communication degradation monitors in the NoC routers. Our experiments show that our NoC router architecture detects single-source DoS attacks and determines, with high precision, the location and direction of the collision, while incurring a low area and power overhead.
12
Rastenis, Justinas, Simona Ramanauskaitė, Justinas Janulevičius, Antanas Čenys, Asta Slotkienė, and Kęstutis Pakrijauskas. "E-mail-Based Phishing Attack Taxonomy." Applied Sciences 10, no. 7 (March 30, 2020): 2363. http://dx.doi.org/10.3390/app10072363.
Full textAbstract:
The amount of fraud on the Internet is increasing along with the availability and the popularity of the Internet around the world. One of the most common forms of Internet fraud is phishing. Phishing attacks seek to obtain a user’s personal or secret information. The variety of phishing attacks is very broad, and usage of novel, more sophisticated methods complicates its automated filtering. Therefore, it is important to form up-to-date and detailed phishing attack taxonomy, which could be used for both human education purposes as well as phishing attack discrete notation. In this paper, we propose an e-mail-based phishing attack taxonomy, which includes six phases of the attack. Each phase has at least one criterion for the attack categorization. Each category is described, and in some cases the categories have sub-classes to present the full variety of phishing attacks. The proposed taxonomy is compared to similar taxonomies. Our taxonomy outperforms other phishing attack taxonomies in numbers of phases, criteria and distinguished classes. Validation of the proposed taxonomy is achieved by adapting it as a phishing attack notation for an incident management system. Taxonomy usage for phishing attack notation increases the level of description of phishing attacks compared to free-form phishing attack descriptions.
13
Sharifi, Aboosaleh Mohammad. "Availability challenge of cloud system under DDOS attack." Indian Journal of Science and Technology 5, no. 6 (June 20, 2012): 1–5. http://dx.doi.org/10.17485/ijst/2012/v5i6.21.
Full text
14
Upadhya, K. Sadananda, and N. K. Srinivasan. "Availability of Weapon Systems with Air-attack Missions." Journal of Defense Modeling and Simulation: Applications, Methodology, Technology 1, no. 2 (April 2004): 111–21. http://dx.doi.org/10.1177/875647930400100205.
Full text
15
Kaspi, Roy, Boaz Yuval, and Michael P. Parrella. "Anticipated host availability increases parasitoid host attack behaviour." Animal Behaviour 82, no. 5 (November 2011): 1159–65. http://dx.doi.org/10.1016/j.anbehav.2011.08.014.
Full text
16
Singh, Rajeev, and T. P. Sharma. "Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World." International Journal of Mathematical, Engineering and Management Sciences 4, no. 4 (August 1, 2019): 1008–17. http://dx.doi.org/10.33889/ijmems.2019.4.4-080.
Full textAbstract:
Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.
17
Djanie, Tutu, and Dzisi. "A Proposed DoS Detection Scheme for Mitigating DoS Attack Using Data Mining Techniques." Computers 8, no. 4 (November 26, 2019): 85. http://dx.doi.org/10.3390/computers8040085.
Full textAbstract:
A denial of service (DoS) attack in a computer network is an attack on the availability of computer resources to prevent users from having access to those resources over the network. Denial of service attacks can be costly, capable of reaching $100,000 per hour. Development of easily-accessible, simple DoS tools has increased the frequency and reduced the level of expertise needed to launch an attack. Though these attack tools have been available for years, there has been no proposed defense mechanism targeted specifically at them. Most defense mechanisms in literature are designed to defend attacks captured in datasets like the KDD Cup 99 dataset from 20 years ago and from tools no longer in use in modern attacks. In this paper, we capture and analyze traffic generated by some of these DoS attack tools using Wireshark Network Analyzer and propose a signature-based DoS detection mechanism based on SVM classifier to defend against attacks launched by these attack tools. Our proposed detection mechanism was tested with Snort IDS and compared with some already existing defense mechanisms in literature and had a high detection accuracy, low positive rate and fast detection time.
18
Kumar, Manish, and Abhinav Bhandari. "Performance Evaluation of Web Server's Request Queue against AL-DDoS Attacks in NS-2." International Journal of Information Security and Privacy 11, no. 4 (October 2017): 29–46. http://dx.doi.org/10.4018/ijisp.2017100103.
Full textAbstract:
As the world is getting increasingly dependent on the Internet, the availability of web services has been a key concern for various organizations. Application Layer DDoS (AL-DDoS) attacks may hamper the availability of web services to the legitimate users by flooding the request queue of the web server. Hence, it is pertinent to focus fundamentally on studying the queue scheduling policies of web server against the HTTP request flooding attack which has been the base of this research work. In this paper, the various types of AL-DDoS attacks launched by exploiting the HTTP protocol have been reviewed. The key aim is to compare the requests queue scheduling policies of web server against HTTP request flooding attack using NS2 simulator. Various simulation scenarios have been presented for comparison, and it has been established that queue scheduling policy can be a significant role player in tolerating the AL-DDoS attacks.
19
Guo, Wei, Sujuan Qin, Jun Lu, Fei Gao, Zhengping Jin, and Qiaoyan Wen. "Improved Proofs Of Retrievability And Replication For Data Availability In Cloud Storage." Computer Journal 63, no. 8 (January 2, 2020): 1216–30. http://dx.doi.org/10.1093/comjnl/bxz151.
Full textAbstract:
Abstract For a high level of data availability and reliability, a common strategy for cloud service providers is to rely on replication, i.e. storing several replicas onto different servers. To provide cloud users with a strong guarantee that all replicas required by them are actually stored, many multi-replica integrity auditing schemes were proposed. However, most existing solutions are not resource economical since users need to create and upload replicas of their files by themselves. A multi-replica solution called Mirror is presented to overcome the problems, but we find that it is vulnerable to storage saving attack, by which a dishonest provider can considerably save storage costs compared to the costs of storing all the replicas honestly—while still can pass any challenge successfully. In addition, we also find that Mirror is easily subject to substitution attack and forgery attack, which pose new security risks for cloud users. To address the problems, we propose some simple yet effective countermeasures and an improved proofs of retrievability and replication scheme, which can resist the aforesaid attacks and maintain the advantages of Mirror, such as economical bandwidth and efficient verification. Experimental results show that our scheme exhibits comparable performance with Mirror while achieving high security.
20
Rocha, Augusto Cezar Rodrigues, Gustavo Ferreira Pedrosa, Auro Barreiros Freire, Gibson Moreira Praça, Herbert Ugrinowitsch, Henrique de Oliveira Castro, and Gustavo Teixeira Costa. "Analysis of the setting and predictive factors of the effect of attack according to game ecology." Kinesiology 52, no. 2 (2020): 217–23. http://dx.doi.org/10.26582/k.52.2.7.
Full textAbstract:
The objective of this study was to identify how the ecological variables influence the setter during the setting and what were the predictive factors of the attack effect among Brazilian teams ranked from the 1st to 4th place in the volleyball Women’s Super-League in 2016-2017. We analyzed 768 attacks from 10 matches played among the teams. A descriptive analysis was performed and, to identify how the setting location differed in relation to the ecological variables, the One-Way ANOVA (factor 1 = setting location) was used. In addition, multinomial logistic regression was performed to understand the predictive factors of the effect of the attack. The significance level was set at 5% (p≤.05) and the SPSS software version 20.0 was used. The results showed the setting location differed according to the distance between the setter and the central attacker, the distance between the setter and the central blocker, and the distance between the setter and the blocker of position 4. Besides, it was observed that the powerful attack and the blocking touch were predictive factors of the effect of the attack. Thus, it is concluded that the decision-making for the action of the setting is based on the availability of the central attacker and the configuration of the blockers, the powerful attack reduces the chances of defense and the blocking touch reduces the chances of scoring by attacking.
21
Dhanapal, A., and P. Nithyanandam. "The Slow HTTP DDOS Attacks: Detection, Mitigation and Prevention in the Cloud Environment." Scalable Computing: Practice and Experience 20, no. 4 (December 4, 2019): 669–85. http://dx.doi.org/10.12694/scpe.v20i4.1569.
Full textAbstract:
Cloud computing is the latest buzzword and cutting-edge technology. The cost-efficiency, easy to operate, on-demand services, availability, makes the cloud so popular. The online web applications based on the internet such as E-Healthcare, E-Commerce are moving to the cloud to reduce the operating investment cost. These applications are vulnerable to slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. This kind of attacks aims to consume the resources of the application as well as the hosting system so that to bring down the services. The various forms of the slow HTTP DDoS are HTTP header attack, HTTP body attack and HTTP read attack. Due to the nature of mimicking the slow network behaviour, this attack is very challenging to detect. This is even more difficult to identify in the cloud environment as it has multiple attack paths. Theweb applications running in the cloud should have been safeguarded from the slow HTTP DDoS attacks. This paper proposed a novel multi-stage zone-based classification model to identify, mitigate and prevent the slow HTTP DDoS attacks in the cloud environment. The solution is implemented using the OpenStack cloud environment. The open-source slowHTTPTest tool is used to generate different types of slow HTTP DDoS attacks.
22
Dhanapal, A., and P. Nithyanandam. "The Slow HTTP Distributed Denial of Service Attack Detection in Cloud." Scalable Computing: Practice and Experience 20, no. 2 (May 2, 2019): 285–98. http://dx.doi.org/10.12694/scpe.v20i2.1501.
Full textAbstract:
Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.
23
Silveira, Matheus Ferraz, and André L. S. Gradvohl. "Security analysis of the message queuing telemetry transport protocol." Revista Brasileira de Computação Aplicada 13, no. 2 (July 7, 2021): 83–95. http://dx.doi.org/10.5335/rbca.v13i2.12163.
Full textAbstract:
The Internet of Things aims to assign computational processing and connection to simple objects on a network tocollect data and then perform analysis. Due to its easy use, simplified implementation has several informationsecurity problems. This article presents attack procedures in an IoT environment using the Message QueueTelemetry Transport protocol. For attack procedures, we use the Low Orbit Ion Cannon and Wireshark programs,compromising the integrity, confidentiality, and availability of data and network connection. After carrying outthe attack procedures, we implemented security methods on the network, such as data encryption and firewall toprotect data integrity and prevent network connection attacks
24
Sharma, Kavita, and B. B. Gupta. "Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices." International Journal of E-Services and Mobile Applications 10, no. 2 (April 2018): 58–74. http://dx.doi.org/10.4018/ijesma.2018040104.
Full textAbstract:
This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.
25
PETRICĂ, Gabriel, and Ioan-Cosmin MIHAI. "Cyber Attacks Against E-Learning Platforms. A Case Study Using Attack Trees." International Journal of Information Security and Cybercrime 9, no. 1 (June 22, 2020): 37–42. http://dx.doi.org/10.19107/ijisc.2020.01.05.
Full textAbstract:
The global context of the first part of 2020 has led to a change in the way humanity has carried out its professional and educational activity. E-learning platforms have become an interesting target for cyber attackers. This paper presents the evolution of Moodle vulnerabilities and a possible AT (Attack Tree) built around this e-learning platform. The AT highlights software vulnerabilities and physical events that can compromise the security / availability of a Moodle platform.
26
Mondragón, Oscar, Andrés Felipe Mera Arcos, Christian Urcuqui, and Andrés Navarro Cadavid. "Security control for website defacement." Sistemas y Telemática 15, no. 41 (August 1, 2017): 45–55. http://dx.doi.org/10.18046/syt.v15i41.2442.
Full textAbstract:
Cyber-attacks to websites are increasing steadily affecting the integrity and availability of information, so the implementation of safeguards to mitigate or reduce to acceptable levels the risks generated are necessary. Computer incidents produce economic and reputational impacts to different organizations. It has identified an increase in computer attacks on different organizations where one of them, and highly reputational impact, is the “Defacement” attack, which consists of unauthorized modification or alteration to the web sites using wordpress cms , affecting the integrity of information. The result of this article proposes the development of a model for establishing a security control to perform the containment and reporting of this attack type, which currently have focused on the websites of the government entities. The development model allows online control the attack on Web sites by constant reading of certain parts of the source code making the detection and maintenance of the integrity of information.
27
Jeyanthi, N., and P. C. Mogankumar. "A Virtual Firewall Mechanism Using Army Nodes to Protect Cloud Infrastructure from DDoS Attacks." Cybernetics and Information Technologies 14, no. 3 (September 1, 2014): 71–85. http://dx.doi.org/10.2478/cait-2014-0034.
Full textAbstract:
Abstract Cloud is not exempted from the vulnerability of Distributed Denial of Service (DDoS) attack, a serious threat to any distributed network and has considerably less effective solutions to deploy in the network. This paper introduces a novel mechanism to protect and prevent the cloud from the spurious packets targeting the depletion of server resources. The army nodes called “Cloud DDoS Attack Protection” (CDAP) nodes are installed at the cloud server farm/ Datacenter (DC). These army nodes act as virtual firewall without destroying the Cloud Infrastructure and improve the availability of DC, even at the time of DDoS attack. By continuously monitoring the incoming packets, CDAP filters the attack packets intruding the Cloud DC. Availability is further improved by handing over the threat detection and attack mitigation to CDAP nodes and by redirecting the malicious user requests to the dump network. The simulation results prove that the introduction of CDAP nodes improve the availability and reduce the response time and the cost incurred.
28
Ramírez Gómez, Julián, Héctor Fernando Vargas Montoya, and Álvaro León Henao. "Implementing a Wormhole Attack on Wireless Sensor Networks with XBee S2C Devices." Revista Colombiana de Computación 20, no. 1 (May 28, 2019): 41–58. http://dx.doi.org/10.29375/25392115.3606.
Full textAbstract:
One of the most dangerous threats to Wireless Sensor Networks (WSN) are wormhole attacks, due to their capacity to manipulate routing and application data in real time and cause important damages to the integrity, availability, and confidentiality of network data. An empirical method to launch a successful attack on IEEE 802.15.4/Zigbee devices with source routing enabled is adopted in this work to find signatures for detecting wormhole attacks in real environments. It uses the KillerBee framework with algorithms for packet manipulation through a malicious node to capture and inject malicious packets in victim nodes. Besides, a reverse variant of wormhole attack is presented and executed. To evidence the realization of this threat by the attacking software, the experimental framework includes XBee S2C nodes. The results include recommendations, detection signatures and future work to face wormhole attacks involving source routing protocols like DSR.
29
Loadman, N. L., G. E. E. Moodie, and J. A. Mathias. "Significance of Cannibalism in Larval Walleye (Stizostedion vitreum)." Canadian Journal of Fisheries and Aquatic Sciences 43, no. 3 (March 1, 1986): 613–18. http://dx.doi.org/10.1139/f86-073.
Full textAbstract:
Cannibalism by larval walleye (Stizostedion vitreum) was studied to determine the ecological consequences and implications of cohort cannibalism in intensive culture systems and in natural communities. Two categories of cannibalistic behavior were observed. Trunk attacks were the most frequent (92%), and nearly always (98%) resulted in the escape of the victim; however, victims suffered a 19% mortality rate within 24 h of the attack. Tail attacks were less frequent but almost always resulted in ingestion of the victim. Tail attacks had a mean duration of 3.5 h and were more easily observed than trunk attacks (mean duration = 20 s). Under conditions of unlimited food, cannibalism could not be shown to confer an advantage in either growth or survival upon cannibals. The rate of cannibalism increased as food density decreased, but depended on the availability of light. Trunk attacks among larval walleye may be a higher source of mortality than the more commonly observed tail attack behavior.
30
Wan, Runze, Lixin Ding, Naixue Xiong, and Xing Zhou. "Mitigation strategy against spectrum-sensing data falsification attack in cognitive radio sensor networks." International Journal of Distributed Sensor Networks 15, no. 9 (September 2019): 155014771987064. http://dx.doi.org/10.1177/1550147719870645.
Full textAbstract:
To detect the primary user’s activity accurately in cognitive radio sensor networks, cooperative spectrum sensing is recommended to improve the sensing performance and the reliability of spectrum-sensing process. However, spectrum-sensing data falsification attack being launched by malicious users may lead to fatal mistake of global decision about spectrum availability at the fusion center. It is a tough task to mitigate the negative effect of spectrum-sensing data falsification attack and even eliminate these attackers from the network. In this article, we first discuss the randomly false attack model and analyze the effects of two classes of attacks, individual and collaborative, on the global sensing performance at the fusion center. Afterwards, a linear weighted combination scheme is designed to eliminate the effects of the attacks on the final sensing decision. By evaluating the received sensing result, each user can be assigned a weight related to impact factors, which includes result consistency degree and data deviation degree. Furthermore, an adaptive reputation evaluation mechanism is introduced to discriminate malicious and honest sensor node. The evaluation is conducted through simulations, and the results reveal the benefits of the proposed in aspect of mitigation of spectrum-sensing data falsification attack.
31
Rocha, Augusto Cézar Rodrigues, Lorenzo Laporta, Henrique Modenesi, Rodrigo Luiz Vancini, Fabiano de Souza Fonseca, Gilmário Ricarte Batista, Alexandre Igor Araripe Medeiros, et al. "Setting distribution analysis in elite-level men's volleyball: an ecological approach." Research, Society and Development 10, no. 1 (January 25, 2021): e47710111994. http://dx.doi.org/10.33448/rsd-v10i1.11994.
Full textAbstract:
This study aimed to analyze how situational constraints (lifter distance to attackers and blockers) influenced a volleyball setter’s distribution after reception that allow an organized attack with all attack options and the relationship between the attack tempo and the effect of the attack according to the setting location. The sample comprised 22 games in the 2018 Men's Volleyball World Championship. The results showed that there was a difference in the distribution while considering the distance between the setter and the striker in position 4 [χ2 (4) = 28.657; p <0.001], the striker in position 6 [χ2 (4) = 23.828; p <0.001], the blocker in position 4 [χ2 (4) = 16.566; p = 0.002] and there was an effect of the attack tempo on the effect of attacks performed by position 6 [χ2 (3) = 15.438; p = 0.001]. From these findings, it is clear that the setter's decision-making is related to the ecological dynamics of the game and to situational constraints, with the availability of attackers influencing the setter's distribution and setting, along with the layout of the adversary’s blocking system.
32
Hasan, Mainul, Amogh Venkatanarayan, Inder Mohan, Ninni Singh, and Gunjan Chhabra. "Comparison of Various DoS Algorithm." International Journal of Information Security and Privacy 14, no. 1 (January 2020): 27–43. http://dx.doi.org/10.4018/ijisp.2020010103.
Full textAbstract:
Denial of service attack is one of the most devastating and ruinous attacks on the internet. The attack can be performed by flooding the victim's machine with any kind of packets. Throughout all these years many methods have been proposed to reduce the impact, but with machines of higher capabilities coming in, the attack has also become more potent, and these proposals are either less effective or less efficient. A DoS attack exhausts the victim's resources affecting the availability of the resource. This paper will be comparing a few methods that have been proposed and published in various papers along with a newly proposed method. The comparison of the methods is done on a number of parameters including resource utilization, reaction time, worst case scenarios, etc. This paper also checks the viability of these methods over various layers of the network. Concluding with the best aspects of all the papers and the best among these for the current real conditions.
33
Bustami, Agustani, and Syamsul Bahri. "Ancaman, Serangan dan Tindakan Perlindungan pada Keamanan Jaringan atau Sistem Informasi : Systematic Review." UNISTEK 7, no. 2 (August 25, 2020): 59–70. http://dx.doi.org/10.33592/unistek.v7i2.645.
Full textAbstract:
Keamanan jaringan atau sistem informasi sangat berdampak dengan kehadiran berbagai ancaman atau serangan yang dapat menyebabkan kebocoran informasi sensitif dan rahasia serta penurunan kinerja organisasi. Terdapat beraneka ragam ancaman atau serangan pada keamanan jaringan atau sistem informasi seperti insider attacks, eavesdropping, masquerading, man-in-the-middle-attack, virus attack atau denial of service attack dan lain sebagainya. Teknologi keamanan yang sesuai dapat ditetapkan sebagai antisipasi dan perlindungan dari beragam ancaman atau serangan keamanan. Agar penentuan teknologi keamanan dapat sesuai dengan kebutuhan organisasi, maka diperlukan pemetaan terlebih dahulu antara jenis ancaman atau serangan dengan teknologi keamanan yang ada berdasarkan kepada aspek keamanan, yaitu: kerahasiaan (confidentiality), integritas (integrity) dan ketersediaan (availability) [1][2]. Firewall, IDS, antivirus system dan cryptographic system menjadi teknologi keamanan pilihan disebabkan kehandalan mereka dalam mengantisipasi dan melindungi jaringan atau sistem informasi pada aspek keamanan yang berbeda-beda
34
jain, Rupal, and Rajneesh Pachouri. "DETECTING AND ISOLATING BLACK-HOLE ATTACKS IN MANET USING COUNTER BASED TROLLING TECHNIQUE." International Journal of Advanced Research in Computer Science 11, no. 6 (December 20, 2020): 36–45. http://dx.doi.org/10.26483/ijarcs.v11i6.6679.
Full textAbstract:
Mobile Ad hoc Network (MANET) is a part of wireless networks that gives different applications in various fields. MANET's security had gotten perhaps the greatest issue in fields of networks. MANET is powerless against various kinds of attacks that influence its usefulness and availability. The black hole attack is viewed as one of the most perilous dynamic attacks which impedes the presentation and dependability of the network because of the dropping of all approaching data packets by the malicious node. The black hole attack intends to deceive each node in the network that needs to speak with another node by guaranteeing that it generally has the best path to the objective node. AODV is a responsive routing protocol which has no method to identify and forestall black hole attack in to the network. In this examination work, we improved the AODV routing protocol utilizing another lightweight method that utilizes hop count and trolling to recognize and detect single and multiple black hole attack. In this research work we provide the security scheme against single and cooperative black hole attack in MANET. The blackhole attack is packet dropping attack behaves like normal node at the time of connection establishment and after forward false reply of destination to sender drops all the data packets. In this attack one or more than one malicious nodes create a secure environment with the presence of other normal nodes. The proposed IDS (Intrusion Detection System) is identified the nodes those are not forwarded the data packets continuously abut node exist in network and provides the secure communication in dynamic network.
35
An, Hyok, Yoonjong Na, Heejo Lee, and Adrian Perrig. "Resilience Evaluation of Multi-Path Routing against Network Attacks and Failures." Electronics 10, no. 11 (May 24, 2021): 1240. http://dx.doi.org/10.3390/electronics10111240.
Full textAbstract:
The current state of security and availability of the Internet is far from being commensurate with its importance. The number and strength of DDoS attacks conducted at the network layer have been steadily increasing. However, the single path (SP) routing used in today’s Internet lacks a mitigation scheme to rapidly recover from network attacks or link failure. In case of a link failure occurs, it can take several minutes until failover. In contrast, multi-path routing can take advantage of multiple alternative paths and rapidly switch to another working path. According to the level of available path control, we classfy the multi-path routing into two types, first-hop multi-path (FMP) and multi-hop multi-path (MMP) routing. Although FMP routing supported by networks, such as SD-WAN, shows marginal improvements over the current SP routing of the Internet, MMP routing supported by a global Internet architecture provides strong improvement under network attacks and link failure. MMP routing enables changing to alternate paths to mitigate the network problem in other hops, which cannot be controlled by FMP routing. To show this comparison with practical outcome, we evaluate network performance in terms of latency and loss rate to show that MMP routing can mitigate Internet hazards and provide high availability on global networks by 18 participating ASes in six countries. Our evaluation of global networks shows that, if network attacks or failures occur in other autonomous systems (ASes) that FMP routing cannot avoid, it is feasible to deal with such problems by switching to alternative paths by using MMP routing. When the global evaluation is under a transit-link DDoS attack, the loss rates of FMP that pass the transit-link are affected significantly by a transit-link DDoS attack, but the other alternative MMP paths show stable status under the DDoS attack with proper operation.
36
Zhao, Xiaolin, Hui Peng, Xiang Li, Yue Li, Jingfeng Xue, Yaoyuan Liang, and Mingzhe Pei. "Defending Application Layer DDoS Attacks via Multidimensional Parallelotope." Security and Communication Networks 2020 (December 30, 2020): 1–11. http://dx.doi.org/10.1155/2020/6679304.
Full textAbstract:
The Internet is more and more integrated into people’s life; because of the complexity and fragility of the network environment, network attack presents a more and more serious trend. Application Layer DDoS (AL-DDoS) attack is the most complex form of DDoS attack, which is hindering the availability for the legitimate users by taking up a large number of requests of web server. The paper introduced the concept of behavior utility to portray the network. The concept of attack and defense utility was defined by a specific property which was the manifestation of the network risk after the offset of attack and defense. In the utility model, traffic metrics were mapped to the multidimensional parallelotope in the Euclidean space to express as a diagonal matrix. To determine the threshold status, the defense strategies of load balancing and limiting the maximum number of connections were used with different attack scales. Finally, the attack and defense utility value was calculated to evaluate the network risk level. The proposed method can master the capacity of network system against each attack means and the defense capability of network system. Its availability and accuracy are verified by comparing with the relevant works.
37
Pandey, Ravi Shankar, Vivek Srivastava, and Lal Babu Yadav. "Research trends and solutions for secure traffic management of SDN." APTIKOM Journal on Computer Science and Information Technologies 2, no. 3 (January 22, 2020): 97–105. http://dx.doi.org/10.34306/csit.v2i3.70.
Full textAbstract:
Software Defined Network (SDN) decouples the responsibilities of route management and datatransmission of network devices present in network infrastructure. It integrates the control responsibility at thecentralized software component which is known as controller. This centralized aggregation of responsibilities mayresult the single point of failure in the case malicious attack at the controller side. These attacks may also affect thetraffic flow and network devices. The security issues due to such malicious attacks in SDN are dominating challengesin the implementation and utilization of opportunities provided by this new paradigm. In this paper we haveinvestigated the several research papers related to proposal of new research trends for security and suggestionswhich fulfil the security requirements like confidentiality, integrity, availability, authenticity, authorization,nonrepudiation, consistency, fast responsiveness and adaptation. We have also investigated the new future researchfor creating the attack free environment for implementing the SDN.
38
Dhanapal A and Nithyanandam P. "The HTTP Flooding Attack Detection to Secure and Safeguard Online Applications in the Cloud." International Journal of Information System Modeling and Design 10, no. 3 (July 2019): 41–58. http://dx.doi.org/10.4018/ijismd.2019070103.
Full textAbstract:
Cloud computing is the cutting edge and has become inevitable in all forms of computing. This is due to its nature of elasticity, cost-effectiveness, availability, etc. The online applications like e-commerce, and e-healthcare applications are moving to the cloud to reduce their operational cost. These applications have the vulnerability of a HTTP flooding Distributed Denial of Service attack in the cloud. This flooding attack aims to overload the application, making it unable to process genuine requests and bring it down. So, these applications need to be secured and safeguarded against such attacks. This HTTP flooding attack is one of the key challenging issues as it shows normal behaviour with regard to all lower networking layers like TCP 3-way handshaking by mimicking genuine requests and it is even harder in the cloud due to the cloud properties. This article offers a solution for detecting a HTTP flooding attack in the cloud by using the novel TriZonal Linear Prediction (TLP) model. The solution was implemented using OpenStack and the FIFA Worldcup '98 data set for experimentation.
39
Shi, Qiong, Li Qin, Lipeng Song, Rongping Zhang, and Yanfeng Jia. "A Dynamic Programming Model for Internal Attack Detection in Wireless Sensor Networks." Discrete Dynamics in Nature and Society 2017 (2017): 1–9. http://dx.doi.org/10.1155/2017/5743801.
Full textAbstract:
Internal attack is a crucial security problem of WSN (wireless sensor network). In this paper, we focus on the internal attack detection which is an important way to locate attacks. We propose a state transition model, based on the continuous time Markov chain (CTMC), to study the behaviors of the sensors in a WSN under internal attack. Then we conduct the internal attack detection model as the epidemiological model. In this model, we explore the detection rate as the rate of a compromised state transition to a response state. By using the Bellman equation, the utility for the state transitions of a sensor can be written in standard forms of dynamic programming. It reveals a natural way to find the optimal detection rate that is by maximizing the total utility of the compromised state of the node (the sum of current utility and future utility). In particular, we encapsulate the current state, survivability, availability, and energy consumption of the WSN into an information set. We conduct extensive experiments and the results show the effectiveness of our solutions.
40
Muraleedharan N. and Janet B. "SCAFFY." International Journal of Information Security and Privacy 15, no. 3 (July 2021): 106–28. http://dx.doi.org/10.4018/ijisp.2021070107.
Full textAbstract:
Denial of service (DoS) attack is one of the common threats to the availability of critical infrastructure and services. As more and more services are online enabled, the attack on the availability of these services may have a catastrophic impact on our day-to-day lives. Unlike the traditional volumetric DoS, the slow DoS attacks use legitimate connections with lesser bandwidth. Hence, it is difficult to detect slow DoS by monitoring bandwidth usage and traffic volume. In this paper, a novel machine learning model called ‘SCAFFY' to classify slow DoS on HTTP traffic using flow level parameters is explained. SCAFFY uses a multistage approach for the feature section and classification. Comparison of the classification performance of decision tree, random forest, XGBoost, and KNN algorithms are carried out using the flow parameters derived from the CICIDS2017 and SUEE datasets. A comparison of the result obtained from SCAFFY with two recent works available in the literature shows that the SCAFFY model outperforms the state-of-the-art approaches in classification accuracy.
41
Jose, Ancy Sherin, Latha R. Nair, and Varghese Paul. "Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques." Revista Gestão Inovação e Tecnologias 11, no. 4 (July 29, 2021): 3837–65. http://dx.doi.org/10.47059/revistageintec.v11i4.2411.
Full textAbstract:
Distributed Denial of Service Attack (DDoS) has emerged as a major threat to cyber space. A DDoS attack aims at exhausting the resources of the victim causing financial and reputational damages to it. The availability of free software make launching of DDoS attacks easy. The difficulty in differentiating a DDoS traffic from a legitimate traffic burst such as a flash crowd makes DDoS difficult to be identified. A wide range of techniques have been used in conventional networks to detect and mitigate DDoS attacks. Though the advent of Software Defined Networking (SDN) makes a network easy to be managed even SDN is vulnerable to DDoS attacks. In this case, the controller of the SDN gets overloaded with the incoming packets from the switches. In fact, a solution based on security analytics can be put in place to ward off this threat as a proactive security measure using the flow level statistics available from the SDN. Compared to the packet analysis used in traditional networks which is resource expensive the flow level statistics is relatively inexpensive. This paper focuses on the design and implementation of an attack detection system for detecting the flooding DDoS attacks TCP SYN flooding attacks, HTTP request flooding attacks, UDP flooding attacks and ICMP flooding attacks over SDN network traffic. The system uses various classification algorithms to classify a traffic into normal or attack. The feature sets for classification were arrived at using a feature selection module with ANOVA (Analysis of Variance) F-Test statistical method. Performance evaluation of each of the classifiers was carried out for the three feature sets obtained from the feature selection module using various performance measures and the results have been tabulated. The feature set which gives the best performance in detecting malicious traffic has been identified.
42
Akanji, Oluwatobi Shadrach, Opeyemi Aderiike Abisoye, and Mohammed Awwal Iliyasu. "MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS." Journal of Information and Communication Technology 20, Number 3 (June 11, 2021): 277–304. http://dx.doi.org/10.32890/jict2021.20.3.1.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.
43
Luh, Robert, Marlies Temper, Simon Tjoa, Sebastian Schrittwieser, and Helge Janicke. "PenQuest: a gamified attacker/defender meta model for cyber security assessment and education." Journal of Computer Virology and Hacking Techniques 16, no. 1 (November 22, 2019): 19–61. http://dx.doi.org/10.1007/s11416-019-00342-x.
Full textAbstract:
AbstractAttacks on IT systems are a rising threat against the confidentiality, integrity, and availability of critical information and infrastructures. At the same time, the complex interplay of attack techniques and possible countermeasures makes it difficult to appropriately plan, implement, and evaluate an organization’s defense. More often than not, the worlds of technical threats and organizational controls remain disjunct. In this article, we introduce PenQuest, a meta model designed to present a complete view on information system attacks and their mitigation while providing a tool for both semantic data enrichment and security education. PenQuest simulates time-enabled attacker/defender behavior as part of a dynamic, imperfect information multi-player game that derives significant parts of its ruleset from established information security sources such as STIX, CAPEC, CVE/CWE and NIST SP 800-53. Attack patterns, vulnerabilities, and mitigating controls are mapped to counterpart strategies and concrete actions through practical, data-centric mechanisms. The gamified model considers and defines a wide range of actors, assets, and actions, thereby enabling the assessment of cyber risks while giving technical experts the opportunity to explore specific attack scenarios in the context of an abstracted IT infrastructure. We implemented PenQuest as a physical serious game prototype and successfully tested it in a higher education environment. Additional expert interviews helped evaluate the model’s applicability to information security scenarios.
44
Shankar Pandey, Ravi, Vivek Srivastava, and Lal Babu Yadav. "Research trends and solutions for secure traffic management of SDN." APTIKOM Journal on Computer Science and Information Technologies 2, no. 3 (November 1, 2017): 97–105. http://dx.doi.org/10.11591/aptikom.j.csit.68.
Full textAbstract:
Software Defined Network (SDN) decouples the responsibilities of route management and data transmission of network devices present in network infrastructure. It integrates the control responsibility at the centralized software component which is known as controller. This centralized aggregation of responsibilities may result the single point of failure in the case malicious attack at the controller side. These attacks may also affect the traffic flow and network devices. The security issues due to such malicious attacks in SDN are dominating challenges in the implementation and utilization of opportunities provided by this new paradigm. In this paper we have investigated the several research papers related to proposal of new research trends for security and suggestions which fulfil the security requirements like confidentiality, integrity, availability, authenticity, authorization, nonrepudiation, consistency, fast responsiveness and adaptation. We have also investigated the new future research for creating the attack free environment for implementing the SDN.
45
Arlis, Syafri, and Sahari. "Analisis Firewall Demilitarized Zone dan Switch Port Security pada Jaringan Universitas Putra Indonesia YPTK." Jurnal KomtekInfo 6, no. 1 (June 1, 2019): 29. http://dx.doi.org/10.35134/komtekinfo.v6i1.39.
Full textAbstract:
The development of information technology so rapidly, greatly helped the works of man. On the one hand man to be very helpful, but on the other side of the system's security level to rise sharply so that in essence the sides of human life is in a threatened position. The techniques of network security systems and precautions against attacks on information systems continue to be developed so that the integrity, availability and confidentiality in an information system becomes more secure. One way is by building a network security system and attack prevention system. In this paper, the authors construct a computer network security systems using a firewall Demiliteralized Zone (DMZ) by using IPtables which is the standard of Linux systems and and Switch Port Security (SPS). Utilization by combining these two technologies to achieve maximum levels of security and is able to block the intruder will attempt an attack with a variety of attacks identified.
46
Babu, M. Rajesh, S. Moses Dian, Siva Chelladurai, and Mathiyalagan Palaniappan. "Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version." Scientific World Journal 2015 (2015): 1–11. http://dx.doi.org/10.1155/2015/715820.
Full textAbstract:
The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.
47
Nassef, Laila, and Reemah Alhebshi. "Fuzzy-based reliable and secure cooperative spectrum sensing for the smart grid." International Journal of ADVANCED AND APPLIED SCIENCES 8, no. 2 (February 2021): 92–100. http://dx.doi.org/10.21833/ijaas.2021.02.013.
Full textAbstract:
Cognitive radio is a promising technology to solve the spectrum scarcity problem caused by inefficient utilization of radio spectrum bands. It allows secondary users to opportunistically access the underutilized spectrum bands assigned to licensed primary users. The local individual spectrum detection is inefficient, and cooperative spectrum sensing is employed to enhance spectrum detection accuracy. However, cooperative spectrum sensing opens up opportunities for new types of security attacks related to the cognitive cycle. One of these attacks is the spectrum sensing data falsification attack, where malicious secondary users send falsified sensing reports about spectrum availability to mislead the fusion center. This internal attack cannot be prevented using traditional cryptography mechanisms. To the best of our knowledge, none of the previous work has considered both unreliable communication environments and the spectrum sensing data falsification attack for cognitive radio based smart grid applications. This paper proposes a fuzzy inference system based on four conflicting descriptors. An attack model is formulated to determine the probability of detection for both honest and malicious secondary users. It considers four independent malicious secondary users’ attacking strategies of always yes, always no, random, and opposite attacks. The performance of the proposed fuzzy fusion system is simulated and compared with the conventional fusion rules of AND, OR, Majority, and the reliable fuzzy fusion that does not consider the secondary user’s sensing reputation. The results indicate that incorporating sensing reputation in the fusion center has enhanced the accuracy of spectrum detection and have prevented malicious secondary users from participating in the spectrum detection fusion
48
Ghanbari, Maryam, and Witold Kinsner. "Detecting DDoS Attacks Using Polyscale Analysis and Deep Learning." International Journal of Cognitive Informatics and Natural Intelligence 14, no. 1 (January 2020): 17–34. http://dx.doi.org/10.4018/ijcini.2020010102.
Full textAbstract:
Distributed denial-of-service (DDoS) attacks are serious threats to the availability of a smart grid infrastructure services because they can cause massive blackouts. This study describes an anomaly detection method for improving the detection rate of a DDoS attack in a smart grid. This improvement was achieved by increasing the classification of the training and testing phases in a convolutional neural network (CNN). A full version of the variance fractal dimension trajectory (VFDTv2) was used to extract inherent features from the stochastic fractal input data. A discrete wavelet transform (DWT) was applied to the input data and the VFDTv2 to extract significant distinguishing features during data pre-processing. A support vector machine (SVM) was used for data post-processing. The implementation detected the DDoS attack with 87.35% accuracy.
49
Glancy, Fletcher, David P. Biros, Nan Liang, and Andy Luse. "Classification of malicious insiders and the association of the forms of attacks." Journal of Criminal Psychology 10, no. 3 (June 29, 2020): 233–47. http://dx.doi.org/10.1108/jcp-03-2020-0012.
Full textAbstract:
Purpose The authors argue that the current studies about malicious insiders confuse the fact that malicious attacks belong to two different categories, namely, those that launch instrumental attacks and expressive attacks. The authors collect malicious insider data from publicly available sources and use text-mining techniques to analyze the association between malicious insiders’ characteristics and the different types of attack. Design/methodology/approach The authors investigated the relationship between personality characteristics and different types of malicious attacks. For the personality characteristics, the authors use the same method as Liang et al. (2016), which extracted these characteristics based on a keyword-characteristic dictionary. For different types of malicious attacks, two raters rated each case based on criteria modified from criminology research to determine the degree of expressiveness and instrumentality. Findings The results show that malicious insiders who are manipulative or seeking personal gain tend to carry out instrumental attacks. Malicious insiders who are arrogant tend to conduct expressive attacks. Research limitations/implications This study uses third party articles to identify the personality characteristics of known malicious insiders. As such, not all personality characteristics may have been reported. Data availability was an issue. Practical implications Understanding if different personality characteristics lead different types of attacks can help managers identify employees who exhibit them and mitigate an attack before it occurs. Social implications Malicious insider attacks can have devastating results on businesses and employees. Help to identify potential malicious insiders before they act, may prevent undue harm. Originality/value This study used 132 cases of none malicious insiders to examine their attack objectives. No other study that the authors know of used that many cases.
50
Et. al., K. NandhaKumar,. "A Hybrid Adaptive Development Algorithm and Machine Learning Based Method for Intrusion Detection and Prevention System." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 5 (April 11, 2021): 1226–36. http://dx.doi.org/10.17762/turcomat.v12i5.1789.
Full textAbstract:
Network Intrusion detection and prevention Systems (NIDPS) are employed in monitoring a network which safeguards user integrity, privacy thereby ensuring the data security and availability in a network. Such systems not only monitor the suspicious activities in a network but also used as control systems to eliminate the malicious users from the network. In this paper, a Hybrid Adaptive Development Algorithm and Machine Learning Algorithm (ADA-MLA) method is proposed to identify the malicious activities and eliminating them from the network. The deployment of honeypot-based intrusion is improved adaptive development algorithm. Machine learning algorithm has been employed in the Hybrid IDPS for learning the network data patterns which also identifies the maximum probable attacks in the network. The signatures for the DARPA 99 data set have been updated during the implementation of intrusion prevention system on a real-time basis. The hybrid method works on (i) classifying the attacks based on protocols and (ii) classifying the attacks on pre-determined threshold values. Hence, both known and unknown attacks can be easily captured in the proposed hybrid IDPS method which thereby achieves higher attack detection and prevention accuracy while compared to the conventional attack detection and prevention methodologies.