To see the other types of publications on this topic, follow the link: Distributed attacks.
Journal articles on the topic 'Distributed attacks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Distributed attacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Wang, Haojun. "Distributed Denial of Service Attack with Large Language Model." Highlights in Science, Engineering and Technology 138 (May 11, 2025): 132–37. https://doi.org/10.54097/586gg060.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks take full advantage of distributed networks by sending a relentless barrage of requests to a target server to disrupt the regular operation of the server. The main difference between a DDoS attack and a traditional Denial of Service (DoS) attack is its decentralized nature. This characteristic increases the attack's impact and thus creates incredible difficulty in prevention. Traditional DDoS strategies cover flooding attacks (e.g., TCP SYN and UDP floods), protocol usage techniques (e.g., SYN floods and the infamous Ping of Death), and resource exhaustion strategies (e.g., HTTP floods). Each of these proposed strategies relies on large amounts of bandwidth, and recent results achieved on detection systems provide more efficient mitigation means. A significant change in the pattern of modern DDoS attacks shows the rise of amplification attacks, an attack strategy that cleverly exploits weaknesses to increase traffic beyond its initial scale. In addition, the phenomenon of hybrid attacks has become more prominent, which integrates various DDoS tactics into more sophisticated and powerful attacks, e.g., combining application-layer attacks and traffic flooding, thereby crippling both the application and network layers. As network threats become more sophisticated, we must innovate our defence strategies to ensure their effectiveness. In order to gain a deeper understanding of the potential threat of DDoS, it is critical to delve deeper into traditional attack tactics, analyze specific case studies in depth, and explore the impact of emerging technologies. This article delves into traditional DDoS attacks, current threat perceptions, and how artificial intelligence can play a role in the face of these cold attacks.
2
Zhang, Chunming. "Impact of Defending Strategy Decision on DDoS Attack." Complexity 2021 (March 15, 2021): 1–11. http://dx.doi.org/10.1155/2021/6694383.
Full textAbstract:
Distributed denial-of-service (DDoS) attack is a serious threat to cybersecurity. Many strategies used to defend against DDoS attacks have been proposed recently. To study the impact of defense strategy selection on DDoS attack behavior, the current study uses logistic function as basis to propose a dynamic model of DDoS attacks with defending strategy decisions. Thereafter, the attacked threshold of this model is calculated. The existence and stability of attack-free and attacked equilibria are proved. Lastly, some effective strategies to mitigate DDoS attacks are suggested through parameter analysis.
3
Kadirov, M. M. "АНАЛИЗ И КЛАССИФИКАЦИЯ КИБЕРАТАК НА ИНФОРМАЦИОННО-КОММУНИКАЦИОННЫЕ СИСТЕМЫ". Journal of Science and Innovative Development 6, № 4 (2023): 27–36. http://dx.doi.org/10.36522/2181-9637-2023-4-3.
Full textAbstract:
This article analyzes distributed cyberattacks of the “Denial of Service” type and develops their classification. A description of the shortcomings and vulnerabilities of distributed denial-of-service attacks by category is given. An implementation diagram with examples for each category of distributed denial of service attacks is presented. Analyzed the number of attacks carried out by attackers, as well as the purpose and type of attack used. According to the results of the study, the UDP-flood 53.64% attack type is the most commonly used type by attackers in implementing distributed attacks, and the GRE-flood 1.41% is defined as the least used type. Distributed denial of service attacks are the major concern for security experts. This paper can be helpful for researchers and cyber security experts to provide a better understanding of distributed denial of service attack tools in present times.
4
Saba Abdulbaqi Salman, Sufyan Al-Janabi, and Ali Makki Sagheer. "Security Attacks on E-Voting System Using Blockchain." Iraqi Journal For Computer Science and Mathematics 4, no. 2 (2023): 179–88. http://dx.doi.org/10.52866/ijcsm.2023.02.02.016.
Full textAbstract:
Electronic voting has become popular in democratic countries, and thus the cyber security of this system is demanded. In this paper, some attacks were made on a proposed electronic election model based on blockchain technology, where the impact of each attack (Sybil, DDoS, Eclipse, Selfish mining, 51% attack) was calculated, and the time in which it achieved 51% of the attack was calculated. In this study, we investigate of Blockchain technology’s attack surface, focusing on general blockchains. The following factors show how these attacks have an impact on the proposed model: 1) The cryptographic architecture of the Blockchain. 2) The distributed architecture of systems using Blockchain. 3) The Blockchain application context. For each of these factors, we identify several attacks, including selfish mining, 51% attack, sybil attacks, eclipse attacks, distributed denial-of-service (DDos) attacks, consensus delay (due to selfish behavior or distributed denial-of-service attacks), blockchain forks, orphan blocks, block swallowing, wallet theft, smart contract attacks, and privacy attacks.
5
Chaudhary, Sachin, and Kanchan Chaudhary. "Distributed Honeypots System." International Journal of Advance Research and Innovation 1, no. 2 (2013): 5–11. http://dx.doi.org/10.51976/ijari.121302.
Full textAbstract:
Honeypot is a supplemented active defence system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system. Integrated with other security solutions, Honeypot can solve many traditional dilemmas. It has emerged as a prominent technology that helps learn new hacking techniques from attackers and intruders. Honeypots can initiatively lure hackers to attack the internet, take the record of the ways and means of their invasion, and then analyze and study them.
6
K.M, Akhil, Rahul C.T, and Athira V.B. "Distributed Denial of Service (DDoS) Attacks and Defence Mechanism." International Journal of Computer Science and Mobile Computing 10, no. 3 (2021): 83–88. http://dx.doi.org/10.47760/ijcsmc.2021.v10i03.010.
Full textAbstract:
Denial of Service (DoS) attacks is one of the major threats to Internet sites and one of the major security problems Internet faces today. The nature of threats caused by Distributed Denial of Service (DDoS) attacks on networks. With little or no warning, a DDoS attack could easily destroy its victim's communication and network resources in a short period of time. This paper outlines the problem of DDoS attacks and developing a classification of DDoS attacks and DDoS defense mechanisms. Important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to set a certain order of existence methods of attack and defense mechanisms, for the better understanding DDoS attacks can be achieved with more effective methods and means of self-defense can be developed.
7
Karthikeyani, R., and E. Karthikeyan. "A Review on Distributed Denial of Service Attack." Asian Journal of Research in Computer Science 16, no. 4 (2023): 133–44. http://dx.doi.org/10.9734/ajrcos/2023/v16i4378.
Full textAbstract:
Today’s world, technology has become an inevitable part of human life. In fact, during the Covid-19 pandemic, everything from the corporate world to educational institutions has shifted from offline to online. It leads to exponential increase in intrusions and attacks over the internet-based technologies. Distributed denial of service (DDOS) attack is one of the most dangerous attack that could cause devastating effects on the internet. These attacks are becoming more complex and expected to expand in number day after day, rendering detecting and combating these threats challenging. In network security this attack is very dangerous. The main aim of DDOS attack is to collapse the network or server with abnormal traffic to make server unavailable for the legitimate users. In this paper reviews various type of DDOS attacks, Symptoms of DDOS attack, role of botnet on DDOS attack and give some mitigation and prevention technique for DDOS attack.
8
Kasture, Pradnya. "DDoS Attack Detection using ML." International Journal for Research in Applied Science and Engineering Technology 11, no. 5 (2023): 6421–24. http://dx.doi.org/10.22214/ijraset.2023.53133.
Full textAbstract:
Abstract: DDoS attacks are an attempt to prevent the service from being unavailable by overloading the server with malicious traffic. In the past few years, distributed denial of service attacks is becoming the most difficult and burdensome problem. The number and magnitude of attacks have increased from few megabytes of data to 100s of terabytes of data these days. As there are different attack patterns or new types of attacks, it is difficult to detect such attacks effectively. New techniques for generating and mitigating distributed denial of service attacks have been developed in the present paper, which demonstrate that they are far superior to those currently used. In addition, in order to carry out a thorough investigation of the challenges presented by distributed denial of service attacks, we classify DDoS attack methods and techniques used for their detection. We're comparing the attack module to a few other tools out there.
9
Riyadh, Rahef Nuiaa, Manickam Selvakumar, and Hakem Alsaeedi Ali. "Distributed reflection denial of service attack: A critical review." International Journal of Electrical and Computer Engineering (IJECE) 11, no. 6 (2021): 5327–41. https://doi.org/10.11591/ijece.v11i6.pp5327-5341.
Full textAbstract:
As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.
10
Riskhan, Basheer, Halawati Abd Jalil Safuan, Khalid Hussain, et al. "An Adaptive Distributed Denial of Service Attack Prevention Technique in a Distributed Environment." Sensors 23, no. 14 (2023): 6574. http://dx.doi.org/10.3390/s23146574.
Full textAbstract:
Cyberattacks in the modern world are sophisticated and can be undetected in a dispersed setting. In a distributed setting, DoS and DDoS attacks cause resource unavailability. This has motivated the scientific community to suggest effective approaches in distributed contexts as a means of mitigating such attacks. Syn Flood is the most common sort of DDoS assault, up from 76% to 81% in Q2, according to Kaspersky’s Q3 report. Direct and indirect approaches are also available for launching DDoS attacks. While in a DDoS attack, controlled traffic is transmitted indirectly through zombies to reflectors to compromise the target host, in a direct attack, controlled traffic is sent directly to zombies in order to assault the victim host. Reflectors are uncompromised systems that only send replies in response to a request. To mitigate such assaults, traffic shaping and pushback methods are utilised. The SYN Flood Attack Detection and Mitigation Technique (SFaDMT) is an adaptive heuristic-based method we employ to identify DDoS SYN flood assaults. This study suggested an effective strategy to identify and resist the SYN assault. A decision support mechanism served as the foundation for the suggested (SFaDMT) approach. The suggested model was simulated, analysed, and compared to the most recent method using the OMNET simulator. The outcome demonstrates how the suggested fix improved detection.
11
Li, Muhai, and Ming Li. "An Adaptive Approach for Defending against DDoS Attacks." Mathematical Problems in Engineering 2010 (2010): 1–15. http://dx.doi.org/10.1155/2010/570940.
Full textAbstract:
In various network attacks, the Distributed Denial-of-Service (DDoS) attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.
12
Kumar, Aman. "Distributed Denial of Service (DDoS) Attack Mitigation using AI." International Journal for Research in Applied Science and Engineering Technology 13, no. 4 (2025): 5706–14. https://doi.org/10.22214/ijraset.2025.69632.
Full textAbstract:
Abstract: Distributed Denial of Service(DDoS) attacks have been the major threats for the Internet and can bring great loss to companies and governments. With the development of emergingtechnologies, suchascloudcomputing, InternetofThings(IoT), artificialintelligence techniques, attackers can launch a huge volume of DDoS attacks with a lower cost, and it is much harder to detect and prevent DDoS attacks, because DDoS traffic is similar to normal traffic. Naive Bayes and Random Forest trees are two examples of artificial intelligence techniques that have been used to detect and categorize DDoS attacks using machine learning algorithms. The paper provides advice on artificial intelligence techniques to be employed in DDoS attack detection and prevention, as well as a summary of the most recent developments in DDoS attack detection utilizing AI techniques
13
Mou, Jinping. "Adaptive Consensus of Distributed Varying Scale Wireless Sensor Networks under Tolerable Jamming Attacks." Mathematical Problems in Engineering 2013 (2013): 1–11. http://dx.doi.org/10.1155/2013/931934.
Full textAbstract:
Consensus problem is investigated for a varying scale wireless sensor network (VSWSN) under tolerable jamming attacks, where the scale of the network is increasing or decreasing due to the newly joined nodes or the removed nodes, respectively; the tolerable jamming attack means that the attack strength is limited. It supposes that during the communications, all nodes may encounter with the tolerable jamming attacks; when the attack power is larger than the given value, the attacked nodes fall asleep, or otherwise the nodes are awakened. Under the sleep method, based on the Lyapunov method, it shows that if the communicating graph is the global limited intersectional connection (GLI connection) and the system has the enough dwell time in the intersectional topology, then under the designed consensus protocol, all nodes achieve the global average consensus.
14
Gavrić, Nikola, and Živko Bojović. "Security Concerns in MMO Games—Analysis of a Potent Application Layer DDoS Threat." Sensors 22, no. 20 (2022): 7791. http://dx.doi.org/10.3390/s22207791.
Full textAbstract:
The application layer in the Internet protocol suite offers a significant degree of freedom regarding the orchestration of distributed denial-of-service attacks due to many different and unstandardized protocols. The primary focus of defending against application-layer distributed denial-of-service attacks has traditionally been Hypertext Transfer Protocols oriented while observing individual users’ actions independently from one another. In this paper, we present and analyze a novel application-layer DDoS attack in massively multiplayer online games that utilize the cooperative efforts of the attackers to deplete the server’s or players’ bandwidth. The attack exploits in-game dependencies between players to cause a massive spike in bandwidth while the attackers’ traffic remains legitimate. We introduce a multiplayer-relations graph to model user behavior on a game server. Additionally, we demonstrate the attack’s devastating capabilities on an emulated World of Warcraft server. Lastly, we discuss flaws of the existing defense mechanisms and possible approaches for the detection of these attacks using graph theory and multiplayer-relations graphs.
15
Prenzel, Björn G., William G. Laidlaw, and Hal Wieser. "WITHIN-TREE DYNAMICS OF MASS ATTACK BY DENDROCTONUS PSEUDOTSUGAE (COLEOPTERA: SCOLYTIDAE) ON ITS HOST." Canadian Entomologist 131, no. 5 (1999): 635–43. http://dx.doi.org/10.4039/ent131635-5.
Full textAbstract:
AbstractThe within-tree scale dynamics of mass attack by the Douglas-fir beetle, Dendroctonus pseudotsugae Hopkins, on its host were investigated and quantified. Seven similarly sized Douglas-fir, Pseudotsuga menziesii (Mirb.) Franco (Pinaceae), infested as part of several pheromone-induced infestations, were monitored over an entire attack season. Ninety percent of the attacks on mass-attacked trees occurred within 3 weeks of colonization; the remaining 10% occurred gradually over the remaining 7 weeks of the attack season. Vertical attack distribution followed a Gaussian form that shifted upwards on the bole with increasing attack density. The change in attack pattern associated with increasing attack density was investigated for the central vertical portion of the bole, where most attacks occurred, and where the vertical pattern was least variable. At low density, attacks were randomly distributed. As density increased, the distance between attacks decreased, eventually resulting in a uniform distribution.
16
Manaseer, Saher, and Ahmad K. Al Hwaitat. "Centralized Web Application Firewall Security System." Modern Applied Science 12, no. 10 (2018): 164. http://dx.doi.org/10.5539/mas.v12n10p164.
Full textAbstract:
In this paper we propose a centralized web firewall system for web application security which will provide a new type of synchronized system, which has the ability to  detect  and prevent a variety of web application attacks for a wide range of hosts at the same time , using an centralized command and control system, the attacked client then sends the information to a centralized command and control server which will distribute the attack information to all of the integrated clients connected to it. The distributed information contains all of the attack information including the type of attack, the IP address of the attacker, and the time of attack. The process of receiving the attacker's information and distributing it through the centralized web firewall is done automatically and immediately at the time of the attack. And all of the receiving clients will take actions against the threat depending on the distributed information such as banning the IP address of the attacker. The main process aims to protect multiple clients from any possible attack from the same attacker or the same type of attack. The system has been implemented to protect a real web application. Experiments showed that the attacks has been successfully prevented on multiple hosts at the time.
 
 This paper came to provide a centralized web firewall system that connect different web firewalls in order to detect and prevent different types of web attacks and work as a fully integrated system with the different clients.
17
Li, Wenpei, Han Fu, Shun Wu, Bin Yang, and Zhixiong Liu. "A Kalman Filter-Based Distributed Cyber-Attack Mitigation Strategy for Distributed Generator Units in Meshed DC Microgrids." Energies 16, no. 24 (2023): 7959. http://dx.doi.org/10.3390/en16247959.
Full textAbstract:
To ensure fast dynamics and the stability of multiple distributed generator units (DGUs) in DC microgrids, communication links among the controllers of DGUs are generally adopted. However, those communication channels are vulnerable to cyber-attacks. To alleviate this hassle, a Kalman Filter (KF)-based distributed cyber-attack mitigation strategy, which is highly involved in both primary and secondary control, is proposed in this paper. The KF, as a robust state estimator, is utilized to accurately estimate the authentic terminal voltages and currents of the DGUs. Based on the discrepancies between the estimated and measured parameters of the systems under cyber-attacks, the proposed control can adaptively compensate the attack signals via an adaptive proportional integral (API) controller and a fractional API (FAPI) controller in cyber-attack-mitigation layers. The main advantage of using the proposed control scheme compared to conventional schemes is the fast dynamic response. The simulation results verify this merit by comparing the adopted KF and comparing it with conventional artificial neural networks (ANN), while the experimental results validate that effectiveness of the proposed control and showcase the superiority of the FAPI control in terms of its perfect compensation for different types of cyber-attacks.
18
K., Thamizhmaran. "Enhanced Secure Technique for Detecting Attacks in Network." Journal of Advancement in Electronics Design 3, no. 3 (2020): 1–6. https://doi.org/10.5281/zenodo.4223718.
Full textAbstract:
<em>Recent research years of development of network mainly affected denial of service attacks are a virulent. Distributed rejection of service attackers infiltrate enormous quantities of computers by misusing software vulnerabilities, to set up distributed attack networks.These accidental computers are then summoned to wage a coordinated, large-scale enormous attack against at least one more victim systems. As specific counter measures are developed, attackers enhance existing denial attack tools, developing new and derivative developed techniques and attack tools. As opposed to respond to new attacks with explicit countermeasures, it is attractive to create comprehensive distributed denial solutions that shield against known and future attack variations. However, this requires a comprehensive understanding of the scope and techniques used in different attacks. This paper attempts a comprehensive scoping of the distributed denial problem. We propose new scientific categorizations to sort distinctive attack networks, to order the various procedures utilized in an attack, and to depict the characteristics of the software instruments utilized in setting up an attack network. The group of systems that is used to perform the denial attack is known as the Botnets. This paper introduces the overview of the state of art in denial attacks detection strategies.</em> <strong><em> </em></strong>
19
Li, Yufeng, Le Tian, Han Qiu, and Chuanhao Zhang. "Research Notes: Distributed Shadow for Router Security Defense." International Journal of Software Engineering and Knowledge Engineering 28, no. 02 (2018): 193–206. http://dx.doi.org/10.1142/s021819401840003x.
Full textAbstract:
Router security defense technologies emerging in recent years could hardly detect and block the new booming threats with unknown signatures such as hardware Trojan, zero-day attacks, etc. We present a novel router defense technology, distributed router shadow, which builds a closed execution environment to deceive attacks entering into the router, thereby misleading the attackers into regarding it as the real attack target and executing the suspicious code to maximize the chances of detonating the system exploit; thus the original router is prevented from attacking and the suspicious code can be detected. Our experiment and analysis show that the router shadow can defend not only attacks with signature but also some new attacks without signature.
20
Shui, Yongtao, Yu Wang, Yu Li, Yongzhi Shan, Naigang Cui, and Baojun Pang. "Consensus-Based Distributed Target Tracking with False Data Injection Attacks over Radar Network." Applied Sciences 11, no. 10 (2021): 4564. http://dx.doi.org/10.3390/app11104564.
Full textAbstract:
For target tracking in radar network, any anomaly in a part of the system can quickly spread over the network and lead to tracking failures. False data injection (FDI) attacks can damage the state estimation mechanism by modifying the radar measurements with unknown and time-varying attack variables, therefore making traditional filters inapplicable. To tackle this problem, we propose a novel consensus-based distributed state estimation (DSE) method for target tracking with FDI attacks, which is effective even when all radars are under FDI attacks. First, a real-time residual-based detector is introduced to the DSE framework, which can effectively detect FDI attacks by analyzing the statistical properties of the residual. Secondly, a simple yet effective attack parameter estimation method is proposed to provide attack parameter estimation based on a pseudo-measurement equation, which has the advantage of decoupled estimation of state and attack parameters compared with augmented state filters. Finally, for timely attack mitigation and global consistency achievement, a novel hybrid consensus method is proposed which can compensate for the estimation error caused by FDI attacks and provide estimation accuracy improvement. The simulation results show that the proposed solution is effective and superior to the traditional DSE method for target tracking in the presence of FDI attacks.
21
Fatkieva, R. R., A. S. Sudakov, and A. S. Nersisyan. "Key Characteristics of Network Traffic to Identify DDoS Attacks." LETI Transactions on Electrical Engineering & Computer Science 17, no. 8 (2024): 65–80. http://dx.doi.org/10.32603/2071-8985-2024-17-8-65-80.
Full textAbstract:
Modern methods of analyzing and protecting network infrastructure against DDoS (Distributed Denial of Service) attacks are discussed. A DDoS detection model has been developed using statistical techniques, which highlights the main stages of the attacks and key characteristics of network traffic that are crucial for detecting an attack. Potential and attack power are introduced as main concepts in assessing DDoS activity. To identify the type of attack, it is suggested to increase the sensitivity of the model by identifying key characteristics that distinguish between different attack stages. The features of various DDoS attack types, such as UDP Flood, UDP Reflection/Amplification, and TCP SYN Flood, are considered. A framework for modeling DDoS network attacks has been created. DDoS attacks including UDP Flood, UDP Reflection/Amplification and TCP SYN Flood were simulated using traffic data collected via the NetFlow protocol. The proposed attack characteristics, including speed, flow volume, and flow rate, allowed us to evaluate the attack's power and consider how to change the key characteristics of network traffic.
22
Nuiaa, Riyadh Rahef, Selvakumar Manickam, and Ali Hakem Alsaeedi. "Distributed reflection denial of service attack: A critical review." International Journal of Electrical and Computer Engineering (IJECE) 11, no. 6 (2021): 5327. http://dx.doi.org/10.11591/ijece.v11i6.pp5327-5341.
Full textAbstract:
As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.
23
Kareem, Morenikeji Kabirat, Olaniyi Dada Aborisade, Saidat Adebukola Onashoga, Tole Sutikno, and Olaniyi Mathew Olayiwola. "Efficient model for detecting application layer distributed denial of service attacks." Bulletin of Electrical Engineering and Informatics 12, no. 1 (2023): 441–50. http://dx.doi.org/10.11591/eei.v12i1.3871.
Full textAbstract:
The increasing advancement of technologies and communication infrastructures has been posing threats to the internet services. One of the most powerful attack weapons for disrupting web-based services is the distributed denial of service (DDoS) attack. The sophisticated nature of attack tools being created and used for launching attacks on target systems makes it difficult to distinguish between normal and attack traffic. Consequently, there is a need to detect application layer DDoS attacks from network traffic efficiently. This paper proposes a detection system coined eXtreme gradient boosting (XGB-DDoS) using a tree-based ensemble model known as XGBoost to detect application layer DDoS attacks. The Canadian institute for cybersecurity intrusion detection systems (CIC IDS) 2017 dataset consisting of both benign and malicious attacks was used in training and testing of the proposed model. The performance results of the proposed model indicate that the accuracy rate, recall, precision rate, and F1-score of XGB-DDoS are 0.999, 0.997, 0.995, and 0.996, respectively, as against those of k-nearest neighbor (KNN), support vector machine (SVM), principal component analysis (PCA) hybridized with XGBoost, and KNN with SVM. So, the XGB-DDoS detection model did better than the models that were chosen. This shows that it is good at finding application layer DDoS attacks.
24
Kumavat, Kavita S., and Joanne Gomes. "Common Mechanism for Detecting Multiple DDoS Attacks." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 4 (2023): 81–90. http://dx.doi.org/10.17762/ijritcc.v11i4.6390.
Full textAbstract:
An important principle of an internet-based system is information security. Information security is a very important aspect of distributed systems and IoT (Internet of Things) based wireless systems. The attack which is more harmful to the distributed system and IoT-based wireless system is a DDoS (Distributed Denial of Service) attack since in this attack, an attacker can stop the work of all other connected devices or users to the network. For securing distributed applications, various intrusion detection mechanisms are used. But most existing mechanisms are only concentrated on one kind of DDoS attack. This paper focuses on the basic architecture of IoT systems and an overview of single intrusion detection systems. This paper presents a single detection method for different DDoS attacks on distributed systems with an IoT interface. In the future, the system will provide support for detecting and preventing different DDoS attacks in IoT-based systems.
25
Adam Zukhruf, Bagus Fatkhurrozi, and Andriyatna Agung Kurniawan. "COMPARATIVE STUDY OF DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK DETECTION IN COMPUTER NETWORKS." Jurnal Teknik Informatika (Jutif) 4, no. 5 (2023): 1033–39. http://dx.doi.org/10.52436/1.jutif.2023.4.5.756.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is an internet crime that aims to consume server resources so that the server becomes unusable. Suricata, Snort and Wireshark are useful software applications for detecting DDoS attacks. This study aims to compare the performance of the snort, suricata and wireshark applications in detecting Distributed Denial of Service attacks. The comparison parameters used are the total attacks that can be detected and memory usage. The type of attack used in testing is syn flood and ping of death. The research results obtained by Suricata became the most effective application in this study compared to snort and wireshark. Suricata excels in memory usage in the two types of attacks performed with the percentage of memory usage being 0.1891 GB (4.975%) during syn flood attacks and 0.00114 GB (0.03%) during ping of death attacks. Suricata also excels in the percentage of the total number of detected ping of death attacks, namely 86,472%.
26
Dhanapal, A., and P. Nithyanandam. "The Slow HTTP Distributed Denial of Service Attack Detection in Cloud." Scalable Computing: Practice and Experience 20, no. 2 (2019): 285–98. http://dx.doi.org/10.12694/scpe.v20i2.1501.
Full textAbstract:
Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.
27
Adhikary, Kaushik, Shashi Bhushan, Sunil Kumar, and Kamlesh Dutta. "Evaluating the Impact of DDoS Attacks in Vehicular Ad-Hoc Networks." International Journal of Security and Privacy in Pervasive Computing 12, no. 4 (2020): 1–18. http://dx.doi.org/10.4018/ijsppc.2020100101.
Full textAbstract:
The presence of either malicious vehicles or inaccessibility of network services makes vehicular ad-hoc networks (VANETs) easy targets for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as distributed DoS (DDoS) attack. A lot of works have been done by researchers in securing the vehicular communication against the DDoS attacks. In this paper, efforts have been made to simulate the DDoS attacks in VANETs as well as to study their impact on the performance of networks. The experimental results are presented using six important metrics, which are collision, jitter, delay, packet drop, ratio-in-out, and throughput. The experimental results show that the impact of distributed DoS (DDoS) attack on networks performance is very critical and must be addressed to ensure the smooth functioning of networks.
28
Baird, Iain, Isam Wadhaj, Baraq Ghaleb, and Craig Thomson. "Impact Analysis of Security Attacks on Mobile Ad Hoc Networks (MANETs)." Electronics 13, no. 16 (2024): 3314. http://dx.doi.org/10.3390/electronics13163314.
Full textAbstract:
Mobile ad hoc networks (MANETs) offer a decentralized communication solution ideal for infrastructure-less environments like disaster relief zones. However, their inherent lack of central control and dynamic topology make them vulnerable to attacks. This paper examines the impact of various attacks on mobile nodes within two network types: randomly and uniformly distributed stationary networks. Four types of attacks are investigated: delay, dropping, sinkhole (alone), and a combined black hole attack (dropping + sinkhole). The effects of these attacks are compared using the packet delivery ratio, throughput, and end-to-end delay. The evaluation results show that all single attacks negatively impacted network performance, with the random network experiencing the most significant degradation. Interestingly, the combined black hole attack, while more disruptive than any single attack, affected the uniformly distributed network more severely than the random network.
29
Al-Mashadani, Abdulrahman Khalid Abdullah, and Muhammad Ilyas. "Distributed Denial of Service Attack Alleviated and Detected by Using Mininet and Software Defined Network." Webology 19, no. 1 (2022): 4129–44. http://dx.doi.org/10.14704/web/v19i1/web19272.
Full textAbstract:
The network security and how to keep it safe from malicious attacks now days is attract huge interest of the developers and cyber security experts (SDN) Software- Defined Network is simple framework for network that allow programmability and monitoring that enable the operators to manage the entire network in a consistent and comprehensive manner also used to detect and alleviate the DDoS attacks the SDN now is the trending of network security evolution there many threats that faces the networks one of them is the distributed Denial of Service (DDoS) because of the architecture weakness in traditional network SDN use new architecture and the point of power in it is the separation of control and data plane the DDoS attack prevent the users from access into resource of the network or make huge delays in the network this paper shows the impact of DDoS attacks on SDN, and how to use SDN applications written in Python and by using OpenFlow protocol to automatically detect and resist attacks with average time to response to the attack between 95-145 second.
30
Ramli, Hartini, and Maharaja Yasin Alifsyah. "Analisis Keamanan Komputer Terhadap Serangan Distributed Denial of Service (DDOS)." Journal of Renewable Energy and Smart Device 1, no. 1 (2023): 25–30. http://dx.doi.org/10.61220/joresd.v1i1.235.
Full textAbstract:
Distributed Denial of Service (DDoS) is a type of active attack, an attack that can overwhelm a system by flooding a computer or server with network traffic, disrupting user services. The goal of this attack is usually to disable services and disconnect from the compromised computer or network. The impact is very large for companies or agencies that offer services. Victims of these attacks are unable to provide the services they are supposed to. Due to a bug or constraint on the server you are trying to use and one of the ways to deal with these attacks is to use a computer network firewall, which is useful for protecting computers from various outer space attacks. If the computer has a firewall security system, it is likely that no one on the Internet can access the data on the connected computer or web server. Firewall, works like a partition or wall that blocks the computer from the Internet. This "firewall" allows you to control what data, information, and activity can be transferred from the Internet to your computer and vice versa. With better data security and can avoid DDOS attacks that want to be carried out by irresponsible parties.
31
Volokyta, Artem, and Mykyta Melenchukov. "NEURAL NETWORKS IN DETECTING ATTACKS ON DISTRIBUTED SYSTEMS." TECHNICAL SCIENCES AND TECHNOLOGIES, no. 1(35) (2024): 135–45. http://dx.doi.org/10.25140/2411-5363-2024-1(35)-135-145.
Full textAbstract:
Modern challenges in processing vast amounts of data are solved with the help of complex distributed systems, which in turn require cyber protection, that has the instruments for managing security riskssuch as information acquisition, espionage, reduction of system productivity, etc. This article provides an overview of some approaches to detecting cyberattacks, which in particular use machine learning. Their advantages, disadvantages, work methods, vulnerabilities, and approaches to their protection are given. Approaches to using various machine learning modelsfor pre-processing input data, which is subsequently analyzed by intrusion detectors, and ways of improving the accuracy and effectiveness of cyberattack identification were also investigated.As a result of the analysis of research, it is shown that there is a need to combine data from various attack detection systems used at different layers of cyber defense. The use of attack detection systems in different layers of the system allows the detection of such attacks as SQL insertion, obtaining administrator rights, acquiring access to the node, DDoS, and Probe. This can be done by analyzing logs, or network packets in case of SQL insertion, or by monitoring Internet traffic during a DDoS attack. Taking into account the growing variety of attacks on distributed systems and the increase in the amount of information being processed, the use of machine learning in attack detection systems is becoming an increasingly attractive direction for study. Artificial intelligence can be involved in selecting the necessary features for analysis, detecting interven-tions, reducing the level of false attack detections, and improving the accuracy of their recognition. The ability to retrainthe model on new data is a significant advantage due to the small number of available test datasets dedicated to attacks on dis-tributed systems. There is a need to investigate the feasibility of using certain machine learning models and neural networks, based on available input data and requirements for accuracy and speed.It has been determined that anomaly detection is the most common approach to recognizing attacks using machine learning in the commercial product market. Analysis of attacks against machine learning-based defenses that use an anomaly detection approach has shown that there are weaknesses that can be minimized with additional protection; for example, time-distributed attacks can adapt to acceptable ranges of deviation of network indicators. An overview of the mechanisms for ensuring the resistance of protection systems tosuch influences, including the addition of various noises during training, range reduction of system parameter values, variations in retraining the model on misleading data, and the use of special classifiers, was performed
32
Li, Ming, and Wei Zhao. "Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack." Mathematical Problems in Engineering 2008 (2008): 1–11. http://dx.doi.org/10.1155/2008/475878.
Full textAbstract:
The aim of distributed denial-of-service (DDOS) flood attacks is to overwhelm the attacked site or to make its service performance deterioration considerably by sending flood packets to the target from the machines distributed all over the world. This is a kind of local behavior of traffic at the protected site because the attacked site can be recovered to its normal service state sooner or later even though it is in reality overwhelmed during attack. From a view of mathematics, it can be taken as a kind of short-range phenomenon in computer networks. In this paper, we use the Hurst parameter (H) to measure the local irregularity or self-similarity of traffic under DDOS flood attack provided that fractional Gaussian noise (fGn) is used as the traffic model. As flood attack packets of DDOS make theHvalue of arrival traffic vary significantly away from that of traffic normally arriving at the protected site, we discuss a method to statistically detect signs of DDOS flood attacks with predetermined detection probability and false alarm probability.
33
Yaseen, Hiba Salah, and Ahmed Al-Saadi. "Q-learning based distributed denial of service detection." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 1 (2023): 972. http://dx.doi.org/10.11591/ijece.v13i1.pp972-986.
Full textAbstract:
<span lang="EN-US">Distributed denial of service (DDoS) attacks the target service providers by sending a huge amount of traffic to prevent legitimate users from getting the service. These attacks become more challenging in the software-defined network paradigm, due to the separation of the control plane from the data plane. Centralized software defined networks are more vulnerable to DDoS attacks that may cause the failure of all networks. In this work, a new approach is proposed based on q-learning to enhance the detection of DDoS attacks and reduce false positives and false negatives. The results of this work are compared with entropy detection in terms of the number of received packets to detect the attack and also the continuity of service for legitimate users. Moreover, these results indicate that the proposed system detects the DDoS attack from flash crowds and redirects the traffic to the edge of the data center. A second controller is used to redirect traffic to a honeypot server that works as a mirror server. This guarantees the continuity of service for both normal and suspected traffic until further analysis is done. The results indicate an increase of up to 50% in the throughput compared to other approaches.</span>
34
Hiba, Salah Yaseen, and Al-Saadi Ahmed. "Q-learning based distributed denial of service detection." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 1 (2023): 972–86. https://doi.org/10.11591/ijece.v13i1.pp972-986.
Full textAbstract:
Distributed denial of service (DDoS) attacks the target service providers by sending a huge amount of traffic to prevent legitimate users from getting the service. These attacks become more challenging in the software-defined network paradigm, due to the separation of the control plane from the data plane. Centralized software defined networks are more vulnerable to DDoS attacks that may cause the failure of all networks. In this work, a new approach is proposed based on q-learning to enhance the detection of DDoS attacks and reduce false positives and false negatives. The results of this work are compared with entropy detection in terms of the number of received packets to detect the attack and also the continuity of service for legitimate users. Moreover, these results indicate that the proposed system detects the DDoS attack from flash crowds and redirects the traffic to the edge of the data center. A second controller is used to redirect traffic to a honeypot server that works as a mirror server. This guarantees the continuity of service for both normal and suspected traffic until further analysis is done. The results indicate an increase of up to 50% in the throughput compared to other approaches.
35
Kotey, Seth, Eric Tchao, and James Gadze. "On Distributed Denial of Service Current Defense Schemes." Technologies 7, no. 1 (2019): 19. http://dx.doi.org/10.3390/technologies7010019.
Full textAbstract:
Distributed denial of service (DDoS) attacks are a major threat to any network-based service provider. The ability of an attacker to harness the power of a lot of compromised devices to launch an attack makes it even more complex to handle. This complexity can increase even more when several attackers coordinate to launch an attack on one victim. Moreover, attackers these days do not need to be highly skilled to perpetrate an attack. Tools for orchestrating an attack can easily be found online and require little to no knowledge about attack scripts to initiate an attack. Studies have been done severally to develop defense mechanisms to detect and defend against DDoS attacks. As defense schemes are designed and developed, attackers are also on the move to evade these defense mechanisms and so there is a need for a continual study in developing defense mechanisms. This paper discusses the current DDoS defense mechanisms, their strengths and weaknesses.
36
Shazly, Khadija, Dina A. Salem, Nacereddine Hammami, and Ahmed I. B. ElSeddawy. "A Review on Distributed Denial of Service Detection in Software Defined Network." International Journal of Wireless and Ad Hoc Communication 5, no. 2 (2022): 08–18. http://dx.doi.org/10.54216/ijwac.050201.
Full textAbstract:
Network security has become considerably essential because of the expansion of the internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recently numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attacks. The results have indicated that the algorithms for machine learning can be used to detect DDoS attacks in SDN efficiently. From machine learning approaches, it can be explored that the best way to detect DDoS attacks is based on utilizing deep learning procedures. Moreover, analyze the methods that combine it with other machine learning techniques. The most benefits that can be achieved from using deep learning methods are the ability to do both feature extraction along with data classification; the ability to extract specific information from partial data. Nevertheless, it is appropriate to recognize the low-rate attack, and it can get more computation resources than other machine learning where it can use a graphics processing unit (GPU) rather than a central processing unit (CPU) for carrying out the matrix operations, making the processes computationally effective and fast.
37
R K, Monika, and Ravikumar K. "PROTECTING VIRTUALIZED INFRASTRUCTURES IN CLOUD COMPUTING BASED ON BIG DATA SECURITY ANALYTICS." ICTACT Journal on Soft Computing 11, no. 2 (2021): 2306–15. https://doi.org/10.21917/ijsc.2021.0330.
Full textAbstract:
Virtualized infrastructure in cloud computing has become an attractive target for cyber attackers to launch advanced attacks. This paper proposes a novel big data based security analytics approach to detecting advanced attacks in virtualized infrastructures. Network logs as well as user application logs collected periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS). Then, extraction of attack features is performed through graph-based event correlation and Map Reduce parser based identification of potential attack paths. Next, determination of attack presence is performed through two-step machine learning, namely logistic regression is applied to calculate attack’s conditional probabilities with respect to the attributes, and belief propagation is applied to calculate the belief in existence of an attack based on them. Experiments are conducted to evaluate the proposed approach using well-known malware as well as in comparison with existing security techniques for virtualized infrastructure. The results show that our proposed approach is effective in detecting attacks with minimal performance overhead.
38
Li, Xi, Songhe Wang, Ruiquan Huang, Mahanth Gowda, and George Kesidis. "Temporal-Distributed Backdoor Attack against Video Based Action Recognition." Proceedings of the AAAI Conference on Artificial Intelligence 38, no. 4 (2024): 3199–207. http://dx.doi.org/10.1609/aaai.v38i4.28104.
Full textAbstract:
Deep neural networks (DNNs) have achieved tremendous success in various applications including video action recognition, yet remain vulnerable to backdoor attacks (Trojans). The backdoor-compromised model will mis-classify to the target class chosen by the attacker when a test instance (from a non-target class) is embedded with a specific trigger, while maintaining high accuracy on attack-free instances. Although there are extensive studies on backdoor attacks against image data, the susceptibility of video-based systems under backdoor attacks remains largely unexplored. Current studies are direct extensions of approaches proposed for image data, e.g., the triggers are independently embedded within the frames, which tend to be detectable by existing defenses. In this paper, we introduce a simple yet effective backdoor attack against video data. Our proposed attack, adding perturbations in a transformed domain, plants an imperceptible, temporally distributed trigger across the video frames, and is shown to be resilient to existing defensive strategies. The effectiveness of the proposed attack is demonstrated by extensive experiments with various well-known models on two video recognition benchmarks, UCF101 and HMDB51, and a sign language recognition benchmark, Greek Sign Language (GSL) dataset. We delve into the impact of several influential factors on our proposed attack and identify an intriguing effect termed "collateral damage" through extensive studies.
39
Zhang, Yan, Yong Wang, Yihua Hu, et al. "Security Performance Analysis of LEO Satellite Constellation Networks under DDoS Attack." Sensors 22, no. 19 (2022): 7286. http://dx.doi.org/10.3390/s22197286.
Full textAbstract:
Low Earth orbit satellite constellation networks (LSCNs) have attracted significant attention around the world due to their great advantages of low latency and wide coverage, but they also bring new challenges to network security. Distributed denial of service (DDoS) attacks are considered one of the most threatening attack methods in the field of Internet security. In this paper, a space-time graph model is built to identify the key nodes in LSCNs, and a DDoS attack is adopted as the main means to attack the key nodes. The scenarios of two-satellite-key-node and multi-satellite-key-node attacks are considered, and their security performance against DDoS attacks is also analyzed. The simulation results show that the transmission path of key satellite nodes will change rapidly after being attacked, and the average end-to-end delay and packet loss are linearly related to the number of key-node attacks. This work provides a comprehensive analysis of the security performance of LSCNs under a DDoS attack and theoretical support for future research on anti-DDoS attack strategies for LSCNs.
40
Singh, Karanbir, Kanwalvir Singh Dhindsa, and Bharat Bhushan. "Distributed Defense: An Edge over Centralized Defense against DDos Attacks." International Journal of Computer Network and Information Security 9, no. 3 (2017): 36–44. http://dx.doi.org/10.5815/ijcnis.2017.03.05.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is a large-scale, coordinated attack on the availability of services of a target/victim system or network resource/service. It can be launched indirectly through many compromised machines on the Internet. The Purpose behind these attacks is exhausting the existing bandwidth and makes servers deny from providing services to legitimate users. Most detection systems depend on some type of centralized processing to analyze the data necessary to detect an attack. In centralized defense, all modules are placed on single point. A centralized approach can be vulnerable to attack. But in distributed defense, all of the defense modules are placed at different points and do not succumb to the high volume of DDoS attack and can discover the attacks timely as well as fight the attacks with more resources. These factors clearly indicate that the DDoS problem requires a distributed solution than the centralized solution. In this paper, we compare both types of defense mechanisms and identify their relative advantages and disadvantages. Later they are compared against some performance metrics to know which kind of solution is best.
41
Zhang, Jian, Qidi Liang, Rui Jiang, and Xi Li. "A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors." Applied Sciences 9, no. 21 (2019): 4633. http://dx.doi.org/10.3390/app9214633.
Full textAbstract:
In recent years, distributed denial of service (DDoS) attacks have increasingly shown the trend of multiattack vector composites, which has significantly improved the concealment and success rate of DDoS attacks. Therefore, improving the ubiquitous detection capability of DDoS attacks and accurately and quickly identifying DDoS attack traffic play an important role in later attack mitigation. This paper proposes a method to efficiently detect and identify multivector DDoS attacks. The detection algorithm is applicable to known and unknown DDoS attacks.
42
Zeebaree, Subhi R. M., Karzan H. Sharif, and Roshna M. Mohammed Amin. "Application Layer Distributed Denial of Service Attacks Defense Techniques : A review." Academic Journal of Nawroz University 7, no. 4 (2018): 113. http://dx.doi.org/10.25007/ajnu.v7n4a279.
Full textAbstract:
Currently distributed denial of service (DDoS) is the most sever attack that effect on the internet convenience. The main goal of these attacks is to prevent normal users from accessing the internet services such as web servers. However the more challenge and difficult types to detect is application layer DDoS attacks because of using legitimate client to create connection with victims. In this paper we give a review on application layer DDoS attacks defense or detection mechanisms. Furthermore, we summarize several experimental approaches on detection techniques of application layer DDoS attacks. The main goal of this paper is to get a clear view and detailed summary of the recent algorithms, methods and techniques presented to tackle these serious types of attacks.
43
Sambangi, Swathi, and Lakshmeeswari Gondi. "A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression." Proceedings 63, no. 1 (2020): 51. http://dx.doi.org/10.3390/proceedings2020063051.
Full textAbstract:
The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.
44
Song, Zhenghang, Xiang Wang, Baoze Wei, Zhengyu Shan, and Peiyuan Guan. "Distributed Finite-Time Cooperative Economic Dispatch Strategy for Smart Grid under DOS Attack." Mathematics 11, no. 9 (2023): 2103. http://dx.doi.org/10.3390/math11092103.
Full textAbstract:
This paper proposes an energy management strategy that can resist DOS attacks for solving the Economic Dispatch Problem (EDP) of the smart grid. We use the concept of energy agent, which acts as a hub for the smart grid, and each EA is an integrated energy unit that converts, stores, and utilizes its local energy resources. This approach takes into account the coupling relationship between energy agents (EA) and utilizes the Lyapunov function technique to achieve finite-time solutions for optimization problems. We incorporate strategies to resist DOS attacks when analyzing finite-time convergence using the Lyapunov technique. Based on this, a finite convergence time related to DOS attack time is derived. The integral sliding mode control strategy is adopted and the Lyapunov method is used to analyze it, so that the algorithm can resist DOS attacks and resist external disturbances. Through theoretical analysis, it is shown that the strategy is capable of converging to the global optimal solution in finite time even if it is attacked by DOS. We conducted case studies of six-EA and ten-EA systems to verify the effectiveness of this strategy. The proposed strategy has potential for deployment in distributed energy management systems that require resilience against DOS attacks.
45
Jaideep, Gera, and Bhanu Prakash Battula. "Detection of DDOS attacks in distributed peer to peer networks." International Journal of Engineering & Technology 7, no. 2.7 (2018): 1051. http://dx.doi.org/10.14419/ijet.v7i2.7.12227.
Full textAbstract:
Peer to Peer (P2P) network in the real world is a class of systems that are made up of thousands of nodes in distributed environments. The nodes are decentralized in nature. P2P networks are widely used for sharing resources and information with ease. Gnutella is one of the well known examples for such network. Since these networks spread across the globe with large scale deployment of nodes, adversaries use them as a vehicle to launch DDoS attacks. P2P networks are exploited to make attacks over hosts that provide critical services to large number of clients across the globe. As the attacker does not make a direct attack it is hard to detect such attacks and considered to be high risk threat to Internet based applications. Many techniques came into existence to defeat such attacks. Still, it is an open problem to be addressed as the flooding-based DDoS is difficult to handle as huge number of nodes are compromised to make attack and source address spoofing is employed. In this paper, we proposed a framework to identify and secure P2P communications from a DDoS attacks in distributed environment. Time-to-Live value and distance between source and victim are considered in the proposed framework. A special agent is used to handle information about nodes, their capacity, and bandwidth for efficient trace back. A Simulation study has been made using NS2 and the experimental results reveal the significance of the proposed framework in defending P2P network and target hosts from high risk DDoS attacks.
46
Čerňanský, Michal, Ladislav Huraj, and Marek Šimon. "Controlled DDoS Attack on IPv4/IPv6 Network Using Distributed Computing Infrastructure." Journal of information and organizational sciences 44, no. 2 (2020): 297–316. http://dx.doi.org/10.31341/jios.44.2.6.
Full textAbstract:
The paper focuses on design, background and experimental results of real environment of DDoS attacks. The experimental testbed is based on employment of a tool for IT automation to perform DDoS attacks under monitoring. DDoS attacks are still serious threat in both IPv4 and IPv6 networks and creation of simple tool to test the network for DDoS attack and to allow evaluation of vulnerabilities and DDoS countermeasures of the networks is necessary. In proposed testbed, Ansible orchestration tool is employed to perform and coordinate DDoS attacks. Ansible is a powerful tool and simplifies the implementation of the test environment. Moreover, no special hardware is required for the attacks execution, the testbed uses existing infrastructure in an organization. The case study of implementation of this environment shows straightforwardness to create a testbed comparable with a botnet with ten thousand bots. Furthermore, the experimental results demonstrate the potential of the proposed environment and present the impact of the attacks on particular target servers in IPv4 and IPv6 networks.
47
Cheng, Zhijian, Guanjun Chen, Xiao-Meng Li, and Hongru Ren. "Consensus-Based Power System State Estimation Algorithm Under Collaborative Attack." Sensors 24, no. 21 (2024): 6886. http://dx.doi.org/10.3390/s24216886.
Full textAbstract:
Due to its vulnerability to a variety of cyber attacks, research on cyber security for power systems has become especially crucial. In order to maintain the safe and stable operation of power systems, it is worthwhile to gain insight into the complex characteristics and behaviors of cyber attacks from the attacker’s perspective. The consensus-based distributed state estimation problem is investigated for power systems subject to collaborative attacks. In order to describe such attack behaviors, the denial of service (DoS) attack model for hybrid remote terminal unit (RTU) and phasor measurement unit (PMU) measurements, and the false data injection (FDI) attack model for neighboring estimation information, are constructed. By integrating these two types of attack models, a different consensus-based distributed estimator is designed to accurately estimate the state of the power system under collaborative attacks. Then, through Lyapunov stability analysis theory, a sufficient condition is provided to ensure that the proposed distributed estimator is stable, and a suitable consensus gain matrix is devised. Finally, to confirm the viability and efficacy of the suggested algorithm, a simulation experiment on an IEEE benchmark 14-bus power system is carried out.
48
Le, Jian, Jing Wang, Hongke Lang, and Weihao Wang. "Distributed Secure Economic Dispatch Strategy Based on Robust Graph Theory and W-MSR Algorithm." Sensors 25, no. 8 (2025): 2551. https://doi.org/10.3390/s25082551.
Full textAbstract:
The traditional consensus-based distributed economic dispatch strategy may lose system convergency and cause imbalanced power when facing an information attack on the individual power generation unit; thus, it is unable to achieve the dispatching goal. Taking into consideration several kinds of attack behaviors that may exist in a distributed control system, this paper develops models of node attacks from the two aspects of action mode and deployment scope, and analyzes the influence of attack behaviors on the distributed economic dispatch system. Based on the idea of the W-MSR algorithm that deletes the information received from nodes that may be attacked, a distributed security consensus-based economic dispatch strategy is synthetized with the incremental cost of the power generation unit as the consensus variable. Based on the graph robustness index, this paper gives its conditions along with its proof that the communication network topology of the system should be satisfied when adopting the W-MSR algorithm. The simulation results of the IEEE-39 bus distribution network show that the strategy proposed in this paper can effectively counter various information attacks, enhancing both the security and economic efficiency of the distributed economic dispatch system. In addition, the (F + 1, F + 1)-robust graph is a necessary and sufficient condition to achieve the consensus of the dispatch strategy.
49
Manita, Mohamed Sasi, and Ahmed Ibrahim Suleiman. "Training Machine Learning Algorithms to Detect Distributed Denial of Service Attacks." International Science and Technology Journal 34, no. 2 (2024): 1–23. http://dx.doi.org/10.62341/msai2687.
Full textAbstract:
Cyber-attacks are becoming more and more sophisticated, posing a serious threat to our technologically dependent society. Such an attack is the Distributed Denial of Service (DDoS) attack, which is becoming a serious threat to businesses that have integrated their technology with public networks since they enable numerous attackers to obtain data or provide services to major corporations or nations. When a company's servers are overloaded with fraudulent requests while legitimate users' requests are denied, Distributed Denial of Service (DDoS) attacks disrupt Web service availability for an arbitrary amount of time. This results in financial losses since services are rendered unavailable. This paper provides a comparative analysis of popular ML algorithms, including Logistic Regression, Random Forest, and Neural Network, in terms of their effectiveness in DDoS attack detection. Along with a comprehensive evaluation of its performance. The study incorporates numerical data analysis and relevant diagrams to offer insights into the comparative efficacy of different ML techniques for DDoS attack detection. Keywords: DDoS attacks, machine learning, random forest, Logistic Regression, Neural Network
50
Sharma, Kavita, and B. B. Gupta. "Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices." International Journal of E-Services and Mobile Applications 10, no. 2 (2018): 58–74. http://dx.doi.org/10.4018/ijesma.2018040104.
Full textAbstract:
This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.