To see the other types of publications on this topic, follow the link: Distributed Denial of Service Attacks (DDoS).
Journal articles on the topic 'Distributed Denial of Service Attacks (DDoS)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Distributed Denial of Service Attacks (DDoS).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Kotey, Seth, Eric Tchao, and James Gadze. "On Distributed Denial of Service Current Defense Schemes." Technologies 7, no. 1 (January 30, 2019): 19. http://dx.doi.org/10.3390/technologies7010019.
Full textAbstract:
Distributed denial of service (DDoS) attacks are a major threat to any network-based service provider. The ability of an attacker to harness the power of a lot of compromised devices to launch an attack makes it even more complex to handle. This complexity can increase even more when several attackers coordinate to launch an attack on one victim. Moreover, attackers these days do not need to be highly skilled to perpetrate an attack. Tools for orchestrating an attack can easily be found online and require little to no knowledge about attack scripts to initiate an attack. Studies have been done severally to develop defense mechanisms to detect and defend against DDoS attacks. As defense schemes are designed and developed, attackers are also on the move to evade these defense mechanisms and so there is a need for a continual study in developing defense mechanisms. This paper discusses the current DDoS defense mechanisms, their strengths and weaknesses.
2
Sambangi, Swathi, and Lakshmeeswari Gondi. "A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression." Proceedings 63, no. 1 (December 25, 2020): 51. http://dx.doi.org/10.3390/proceedings2020063051.
Full textAbstract:
The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.
3
K.M, Akhil, Rahul C.T, and Athira V.B. "Distributed Denial of Service (DDoS) Attacks and Defence Mechanism." International Journal of Computer Science and Mobile Computing 10, no. 3 (March 30, 2021): 83–88. http://dx.doi.org/10.47760/ijcsmc.2021.v10i03.010.
Full textAbstract:
Denial of Service (DoS) attacks is one of the major threats to Internet sites and one of the major security problems Internet faces today. The nature of threats caused by Distributed Denial of Service (DDoS) attacks on networks. With little or no warning, a DDoS attack could easily destroy its victim's communication and network resources in a short period of time. This paper outlines the problem of DDoS attacks and developing a classification of DDoS attacks and DDoS defense mechanisms. Important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to set a certain order of existence methods of attack and defense mechanisms, for the better understanding DDoS attacks can be achieved with more effective methods and means of self-defense can be developed.
4
Singh, Rajeev, and T. P. Sharma. "Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World." International Journal of Mathematical, Engineering and Management Sciences 4, no. 4 (August 1, 2019): 1008–17. http://dx.doi.org/10.33889/ijmems.2019.4.4-080.
Full textAbstract:
Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.
5
Mazur, Katarzyna, Bogdan Ksiezopolski, and Radoslaw Nielek. "Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks." Journal of Sensors 2016 (2016): 1–13. http://dx.doi.org/10.1155/2016/5017248.
Full textAbstract:
The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.
6
Asad, Muhammad, Muhammad Asim, Talha Javed, Mirza O. Beg, Hasan Mujtaba, and Sohail Abbas. "DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning." Computer Journal 63, no. 7 (July 3, 2019): 983–94. http://dx.doi.org/10.1093/comjnl/bxz064.
Full textAbstract:
Abstract At the advent of advanced wireless technology and contemporary computing paradigms, Distributed Denial of Service (DDoS) attacks on Web-based services have not only increased exponentially in number, but also in the degree of sophistication; hence the need for detecting these attacks within the ocean of communication packets is extremely important. DDoS attacks were initially projected toward the network and transport layers. Over the years, attackers have shifted their offensive strategies toward the application layer. The application layer attacks are potentially more detrimental and stealthier because of the attack traffic and the benign traffic flows being indistinguishable. The distributed nature of these attacks is difficult to combat as they may affect tangible computing resources apart from network bandwidth consumption. In addition, smart devices connected to the Internet can be infected and used as botnets to launch DDoS attacks. In this paper, we propose a novel deep neural network-based detection mechanism that uses feed-forward back-propagation for accurately discovering multiple application layer DDoS attacks. The proposed neural network architecture can identify and use the most relevant high level features of packet flows with an accuracy of 98% on the state-of-the-art dataset containing various forms of DDoS attacks.
7
Dhanapal, A., and P. Nithyanandam. "The Slow HTTP Distributed Denial of Service Attack Detection in Cloud." Scalable Computing: Practice and Experience 20, no. 2 (May 2, 2019): 285–98. http://dx.doi.org/10.12694/scpe.v20i2.1501.
Full textAbstract:
Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.
8
Zeebaree, Subhi R. M., Karzan H. Sharif, and Roshna M. Mohammed Amin. "Application Layer Distributed Denial of Service Attacks Defense Techniques : A review." Academic Journal of Nawroz University 7, no. 4 (December 21, 2018): 113. http://dx.doi.org/10.25007/ajnu.v7n4a279.
Full textAbstract:
Currently distributed denial of service (DDoS) is the most sever attack that effect on the internet convenience. The main goal of these attacks is to prevent normal users from accessing the internet services such as web servers. However the more challenge and difficult types to detect is application layer DDoS attacks because of using legitimate client to create connection with victims. In this paper we give a review on application layer DDoS attacks defense or detection mechanisms. Furthermore, we summarize several experimental approaches on detection techniques of application layer DDoS attacks. The main goal of this paper is to get a clear view and detailed summary of the recent algorithms, methods and techniques presented to tackle these serious types of attacks.
9
Alosaimi, Wael, Michal Zak, Khalid Al-Begain, Roobaea Alroobaea, and Mehedi Masud. "Mitigation of Distributed Denial of Service Attacks in the Cloud." Cybernetics and Information Technologies 17, no. 4 (November 27, 2017): 32–51. http://dx.doi.org/10.1515/cait-2017-0040.
Full textAbstract:
Abstract Cybersecurity attacks resulting in loss of availability of cloud services can have significantly higher impact than those in the traditional stand-alone enterprise setups. Therefore, availability attacks, such as Denial of Service attacks (DoS); Distributed DoS attacks (DDoS) and Economical Denial of Sustainability (EDoS) attacks receive increasingly more attention. This paper surveys existing DDoS attacks analyzing the principles, ways of launching and their variants. Then, current mitigation systems are critically discussed. Based on the identification of the weak points, the paper proposes a new mitigation system named as DDoS-Mitigation System (DDoS-MS) that attempts to overcome the identified gap. The proposed framework is evaluated, and an enhanced version of the proposed system called Enhanced DDoS-MS is presented. In the end, the paper presents some future directions of the proposed framework.
10
Akanji, Oluwatobi Shadrach, Opeyemi Aderiike Abisoye, and Mohammed Awwal Iliyasu. "MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS." Journal of Information and Communication Technology 20, Number 3 (June 11, 2021): 277–304. http://dx.doi.org/10.32890/jict2021.20.3.1.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.
11
Zhang, Chunming. "Impact of Defending Strategy Decision on DDoS Attack." Complexity 2021 (March 15, 2021): 1–11. http://dx.doi.org/10.1155/2021/6694383.
Full textAbstract:
Distributed denial-of-service (DDoS) attack is a serious threat to cybersecurity. Many strategies used to defend against DDoS attacks have been proposed recently. To study the impact of defense strategy selection on DDoS attack behavior, the current study uses logistic function as basis to propose a dynamic model of DDoS attacks with defending strategy decisions. Thereafter, the attacked threshold of this model is calculated. The existence and stability of attack-free and attacked equilibria are proved. Lastly, some effective strategies to mitigate DDoS attacks are suggested through parameter analysis.
12
Saleh, Mohammed A., and Azizah Abdul Manaf. "A Novel Protective Framework for Defeating HTTP-Based Denial of Service and Distributed Denial of Service Attacks." Scientific World Journal 2015 (2015): 1–19. http://dx.doi.org/10.1155/2015/238230.
Full textAbstract:
The growth of web technology has brought convenience to our life, since it has become the most important communication channel. However, now this merit is threatened by complicated network-based attacks, such as denial of service (DoS) and distributed denial of service (DDoS) attacks. Despite many researchers’ efforts, no optimal solution that addresses all sorts of HTTP DoS/DDoS attacks is on offer. Therefore, this research aims to fix this gap by designing an alternative solution called a flexible, collaborative, multilayer, DDoS prevention framework (FCMDPF). The innovative design of the FCMDPF framework handles all aspects of HTTP-based DoS/DDoS attacks through the following three subsequent framework’s schemes (layers). Firstly, an outer blocking (OB) scheme blocks attacking IP source if it is listed on the black list table. Secondly, the service traceback oriented architecture (STBOA) scheme is to validate whether the incoming request is launched by a human or by an automated tool. Then, it traces back the true attacking IP source. Thirdly, the flexible advanced entropy based (FAEB) scheme is to eliminate high rate DDoS (HR-DDoS) and flash crowd (FC) attacks. Compared to the previous researches, our framework’s design provides an efficient protection for web applications against all sorts of DoS/DDoS attacks.
13
Shurman, Mohammad, Rami Khrais, and Abdulrahman Yateem. "DoS and DDoS Attack Detection Using Deep Learning and IDS." International Arab Journal of Information Technology 17, no. 4A (July 31, 2020): 655–61. http://dx.doi.org/10.34028/iajit/17/4a/10.
Full textAbstract:
In the recent years, Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack has spread greatly and attackers make online systems unavailable to legitimate users by sending huge number of packets to the target system. In this paper, we proposed two methodologies to detect Distributed Reflection Denial of Service (DrDoS) attacks in IoT. The first methodology uses hybrid Intrusion Detection System (IDS) to detect IoT-DoS attack. The second methodology uses deep learning models, based on Long Short-Term Memory (LSTM) trained with latest dataset for such kinds of DrDoS. Our experimental results demonstrate that using the proposed methodologies can detect bad behaviour making the IoT network safe of Dos and DDoS attacks
14
Alatawi, Fahad. "Defense mechanisms against Distributed Denial of Service attacks: Comparative Review." Journal of Information Security and Cybercrimes Research 4, no. 1 (June 1, 2021): 81–94. http://dx.doi.org/10.26735/lqez4186.
Full textAbstract:
Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.
15
Sharma, Kavita, and B. B. Gupta. "Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices." International Journal of E-Services and Mobile Applications 10, no. 2 (April 2018): 58–74. http://dx.doi.org/10.4018/ijesma.2018040104.
Full textAbstract:
This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.
16
Zhang, Jian, Qidi Liang, Rui Jiang, and Xi Li. "A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors." Applied Sciences 9, no. 21 (October 31, 2019): 4633. http://dx.doi.org/10.3390/app9214633.
Full textAbstract:
In recent years, distributed denial of service (DDoS) attacks have increasingly shown the trend of multiattack vector composites, which has significantly improved the concealment and success rate of DDoS attacks. Therefore, improving the ubiquitous detection capability of DDoS attacks and accurately and quickly identifying DDoS attack traffic play an important role in later attack mitigation. This paper proposes a method to efficiently detect and identify multivector DDoS attacks. The detection algorithm is applicable to known and unknown DDoS attacks.
17
SINGH, SATWINDER, ABHINAV BHANDARI, KRISHAN KUMAR SALUJA, and A. L. SANGAL. "Study to Validate the Performance of Flooding Based Distributed Denial of Service Attacks." International Journal of Computer Networks and Communications Security 8, no. 1 (January 31, 2020): 1–9. http://dx.doi.org/10.47277/ijcncs/8(1)1.
Full textAbstract:
Network technology has experienced explosive growth in the past decades. The generally accepted viewpoint in the security world is that no system or network is totally protected which makes network security an important concern. The work done in this paper focuses on Distributed Denial of Service Attacks (DDoS) where legitimate users are prevented from accessing network services. Distributed Denial of Service (DDoS) Attacks has been increasingly found to be disturbing the normal working of organizations causing billions of rupees of losses. Organizations are trying their best to reduce their losses from these systems. The focus of this paper is to providing our results of experiments in this regard for flooding based DDoS attacking in the simulation environment with NS2.35. This paper point out that the bandwidth may be more easily flooded by UDP-type attacking than by TCP-type one at different attack strength. In this paper we done the validation of DropTail and RED queue under the flooding based DDoS attack, which is better for the legitimate user under the flooding attack
18
Dwivedi, Shubhra, Manu Vardhan, and Sarsij Tripathi. "Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques." Open Computer Science 10, no. 1 (August 3, 2020): 220–30. http://dx.doi.org/10.1515/comp-2020-0009.
Full textAbstract:
AbstractDistributed denial-of-service (DDoS) attacks on the Internet of Things (IoT) pose a serious threat to several web-based networks. The intruder’s ability to deal with the power of various cooperating devices to instigate an attack makes its administration even more multifaceted. This complexity can be further increased while lots of intruders attempt to overload an attack against a device. To counter and defend against modern DDoS attacks, several effective and powerful techniques have been used in the literature, such as data mining and artificial intelligence for the intrusion detection system (IDS), but they have some limitations. To overcome the existing limitations, in this study, we propose an intrusion detection mechanism that is an integration of a filter-based selection technique and a machine learning algorithm, called information gain-based intrusion detection system (IGIDS). In addition, IGIDS selects the most relevant features from the original IDS datasets that can help to distinguish typical low-speed DDoS attacks and, then, the selected features are passed on to the classifiers, i.e. support vector machine (SVM), decision tree (C4.5), naïve Bayes (NB) and multilayer perceptron (MLP) to detect attacks. The publicly available datasets as KDD Cup 99, CAIDA DDOS Attack 2007, CONFICKER worm, and UNINA traffic traces, are used for our experimental study. From the results of the simulation, it is clear that IGIDS with C4.5 acquires high detection and accuracy with a low false-positive rate.
19
Wani, Sharyar, Mohammed Imthiyas, Hamad Almohamedh, Khalid M. Alhamed, Sultan Almotairi, and Yonis Gulzar. "Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight." Symmetry 13, no. 2 (January 29, 2021): 227. http://dx.doi.org/10.3390/sym13020227.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is a major threat impeding service to legitimate requests on any network. Although the first DDoS attack was reported in 1996, the complexity and sophistication of these attacks has been ever increasing. A 2 TBps attack was reported in mid-August 2020 directed towards critical infrastructure, such as finance, amidst the COVID-19 pandemic. It is estimated that these attacks will double, reaching over 15 million, in the next 2 years. A number of mitigation schemes have been designed and developed since its inception but the increasing complexity demands advanced solutions based on emerging technologies. Blockchain has emerged as a promising and viable technology for DDoS mitigation. The inherent and fundamental characteristics of blockchain such as decentralization, internal and external trustless attitude, immutability, integrity, anonymity and verifiability have proven to be strong candidates, in tackling this deadly cyber threat. This survey discusses different approaches for DDoS mitigation using blockchain in varied domains to date. The paper aims at providing a comprehensive review, highlighting all necessary details, strengths, challenges and limitations of different approaches. It is intended to serve as a single platform to understand the mechanics of current approaches to enhance research and development in the DDoS mitigation domain.
20
kumarasamy, Saravanan. "Distributed Denial of Service (DDOS) Attacks Detection Mechanism." International Journal of Computer Science, Engineering and Information Technology 1, no. 5 (December 31, 2011): 39–49. http://dx.doi.org/10.5121/ijcseit.2011.1504.
Full text
21
Mladenov, Branislav, and Georgi Iliev. "Optimal software-defined network topology for distributed denial of service attack mitigation." Bulletin of Electrical Engineering and Informatics 9, no. 6 (December 1, 2020): 2588–94. http://dx.doi.org/10.11591/eei.v9i6.2581.
Full textAbstract:
Distributed denial of service (DDoS) attacks are a major threat to all internet services. The main goal is to disrupt normal traffic and overwhelms the target. Software-defined networking (SDN) is a new type of network architecture where control and data plane are separated. A successful attack may block the SDN controller which may stop processing the new request and will lead to a total disruption of the whole network. The main goal of this paper is to find the optimal network topology and size which can handle Distributed denial of service attack without management channel bandwidth exhaustion or run out of SDN controller CPU and memory. Through simulations, it is shown that mesh topologies with more connections between switches are more resistant to DDoS attacks than liner type network topologies.
22
Vasan Sai Krishna, C., Y. Bhuvana, P. Pavan Kumar, and R. Murugan. "Reducing distributed denial of service (DDoS) attacks using client puzzle mechanism." International Journal of Engineering & Technology 7, no. 1.1 (December 21, 2017): 230. http://dx.doi.org/10.14419/ijet.v7i1.1.9473.
Full textAbstract:
In a typical DoS attack, the attacker tries to bring the server down. In this case, the attacker sends a lot of bogus queries to the server to consume its computing power and bandwidth. As the server’s bandwidth and computing power are always greater than attacker’s client machine, He seeks help from a group of connected computers. DDoS attack involves a lot of client machines which are hijacked by the attacker (together called as botnet). As the server handles all these requests sent by the attacker, all its resources get consumed and it cannot provide services. In this project, we are more concerned about reducing the computing power on the server side by giving the client a puzzle to solve. To prevent such attacks, we use client puzzle mechanism. In this mechanism, we introduce a client-side puzzle which demands the machine to perform tasks that require more resources (computation power). The client’s request is not directly sent to the server. Moreover, there will be an Intermediate Server to monitor all the requests that are being sent to the main server. Before the client’s request is sent to the server, it must solve a puzzle and send the answer. Intermediate Server is used to validate the answer and give access to the client or block the client from accessing the server.
23
Fadlil, Abdul, Imam Riadi, and Sukma Aji. "Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Network Forensics." Bulletin of Electrical Engineering and Informatics 6, no. 2 (June 1, 2017): 140–48. http://dx.doi.org/10.11591/eei.v6i2.605.
Full textAbstract:
Distributed Denial of Service (DDoS) is a type of attack using the volume, intensity, and more costs mitigation to increase in this era. Attackers used many zombie computers to exhaust the resources available to a network, application or service so that authorize users cannot gain access or the network service is down, and it is a great loss for Internet users in computer networks affected by DDoS attacks. In the Network Forensic, a crime that occurs in the system network services can be sued in the court and the attackers will be punished in accordance with law. This research has the goal to develop a new approach to detect DDoS attacks based on network traffic activity were statistically analyzed using Naive Bayes method. Data were taken from the training and testing of network traffic in a core router in Master of Information Technology Research Laboratory University of Ahmad Dahlan Yogyakarta. The new approach in detecting DDoS attacks is expected to be a relation with Intrusion Detection System (IDS) to predict the existence of DDoS attacks.
24
Wang, Qi, Wei Tai, Yi Tang, Hong Zhu, Ming Zhang, and Dongxu Zhou. "Coordinated Defense of Distributed Denial of Service Attacks against the Multi-Area Load Frequency Control Services." Energies 12, no. 13 (June 28, 2019): 2493. http://dx.doi.org/10.3390/en12132493.
Full textAbstract:
With the application of information and communication technology (ICT), the modern power system has gradually been updated to a typical cyber physical power system (CPPS). The deployment of distributed measurement devices enriches the application range of power communication services. However, due to the easy accessibility of distributed devices, it also creates favorable conditions for distributed denial-of-service (DDoS) attacks. In this paper, we focus on the security performance and defense strategies of the CPPS against DDoS attacks. In order to construct a coordinated defense in the power and information space, the cyber-attack process with a complete data flow of the CPPS needs to be described precisely. Therefore, a co-simulation technology-based platform is utilized to coordinate various layers in the CPPS and provide a unified research tool for the attack-defense test. On this basis, OPNET is used to replicate DDoS attacks in the information layer. Then, through the load frequency control (LFC) service of a multi-area interconnected power system, the influence of delays resulting from attacks on the control effect of the power layer is analyzed. Finally, to cope with the attack effects in both layers, detection measures of information and recovery measures of power quality are coordinated to eliminate attack consequences. Therefore, the stable operation of power services can be enabled.
25
Adhikary, Kaushik, Shashi Bhushan, Sunil Kumar, and Kamlesh Dutta. "Evaluating the Impact of DDoS Attacks in Vehicular Ad-Hoc Networks." International Journal of Security and Privacy in Pervasive Computing 12, no. 4 (October 2020): 1–18. http://dx.doi.org/10.4018/ijsppc.2020100101.
Full textAbstract:
The presence of either malicious vehicles or inaccessibility of network services makes vehicular ad-hoc networks (VANETs) easy targets for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as distributed DoS (DDoS) attack. A lot of works have been done by researchers in securing the vehicular communication against the DDoS attacks. In this paper, efforts have been made to simulate the DDoS attacks in VANETs as well as to study their impact on the performance of networks. The experimental results are presented using six important metrics, which are collision, jitter, delay, packet drop, ratio-in-out, and throughput. The experimental results show that the impact of distributed DoS (DDoS) attack on networks performance is very critical and must be addressed to ensure the smooth functioning of networks.
26
Agha, Sahareesh, Osama Rehman, and Ibrahim M. H. Rahman. "Improving Discriminating Accuracy Rate of DDoS Attacks and Flash Events." International Journal of Cyber Warfare and Terrorism 11, no. 4 (October 2021): 21–42. http://dx.doi.org/10.4018/ijcwt.2021100102.
Full textAbstract:
Internet security has become a big issue with the passage of time. Among many threats, the distributed denial-of-service (DDoS) attack is the most frequent threat in the networks. The purpose of the DDoS attacks is to interrupt service availability provided by different web servers. This results in legitimate users not being able to access the servers and hence facing denial of services. On the other hand, flash events are a high amount of legitimate users visiting a website due to a specific event. Consequences of these attacks are more powerful when launched during flash events, which are legitimate traffic and cause a denial of service. The purpose of this study is to build an intelligent network traffic classification model to improve the discrimination accuracy rate of DDoS attacks from flash events traffic. Weka is adopted as the platform for evaluating the performance of a random forest algorithm.
27
Bhavani, Y., V. Janaki, and R. Sridevi. "Survey on Packet Marking Algorithms for IP Traceback." Oriental journal of computer science and technology 10, no. 2 (June 6, 2017): 507–12. http://dx.doi.org/10.13005/ojcst/10.02.36.
Full textAbstract:
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
28
Hosny, Khalid Mohamed, Ameer El-Sayed Gouda, and Ehab Rushdy Mohamed. "New Detection Mechanism for Distributed Denial of Service Attacks in Software Defined Networks." International Journal of Sociotechnology and Knowledge Development 12, no. 2 (April 2020): 1–30. http://dx.doi.org/10.4018/ijskd.2020040101.
Full textAbstract:
Software defined networks (SDN) are a recently developed form for controlling network management by providing centralized control unit called the Controller. This master Controller is a great power point but at the same time it is unfortunately a failure point and a serious loophole if it is targeted and dropped by attacks. One of the most serious types of attacks is the inability to access the Controller, which is known as the distributed denial of service (DDoS) attack. This research shows how DDoS attack can deplete the resources of the Controller and proposes a lightweight mechanism, which works at the Controller and detects a DDoS attack in the early stages. The proposed mechanism can not only detect the attack, but also identify attack paths and initiate a mitigation process to provide some degree of protection to network devices immediately after the attack is detected. The proposed mechanism depends on a hybrid technique that merges between the average flow initiation rate, and the flow specification of the coming traffic to the network.
29
Bravo, Silvia, and David Mauricio. "New Features of User’s Behavior to Distributed Denial of Service Attacks Detection in Application Layer." International Journal of Online and Biomedical Engineering (iJOE) 14, no. 12 (December 23, 2018): 164. http://dx.doi.org/10.3991/ijoe.v14i12.9439.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks are a threat to the security of red. In recent years, these attacks have been directed especially towards the application layer. This phenomenon is mainly due to the large number of existing tools for the generation of this type of attack. The highest detection rate achieved by a method in the application capacity is 98.5%. Therefore, the problem of detecting DDoS attacks persists. In this work an alternative of detection based on the dynamism of the web user is proposed. To do this, evaluate the user's characteristics, mouse functions and right click. For the evaluation, a data set of 11055 requests was used, from which the characteristics were extracted and entered into a classification algorithm. To that end, it can be applied once in Java for the classification of real users and DDoS attacks. The results showed that the evaluated characteristics achieved an efficiency of 100%. Therefore, it is concluded that these characteristics show the dynamism of the user and can be used in a detection method of DDoS attacks.
30
Ponnuviji, N. P., and M. Vigilson Prem. "An Enhanced Way of Distributed Denial of Service Attack Detection by Applying Machine Learning Algorithms in Cloud Computing." Journal of Computational and Theoretical Nanoscience 17, no. 8 (August 1, 2020): 3765–69. http://dx.doi.org/10.1166/jctn.2020.9317.
Full textAbstract:
Cloud Computing has revolutionized the Information Technology by allowing the users to use variety number of resources in different applications in a less expensive manner. The resources are allocated to access by providing scalability flexible on-demand access in a virtual manner, reduced maintenance with less infrastructure cost. The majority of resources are handled and managed by the organizations over the internet by using different standards and formats of the networking protocols. Various research and statistics have proved that the available and existing technologies are prone to threats and vulnerabilities in the protocols legacy in the form of bugs that pave way for intrusion in different ways by the attackers. The most common among attacks is the Distributed Denial of Service (DDoS) attack. This attack targets the cloud’s performance and cause serious damage to the entire cloud computing environment. In the DDoS attack scenario, the compromised computers are targeted. The attacks are done by transmitting a large number of packets injected with known and unknown bugs to a server. A huge portion of the network bandwidth of the users’ cloud infrastructure is affected by consuming enormous time of their servers. In this paper, we have proposed a DDoS Attack detection scheme based on Random Forest algorithm to mitigate the DDoS threat. This algorithm is used along with the signature detection techniques and generates a decision tree. This helps in the detection of signature attacks for the DDoS flooding attacks. We have also used other machine learning algorithms and analyzed based on the yielded results.
31
Asia Ayaz Andrabi, Syed, Sachi Pandey, and Akthar Nazir. "A review on mitigation of the DDoS Attack in cloud in regulated environment." International Journal of Engineering & Technology 7, no. 2.8 (March 19, 2018): 497. http://dx.doi.org/10.14419/ijet.v7i2.8.10492.
Full textAbstract:
Distributed Denial of Service (DDoS) attacks are aimed at exhausting various resources of victim hosts, thereby preventing legitimate usage of their computational capabilities. In this paper, a proper and systematic mitigation technique presented to mitigate the DDoS attack in cloud environment. A robust mechanism is presented which consists of software based puzzle generation method to validate the real customer of cloud services provider from non-reals’ ones to provide better DDoS attack mitigation solution.
32
El-Sofany, Hosam F., and Samir Abou El-Seoud. "Performance Analysis of an Effective Approach to Protect Cloud Systems against Application Layer Based Attacks." International Journal of Online and Biomedical Engineering (iJOE) 15, no. 03 (February 14, 2019): 82. http://dx.doi.org/10.3991/ijoe.v15i03.9931.
Full textAbstract:
Cloud computing is a new paradigm for hosting hardware and software resources and provides a web-based services to organizations and consumers. It also provides an easy to use and on-demand access to cloud based computing resources that can be published by easy, minimal administration and with a great efficiency. Services of cloud computing are accessing and sharing through internet connection thus it is open for attacker to attack on its security. Application layer based attacks is one of Distributed Denial of Service attacks (DDoS) that can cause a big problem in cloud security. The main objective of DDoS attacks is to infect computer resources (e.g., software applications, network, CPU, etc.) and make them not working properly for the authorized users. In DDoS, the attacker tries to overload the web-based service with traffic. HTTP and XML-based DDoS attacks are founded under the application layer based category of DoS attacks. This category of attack is focused on particular web applications. The main objective of this research paper is to introduce an effective approach to protect cloud-based systems against application layer based attacks. Complexity analysis, effectiveness and performance evaluations of the presented approach are presented. The feedbacks of the experimental results were highly promising, for protecting cloud computing systems against both DoS and DDoS attacks. Correlation analysis model is also used to validate the efficiency of the proposed approach.
33
Lin, Hsiao-Chung, Ping Wang, and Wen-Hui Lin. "Implementation of a PSO-Based Security Defense Mechanism for Tracing the Sources of DDoS Attacks." Computers 8, no. 4 (December 4, 2019): 88. http://dx.doi.org/10.3390/computers8040088.
Full textAbstract:
Most existing approaches for solving the distributed denial-of-service (DDoS) problem focus on specific security mechanisms, for example, network intrusion detection system (NIDS) detection and firewall configuration, rather than on the packet routing approaches to defend DDoS threats by new flow management techniques. To defend against DDoS attacks, the present study proposes a modified particle swarm optimization (PSO) scheme based on an IP traceback (IPTBK) technique, designated as PSO-IPTBK, to solve the IP traceback problem. Specifically, this work focuses on analyzing the detection of DDoS attacks to predict the possible attack routes in a distributed network. In the proposed approach, the PSO-IPTBK identifies the source of DDoS attacks by reconstructing the probable attack routes from collected network packets. The performance of the PSO-IPTBK algorithm in reconstructing the attack route was investigated through a series of simulations using OMNeT++ 5.5.1 and the INET 4 Framework. The results show that the proposed scheme can determine the most possible route between the attackers and the victim to defend DDoS attacks.
34
Li, Ming, and Wei Zhao. "Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack." Mathematical Problems in Engineering 2008 (2008): 1–11. http://dx.doi.org/10.1155/2008/475878.
Full textAbstract:
The aim of distributed denial-of-service (DDOS) flood attacks is to overwhelm the attacked site or to make its service performance deterioration considerably by sending flood packets to the target from the machines distributed all over the world. This is a kind of local behavior of traffic at the protected site because the attacked site can be recovered to its normal service state sooner or later even though it is in reality overwhelmed during attack. From a view of mathematics, it can be taken as a kind of short-range phenomenon in computer networks. In this paper, we use the Hurst parameter (H) to measure the local irregularity or self-similarity of traffic under DDOS flood attack provided that fractional Gaussian noise (fGn) is used as the traffic model. As flood attack packets of DDOS make theHvalue of arrival traffic vary significantly away from that of traffic normally arriving at the protected site, we discuss a method to statistically detect signs of DDOS flood attacks with predetermined detection probability and false alarm probability.
35
Khairi, M. H. H., S. H. S. Ariffin, N. M. Abdul Latiff, A. S. Abdullah, and M. K. Hassan. "A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS) on Software Defined Network (SDN)." Engineering, Technology & Applied Science Research 8, no. 2 (April 19, 2018): 2724–30. http://dx.doi.org/10.48084/etasr.1840.
Full textAbstract:
Software defined network (SDN) is a network architecture in which the network traffic may be operated and managed dynamically according to user requirements and demands. Issue of security is one of the big challenges of SDN because different attacks may affect performance and these attacks can be classified into different types. One of the famous attacks is distributed denial of service (DDoS). SDN is a new networking approach that is introduced with the goal to simplify the network management by separating the data and control planes. However, the separation leads to the emergence of new types of distributed denial-of-service (DDOS) attacks on SDN networks. The centralized role of the controller in SDN makes it a perfect target for the attackers. Such attacks can easily bring down the entire network by bringing down the controller. This research explains DDoS attacks and the anomaly detection as one of the famous detection techniques for intelligent networks.
36
Naha, Bibek, Siddhartha Banerjee, and Sayanti Mondal. "A SURVEY ON CLOUD-DENIAL OF SERVICE." American Journal of Advanced Computing 1, no. 2 (April 1, 2020): 1–5. http://dx.doi.org/10.15864/ajac.1205.
Full textAbstract:
Cloud Computing is one of the most nurtured as well as debated topic in today’s world. Billions of data of various fields ranging from personal users to large business enterprises reside in Cloud. Therefore, availability of this huge amount of data and services is of immense importance. The DOS (Denial of Service) attack is a well-known threat to the availability of data in a smaller premise. Whenever, it’s a Cloud environment this simple DOS attack takes the form of DDOS (Distributed Denial of Service) attack. This paper provides a generic insight into the various kinds of DOS as well as DDOS attacks. Moreover, a handful of countermeasures have also been depicted here. In a nutshell, it aims at raising an awareness by outlining a clear picture of the Cloud availability issues.Our paper gives a comparative study of different techniques of detecting DOS.
37
Li, Muhai, and Ming Li. "An Adaptive Approach for Defending against DDoS Attacks." Mathematical Problems in Engineering 2010 (2010): 1–15. http://dx.doi.org/10.1155/2010/570940.
Full textAbstract:
In various network attacks, the Distributed Denial-of-Service (DDoS) attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.
38
Jaafar, Ghafar A., Shahidan M. Abdullah, and Saifuladli Ismail. "Review of Recent Detection Methods for HTTP DDoS Attack." Journal of Computer Networks and Communications 2019 (January 10, 2019): 1–10. http://dx.doi.org/10.1155/2019/1283472.
Full textAbstract:
With increment in dependency on web technology, a commensurate increase has been noted in destructive attempts to disrupt the essential web technologies, hence leading to service failures. Web servers that run on Hypertext Transfer Protocol (HTTP) are exposed to denial-of-service (DoS) attacks. A sophisticated version of this attack known as distributed denial of service (DDOS) is among the most dangerous Internet attacks, with the ability to overwhelm a web server, thereby slowing it down and potentially taking it down completely. This paper reviewed 12 recent detection of DDoS attack at the application layer published between January 2014 and December 2018. A summary of each detection method is summarised in table view, along with in-depth critical analysis, for future studies to conduct research pertaining to detection of HTTP DDoS attack.
39
Douglas, David, José Jair Santanna, Ricardo de Oliveira Schmidt, Lisandro Zambenedetti Granville, and Aiko Pras. "Booters: can anything justify distributed denial-of-service (DDoS) attacks for hire?" Journal of Information, Communication and Ethics in Society 15, no. 01 (March 13, 2017): 90–104. http://dx.doi.org/10.1108/jices-09-2016-0033.
Full textAbstract:
Purpose This paper aims to examine whether there are morally defensible reasons for using or operating websites (called ‘booters’) that offer distributed denial-of-service (DDoS) attacks on a specified target to users for a price. Booters have been linked to some of the most powerful DDoS attacks in recent years. Design/methodology/approach The authors identify the various parties associated with booter websites and the means through which booters operate. Then, the authors present and evaluate the two arguments that they claim may be used to justify operating and using booters: that they are a useful tool for testing the ability of networks and servers to handle heavy traffic, and that they may be used to perform DDoS attacks as a form of civil disobedience on the internet. Findings The authors argue that the characteristics of existing booters disqualify them from being morally justified as network stress testing tools or as a means of performing civil disobedience. The use of botnets that include systems without the permission of their owners undermines the legitimacy of both justifications. While a booter that does not use any third-party systems without permission might in principle be justified under certain conditions, the authors argue that it is unlikely that any existing booters meet these requirements. Practical/implications Law enforcement agencies may use the arguments presented here to justify shutting down the operation of booters, and so reduce the number of DDoS attacks on the internet. Originality/value The value of this work is in critically examining the potential justifications for using and operating booter websites and in further exploring the ethical aspects of using DDoS attacks as a form of civil disobedience.
40
Gupta, Shaveta, Dinesh Grover, and Abhinav Bhandari. "Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense Frameworks." Asian Journal of Computer Science and Technology 7, no. 3 (November 5, 2018): 62–67. http://dx.doi.org/10.51983/ajcst-2018.7.3.1895.
Full textAbstract:
The world is quickly moving towards an era of digitization. Scope and volume of the network are becoming vast that makes these machines more prone to cyber-attack due to vulnerabilities of the network. There are various types of cyber-attacks but most common and equally impactful is DDOS attack. A foolproof defense mechanism is need of the hour. Analysis of various existing defense mechanism frameworks has been done and their shortcomings have been reported by us. This analysis will help to define a framework which can provide better accuracy, lesser detection time and reduced false negative and positive rates. It will further ensure better response and mitigation against the attack.
41
Abdelhaq, Maha, Raed Alsaqour, Mada Alaskar, Fayza Alotaibi, Rawan Almutlaq, Bushra Alghamdi, Bayan Alhammad, Malak Sehaibani, and Donia Moyna. "The resistance of routing protocols against DDOS attack in MANET." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 5 (October 1, 2020): 4844. http://dx.doi.org/10.11591/ijece.v10i5.pp4844-4852.
Full textAbstract:
A Mobil Ad hoc Network (MANET) is a wireless multi-hop network with various mobile, self-organized and wireless infrastructure nodes. MANET characteristics such as openness restricted resources and decentralization impact node efficiency and made them easy to be affected by various security attacks, especially Distributed Denial of Service (DDoS) attacks. The goal of this research is to implement a simulation model called DDoS Attack Simulation Model (DDoSM) in Network Simulator 2(NS-2) and to examine the effect of DDoS Attack on various routing protocol types in MANET namely: Zone Routing Protocol (ZRP), Ad hoc On-Demand Distance Vector (AODV) protocol and Location-Aided Routing (LAR) protocol. The introduced model uses the NS-2 simulator to apply DDoS on the three chosen routing protocols. In terms of throughput and end-to-end latency under the consequences of the attack, the performance of three routings protocols was analyzed.
42
AL-Adaileh, Mohammad A., Mohammed Anbar, Yung-Wey Chong, and Ahmed Al-Ani. "Proposed statistical-based approach for detecting distribute denial of service against the controller of software defined network (SADDCS)." MATEC Web of Conferences 218 (2018): 02012. http://dx.doi.org/10.1051/matecconf/201821802012.
Full textAbstract:
Software-defined networkings (SDNs) have grown rapidly in recent years be-cause of SDNs are widely used in managing large area networks and securing networks from Distributed Denial of Services (DDoS) attacks. SDNs allow net-works to be monitored and managed through centralized controller. Therefore, SDN controllers are considered as the brain of networks and are considerably vulnerable to DDoS attacks. Thus, SDN controller suffer from several challenges that exhaust network resources. For SDN controller, the main target of DDoS attacks is to prevent legitimate users from using a network resource or receiving their services. Nevertheless, some approaches have been proposed to detect DDoS attacks through the examination of the traffic behavior of networks. How-ever, these approaches take too long to process all incoming packets, thereby leading to high bandwidth consumption and delays in the detection of DDoS at-tacks. In addition, most existing approaches for the detection of DDoS attacks suffer from high positive/negative false rates and low detection accuracy. This study proposes a new approach to detecting DDoS attacks. The approach is called the statistical-based approach for detecting DDoS against the controllers of software-defined networks. The proposed approach is designed to detect the presence of DDoS attacks accurately, reduce false positive/negative flow rates, and minimize the complexity of targeting SDN controllers according to a statistical analysis of packet features. The proposed approach passively captures net-work traffic, filters traffic, and selects the most significant features that contribute to DDoS attack detection. The general stages of the proposed approach are (i) da-ta preprocessing, (ii) statistical analysis, (iii) correlation identification between two vectors, and (iv) rule-based DDoS detection.
43
Khalaf, Bashar Ahmad, Salama A. Mostafa, Aida Mustapha, Mazin Abed Mohammed, Moamin A. Mahmoud, Bander Ali Saleh Al-Rimy, Shukor Abd Razak, Mohamed Elhoseny, and Adam Marks. "An Adaptive Protection of Flooding Attacks Model for Complex Network Environments." Security and Communication Networks 2021 (April 22, 2021): 1–17. http://dx.doi.org/10.1155/2021/5542919.
Full textAbstract:
Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios’ changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model.
44
Prayogo, Oldy Ray, and Imam Riadi. "Router Forensic Analysis against Distributed Denial of Service (DDoS) Attacks." International Journal of Computer Applications 175, no. 39 (December 30, 2020): 19–25. http://dx.doi.org/10.5120/ijca2020920944.
Full text
45
Selvakani, S., K. Vasumathi, T. Vijayalakshmi, and A. Kavitha. "Attack in SDN Based Distributed Denial of Service." Asian Journal of Engineering and Applied Technology 10, no. 1 (May 5, 2021): 38–44. http://dx.doi.org/10.51983/ajeat-2021.10.1.2802.
Full textAbstract:
DOS assaults are executed with the aid of using assault tools, worms and botnets the usage of exclusive packet-transmission techniques and diverse types of assault packets to conquer protection structures. These issues cause protection structures requiring diverse detection techniques to be able to discover assaults. Moreover, DOS assaults can blend their traffics for the duration of flash crowds. By doing this, the complicated protection machine cannot locate the assault site visitors in time. In this challenge a conduct primarily based totally detection the usage of Crowd Correlation Analysis which can discriminate DOS assault site visitors from site visitors generated with the aid of using actual customers. In the Euclidean area to specific as a diagonal matrix proposed can grasp the potential of community machine towards every assault manner and the protection functionality of community machine. Cyber-assault consisting of DDOS assault continues to be the maximum effective assault that disrupts the real customers from having access to the crucial offerings. In software layer-primarily based totally DDOS assault, attacker makes use of different gadget in preference to the usage of his very own IP cope with to flood the focused machine and disrupts the offerings SDN (software program described networks) for value performance and community Application layer allotted denial of provider (DDOS) assaults have turn out to be a extreme hazard to the safety of net servers. These assaults avoid maximum intrusion prevention structures with the aid of using sending several HTTP requests flexibility, however DDOS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure DDoS is one of the maximum released assault on SDN layer. DDOS assault on this kind of surroundings results in machine failure monetary loss, facts theft, and overall performance degradation massive survey has been made to locate and save you DDOS primarily based totally assault in software layer and SDN primarily based totally surroundings. We suggest an powerful protection machine, named Sky Shield, which leverages the caricature facts shape to fast locate and mitigate software layer DDOS assaults. Novel calculation of the divergence among sketches, which alleviates the effect of community dynamics and improves the detection accuracy.
46
Han, Dezhi, Kun Bi, Han Liu, and Jianxin Jia. "A DDoS attack detection system based on spark framework." Computer Science and Information Systems 14, no. 3 (2017): 769–88. http://dx.doi.org/10.2298/csis161217028h.
Full textAbstract:
There are many problems in traditional Distributed Denial of Service (DDoS) attack detection such as low accuracy, low detection speed and so on, which is not suitable for the real time detecting and processing of DDoS attacks in big data environment. This paper proposed a novel DDoS attack detection system based on Spark framework including 3 main algorithms. Based on information entropy, the first one can effectively warn all kinds of DDoS attacks in advance according to the information entropy change of data stream source IP address and destination IP address; With the help of designed dynamic sampling K-Means algorithm, this new detection system improves the attack detection accuracy effectively; Through running dynamic sampling K-Means parallelization algorithm, which can quickly and effectively detect a variety of DDoS attacks in big data environment. The experiment results show that this system can not only early warn DDoS attacks effectively, but also can detect all kinds of DDoS attacks in real time, with low false rate.
47
El-Sofany, Hosam, and Samir Abou El-Seoud. "A Novel Model for Securing Mobile-based Systems against DDoS Attacks in Cloud Computing Environment." International Journal of Interactive Mobile Technologies (iJIM) 13, no. 01 (January 29, 2019): 85. http://dx.doi.org/10.3991/ijim.v13i01.9900.
Full textAbstract:
the increasing growth of mobile devices technology and Mobile-based systems with the emerging of cloud computing technology, created a Mobile Cloud Computing field to be the recent future technology for different wireless services. The development of Mobile-based system under cloud computing environment solve some performance and environment related issues include: bandwidth, storage capacity, availability, scalability and heterogeneity. The Mobile-based cloud computing apps are different comparing to mobile computing apps, since in the first model the devices run cloud based web applications not as mobile computing native apps. Services of Mobile-based systems via cloud are accessing and sharing through internet connection thus they are open for attacker to attack on its security. Distributed Denial of Service (DDoS) attacks can cause a big problem in mobile cloud computing security. The main objective of DDoS attacks is to infect wireless devises resources (e.g., software applications, wireless network, etc.) and make them unavailable to the authorized user. In DDoS, the attacker tries to overload the Mobile-based service with traffic. The main objective of this research paper is to introduce novel model for securing Mobile-based systems against DDoS attacks. Efficiency and performance analysis evaluations of the proposed model are presented. The feedbacks of the experimental results were highly promising, for protecting mobile-based cloud computing systems against DDoS attacks.
48
Rodrigues, Bruno, Eder Scheid, Christian Killer, Muriel Franco, and Burkhard Stiller. "Blockchain Signaling System (BloSS): Cooperative Signaling of Distributed Denial-of-Service Attacks." Journal of Network and Systems Management 28, no. 4 (August 24, 2020): 953–89. http://dx.doi.org/10.1007/s10922-020-09559-4.
Full textAbstract:
Abstract Distributed Denial-of-Service (DDoS) attacks are one of the major causes of concerns for communication service providers. When an attack is highly sophisticated and no countermeasures are available directly, sharing hardware and defense capabilities become a compelling alternative. Future network and service management can base its operations on equally distributed systems to neutralize highly distributed DDoS attacks. A cooperative defense allows for the combination of detection and mitigation capabilities, the reduction of overhead at a single point, and the blockage of malicious traffic near its source. Main challenges impairing the widespread deployment of existing cooperative defense are: (a) high complexity of operation and coordination, (b) need for trusted and secure communications, (c) lack of incentives for service providers to cooperate, and (d) determination on how operations of these systems are affected by different legislation, regions, and countries. The cooperative Blockchain Signaling System (BloSS) defines an effective and alternative solution for security management, especially cooperative defenses, by exploiting Blockchains (BC) and Software-Defined Networks (SDN) for sharing attack information, an exchange of incentives, and tracking of reputation in a fully distributed and automated fashion. Therefore, BloSS was prototyped and evaluated through a global experiment, without the burden to maintain, design, and develop special registries and gossip protocols.
49
Kong, Bin, Kun Yang, Degang Sun, Meimei Li, and Zhixin Shi. "Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches." Computer Science and Information Systems 14, no. 3 (2017): 839–56. http://dx.doi.org/10.2298/csis161230032k.
Full textAbstract:
Flooding Distributed Denial of Service (DDoS) attacks can cause significant damage to Internet. These attacks have many similarities to Flash Crowds (FCs) and are always difficult to distinguish. To solve this issue, this paper first divides existing methods into two categories to clarify existing researches. Moreover, after conducting an extensive analysis, a new feature set is concluded to profile DDoS and FC. Along with this feature set, this paper proposes a new method that employs Data Mining approaches to discriminate between DDoS attacks and FCs. Experiments are conducted to evaluate the proposed method based on two realworld datasets. The results demonstrate that the proposed method could achieve a high accuracy (more than 98%). Additionally, compared with a traditional entropy method, the proposed method still demonstrates better performance.
50
S. Abdulkarem, Huda, and Ammar D. Alethawy. "DDOS ATTACK DETECTION AND MITIGATION AT SDN ENVIROMENT." Iraqi Journal of Information & Communications Technology 4, no. 1 (May 3, 2021): 1–9. http://dx.doi.org/10.31987/ijict.4.1.115.
Full textAbstract:
Abstract- Software-Defined Networking (SDN) is a promising sample that allows the programming behind the network’s operation with some abstraction level from the underlying networking devices .the insistence to detect and mitigate Distributed Denial of Service (DDoS) which introduced by network devices tries to discover network security weaknesses and the negative effects of some types of Distributed Denial of Service (DDoS) attacks. An SDN-based generic solution to mitigate DDoS attacks when and where they originate. Briefly, it compares at runtime the expected trend of normal traffic against the trend of abnormal traffic; if big deviation on the traffic trend is detected, then an event is created; as an event associated to a DDoS attack is produced, an SDN (OpenDayLight) controller creates flow rules for blocking the malign traffic, By designing and implementing an application that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. The evaluation results suggest that the proposal timely detect the characteristics of a flooding DDoS attacks, and mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. The work sheds light on the programming relevance over an abstracted view of the network infrastructure.