Academic literature on the topic 'Flooding attack'

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Flooding attack.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Flooding attack"

1

Khalaf, Bashar Ahmad, Salama A. Mostafa, Aida Mustapha, et al. "An Adaptive Protection of Flooding Attacks Model for Complex Network Environments." Security and Communication Networks 2021 (April 22, 2021): 1–17. http://dx.doi.org/10.1155/2021/5542919.

Full text
Abstract:
Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios’ changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model.
APA, Harvard, Vancouver, ISO, and other styles
2

Hsieh, Chih-Hsiang, Wei-Kuan Wang, Cheng-Xun Wang, Shi-Chun Tsai, and Yi-Bing Lin. "Efficient Detection of Link-Flooding Attacks with Deep Learning." Sustainability 13, no. 22 (2021): 12514. http://dx.doi.org/10.3390/su132212514.

Full text
Abstract:
The DDoS attack is one of the most notorious attacks, and the severe impact of the DDoS attack on GitHub in 2018 raises the importance of designing effective defense methods for detecting this type of attack. Unlike the traditional network architecture that takes too long to cope with DDoS attacks, we focus on link-flooding attacks that do not directly attack the target. An effective defense mechanism is crucial since as long as a link-flooding attack is undetected, it will cause problems over the Internet. With the flexibility of software-defined networking, we design a novel framework and implement our ideas with a deep learning approach to improve the performance of the previous work. Through rerouting techniques and monitoring network traffic, our system can detect a malicious attack from the adversary. A CNN architecture is combined to assist in finding an appropriate rerouting path that can shorten the reaction time for detecting DDoS attacks. Therefore, the proposed method can efficiently distinguish the difference between benign traffic and malicious traffic and prevent attackers from carrying out link-flooding attacks through bots.
APA, Harvard, Vancouver, ISO, and other styles
3

Abu Zant, Mahmoud, and Adwan Yasin. "Avoiding and Isolating Flooding Attack by Enhancing AODV MANET Protocol (AIF_AODV)." Security and Communication Networks 2019 (March 28, 2019): 1–12. http://dx.doi.org/10.1155/2019/8249108.

Full text
Abstract:
Security in MANET is an essential task in preventing the harm that could be caused by malicious nodes in the network. Flooding attack is one of DoS attacks that aim to exhaust the network resources by flooding the network with a lot of fake packets and messages. There are different forms of Flooding attacks, and the most common form is the request one. Request Flooding attack keeps flooding the network with a lot of requests to the fake nodes that do not exist in the network. In this research, we presented a new enhanced AODV protocol AIF AODV that can detect and isolate flooding nodes in the network. NS-2.35 is used to simulate and to prove the efficiency of the proposed technique. The results of the enhanced protocol in terms of Throughput, End to End Delay, PDF, ARE, and NRL are very close to the native AODV without Flooding attack. The comparisons with other models showed that the proposed model AIF_AODV has a better Throughput characteristic.
APA, Harvard, Vancouver, ISO, and other styles
4

Ramanauskaitė, Simona, and Antanas Čenys. "STOCHASTIC MODEL OF TCP SYN ATTACKS / STOCHASTINIS TCP SYN ATAKŲ MODELIS." Mokslas - Lietuvos ateitis 3, no. 1 (2011): 20–24. http://dx.doi.org/10.3846/mla.2011.004.

Full text
Abstract:
A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS) attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.
APA, Harvard, Vancouver, ISO, and other styles
5

Cheng, Hai Xiu, and Bi Zeng. "A Method Based on BP Neural Network to Detect SIP DOS Flooding Attack." Applied Mechanics and Materials 263-266 (December 2012): 2773–78. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.2773.

Full text
Abstract:
In order to detect the SIP flooding attacks in IMS (IP Multimedia Subsystem) network, the paper proposes a flooding attack detection method based on BP neural network, and analyses causes of SIP flooding attack, and thus determine the BP the input of the neural network characteristics. The simulation results show that this method has better detection performance.
APA, Harvard, Vancouver, ISO, and other styles
6

Baldev Singh, Dr, Dr S.N. Panda, and Dr Gurpinder Singh Samra. "Slow flooding attack detection in cloud using change point detection approach." International Journal of Engineering & Technology 7, no. 2.30 (2018): 33. http://dx.doi.org/10.14419/ijet.v7i2.30.13459.

Full text
Abstract:
Cloud computing is one of the high-demand services and prone to numerous types of attacks due to its Internet based backbone. Flooding based attack is one such type of attack over the cloud that exhausts the numerous resources and services of an individual or an enterprise by way of sending useless huge traffic. The nature of this traffic may be of slow or fast type. Flooding attacks are caused by way of sending massive volume of packets of TCP, UDP, ICMP traffic and HTTP Posts. The legitimate volume of traffic is suppressed and lost in traffic flooding traffics. Early detection of such attacks helps in minimization of the unauthorized utilization of resources on the target machine. Various inbuilt load balancing and scalability options to absorb flooding attacks are in use by cloud service providers up to ample extent still to maintain QoS at the same time by cloud service providers is a challenge. In this proposed technique. Change Point detection approach is proposed here to detect flooding DDOS attacks in cloud which are based on the continuous variant pattern of voluminous (flooding) traffic and is calculated by using various traffic data based metrics that are primary and computed in nature. Golden ration is used to compute the threshold and this threshold is further used along with the computed metric values of normal and malicious traffic for flooding attack detection. Traffic of websites is observed by using remote java script.
APA, Harvard, Vancouver, ISO, and other styles
7

Luong, Ngoc T., Tu T. Vo, and Doan Hoang. "FAPRP: A Machine Learning Approach to Flooding Attacks Prevention Routing Protocol in Mobile Ad Hoc Networks." Wireless Communications and Mobile Computing 2019 (January 10, 2019): 1–17. http://dx.doi.org/10.1155/2019/6869307.

Full text
Abstract:
Request route flooding attack is one of the main challenges in the security of Mobile Ad Hoc Networks (MANETs) as it is easy to initiate and difficult to prevent. A malicious node can launch an attack simply by sending an excessively high number of route request (RREQ) packets or useless data packets to nonexistent destinations. As a result, the network is rendered useless as all its resources are used up to serve this storm of RREQ packets and hence unable to perform its normal routing duty. Most existing research efforts on detecting such a flooding attack use the number of RREQs originated by a node per unit time as the threshold to classify an attacker. These algorithms work to some extent; however, they suffer high misdetection rate and reduce network performance. This paper proposes a new flooding attacks detection algorithm (FADA) for MANETs based on a machine learning approach. The algorithm relies on the route discovery history information of each node to capture similar characteristics and behaviors of nodes belonging to the same class to decide if a node is malicious. The paper also proposes a new flooding attacks prevention routing protocol (FAPRP) by extending the original AODV protocol and integrating FADA algorithm. The performance of the proposed solution is evaluated in terms of successful attack detection ratio, packet delivery ratio, and routing load both in normal and under RREQ attack scenarios using NS2 simulation. The simulation results show that the proposed FAPRP can detect over 99% of RREQ flooding attacks for all scenarios using route discovery frequency vector of sizes larger than 35 and performs better in terms of packet delivery ratio and routing load compared to existing solutions for RREQ flooding attacks.
APA, Harvard, Vancouver, ISO, and other styles
8

Saragih, Naikson, Ridho Agus Wery Nanda Panjaitan, and Mufria Jonatan Purba. "FORENSIC NETWORK ANALYSIS AND IMPLEMENTATION OF SECURITY ATTACKS ON VIRTUAL PRIVATE SERVERS." Jurnal Sistem Informasi dan Ilmu Komputer Prima(JUSIKOM PRIMA) 6, no. 2 (2023): 28–34. http://dx.doi.org/10.34012/jurnalsisteminformasidanilmukomputer.v6i2.2932.

Full text
Abstract:
ABSTRACT-PT Kodinglab Integrasi Indonesia's Virtual Private Server (VPS) product requires good quality standards, including security. The challenge that arises is still frequent disruptions to the protection of PT Kodinglab's VPS customers, where it is difficult to identify the source of the attack. Network forensics in the form of dead forensics and live forensics using the NIST method with the stages of collection, examination, Analysis, and reporting are used to find the source of the attack. Data for dead forensics comes from snort tools, and data for live forensics comes from capture Wireshark. The collection stage involves collecting attack data from snort logs and wireshark for life forensics. While the examination dataset stages are further analyzed and mapped. Advanced check on the server via syslog snort. From the attack testing carried out to obtain information in the form of the attacker's IP address, destination IP address, date of the attack, server time, and type of attack from testing the TCP Flooding and UDP Flooding attacks, all attacks on the customer's VPS can be identified. The information obtained regarding the attacker is in the form of the date and time the attack occurred, the attacker's IP address and the victim's IP address, and the protocol used. Kata kunci : Network Forensic, Dead Forensic, Live Forensic, Virtual Private Server, DDos, TCP Flooding, UDP Flooding.
APA, Harvard, Vancouver, ISO, and other styles
9

L, Sheeba, and Meenakshi V S. "“HYBRID NODE WATCHING TECHNIQUE BASED DOS FLOODING ATTACK DETECTION IN WIRELESS SENSOR NETWORK." ICTACT Journal on Communication Technology 11, no. 4 (2020): 2292–300. https://doi.org/10.21917/ijct.2020.0339.

Full text
Abstract:
Intrusion detection is the most concentrated research issue in the wireless sensor network where presence of intrusion activities are most difficult to find where there is no centralized architecture to monitor. One of the most frequently found intrusion activities in wireless sensor network are Denial of Service (DoS) Flooding attacks. DoS flood attacks would send large volume of chunk messages to the end node in order to corrupt the functioning of the particular node. Some of the most important DoS flooding attacks that are found in the network are ICMP flood attack, Synchronous Flood attack, UDP Flood attack, and Web attacks. All these networks would send enormous amount of messages such internet control message packets, synchronous messages, UDO messages correspondingly to the web servers to collapse the normal functioning of them by consuming energy resources and so on. In the previous research works, Sybil attacks and DDoS attacks are detected and avoided by introducing the method namely Privacy Concerned Anonymous Authentication Method (PAAM). However these research methods reduced in its attack detection rate with the presence of DoS Flooding attacks. This is focused and resolved in this work by introducing a method namely Hybrid Node Watching Technique (HNWT). This research technique attempt to find the variation in the data’s and control messages transmitted between the end nodes to find the flooding attack presence. This is done through the trust nodes which are selected optimally by using cat swarm algorithm. These optimally selected nodes will monitor data transmission behaviour to predict malicious node presence. The overall implementation of this research work is done in NS2 simulation environment from which it is proved that proposed research technique tends to have increased attack detection rate.
APA, Harvard, Vancouver, ISO, and other styles
10

Lee, Se-Yul, and Yong-Soo Kim. "Design and Analysis of Probe Detection Systems for TCP Networks." Journal of Advanced Computational Intelligence and Intelligent Informatics 8, no. 4 (2004): 369–72. http://dx.doi.org/10.20965/jaciii.2004.p0369.

Full text
Abstract:
Advanced computer network technology enables the connectivity of computers in an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and cannot detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We propose a network-based intrusion detection model using fuzzy cognitive maps (FCM) that detects intrusion by Denial of Service (DoS) attack detection using packet analysis. A DoS attack typically appears as a Probe and Syn Flooding attack. Syn Flooding Preventer using Fuzzy cognitive maps (SPuF) model captures and analyzes packet information to detect Syn flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. The result of simulation using the "KDD’99 Competition Data Set" for the SPuF model shows that Probe detection exceeded 97%.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Flooding attack"

1

Margotta, Fabrizio. "DoS and DDoS attacks in Named Data Networking." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2020. http://amslaurea.unibo.it/21855/.

Full text
Abstract:
La nascita di Internet ha portato benefici senza precedenti in termini sociali ed economici. Le tecnologie e i protocolli inizialmente adottati andavano a risolvere i problemi causati dall’inaffidabilità della preesistente linea telefonica e nel corso dei vari decenni hanno garantito il funzionamento delle comunicazioni globali. Tuttavia ci si pone delle domande sulla necessità di un nuovo cambio di paradigma che risponda alle nuove esigenze riscontrate nell’evoluzione di Internet stesso e dei servizi offerti. Named Data Networking, come progetto della famiglia delle Future Internet Architectures, propone una visione di Internet rinnovata in cui l’entità fondamentale scambiata è il Nome. L’attenzione viene posta sul cosa i nodi richiedono alla rete e non sul dove reperiscono le informazioni. Come nuova architettura, NDN propone approcci innovativi sui fronti dell’inoltro e dell’instradamento dei pacchetti nella rete e garantisce l’implementazione di diversi aspetti di sicurezza by design. Ciò non è però sufficiente a proteggere da tutte le minacce della rete, tra cui gli attacchi DDoS che costituiscono ancora oggi un rischio importante per i fornitori di servizi in Internet. Sono quindi necessari ulteriori sforzi per partorire un’architettura che risponda a requisiti di efficienza e sicurezza.
APA, Harvard, Vancouver, ISO, and other styles
2

Dudek, Jindřich. "Detekce síťových útoků pomocí nástroje Tshark." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2018. http://www.nusl.cz/ntk/nusl-385934.

Full text
Abstract:
This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.
APA, Harvard, Vancouver, ISO, and other styles
3

You, Yonghua. "A defense framework for flooding-based DDoS attacks." Thesis, Kingston, Ont. : [s.n.], 2007. http://hdl.handle.net/1974/653.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Makke, Ali. "Détection d'attaques dans un système WBAN de surveillance médicale à distance." Thesis, Paris 5, 2014. http://www.theses.fr/2014PA05S006/document.

Full text
Abstract:
L'un des défis majeurs du monde de ces dernières décennies a été l'augmentation continue de la population des personnes âgées dans les pays développés. D’où la nécessité de fournir des soins de qualité à une population en croissance rapide, tout en réduisant les coûts des soins de santé. Dans ce contexte, de nombreux travaux de recherche portent sur l’utilisation des réseaux de capteurs sans fil dans les systèmes WBAN (Wireless Body Area Network), pour faciliter et améliorer la qualité du soin et de surveillance médicale à distance. Ces réseaux WBAN soulèvent de nouveaux défis technologiques en termes de sécurité et de protection contre les anomalies et les attaques. Le mode de communication sans fil utilisé entre ces capteurs et l’unité de traitement accentue ces vulnérabilités. En effet les vulnérabilités dans un système WBAN se décomposent en deux parties principales. La première partie se compose des attaques possibles sur le réseau des capteurs médicaux et sur le médium de communications sans fils entre ces capteurs et l’unité de traitement. La deuxième partie se compose des attaques possibles sur les communications à haut débit entre le système WBAN et le serveur médical. L’objectif de cette thèse est de répondre en partie aux problèmes de détection des attaques dans un système WBAN de surveillance médicale à distance. Pour atteindre cet objectif, nous avons proposé un algorithme pour détecter les attaques de brouillage radio (jamming attack) qui visent le médium de communications sans fils entre les capteurs et l’unité de traitement. Ainsi nous avons proposé une méthode de mesure de divergence pour détecter les attaques de type flooding qui visent les communications à haut débit entre le système WBAN et le serveur médical<br>One of the major challenges of the world in recent decades is the continued increase in the elderly population in developed countries. Hence the need to provide quality care to a rapidly growing population while reducing the costs of health care is becoming a strategic challenge. In this context, many researches focus on the use of wireless sensor networks in WBAN (Wireless Body Area Network) systems to facilitate and improve the quality of medical care and remote monitoring. These WBAN systems pose new technological challenges in terms of security and protection against faults and attacks. The wireless communication mode used between the sensors and the collection node accentuates these vulnerabilities. Indeed vulnerabilities in a WBAN system are divided into two main parts. The first part consists of the possible attacks on the network of medical sensors and on the wireless communications medium between the sensors and the processing unit. The second part consists of possible attacks on high-speed communications between the WBAN system and the medical server. The objective of this thesis is to meet some of the problems of detecting attacks in a WBAN system for remote medical monitoring. To achieve this goal, we propose an algorithm to detect the jamming attacks targeting the wireless communications medium between the sensors and the processing unit. In addition we propose a method of measuring divergence to detect the flooding attacks targeting the high-speed communications between the WBAN system and the medical server
APA, Harvard, Vancouver, ISO, and other styles
5

Kang, Min Suk. "Handling Large-Scale Link-Flooding Attacks in the Internet." Research Showcase @ CMU, 2016. http://repository.cmu.edu/dissertations/833.

Full text
Abstract:
Link-flooding attacks in which an adversary coordinates botnet messages to exhaust the bandwidth of selected network links in the core of the Internet (e.g., Tier-1 or Tier-2 networks) have been a powerful means of denial of service. In the past few years, these attacks have moved from the realm of academic curiosities to real-world incidents. Unfortunately, we have had a limited understanding of this type of attacks and effective countermeasures in the current Internet. In this dissertation, we address this gap in our understanding of link-flooding attacks and propose a two-tier defense approach. We begin by identifying routing bottlenecks as the major cause of the Internet vulnerability to link-flooding attacks. A routing bottleneck is a small set of links whose congestion disrupts the majority of routes taken towards a given set of destination hosts. These bottlenecks appear despite physicalpath diversity and sufficient bandwidth provisioning in normal (i.e., nonattack) mode of operation, and are an undesirable artifact of the current Internet design. We illustrate their pervasiveness for adversary-chosen sets of hosts in various cities and countries around the world via experimental measurements. We then present a real-time adaptive attack for persistent flooding of chosen links in the discovered routing bottlenecks using attack flows that are indistinguishable from legitimate traffic. We demonstrate the feasibility of these strategies and show that disruptions can scale from targeted hosts of a single organization to those of a country. To counter the link-flooding attacks defined in this dissertation, one could remove their root cause, namely the routing bottlenecks. However, this would affect the cost-minimizing policy that underlies the current Internet, change its routing architecture, and possibly affect communication costs. Instead, we propose an attack-deterrence mechanism that represents a first line of defense against link-flooding attacks by cost-sensitive adversaries. In the proposed defense, most link-flooding attacks are handled by the low-cost, single-domain based mechanism. As a second line of defense, which targets cost-insensitive adversaries that are undeterred, we propose the use of a multi-domain coordinated defense mechanism that is harder to orchestrate in the current Internet.
APA, Harvard, Vancouver, ISO, and other styles
6

Lee, Soo Bum. "Localizing the effects of link flooding attacks in the internet." College Park, Md. : University of Maryland, 2009. http://hdl.handle.net/1903/10052.

Full text
Abstract:
Thesis (Ph.D.) -- University of Maryland, College Park, 2009.<br>Thesis research directed by: Dept. of Electrical and Computer Engineering. Title from t.p. of PDF. Includes bibliographical references. Published by UMI Dissertation Services, Ann Arbor, Mich. Also available in paper.
APA, Harvard, Vancouver, ISO, and other styles
7

Akbar, Yousef M. A. H. "Intrusion Detection of Flooding DoS Attacks on Emulated Smart Meters." Thesis, Virginia Tech, 2020. http://hdl.handle.net/10919/98554.

Full text
Abstract:
The power grid has changed a great deal from what has been generally viewed as a traditional power grid. The modernization of the power grid has seen an increase in the integration and incorporation of computing and communication elements, creating an interdependence of both physical and cyber assets of the power grid. The fast-increasing connectivity has transformed the grid from what used to be primarily a physical system into a Cyber- Physical System (CPS). The physical elements within a power grid are well understood by power engineers; however, the newly deployed cyber aspects are new to most researchers and operators in this field. The new computing and communications structure brings new vulnerabilities along with all the benefits it provides. Cyber security of the power grid is critical due to the potential impact it can make on the community or society that relies on the critical infrastructure. These vulnerabilities have already been exploited in the attack on the Ukrainian power grid, a highly sophisticated, multi-layered attack which caused large power outages for numerous customers. There is an urgent need to understand the cyber aspects of the modernized power grid and take the necessary precautions such that the security of the CPS can be better achieved. The power grid is dependent on two main cyber infrastructures, i.e., Supervisory Control And Data Acquisition (SCADA) and Advanced Metering Infrastructure (AMI). This thesis investigates the AMI in power grids by developing a testbed environment that can be created and used to better understand and develop security strategies to remove the vulnerabilities that exist within it. The testbed is to be used to conduct and implement security strategies, i.e., an Intrusion Detections Systems (IDS), creating an emulated environment to best resemble the environment of the AMI system. A DoS flooding attack and an IDS are implemented on the emulated testbed to show the effectiveness and validate the performance of the emulated testbed.<br>M.S.<br>The power grid is becoming more digitized and is utilizing information and communication technologies more, hence the smart grid. New systems are developed and utilized in the modernized power grid that directly relies on new communication networks. The power grid is becoming more efficient and more effective due to these developments, however, there are some considerations to be made as for the security of the power grid. An important expectation of the power grid is the reliability of power delivery to its customers. New information and communication technology integration brings rise to new cyber vulnerabilities that can inhibit the functionality of the power grid. A coordinated cyber-attack was conducted against the Ukrainian power grid in 2015 that targeted the cyber vulnerabilities of the system. The attackers made sure that the grid operators were unable to observe their system being attacked via Denial of Service attacks. Smart meters are the digitized equivalent of a traditional energy meter, it wirelessly communicates with the grid operators. An increase in deployment of these smart meters makes it such that we are more dependent on them and hence creating a new vulnerability for an attack. The smart meter integration into the power grid needs to be studied and carefully considered for the prevention of attacks. A testbed is created using devices that emulate the smart meters and a network is established between the devices. The network was attacked with a Denial of Service attack to validate the testbed performance, and an Intrusion detection method was developed and applied onto the testbed to prove that the testbed created can be used to study and develop methods to cover the vulnerabilities present.
APA, Harvard, Vancouver, ISO, and other styles
8

Signorello, Salvatore. "A multifold approach to address the security issues of stateful forwarding mechanisms in Information-Centric Networks." Thesis, Université de Lorraine, 2018. http://www.theses.fr/2018LORR0109/document.

Full text
Abstract:
Ce travail illustre comment les tendances actuelles d'utilisation dominantes sur Internet motivent la recherche sur des architectures futures de réseau plus orientées vers le contenu. Parmi les architectures émergentes pour l'Internet du futur, le paradigme du Information-Centric Networking (ICN) est présenté. ICN vise à redéfinir les protocoles de base d'Internet afin d'y introduire un changement sémantique des hôtes vers les contenus. Parmi les architectures ICN, le Named-Data Networking (NDN) prévoit que les demandes nommées de contenus des utilisateurs soient transmises par leur nom dans les routeurs le long du chemin d'un consommateur à une ou plusieurs sources de contenus. Ces demandes de contenus laissent des traces dans les routeurs traversés qui sont ensuite suivis par les paquets de contenus demandés. La table d'intérêt en attente (PIT) est le composant du plan de données de l'NDN qui enregistre temporairement les demandes de contenus acheminés dans les routeurs. D'une part, ce travail explique que le mécanisme d'acheminement à états de la PIT permet des propriétés comme l'agrégation de requêtes, le multicast de réponses et le contrôle natif de flux hop-by-hop. D'autre part, ce travail illustre comment l'acheminement à états de la PIT peut facilement être mal utilisé par des attaquants pour monter des attaques de déni de service distribué (DDoS) disruptives, appelées Interest Flooding Attacks (IFAs). Dans les IFAs, des botnets vaguement coordonnés peuvent inonder le réseau d'une grande quantité de demandes difficiles à satisfaire dans le but de surcharger soit l'infrastructure du réseau soit les producteurs de contenus. Ce travail de thèse prouve que bien que des contre-mesures contre les IFAs aient été proposées, il manque une compréhension complète de leur efficacité réelle puisque celles-ci ont été testées sous des hypothèses simplistes sur les scénarios d'évaluation. Dans l'ensemble, le travail présenté dans ce manuscrit permet de mieux comprendre les implications des IFAs et les opportunités d'améliorer les mécanismes de défense existants contre ces attaques. Les principales contributions de ce travail de thèse tournent autour d'une analyse de sécurité du plan d'acheminement dans l'architecture NDN. En particulier, ce travail définit un modèle d'attaquant plus robuste pour les IFAs à travers l'identification des failles dans les contre-mesures IFA existantes. Ce travail introduit un nouvel ensemble d'IFAs basé sur le modèle d'attaquant proposé. Les nouveaux IFAs sont utilisés pour réévaluer les plus efficaces contre-mesures IFA existantes. Les résultats de cette évaluation réfutent l'efficacité universelle des mécanismes de défense existants contre l'IFA et, par conséquent, appellent à différentes contre-mesures pour protéger le NDN contre cette menace de sécurité. Pour surmonter le problème révélé, ce travail définit également des contre-mesures proactives contre l'IFA, qui sont de nouveaux mécanismes de défense contre les IFA inspirés par les problèmes rencontrés dans l'état de l'art. Ce travail présente Charon, une nouvelle contre-mesure proactive contre l'IFA, et la teste contre les nouvelles IFAs. Ce travail montre que Charon est plus efficace que les contre-mesures IFA réactives existantes. Enfin, ce travail illustre la conception NDN.p4, c'est-à-dire la première implémentation d'un protocole ICN écrit dans le langage de haut niveau pour les processeurs de paquets P4. Le travail NDN.p4 est la première tentative dans la littérature visant à tirer parti des nouveaux techniques de réseaux programmables pour tester et évaluer différentes conceptions de plan de données NDN. Cette dernière contribution classe également les mécanismes alternatifs d'acheminement par rapport à un ensemble de propriétés cardinales de la PIT. Le travail souligne qu'il vaut la peine d'explorer d'autres mécanismes d'acheminement visant à concevoir un plan de données NDN moins vulnérable à la menace IFA<br>This work illustrates how today's Internet dominant usage trends motivate research on more content-oriented future network architectures. Among the emerging future Internet proposals, the promising Information-Centric Networking (ICN) research paradigm is presented. ICN aims to redesign Internet's core protocols to promote a shift in focus from hosts to contents. Among the ICN architectures, the Named-Data Networking (NDN) envisions users' named content requests to be forwarded by their names in routers along the path from one consumer to 1-or-many sources. NDN's requests leave trails in traversed routers which are then followed backwards by the requested contents. The Pending Interest Table (PIT) is the NDN's data-plane component which temporarily records forwarded content requests in routers. On one hand, this work explains that the PIT stateful mechanism enables properties like requests aggregation, multicast responses delivery and native hop-by-hop control flow. On the other hand, this work illustrates how the PIT stateful forwarding behavior can be easily abused by malicious users to mount disruptive distributed denial of service attacks (DDoS), named Interest Flooding Attacks (IFAs). In IFAs, loosely coordinated botnets can flood the network with a large amount of hard to satisfy requests with the aim to overload both the network infrastructure and the content producers. This work proves that although countermeasures against IFAs have been proposed, a fair understanding of their real efficacy is missing since those have been tested under simplistic assumptions about the evaluation scenarios. Overall, the work presented in this manuscript shapes a better understanding of both the implications of IFAs and the possibilities of improving the state-of-the-art defense mechanisms against these attacks. The main contributions of this work revolves around a security analysis of the NDN's forwarding plane. In particular, this work defines a more robust attacker model for IFAs by identifying flaws in the state-of-the-art IFA countermeasures. This work introduces a new set of IFAs built upon the proposed attacker model. The novel IFAs are used to re-assess the most effective existing IFA countermeasures. Results of this evaluation disproves the universal efficacy of the state-of-the-art IFA defense mechanisms and so, call for different countermeasures to protect the NDN against this threat. To overcome the revealed issue, this work also defines proactive IFA countermeasures, which are novel defense mechanisms against IFAs inspired by the issues with the state-of-the-art ones. This work introduces Charon, a novel proactive IFA countermeasure, and tests it against the novel IFA attacks. This work shows Charon counteracts latest stealthy IFAs better than the state-of-the-art reactive countermeasures. Finally, this work illustrates the NDN.p4 design, that is, the first implementation of an ICN protocol written in the high-level language for packet processors P4. The NDN.p4 work is the first attempt in the related literature to leverage novel programmable-networks technologies to test and evaluate different NDN forwarding plane designs. This last contribution also classifies existing alternative forwarding mechanisms with respect to a set of PIT cardinal properties. The work outlines that it is worth to explore alternative forwarding mechanisms aiming to design an NDN forwarding plane less vulnerable to the IFA threat
APA, Harvard, Vancouver, ISO, and other styles
9

Bediako, Peter Ken. "Long Short-Term Memory Recurrent Neural Network for detecting DDoS flooding attacks within TensorFlow Implementation framework." Thesis, Luleå tekniska universitet, Datavetenskap, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-66802.

Full text
Abstract:
Distributed Denial of Service (DDoS) attacks is one of the most widespread security attacks to internet service providers. It is the most easily launched attack, but very difficult and expensive to detect and mitigate. In view of the devastating effect of DDoS attacks, there has been the increase on the adaptation of a network detection technique to reveal the presence of DDoS attack before huge traffic buildup to prevent service availability. Several works done on DDoS attack detection reveals that, the conventional DDoS attack detection methods based on statistical divergence is useful, however, the large surface area of the internet which serve as the main conduit for DDoS flooding attacks to occur, makes it difficult to use this approach to detect attacks on the network. Hence this research work is focused on using detection techniques based on a deep learning technique, because it is proven as the most effective detection technique against DDoS attacks. Out of the several deep neural network techniques available, this research focuses on one aspect of recurrent neural network called Long Short-Term Memory (LSTM) and TensorFlow framework to build and train a deep neural network model to detect the presence of DDoS attacks on a network. This model can be used to develop an Intrusion Detection System (IDS) to aid in detecting DDoS attacks on the network. Also, at the completion of this project, the expectation of the produced model is to have a higher detection accuracy rates, and a low false alarm rates. Design Science Research Methodology (DSRM) was used to carry out this project. The test experiment for this work was performed on CPU and GPU base systems to determine the base system's effect on the detection accuracy of the model. To achieve the set goals, seven evaluating parameters were used to test the model's detection accuracy and performance on both Central Processing Unit (CPU) and Graphics Processing Unit (GPU) systems. The results reveal that the model was able to produce a detection accuracy of 99.968% on both CPU and GPU base system which is better than the results by Yuan et al. [55] which is 97.606%. Also the results prove that the model's performance does not depend on the based system used for the training but rather depends on the dataset size. However, the GPU systems train faster than CPU systems. It also revealed that increasing the value of epochs during training does not affect the models detection accuracy but rather extends the training time. This model is limited to detecting 17 different attack types on maintaining the same detection accuracy mentioned above. Further future work should be done to increase the detecting attack type to unlimited so that it will be able to detect all attack types.
APA, Harvard, Vancouver, ISO, and other styles
10

Makke, Ali. "Détection d'attaques dans un système WBAN de surveillance médicale à distance." Electronic Thesis or Diss., Paris 5, 2014. http://www.theses.fr/2014PA05S006.

Full text
Abstract:
L'un des défis majeurs du monde de ces dernières décennies a été l'augmentation continue de la population des personnes âgées dans les pays développés. D’où la nécessité de fournir des soins de qualité à une population en croissance rapide, tout en réduisant les coûts des soins de santé. Dans ce contexte, de nombreux travaux de recherche portent sur l’utilisation des réseaux de capteurs sans fil dans les systèmes WBAN (Wireless Body Area Network), pour faciliter et améliorer la qualité du soin et de surveillance médicale à distance. Ces réseaux WBAN soulèvent de nouveaux défis technologiques en termes de sécurité et de protection contre les anomalies et les attaques. Le mode de communication sans fil utilisé entre ces capteurs et l’unité de traitement accentue ces vulnérabilités. En effet les vulnérabilités dans un système WBAN se décomposent en deux parties principales. La première partie se compose des attaques possibles sur le réseau des capteurs médicaux et sur le médium de communications sans fils entre ces capteurs et l’unité de traitement. La deuxième partie se compose des attaques possibles sur les communications à haut débit entre le système WBAN et le serveur médical. L’objectif de cette thèse est de répondre en partie aux problèmes de détection des attaques dans un système WBAN de surveillance médicale à distance. Pour atteindre cet objectif, nous avons proposé un algorithme pour détecter les attaques de brouillage radio (jamming attack) qui visent le médium de communications sans fils entre les capteurs et l’unité de traitement. Ainsi nous avons proposé une méthode de mesure de divergence pour détecter les attaques de type flooding qui visent les communications à haut débit entre le système WBAN et le serveur médical<br>One of the major challenges of the world in recent decades is the continued increase in the elderly population in developed countries. Hence the need to provide quality care to a rapidly growing population while reducing the costs of health care is becoming a strategic challenge. In this context, many researches focus on the use of wireless sensor networks in WBAN (Wireless Body Area Network) systems to facilitate and improve the quality of medical care and remote monitoring. These WBAN systems pose new technological challenges in terms of security and protection against faults and attacks. The wireless communication mode used between the sensors and the collection node accentuates these vulnerabilities. Indeed vulnerabilities in a WBAN system are divided into two main parts. The first part consists of the possible attacks on the network of medical sensors and on the wireless communications medium between the sensors and the processing unit. The second part consists of possible attacks on high-speed communications between the WBAN system and the medical server. The objective of this thesis is to meet some of the problems of detecting attacks in a WBAN system for remote medical monitoring. To achieve this goal, we propose an algorithm to detect the jamming attacks targeting the wireless communications medium between the sensors and the processing unit. In addition we propose a method of measuring divergence to detect the flooding attacks targeting the high-speed communications between the WBAN system and the medical server
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Flooding attack"

1

Tang, Jin, and Yu Cheng. "SIP Flooding Attack Detection." In Intrusion Detection for IP-Based Multimedia Communications over Wireless Networks. Springer New York, 2013. http://dx.doi.org/10.1007/978-1-4614-8996-2_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Nalayini, C. M., and Jeevaa Katiravan. "Block Link Flooding Algorithm for TCP SYN Flooding Attack." In International Conference on Computer Networks and Communication Technologies. Springer Singapore, 2018. http://dx.doi.org/10.1007/978-981-10-8681-6_83.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Shin, Seung-won, Ki-young Kim, and Jong-soo Jang. "LSAD: Lightweight SYN Flooding Attack Detector." In Distributed Computing and Internet Technology. Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-30555-2_45.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Sebastian, Bosco, Paromita Choudhury, and C. D. Jaidhar. "Mechanism for Preventing Registration Flooding Attack in SIP." In Intelligent Computing, Networking, and Informatics. Springer India, 2014. http://dx.doi.org/10.1007/978-81-322-1665-0_71.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Boro, Debojit, Himant Basumatary, Tribeni Goswami, and Dhruba K. Bhattacharyya. "UDP Flooding Attack Detection Using Information Metric Measure." In Advances in Intelligent Systems and Computing. Springer Singapore, 2016. http://dx.doi.org/10.1007/978-981-10-0129-1_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Choi, Yang-seo, Ik-Kyun Kim, Jin-Tae Oh, and Jong-Soo Jang. "AIGG Threshold Based HTTP GET Flooding Attack Detection." In Information Security Applications. Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-35416-8_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Xie, Lixia, Ying Ding, and Hongyu Yang. "Mitigating Link-Flooding Attack with Segment Rerouting in SDN." In Cyberspace Safety and Security. Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-37337-5_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Veigner, Christian, and Chunming Rong. "Flooding Attack on the Binding Cache in Mobile IPv6." In Communications in Computer and Information Science. Springer Berlin Heidelberg, 2007. http://dx.doi.org/10.1007/978-3-540-75993-5_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Wadhwani, Priyanka, and Sourabh Singh Verma. "Analysing Performance Disruption of MANET Under Explicit Flooding Attack Frequency." In Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 2. Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-30927-9_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Liu, Xinyu, Beumjin Cho, and Jong Kim. "SD-OVS: SYN Flooding Attack Defending Open vSwitch for SDN." In Information Security Applications. Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-56549-1_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Flooding attack"

1

Jupriyadi, Ridha Muldina Negara, Eueung Mulyana, and Nana Rachmana Syambas. "The Impact of Collusive Interest Flooding Attack on NDN Network Performance." In 2024 10th International Conference on Wireless and Telematics (ICWT). IEEE, 2024. http://dx.doi.org/10.1109/icwt62080.2024.10674740.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Mounika, V., N. Raghavendra Sai, Vasantha Bhavani, and P. S. V. S. Sridhar. "Expression of Concern for: Interest Flooding Attack Detection Method in NDN Networks." In 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC). IEEE, 2021. http://dx.doi.org/10.1109/icosec51865.2021.10702908.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Chen, Kun-Chih Jimmy, and Li-Heng Billy Ke. "Two-level Verification-Based Defense Mechanism for Flooding Attack on NoC Systems." In 2024 17th IEEE/ACM International Workshop on Network on Chip Architectures (NoCArc). IEEE, 2024. http://dx.doi.org/10.1109/nocarc64615.2024.10749951.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Li, Yue, Runcheng Fang, Qipeng Song, and Xilei Yang. "STGCN-Based Link Flooding Attack Detection and Mitigation in Software-Defined Network." In 2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 2024. https://doi.org/10.1109/trustcom63139.2024.00068.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

M, Kiruthika, Lalitha Krishnasamy, Prithi Samuel, and Kaavya Kanagaraj. "FADA: Flooding Attack Defense AODV Protocol to counter Flooding Attack in MANET." In 2023 IEEE Fifth International Conference on Advances in Electronics, Computers and Communications (ICAECC). IEEE, 2023. http://dx.doi.org/10.1109/icaecc59324.2023.10560115.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

"Defense Against TCP Flooding Attack." In International Conference on Security and Cryptography. SciTePress - Science and and Technology Publications, 2012. http://dx.doi.org/10.5220/0004119604160420.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Sana, Akourmis, Fakhri Youssef, and Rahmani Moulay Driss. "FLOODING ATTACK ON AODV IN WSN." In 2018 Renewable Energies, Power Systems & Green Inclusive Economy (REPS-GIE). IEEE, 2018. http://dx.doi.org/10.1109/repsgie.2018.8488836.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Geetha, K., and N. Sreenath. "SYN flooding attack — Identification and analysis." In 2014 International Conference on Information Communication and Embedded Systems (ICICES). IEEE, 2014. http://dx.doi.org/10.1109/icices.2014.7033828.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Purwanto, Yudha, Kuspriyanto, Hendrawan, and Budi Rahardjo. "Traffic anomaly detection in DDos flooding attack." In 2014 8th International Conference on Telecommunication Systems Services and Applications (TSSA). IEEE, 2014. http://dx.doi.org/10.1109/tssa.2014.7065953.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Nagrath, Preeti, Sandhya Aneja, and G. N. Purohit. "Defending flooding attack in Delay Tolerant Networks." In 2015 International Conference on Information Networking (ICOIN). IEEE, 2015. http://dx.doi.org/10.1109/icoin.2015.7057854.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Flooding attack"

1

Eddy, W. TCP SYN Flooding Attacks and Common Mitigations. RFC Editor, 2007. http://dx.doi.org/10.17487/rfc4987.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Lee, Soo B., and Virgil D. Gligor. FLoc : Dependable Link Access for Legitimate Traffic in Flooding Attacks. Defense Technical Information Center, 2011. http://dx.doi.org/10.21236/ada580050.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Lee, Soo B., and Virgil D. Gligor. FLoc: Dependable Link Access for Legitimate Traffic in Flooding Attacks. Defense Technical Information Center, 2011. http://dx.doi.org/10.21236/ada582042.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Ramanujan, Ranga S., Doug Harper, Maher Kaddoura, David Baca, John Wu, and Kevin Millikin. Organic Techniques for Protecting Virtual Private Network (VPN) Services from Access Link Flooding Attacks. Defense Technical Information Center, 2002. http://dx.doi.org/10.21236/ada436292.

Full text
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!