Relevant bibliographies by topics / DDoS-Protection

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'DDoS-Protection'

Author: Grafiati
Published: 4 June 2021
Last updated: 2 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'DDoS-Protection.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "DDoS-Protection"

1

Reynolds, Roy. "It's time to rethink DDoS protection." Network Security 2020, no. 1 (January 2020): 6–8. http://dx.doi.org/10.1016/s1353-4858(20)30007-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Shah, Harshil, Priyansh Shah, and Swapna Naik. "DDOS Protection by Dividing and Limiting." International Journal of Computer Applications 155, no. 11 (December 15, 2016): 12–14. http://dx.doi.org/10.5120/ijca2016912251.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Evglevskaya, N. V., A. Yu Zuev, A. O. Karasenko, and O. S. Lauta. "Comparative analysis of the effectiveness of existing methods of networks security from DDoS attacks." Radio industry (Russia) 30, no. 3 (September 8, 2020): 67–74. http://dx.doi.org/10.21778/2413-9599-2020-30-3-67-74.

Full text
Abstract:
At present, issues related to information security are highly relevant. DoS and DDoS attacks are carried out by cybercriminals quite often, because cyberattacks can bring almost any system to failure, leaving no legally significant evidence. At the same time, the failure of the attacked subsystem can be an intermediate stage towards the target system. The most vulnerable to DDoS attacks are online stores, online payment systems, news resources and companies, whose activities depend on the frequency of user access to the resource. The main methods of protection against cyberattacks and DDoS attacks, in particular, are currently antivirus programs and firewalls. The article presents a description of some types of DDoS attacks as well as the results of a comparative analysis of several existing methods of networks security from DDoS attacks, which will simplify the choice of the optimal solution to ensure reliable protection of a telecommunication facility. Considering all the advantages and disadvantages, the method of organizing a network protection system against DDoS attacks based on the technology of artificial neural networks is the most suitable solution for ensuring the information security of networks of various purpose.
APA, Harvard, Vancouver, ISO, and other styles
4

Mahmood, Hassan, Danish Mahmood, Qaisar Shaheen, Rizwan Akhtar, and Wang Changda. "S-DPS: An SDN-Based DDoS Protection System for Smart Grids." Security and Communication Networks 2021 (March 20, 2021): 1–19. http://dx.doi.org/10.1155/2021/6629098.

Full text
Abstract:
Information Communication Technology (ICT) environment in traditional power grids makes detection and mitigation of DDoS attacks more challenging. Existing security technologies, besides their efficiency, are not adequate to cater to DDoS security in Smart Grids (SGs) due to highly distributed and dynamic network environments. Recently, emerging Software Defined Networking- (SDN-) based approaches are proposed by researchers for SG’s DDoS protection; however, they are only able to protect against flooding attacks and are dependent on static thresholds. The proposed approach, i.e., Software Defined Networking-based DDoS Protection System (S-DPS), is efficiently addressing these issues by employing light-weight Tsallis entropy-based defense mechanisms using SDN environment. It provides early detection mechanism with mitigation of anomaly in real time. The approach offers the best deployment location of defense mechanism due to the centralized control of network. Moreover, the employment of a dynamic threshold mechanism is making detection process adaptive to the changing network conditions. S-DPS has demonstrated its effectiveness and efficiency in terms of Detection Rate (DR) and minimal CPU/RAM utilization, considering DDoS protection focusing smurf attacks, socket stress attacks, and SYN flood attacks.
APA, Harvard, Vancouver, ISO, and other styles
5

Selvakani, S., K. Vasumathi, T. Vijayalakshmi, and A. Kavitha. "Attack in SDN Based Distributed Denial of Service." Asian Journal of Engineering and Applied Technology 10, no. 1 (May 5, 2021): 38–44. http://dx.doi.org/10.51983/ajeat-2021.10.1.2802.

Full text
Abstract:
DOS assaults are executed with the aid of using assault tools, worms and botnets the usage of exclusive packet-transmission techniques and diverse types of assault packets to conquer protection structures. These issues cause protection structures requiring diverse detection techniques to be able to discover assaults. Moreover, DOS assaults can blend their traffics for the duration of flash crowds. By doing this, the complicated protection machine cannot locate the assault site visitors in time. In this challenge a conduct primarily based totally detection the usage of Crowd Correlation Analysis which can discriminate DOS assault site visitors from site visitors generated with the aid of using actual customers. In the Euclidean area to specific as a diagonal matrix proposed can grasp the potential of community machine towards every assault manner and the protection functionality of community machine. Cyber-assault consisting of DDOS assault continues to be the maximum effective assault that disrupts the real customers from having access to the crucial offerings. In software layer-primarily based totally DDOS assault, attacker makes use of different gadget in preference to the usage of his very own IP cope with to flood the focused machine and disrupts the offerings SDN (software program described networks) for value performance and community Application layer allotted denial of provider (DDOS) assaults have turn out to be a extreme hazard to the safety of net servers. These assaults avoid maximum intrusion prevention structures with the aid of using sending several HTTP requests flexibility, however DDOS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure DDoS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure monetary loss, facts theft, and overall performance degradation massive survey has been made to locate and save you DDOS primarily based totally assault in software layer and SDN primarily based totally surroundings. We suggest an powerful protection machine, named Sky Shield, which leverages the caricature facts shape to fast locate and mitigate software layer DDOS assaults. Novel calculation of the divergence among sketches, which alleviates the effect of community dynamics and improves the detection accuracy.
APA, Harvard, Vancouver, ISO, and other styles
6

Rebecchi, Filippo, Julien Boite, Pierre-Alexis Nardin, Mathieu Bouet, and Vania Conan. "DDoS protection with stateful software-defined networking." International Journal of Network Management 29, no. 1 (August 9, 2018): e2042. http://dx.doi.org/10.1002/nem.2042.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Khalaf, Bashar Ahmad, Salama A. Mostafa, Aida Mustapha, Mazin Abed Mohammed, Moamin A. Mahmoud, Bander Ali Saleh Al-Rimy, Shukor Abd Razak, Mohamed Elhoseny, and Adam Marks. "An Adaptive Protection of Flooding Attacks Model for Complex Network Environments." Security and Communication Networks 2021 (April 22, 2021): 1–17. http://dx.doi.org/10.1155/2021/5542919.

Full text
Abstract:
Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios’ changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model.
APA, Harvard, Vancouver, ISO, and other styles
8

Saleh, Mohammed A., and Azizah Abdul Manaf. "A Novel Protective Framework for Defeating HTTP-Based Denial of Service and Distributed Denial of Service Attacks." Scientific World Journal 2015 (2015): 1–19. http://dx.doi.org/10.1155/2015/238230.

Full text
Abstract:
The growth of web technology has brought convenience to our life, since it has become the most important communication channel. However, now this merit is threatened by complicated network-based attacks, such as denial of service (DoS) and distributed denial of service (DDoS) attacks. Despite many researchers’ efforts, no optimal solution that addresses all sorts of HTTP DoS/DDoS attacks is on offer. Therefore, this research aims to fix this gap by designing an alternative solution called a flexible, collaborative, multilayer, DDoS prevention framework (FCMDPF). The innovative design of the FCMDPF framework handles all aspects of HTTP-based DoS/DDoS attacks through the following three subsequent framework’s schemes (layers). Firstly, an outer blocking (OB) scheme blocks attacking IP source if it is listed on the black list table. Secondly, the service traceback oriented architecture (STBOA) scheme is to validate whether the incoming request is launched by a human or by an automated tool. Then, it traces back the true attacking IP source. Thirdly, the flexible advanced entropy based (FAEB) scheme is to eliminate high rate DDoS (HR-DDoS) and flash crowd (FC) attacks. Compared to the previous researches, our framework’s design provides an efficient protection for web applications against all sorts of DoS/DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
9

Le, Duc, Minh Dao, and Quyen Nguyen. "Comparison of machine learning algorithms for DDoS attack detection in SDN." Information and Control Systems, no. 3 (June 15, 2020): 59–70. http://dx.doi.org/10.31799/1684-8853-2020-3-59-70.

Full text
Abstract:
Introduction: Distributed denial-of-service (DDoS) has become a common attack type in cyber security. Apart from the conventional DDoS attacks, software-defined networks also face some other typical DDoS attacks, such as flow-table attack or controller attack. One of the most recent solutions to detect a DDoS attack is using machine learning algorithms to classify the traffic. Purpose: Analysis of applying machine learning algorithms in order to prevent DDoS attacks in software-defined network. Results: A comparison of six algorithms (random forest, decision tree, naive Bayes, support vector machine, multilayer perceptron, k-nearest neighbors) with accuracy and process time as the criteria has shown that a decision tree and naïve Bayes are the most suitable algorithms for DDoS attack detection. As compared to other algorithms, they have higher accuracy, faster processing time and lower resource consumption. The main features that identify malicious traffic compared to normal one are the number of bytes in a flow, time flow, Ethernet source address, and Ethernet destination address. A flow-table attack can be detected easier than a bandwidth attack, as all the six algorithms can predict this type with a high accuracy. Practical relevance: Important features which play a supporting role in correct data classification facilitate the development of a DDoS protection system with a smaller dataset, focusing only on the necessary data. The algorithms more suitable for machine learning can help us to detect DDoS attacks in software-defined networks more accurately.
APA, Harvard, Vancouver, ISO, and other styles
10

Jili, Tianwen, and Nanfeng Xiao. "DDoS Detection and Protection Based on Cloud Computing Platform." Journal of Physics: Conference Series 1621 (August 2020): 012005. http://dx.doi.org/10.1088/1742-6596/1621/1/012005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "DDoS-Protection"

1

Sönnerfors, Peter, Elliot Nilsson, and Michael Gustafsson. "DDoS-skydd för hemanvändare : En studie kring DDoS." Thesis, Linnéuniversitetet, Institutionen för datavetenskap (DV), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-34952.

Full text
Abstract:
Att försörja sig som streamingpersonlighet på Internet är något som vuxit explosionsartatpå senare tid. Detta leder också till att man blir ett tydligt mål för attacker. Detta arbetehar belyst den problematik som DDoS-attacker skapar när de riktas mot hemanvändare.Olika lösningar på detta problem gås igenom och analyseras. Tester har utförts för attbelysa enkelheten i attacken samt hur den påverkar hemanvändares hårdvara. Testernahar resulterat i att VPN är en kompetent lösning men innehåller även nackdelar.
To make a living as streaming personality on the Internet is something that has grownexponentially in recent times. This also leads to one becoming a clear target for attacks.This work has highlighted the problems that DDoS-attacks create when they are aimedat home users. Various solutions to this problem are reviewed and analyzed. Tests havebeen conducted to illustrate the simplicity of the attack and how it affects home usershardware. The result of the tests has shown that VPN is a competent solution but also hasits disadvantages.
APA, Harvard, Vancouver, ISO, and other styles
2

Semaan, Nasr Elie. "Security of smart city network infrastructures : design and implementation : application to “Sunrise – Smart City” Demonstrator." Thesis, Lille 1, 2017. http://www.theses.fr/2017LIL10103/document.

Full text
Abstract:
Le but de cette thèse est de concevoir et mettre en œuvre une stratégie de renseignement sur les menaces cyber afin de soutenir les décisions stratégiques. L'alerte précoce et la détection des violations sont décisives, ce qui signifie que l'accent de la cyber sécurité a évolué vers l'intelligence des menaces. Pour cette raison, nous avons créé, analysé, mis en œuvre et testé deux solutions. La première solution agit comme un mécanisme prédictif et proactif. C'est un nouveau cadre utilisé pour analyser et évaluer quantitativement les vulnérabilités associées à un réseau de villes intelligentes. Cette solution utilise le modèle de chaîne de Markov pour déterminer le niveau de gravité de vulnérabilité le plus élevé d'un chemin d'attaque potentiel du réseau. Le niveau de gravité élevé amènera l'administrateur système à appliquer des mesures de sécurité appropriées à priori aux attaques. La deuxième solution agit comme un mécanisme défensif ou auto-protecteur. Ce cadre atténue les attaques par disponibilité zero-day basées sur Identification, Heuristics et Load Balancer dans un délai raisonnable. Ce mécanisme défensif a été proposé principalement pour atténuer les attaques par déni de service distribué (DDoS) car elles sont considérées comme l'une des attaques de disponibilité les plus sévères qui pourraient paralyser le réseau de la ville intelligente et provoquer une panne complète. Cette solution repose sur deux équilibreurs de charge dans lesquels le premier utilise une approche heuristique et le second agit comme une sauvegarde pour produire une solution dans un délai raisonnable
The purpose of this thesis is to design and implement a cyber-threat intelligence strategy to support strategic decisions. Early warning and detection of breaches are decisive to being in a state of readiness, meaning that the emphasis of cybersecurity has changed to threat intelligence. For that reason, we created, analyzed, implemented, and tested two solutions. The first solution acts as a predictive and proactive mechanism. It is a novel framework used to analyze and evaluate quantitatively the vulnerabilities associated with a smart city network. This solution uses the Markov Chain Model to determine the highest vulnerability severity level of a potential attack path in the attacks graph of the network. High severity level of a potential attack path will lead the system administrator to apply appropriate security measures a priori to attacks occurrence. The second solution acts as a defensive or self-protective mechanism. This framework mitigates the zero-day availability attacks based on Identification, Heuristics and Load Balancer in a reasonable time frame. This defensive mechanism has been proposed mainly to mitigate Distributed Denial of Service (DDoS) attacks since they are considered one of the most severe availability attacks that could paralyze the smart city’s network and cause complete black out. This solution relies on two load balancers in which the first one uses a heuristic approach, and the second acts as a backup to produce a solution in a reasonable time frame
APA, Harvard, Vancouver, ISO, and other styles
3

Eklund, Martin, and Patrik Ståhlberg. "Distributed denial of service attacks : Protection, Mitigation, and Economic Consequences." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-170924.

Full text
Abstract:
Distributed Denial of Service attacks is a problem that constantly threatens companies that rely on the internet for major parts of their business. A successful DDoS attack that manages to penetrate a company’s network can lead to devastating damages in the form of lost income, reduced productivity, increase in costs, and damage to the company’s image and reputation. The different DDoS attacks are many and of different character and often Offer different parts of the network, which makes it very difficult to defend against. It is also very clear that DDoS attacks are increasing in both numbers and size every year. From our experiments we have proven that anyone with little knowledge and limited resources can perform DDoS attacks that will make a website unavailable. This fact should cause companies that base their business on the internet, aware that they are likely to someday be subject to a DDoS attack. From our research we have found a variety of different DDoS solutions on the market that promise to offer protection. Many of which claim to protect against all different types of DDoS attacks. In practice it is impossible to find something that guarantees 100% safety. According to earlier research in the field, there are many different ways of protecting a network against DDoS attacks, e.g. via Software Defined Networking, Hop-Count Filtering, or Kill-bots. Our own tests show that a virtual firewall can offer protection against DDoS attacks on a low scale, but that such a solution has a number of weaknesses. If the firewall does protect the website, the attacker could instead shift to attacking the firewall itself. Our research also shows that the most common motives behind DDoS attacks are criminal purposes. Criminals use DDoS attacks to earn money by offering directed DDoS attacks against websites or by trying to blackmail companies into paying a fee for not being attacked. We have also seen that the economic consequence of DDoS attacks are devastating if not handled with a sufficiently fast response. After investigating the e-commerce company CDON.com we learned that they could potentially lose roughly 36 410 SEK per minute when a DDoS attack is underway against them. In today’s business climate it is important for companies to be able to rely on the internet for their activity and for customers to have easy access to the company’s products and services. However, companies’ websites are being attacked and thus these companies need an explicit plan of how to mitigate such attacks.
Distributed Denial of Service (DDoS) attacker är ett problem som ständigt hotar företag, som förlitar sig till internet för centrala delar av sin verksamhet. En DDoS-attack som lyckas penetrerar ett företags nätverk kan medföra förödande skador i form av förlorade intäkter, minskad produktivitet, ökade kostnader samt skada på företagets rykte/varumärke. DDoS-attackerna är många och av olika karaktär, som attackerar olika delar av ett företags nätverk, vilket leder till att det är svårt att effektivt skydda sig mot DDoS-attacker. Det står också klart att DDoS-attacker ökar både till antalet och storleksmässigt för varje år som går. Utifrån våra egna experiment har vi kunnat bevisa att vem som helst med små medel och begränsade kunskaper kan utföra en DDoS-attack som sänker en webbsida. Ett faktum som gör att alla företag vars verksamhet är baserad på internet bör räkna med att de någon gång bli utsatta för en DDoS-attack. Utifrån våra undersökningar kan vi se att det finns en uppsjö av olika DDoS-skydd på marknaden, skydd som hanterar några problem som DDoS-attacker medför, men det finns inga kompletta skydd som kan garantera 100 % säkerhet. Utifrån tidigare forskning på området framgår det att det finns många olika sätt att skydda sig mot DDoS-attacker, t.ex. genom Software Defined Networks, Hop-Count Filtering eller Kill-bots. Våra egna tester visar på att en virtuell brandvägg kan vara ett sätt att skydda sig mot DDoS-attacker, men testerna visar också att en sådan lösning inte heller är säker då man kan förstöra åtkomsten till webbsidan genom att överbelasta brandväggen.<p> Undersökningen visar också att ett av de vanligaste motiven bakom DDoS-attacker är kriminella ändamål. Kriminella som använder DDoS-attacker för att tjäna pengar genom att erbjuda riktade DDoS-attacker mot websidor eller genom försök att utpressa till betalning med DDoS-attacker som ett hot. Vi har kommit fram till att de ekonomiska konsekvenserna av DDoS-attacker kan vara ödestigna för företag om det inte hanteras i tid. Genom våra egna beräkningar har vi visat att e-handelsföretaget CDON.com riskerar att förlora ca 36 415,90 kr per minut som en DDoS-attack pågår mot företaget. Anledningen till av vi valt att ägnad denna uppsats åt DDoS-problemet, är den skrämmande ökningen av DDoS-attacker som man kan se sker årligen. Attackerna blir flera, de ökar storleksmässigt och de blir allt mer sofistikerade. Attackerna utförs också tillsynes omotiverat i vissa fall, men också välplanerade attacker utförs för att skada företag ekonomiskt. I dagens företagsklimat är det viktigt att företaget har möjlighet att använda sig av internet för att driva verksamheten och göra det enkelt för kunder att ta del av företagets produkter/tjänster. Att företags webbsidor blir utslagen på grund av en DDoS-attacker är idag en verklighet, och en tydlig plan för att hur man ska hantera en sådan incident bör finns på plats inom företag.
APA, Harvard, Vancouver, ISO, and other styles
4

Trabé, Patrick. "Infrastructure réseau coopérative et flexible de défense contre les attaques de déni de service distribué." Toulouse 3, 2006. http://www.theses.fr/2006TOU30288.

Full text
Abstract:
Les attaques par déni de service distribué (DDoS, Distributed Denial of Service) consistent à limiter ou à empêcher l'accès à un service informatique. La disponibilité du service proposé par la victime est altérée soit par la consommation de la bande passante disponible sur son lien, soit à l'aide d'un nombre très important de requêtes dont le traitement surconsomme les ressources dont elle dispose. Le filtrage des DDoS constitue aujourd'hui encore un problème majeur pour les opérateurs. Le trafic illégitime ne comporte en effet que peu ou pas de différences par rapport au trafic légitime. Ces attaques peuvent ensuite tirer parti et attaquer des services disposés dans le réseau. L'approche présentée dans cette thèse se veut pragmatique et cherche à aborder ce problème suivant deux angles ; à savoir contenir l'aspect dynamique et distribué de ces attaques d'une part, et être capable de préserver le trafic légitime et le réseau d'autre part. Nous proposons dans ce but une architecture distribuée de défense comportant des nœuds de traitement associés aux routeurs des points de présence et d'interconnexion du réseau de l'opérateur. Ces nœuds introduisent dans le réseau, par le biais d'interfaces ouvertes, la programmabilité qui apporte la flexibilité et la dynamicité requises pour la résolution du problème. Des traitements de niveau réseau à applicatif sur les datagrammes sont ainsi possibles, et les filtrages sont alors exempts de dommages collatéraux. Un prototype de cette architecture permet de vérifier les concepts que nous présentons
The goal of Distributed Denial of Service attacks (DDoS) is to prevent legitimate users from using a service. The availability of the service is attacked by sending altered packets to the victim. These packets either consume a large part of networks bandwidth, or create an artificial consumption of victim’s key resources such as memory or CPU. DDoS’ filtering is still an important problem for network operators since illegitimate traffics look like legitimate traffics. The discrimination of both classes of traffics is a hard task. Moreover DDoS victims are not limited to end users (e. G. Web server). The network is likely to be attacked itself. The approach presented in this thesis is pragmatic. Firstly it seeks to control dynamic and distributed aspects of DDoS. Secondly it looks for protecting legitimate traffics and the network against collateral damages. Thus we propose a distributed infrastructure of defense based on nodes dedicated to the analysis and the filtering of the illegitimate traffic. Each node is associated with one POP router or interconnection router in order to facilitate its integration into the network. These nodes introduce the required programmability through open interfaces. The programmability offers applicative level packets processing, and thus treatments without collateral damages. A prototype has been developed. It validates our concepts
APA, Harvard, Vancouver, ISO, and other styles
5

Sikora, Marek. "Detekce slow-rate DDoS útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317019.

Full text
Abstract:
This diploma thesis is focused on the detection and protection against Slow DoS and DDoS attacks using computer network traffic analysis. The reader is introduced to the basic issues of this specific category of sophisticated attacks, and the characteristics of several specific attacks are clarified. There is also a set of methods for detecting and protecting against these attacks. The proposed methods are used to implement custom intrusion prevention system that is deployed on the border filtering server of computer network in order to protect Web servers against attacks from the Internet. Then created system is tested in the laboratory network. Presented results of the testing show that the system is able to detect attacks Slow GET, Slow POST, Slow Read and Apache Range Header and then protect Web servers from affecting provided services.
APA, Harvard, Vancouver, ISO, and other styles
6

Lee, Fu-Yuan, and 李富源. "Designing Protection Mechanisms against DDoS Attacks." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/96879939452713301266.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wu, Yo-Cheng, and 吳宥徵. "Designing A Protection System against DDoS Attacks." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/04146199808879810778.

Full text
Abstract:
碩士
中原大學
電機工程研究所
97
Abstract   In this thesis, we propose a new protection system, it can effectively resist the distributed denial-of-service (DDoS) attacks. It can improve the accuracy of judgment of the malicious attacks, and it can make the network quality more effectively.   In the first step, we propose the combination of the detection and routing-redirect to resist DDoS attacks. This method can effectively channelize the malicious packets. Due to the DDoS packets is features, the monitor-side can use as reference to blocked most of the malicious packets. Besides, we will use the double lines of defense to minimize the damage. In the second step, we establish a list of IP address to determine legitimate users in peacetime. When the attack occurred, it can judge normal users to avoid interference with the user of services.       The contributions of work are as follows.   (1) In our system, we can effectively judge malicious packets to lower the error rates.   (2) The establishment of the list method can reduce the time of re-analysis to avoid interference with the users.   We trust these mechanisms can significantly reduce attack volume. The results of our research in thesis shows that it will be much helpful to future research in the category of the DDoS defense.
APA, Harvard, Vancouver, ISO, and other styles
8

Hsieh, Yen-Wei, and 謝彥偉. "An Overload Protection Mechanism Under DDoS Attack." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/94866290373248887975.

Full text
Abstract:
碩士
國立中央大學
資訊工程研究所
92
Many attacks on the internet reveal much vulnerability in recent years; causing the largest damage among them we called DDoS. For much existent defense strategies, the DDoS is hard to prevent. With the popularity of the internet, it is more and more easily to find vulnerable server; some intent attacker will use these weakness to attack the particular server that the service can’t be available to the legitimate user . Due to DDoS has characteristic of congestion and continuity, so that the packet can’t be forwarded normally because of router-overloading. Most defense mechanism can’t communicate through the congested network; it is unnecessary to say that if attacks occur, other protection mechanism will work. In view of this, this paper proposed the overload protection mechanism under DDoS that it can bypass the attacking packet quickly and precisely also defend large source and decrease loading of router when attacks occur in order to transmit packet fluently for other legitimate user. Moreover, it can work with other defense mechanism to enhance the performance of protection mechanism. We use the physical topology to simulate the performance of our protection mechanism under DDoS attack. The result of our experiment evidenced that overload protection mechanism is practical and decreases the influence effectively.
APA, Harvard, Vancouver, ISO, and other styles
9

Kuo, Jin-Yan, and 郭晉晏. "SDN Based Protection for DDoS Attack with Flow Correlation Analysis." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/4cz22f.

Full text
Abstract:
碩士
國立交通大學
資訊管理研究所
105
Software Defined Network (SDN) decouples control function from traditional data plane and use OpenFlow as the communication protocol between the control plane and data plane. It can centralize the network control to decrease the complexity of network topology. But, this SDN characteristic makes the controller become vulnerable since attackers may launch Distributed Denial of Service (DDoS) attacks against the controller. In this paper, we propose a complete protection system for DDoS attack with four major modules: anomaly detection module, attack detection module, traceback module and attack mitigation module. We use packet_in message query the controller for routing rule to implemented anomaly detection module. Then, we use K-nearest neighbors with correlation features selection (CKNN) to classify whether the flow is an attack flow in attack detection module. Because of the extracting feature from correlation information, the classification efficiency is increased. The accuracy of CKNN using our feature can achieve 99%. Finally, we find the attack path in traceback module and block the attack traffic by attack mitigation module. This system we proposed can effectively reduce the load (CPU) of the controller and switches by quickly find out attack source.
APA, Harvard, Vancouver, ISO, and other styles
10

Lien, Chia-Chun, and 連嘉俊. "Tracers Deployment of Nodes-Aware Protection Areas against DDoS Attacks." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/46763164147765613154.

Full text
Abstract:
碩士
中華大學
資訊工程學系碩士班
102
Network security problems emerge in an endless stream. One of serious problems is Distributed Denial of Service (DDoS) attack, which paralyzes hosts such that they cannot provide service for their clients by occupying their resources or network bandwidth. To solve the DDoS problems efficiently, traditional routers have to be enhanced with additional capabilities such as tracing attacks origins, filtering malicious packets, etc. We refer the enhanced routers to as tracers. Under the cost consideration in practice, it is hard to upgrade all of routers to be tracers in short-term. Therefore the tracer deployment becomes the key to the performance of DDoS defense. In previous work, tracers can be deployed on the surrounds of protection areas, which the diameter of each one is limited to an assigned number of hop counts. Although the deployment can guarantee packet traceable when the path of packet is longer than or equal to the diameter of protection area, searching cost of attack origins cannot be controlled. This is because the number of nodes in a protection area may be too many. In this thesis, we first try to reduce tracer density compared to the previous work and then propose a new node-aware tracer deployment that can limit the number of nodes in a protection area. The simulation results show that the tracer density can be improved in small networks and node-aware tracer deployment can control the searching cost of attack origins.
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "DDoS-Protection"

1

Gupta, Rajneesh. Hands-On Cybersecurity with Blockchain: Implement DDoS protection, PKI-based identity, 2FA, and DNS security using Blockchain. Packt Publishing, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "DDoS-Protection"

1

Qu, Haipeng, Lina Chang, Lei Ma, Yanfei Xu, and Guangwei Yang. "DPEES: DDoS Protection Effectiveness Evaluation System." In Lecture Notes in Electrical Engineering, 155–61. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-28798-5_22.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Badhwar, Raj. "Distributed Denial of Service (DDoS) Protection." In The CISO’s Next Frontier, 231–36. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-75354-2_28.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Somani, Gaurav, Manoj Singh Gaur, and Dheeraj Sanghi. "DDoS Protection and Security Assurance in Cloud." In Computer Communications and Networks, 171–91. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-25988-8_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Culnane, Chris, Mark Eldridge, Aleksander Essex, and Vanessa Teague. "Trust Implications of DDoS Protection in Online Elections." In Electronic Voting, 127–45. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-68687-5_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Tung, Tony Miu, Chenxu Wang, and Jinhe Wang. "Understanding the Behaviors of BGP-based DDoS Protection Services." In Network and System Security, 463–73. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-030-02744-5_34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Apiecionek, Łukasz, Jacek M. Czerniak, and Wojciech T. Dobrosielski. "Quality of Services Method as a DDoS Protection Tool." In Advances in Intelligent Systems and Computing, 225–34. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-11310-4_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Pascoal, Túlio A., Yuri G. Dantas, Iguatemi E. Fonseca, and Vivek Nigam. "Slow TCAM Exhaustion DDoS Attack." In ICT Systems Security and Privacy Protection, 17–31. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-58469-0_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Mubarok, Ibnu, Kiryong Lee, Sihyung Lee, and Heejo Lee. "Lightweight Resource Management for DDoS Traffic Isolation in a Cloud Environment." In ICT Systems Security and Privacy Protection, 44–51. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014. http://dx.doi.org/10.1007/978-3-642-55415-5_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Sarmento, Augusto Gonzaga, Kheng Cher Yeo, Sami Azam, Asif Karim, Abdullah Al Mamun, and Bharanidharan Shanmugam. "Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities." In Cybersecurity, Privacy and Freedom Protection in the Connected World, 235–52. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-68534-8_15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Bhadula, Rakesh Chandra, V. N. Kala, Amit Kumar Mishra, and Deepak Kholiya. "Utilization of puzzles for protection against DDoS attacks." In Distributed Denial of Service Attacks, 203–16. De Gruyter, 2021. http://dx.doi.org/10.1515/9783110619751-010.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "DDoS-Protection"

1

Jonker, Mattijs, and Anna Sperotto. "Measuring exposure in DDoS protection services." In 2017 13th International Conference on Network and Service Management (CNSM). IEEE, 2017. http://dx.doi.org/10.23919/cnsm.2017.8255991.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Papadie, Roxana, and Ioana Apostol. "Analyzing websites protection mechanisms against DDoS attacks." In 2017 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). IEEE, 2017. http://dx.doi.org/10.1109/ecai.2017.8166454.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Jonker, Mattijs, Anna Sperotto, Roland van Rijswijk-Deij, Ramin Sadre, and Aiko Pras. "Measuring the Adoption of DDoS Protection Services." In IMC 2016: Internet Measurement Conference. New York, NY, USA: ACM, 2016. http://dx.doi.org/10.1145/2987443.2987487.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Georgiev, Ivan, and Kamelia Nikolova. "An approach of DNS protection against DDoS attacks." In 2017 13th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS). IEEE, 2017. http://dx.doi.org/10.1109/telsks.2017.8246248.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Pham-Quoc, Cuong, Biet Nguyen-Hoang, and Tran Ngoc Thinh. "A reconfigurable heterogeneous multicore architecture for DDoS protection." In 2016 3rd National Foundation for Science and Technology Development Conference on Information and Computer Science (NICS). IEEE, 2016. http://dx.doi.org/10.1109/nics.2016.7725648.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Permpoontanalarp, Yongyuth, and Jatupoom Kanokkanjanapong. "Dynamic Undeniable Fair Certified Email with DDoS Protection." In 22nd International Conference on Advanced Information Networking and Applications (aina 2008). IEEE, 2008. http://dx.doi.org/10.1109/aina.2008.61.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Razumov, Pavel V., Olga A. Safaryan, Ivan A. Smirnov, Vitaliy M. Porksheyan, Nickolay V. Boldyrikhin, Denis A. Korochentsev, Larissa V. Cherckesova, and Sergey A. Osikov. "Developing of Algorithm of HTTP FLOOD DDoS Protection." In 2020 3rd International Conference on Computer Applications & Information Security (ICCAIS). IEEE, 2020. http://dx.doi.org/10.1109/iccais48893.2020.9096870.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Bekeneva, Ya, N. Shipilov, K. Borisenko, and A. Shorov. "Simulation of DDoS-attacks and protection mechanisms against them." In 2015 IEEE NW Russia Young Researchers in Electrical and Electronic Engineering Conference (EIConRusNW). IEEE, 2015. http://dx.doi.org/10.1109/eiconrusnw.2015.7102230.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Apiecionek, Lukasz, and Wojciech Makowski. "Firewall rule with token bucket as a DDoS protection tool." In 2015 IEEE 13th International Scientific Conference on Informatics. IEEE, 2015. http://dx.doi.org/10.1109/informatics.2015.7377803.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Boite, Julien, Pierre-Alexis Nardin, Filippo Rebecchi, Mathieu Bouet, and Vania Conan. "Statesec: Stateful monitoring for DDoS protection in software defined networks." In 2017 IEEE Conference on Network Softwarization (NetSoft). IEEE, 2017. http://dx.doi.org/10.1109/netsoft.2017.8004113.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "DDoS-Protection"

1

Park, Kihong. Scalable Protection Against DDOS and Worm Attacks. Fort Belvoir, VA: Defense Technical Information Center, April 2004. http://dx.doi.org/10.21236/ada423164.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'DDoS-Protection' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography