Log in

Relevant bibliographies by topics / Flooding attacks / Journal articles

To see the other types of publications on this topic, follow the link: Flooding attacks.

Journal articles on the topic 'Flooding attacks'

Author: Grafiati

Published: 4 June 2021

Last updated: 10 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Flooding attacks.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Luong, Ngoc T., Tu T. Vo, and Doan Hoang. "FAPRP: A Machine Learning Approach to Flooding Attacks Prevention Routing Protocol in Mobile Ad Hoc Networks." Wireless Communications and Mobile Computing 2019 (January 10, 2019): 1–17. http://dx.doi.org/10.1155/2019/6869307.

Full text

Abstract:

Request route flooding attack is one of the main challenges in the security of Mobile Ad Hoc Networks (MANETs) as it is easy to initiate and difficult to prevent. A malicious node can launch an attack simply by sending an excessively high number of route request (RREQ) packets or useless data packets to nonexistent destinations. As a result, the network is rendered useless as all its resources are used up to serve this storm of RREQ packets and hence unable to perform its normal routing duty. Most existing research efforts on detecting such a flooding attack use the number of RREQs originated by a node per unit time as the threshold to classify an attacker. These algorithms work to some extent; however, they suffer high misdetection rate and reduce network performance. This paper proposes a new flooding attacks detection algorithm (FADA) for MANETs based on a machine learning approach. The algorithm relies on the route discovery history information of each node to capture similar characteristics and behaviors of nodes belonging to the same class to decide if a node is malicious. The paper also proposes a new flooding attacks prevention routing protocol (FAPRP) by extending the original AODV protocol and integrating FADA algorithm. The performance of the proposed solution is evaluated in terms of successful attack detection ratio, packet delivery ratio, and routing load both in normal and under RREQ attack scenarios using NS2 simulation. The simulation results show that the proposed FAPRP can detect over 99% of RREQ flooding attacks for all scenarios using route discovery frequency vector of sizes larger than 35 and performs better in terms of packet delivery ratio and routing load compared to existing solutions for RREQ flooding attacks.

APA, Harvard, Vancouver, ISO, and other styles

2

Tung, Yung-Hao, Hung-Chuan Wei, Yen-Wu Ti, Yao-Tung Tsou, Neetesh Saxena, and Chia-Mu Yu. "Counteracting UDP Flooding Attacks in SDN." Electronics 9, no. 8 (August 1, 2020): 1239. http://dx.doi.org/10.3390/electronics9081239.

Full text

Abstract:

Software-defined networking (SDN) is a new networking architecture with a centralized control mechanism. SDN has proven to be successful in improving not only the network performance, but also security. However, centralized control in the SDN architecture is associated with new security vulnerabilities. In particular, user-datagram-protocol (UDP) flooding attacks can be easily launched and cause serious packet-transmission delays, controller-performance loss, and even network shutdown. In response to applications in the Internet of Things (IoT) field, this study considers UDP flooding attacks in SDN and proposes two lightweight countermeasures. The first method sometimes sacrifices address-resolution-protocol (ARP) requests to achieve a high level of security. In the second method, although packets must sometimes be sacrificed when undergoing an attack before starting to defend, the detection of the network state can prevent normal packets from being sacrificed. When blocking a network attack, attacks from the affected port are directly blocked without affecting normal ports. The performance and security of the proposed methods were confirmed by means of extensive experiments. Compared with the situation where no defense is implemented, or similar defense methods are implemented, after simulating a UDP flooding attack, our proposed method performed better in terms of the available bandwidth, central-processing-unit (CPU) consumption, and network delay time.

APA, Harvard, Vancouver, ISO, and other styles

3

Baldev Singh, Dr, Dr S.N. Panda, and Dr Gurpinder Singh Samra. "Slow flooding attack detection in cloud using change point detection approach." International Journal of Engineering & Technology 7, no. 2.30 (May 29, 2018): 33. http://dx.doi.org/10.14419/ijet.v7i2.30.13459.

Full text

Abstract:

Cloud computing is one of the high-demand services and prone to numerous types of attacks due to its Internet based backbone. Flooding based attack is one such type of attack over the cloud that exhausts the numerous resources and services of an individual or an enterprise by way of sending useless huge traffic. The nature of this traffic may be of slow or fast type. Flooding attacks are caused by way of sending massive volume of packets of TCP, UDP, ICMP traffic and HTTP Posts. The legitimate volume of traffic is suppressed and lost in traffic flooding traffics. Early detection of such attacks helps in minimization of the unauthorized utilization of resources on the target machine. Various inbuilt load balancing and scalability options to absorb flooding attacks are in use by cloud service providers up to ample extent still to maintain QoS at the same time by cloud service providers is a challenge. In this proposed technique. Change Point detection approach is proposed here to detect flooding DDOS attacks in cloud which are based on the continuous variant pattern of voluminous (flooding) traffic and is calculated by using various traffic data based metrics that are primary and computed in nature. Golden ration is used to compute the threshold and this threshold is further used along with the computed metric values of normal and malicious traffic for flooding attack detection. Traffic of websites is observed by using remote java script.

APA, Harvard, Vancouver, ISO, and other styles

4

Ramanauskaitė, Simona, and Antanas Čenys. "STOCHASTIC MODEL OF TCP SYN ATTACKS / STOCHASTINIS TCP SYN ATAKŲ MODELIS." Mokslas - Lietuvos ateitis 3, no. 1 (August 22, 2011): 20–24. http://dx.doi.org/10.3846/mla.2011.004.

Full text

Abstract:

A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS) attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filtering efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.

APA, Harvard, Vancouver, ISO, and other styles

5

Khalaf, Bashar Ahmad, Salama A. Mostafa, Aida Mustapha, Mazin Abed Mohammed, Moamin A. Mahmoud, Bander Ali Saleh Al-Rimy, Shukor Abd Razak, Mohamed Elhoseny, and Adam Marks. "An Adaptive Protection of Flooding Attacks Model for Complex Network Environments." Security and Communication Networks 2021 (April 22, 2021): 1–17. http://dx.doi.org/10.1155/2021/5542919.

Full text

Abstract:

Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios’ changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model.

APA, Harvard, Vancouver, ISO, and other styles

6

Jose, Ancy Sherin, Latha R. Nair, and Varghese Paul. "Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques." Revista Gestão Inovação e Tecnologias 11, no. 4 (July 29, 2021): 3837–65. http://dx.doi.org/10.47059/revistageintec.v11i4.2411.

Full text

Abstract:

Distributed Denial of Service Attack (DDoS) has emerged as a major threat to cyber space. A DDoS attack aims at exhausting the resources of the victim causing financial and reputational damages to it. The availability of free software make launching of DDoS attacks easy. The difficulty in differentiating a DDoS traffic from a legitimate traffic burst such as a flash crowd makes DDoS difficult to be identified. A wide range of techniques have been used in conventional networks to detect and mitigate DDoS attacks. Though the advent of Software Defined Networking (SDN) makes a network easy to be managed even SDN is vulnerable to DDoS attacks. In this case, the controller of the SDN gets overloaded with the incoming packets from the switches. In fact, a solution based on security analytics can be put in place to ward off this threat as a proactive security measure using the flow level statistics available from the SDN. Compared to the packet analysis used in traditional networks which is resource expensive the flow level statistics is relatively inexpensive. This paper focuses on the design and implementation of an attack detection system for detecting the flooding DDoS attacks TCP SYN flooding attacks, HTTP request flooding attacks, UDP flooding attacks and ICMP flooding attacks over SDN network traffic. The system uses various classification algorithms to classify a traffic into normal or attack. The feature sets for classification were arrived at using a feature selection module with ANOVA (Analysis of Variance) F-Test statistical method. Performance evaluation of each of the classifiers was carried out for the three feature sets obtained from the feature selection module using various performance measures and the results have been tabulated. The feature set which gives the best performance in detecting malicious traffic has been identified.

APA, Harvard, Vancouver, ISO, and other styles

7

Abu Zant, Mahmoud, and Adwan Yasin. "Avoiding and Isolating Flooding Attack by Enhancing AODV MANET Protocol (AIF_AODV)." Security and Communication Networks 2019 (March 28, 2019): 1–12. http://dx.doi.org/10.1155/2019/8249108.

Full text

Abstract:

Security in MANET is an essential task in preventing the harm that could be caused by malicious nodes in the network. Flooding attack is one of DoS attacks that aim to exhaust the network resources by flooding the network with a lot of fake packets and messages. There are different forms of Flooding attacks, and the most common form is the request one. Request Flooding attack keeps flooding the network with a lot of requests to the fake nodes that do not exist in the network. In this research, we presented a new enhanced AODV protocol AIF AODV that can detect and isolate flooding nodes in the network. NS-2.35 is used to simulate and to prove the efficiency of the proposed technique. The results of the enhanced protocol in terms of Throughput, End to End Delay, PDF, ARE, and NRL are very close to the native AODV without Flooding attack. The comparisons with other models showed that the proposed model AIF_AODV has a better Throughput characteristic.

APA, Harvard, Vancouver, ISO, and other styles

8

Islam, M. Mattah, Saifullah Shahid, Khush Bakhat Awar, Rashid Khan, and Muhammad Sohail. "Cyber-Security: Dos Attack Outcomes are Dangerous." European Journal of Electrical Engineering and Computer Science 5, no. 3 (June 16, 2021): 54–59. http://dx.doi.org/10.24018/ejece.2021.5.3.297.

Full text

Abstract:

Dos attacks are an attractive and hot topic nowadays because it is very common for attackers to make a victim and exploit it. In this paper, different kinds of techniques and commands have implemented and contrast for the outcomes of these attacks. By performing, experiments problems are identified. By following experiments, the goal is prevention and mitigation of Dos attacks at large extent by knowing the outcomes of the attacks. For proving the work, different types of experiments are performed on different platforms and observed that Dos attacks are how dangerous to our systems. In this paper, hping3 and syn flooding are performed. Hping3 is used for sending packets in a modified, crafted form. It is the networking tool used by developers to perform a DOS attack. SYN flooding is used for sending so many requests in an insane amount to the server and used all of the resources of the server.

APA, Harvard, Vancouver, ISO, and other styles

9

Cheng, Hai Xiu, and Bi Zeng. "A Method Based on BP Neural Network to Detect SIP DOS Flooding Attack." Applied Mechanics and Materials 263-266 (December 2012): 2773–78. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.2773.

Full text

Abstract:

In order to detect the SIP flooding attacks in IMS (IP Multimedia Subsystem) network, the paper proposes a flooding attack detection method based on BP neural network, and analyses causes of SIP flooding attack, and thus determine the BP the input of the neural network characteristics. The simulation results show that this method has better detection performance.

APA, Harvard, Vancouver, ISO, and other styles

10

Sun, Fei Xian, and Zhi Gang Wu. "Immune Danger Theory Based Model for SYN Flooding Attack Situation Awareness." Advanced Materials Research 181-182 (January 2011): 66–71. http://dx.doi.org/10.4028/www.scientific.net/amr.181-182.66.

Full text

Abstract:

This paper explores a novel danger theory based model to aware the situation for TCP SYN flooding attacks. Within in the presented model, the TCP SYN flooding attacks are looked as dangerous exogenous patterns, and induce danger signals to aware the situation of host computers, which is realized by hosted-based artificial immune detectors. After summarizing the danger theory, the model framework, correlative concepts, TCP SYN flooding attack detection, danger signal computation and attack situation awareness methods are described. Following that, the interrelated techniques are compared. Theoretical analysis results show that the proposed model is valid. Thus, it provides a good solution to computer network security.

APA, Harvard, Vancouver, ISO, and other styles

11

Rahul, A., B. Suresh kumar, and S. K. Prashanth. "Detection of Intruders and Flooding in VoIP using IDS, Jacobson Fast and Hellinger Distance Algorithms." American Journal of Advanced Computing 1, no. 1 (January 1, 2020): 1–6. http://dx.doi.org/10.15864/ajac.1106.

Full text

Abstract:

VoIP services are becoming increasingly a big competition to existing telephony services (PSTN). Hence, the need arises to protect VoIP services from all kinds of attacks that target network bandwidth, server capacity or server architectural constrains. SIP Protocol is used for VoIP connection establishment. It works based on either TCP or UDP Protocols. This protocol structure is almost as same as HTTP Protocol, i.e. for every request there will be some response, even though the request is invalid. HTTP Protocol is prone to flooding attacks, like SYN-Flood attack. Because of Session Initiation Protocol (SIP) is same as HTTP, SIP is also prone to Flooding attacks. The proposed Intrusion Detection System (IDS) is used to detect the intruders in telephony system. Genetic algorithm is used to recognize the authorized user. VoIP Flood Detection System (VFDS) is aimed to detect TCP Flooding attacks and SIP Flooding attacks on SIP devices using Jacobian Fast and Hellinger distance algorithms. The Jacobian Fast Algorithm fixes the threshold limit and Hellinger distance calculation is a statistical anomaly based algorithm uses to detect deviation in traffic

APA, Harvard, Vancouver, ISO, and other styles

12

Furfaro, Angelo, Pasquale Pace, and Andrea Parise. "Facing DDoS bandwidth flooding attacks." Simulation Modelling Practice and Theory 98 (January 2020): 101984. http://dx.doi.org/10.1016/j.simpat.2019.101984.

Full text

APA, Harvard, Vancouver, ISO, and other styles

13

Lakshminarayanan, Karthik, Daniel Adkins, Adrian Perrig, and Ion Stoica. "Taming IP packet flooding attacks." ACM SIGCOMM Computer Communication Review 34, no. 1 (January 2004): 45–50. http://dx.doi.org/10.1145/972374.972383.

Full text

APA, Harvard, Vancouver, ISO, and other styles

14

Rao T, Srinivasa, Harsha G, Kiran V, and Hemanth Kumar K. "Dos flooding attack control in information-centric networks." International Journal of Engineering & Technology 7, no. 1.1 (December 21, 2017): 303. http://dx.doi.org/10.14419/ijet.v7i1.1.9708.

Full text

Abstract:

ICN (Information-centric networking) is a modern networking standard that mainly works only on the content extraction from a network without taking into case about the storage location or how the content is represented. In ICN providing security for the content is more important. Here we don’t concentrate on protecting path. In order to fulfil the security goals in the new standard, it is very decisive to have a clear complete comprehension about ICN attacks and their brief allocation and the solutions. In this paper we in brief explain the attacks which effect the ICN network and other related attacks which have an impact on ICN. Attacks in ICN are divided to four categories, routing attacks, Naming attacks, Caching attacks, and other various related attacks. There are lot of solutions which are accessible. The main moto in ICN is to protect data which is very hard to achieve. So we develop a dynamic host based IP address scheme including certain snort rules which detect attacker and distinguish them in the clients and secure server from resource exhaustion. Our main center we deal with is on availability, and privacy.

APA, Harvard, Vancouver, ISO, and other styles

15

Mowla, Nishat, Inshil Doh, and Kijoon Chae. "CSDSM: Cognitive switch-based DDoS sensing and mitigation in SDN-driven CDNi word." Computer Science and Information Systems 15, no. 1 (2018): 163–85. http://dx.doi.org/10.2298/csis170328044m.

Full text

Abstract:

Content Delivery Networks (CDNs) are increasingly deployed for their efficient content delivery and are often integrated with Software Defined Networks (SDNs) to achieve centrality and programmability of the network. However, these networks are also an attractive target for network attackers whose main goal is to exhaust network resources. One attack approach is to over-flood the OpenFlow switch tables containing routing information. Due to the increasing number of different flooding attacks such as DDoS, it becomes difficult to distinguish these attacks from normal traffic when evaluated with traditional attack detection methods. This paper proposes an architectural method that classifies and defends all possible forms of DDoS attack and legitimate Flash Crowd traffic using a segregated dimension functioning cognitive process based in a controller module. Our results illustrate that the proposed model yields significantly enhanced performance with minimal false positives and false negatives when classified with optimal Support Vector Machine and Logistic Regression algorithms. The traffic classifications initiate deployment of security rules to the OpenFlow switches, preventing new forms of flooding attacks. To the best of our knowledge, this is the first work conducted on SDN-driven CDNi used to detect and defend against all possible DDoS attacks through traffic segregated dimension functioning coupled with cognitive classification.

APA, Harvard, Vancouver, ISO, and other styles

16

Kumar, Manish, and Abhinav Bhandari. "Performance Evaluation of Web Server's Request Queue against AL-DDoS Attacks in NS-2." International Journal of Information Security and Privacy 11, no. 4 (October 2017): 29–46. http://dx.doi.org/10.4018/ijisp.2017100103.

Full text

Abstract:

As the world is getting increasingly dependent on the Internet, the availability of web services has been a key concern for various organizations. Application Layer DDoS (AL-DDoS) attacks may hamper the availability of web services to the legitimate users by flooding the request queue of the web server. Hence, it is pertinent to focus fundamentally on studying the queue scheduling policies of web server against the HTTP request flooding attack which has been the base of this research work. In this paper, the various types of AL-DDoS attacks launched by exploiting the HTTP protocol have been reviewed. The key aim is to compare the requests queue scheduling policies of web server against HTTP request flooding attack using NS2 simulator. Various simulation scenarios have been presented for comparison, and it has been established that queue scheduling policy can be a significant role player in tolerating the AL-DDoS attacks.

APA, Harvard, Vancouver, ISO, and other styles

17

ARFANUDIN, CITRA, Bambang Sugiantoro, and Yudi Prayudi. "ANALYSIS OF ROUTER ATTACK WITH SECURITY INFORMATION AND EVENT MANAGEMENT AND IMPLICATIONS IN INFORMATION SECURITY INDEX." Cyber Security dan Forensik Digital 2, no. 1 (July 5, 2019): 1–7. http://dx.doi.org/10.14421/csecurity.2019.2.1.1388.

Full text

Abstract:

Information security is a need to secure organizational information assets. The government as the regulator issues an Information Security Management System (ISMS) and Information Security Index (US) as a measure of information security in the agency of a region. Security Information and Event Management (SIEM) is a security technology to secure information assets. SIEM is expected to provide information on attacks that occur on the router network and increase the value of the Indeks KAMI of government agencies. However, the use of SIEM is still questionable whether it can recognize a router attack and its impact on the value of our index. This research simulates attacks on routers with 8 attacks namely Mac Flooding, ARP-Poisoning, CDP Flooding, DHCP Starvation, DHCP Rogue, SYN Flooding SSH Bruteforce and FTP Bruteforce. 8 types of attacks followed by digital forensic analysis using the OSCAR method to see the impact on routers and SIEM. Also measured is index KAMI before and after the SIEM to be able to measure the effect of SIEM installation on the value of index KAMI. It was found that the use of SIEM to conduct security monitoring proved successful in identifying attacks, but not all were recognized by SIEM. SIEM only recognizes DHCP Starvation, DHCP Rogue, SSH Bruteforce and FTP Bruteforce. Mac Flooding, ARP-Poisoning, CDP Flooding, SYN Flooding attacks are not recognized by SIEM because routers do not produce logs. Also obtained is the use of SIEM proven to increase our index from the aspect of technology

APA, Harvard, Vancouver, ISO, and other styles

18

Yu, Geng, Dong Fang Yuan, Yan Cui, Ying Dong Wang, and Ping Zong. "Research on Robustness of Typically Opportunistic Network Routing Algorithm under Flooding Attack." Advanced Materials Research 989-994 (July 2014): 2227–31. http://dx.doi.org/10.4028/www.scientific.net/amr.989-994.2227.

Full text

Abstract:

This paper designed the evaluation method and the index system. Through simulating behavior of pedestrian with mobile intelligent Bluetooth devices in the real city scene and did a quantitative analysis about the effects of flooding attacks to opportunity network in the three aspects of transmission capacity, transmission efficiency and energy consumption of nodes , in order to evaluate Direct Delivery, Spray and Wait and MaxProp the three opportunity network routing algorithm’s robustness under the flooding attack results showed that Direct Deliven algorithm robustness is best, it can withstand flooding attacks completely, robustness of the Spray and Wait algorithm is the worst, their performance will decline more than 80% in some scenarios, the performance of MaxProp algorithm under flood attacks will decrease remarkably.

APA, Harvard, Vancouver, ISO, and other styles

19

Chou, Li-Der, Chien-Chang Liu, Meng-Sheng Lai, Kai-Cheng Chiu, Hsuan-Hao Tu, Sen Su, Chun-Lin Lai, Chia-Kuan Yen, and Wei-Hsiang Tsai. "Behavior Anomaly Detection in SDN Control Plane: A Case Study of Topology Discovery Attacks." Wireless Communications and Mobile Computing 2020 (November 20, 2020): 1–16. http://dx.doi.org/10.1155/2020/8898949.

Full text

Abstract:

Software-defined networking controllers use the OpenFlow discovery protocol (OFDP) to collect network topology status. The OFDP detects the link between switches by generating link layer discovery protocol (LLDP) packets. However, OFDP is not a security protocol. Attackers can use it to perform topology discovery via injection, man-in-the-middle, and flooding attacks to confuse the network topology. This study proposes a correlation-based topology anomaly detection mechanism. Spearman’s rank correlation is used to analyze the network traffic between links and measure the round-trip time of each LLDP frame to determine whether a topology discovery via man-in-the-middle attack exists. This study also adds a dynamic authentication key and counting mechanism in the LLDP frame to prevent attackers from using topology discovery via injection attack to generate fake links and topology discovery via flooding attack to cause network routing or switching abnormalities.

APA, Harvard, Vancouver, ISO, and other styles

20

Lee, Se-Yul, and Yong-Soo Kim. "Design and Analysis of Probe Detection Systems for TCP Networks." Journal of Advanced Computational Intelligence and Intelligent Informatics 8, no. 4 (July 20, 2004): 369–72. http://dx.doi.org/10.20965/jaciii.2004.p0369.

Full text

Abstract:

Advanced computer network technology enables the connectivity of computers in an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and cannot detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We propose a network-based intrusion detection model using fuzzy cognitive maps (FCM) that detects intrusion by Denial of Service (DoS) attack detection using packet analysis. A DoS attack typically appears as a Probe and Syn Flooding attack. Syn Flooding Preventer using Fuzzy cognitive maps (SPuF) model captures and analyzes packet information to detect Syn flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. The result of simulation using the "KDD’99 Competition Data Set" for the SPuF model shows that Probe detection exceeded 97%.

APA, Harvard, Vancouver, ISO, and other styles

21

Ganpat Joshi, Gurpreet Singh,. "A Novel Statistical Adhoc On-Demand Distance Vector Routing Protocol Technique is using for Preventing the Mobile Adhoc Network from Flooding Attack." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 6 (April 5, 2021): 1753–65. http://dx.doi.org/10.17762/turcomat.v12i6.3779.

Full text

Abstract:

The Mobile Adhoc Networks are more vulnerable because in the (MANET) Mobile Adhoc Network all node works as data sink, transmitter, router. There is no centralized system in the Mobile Adhoc network, so the chances of the vulnerabilities are very high in the network. There are various security issues in the Mobile Adhoc Network. From the various attacks the flooding attacks are most difficult attacks that extremely affect in Mobile Adhoc Network. In this paper, a new statistical based technique is planned, which is used to discover the flooding attack in an positive approach than other approaches. In the planned of Statistical Ad-Hoc on Demand Distance Vector (SAODV) approach is used to detect malicious nodes in the Mobile Adhoc Network. In this technique, statistical threshold value is obtained from mean and variance. In this approach the value is utilize to locate the (RREQ) Route Request flooding attacker nodes in the Mobile Adhoc Network. The proposed method is capable because threshold values are calculated on the source of RREQs prepared by every node in the Mobile Addhoc Network. The simulation results clearly depict that the proposed approach has significant performance in the terms of throughput, delay, packet delivery ratio, and overhead.

APA, Harvard, Vancouver, ISO, and other styles

22

Alasri, Abbas, and Rossilawati Sulaiman. "Protection of XML-Based Denail-of-Service and Httpflooding Attacks in Web Services Using the Middleware Tool." International Journal of Engineering & Technology 7, no. 4.7 (September 27, 2018): 322. http://dx.doi.org/10.14419/ijet.v7i4.7.20570.

Full text

Abstract:

A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).\

APA, Harvard, Vancouver, ISO, and other styles

23

Almaslukh, Bandar. "An Efficient and Effective Approach for Flooding Attack Detection in Optical Burst Switching Networks." Security and Communication Networks 2020 (August 5, 2020): 1–11. http://dx.doi.org/10.1155/2020/8840058.

Full text

Abstract:

Optical burst switching (OBS) networks are frequently compromised by attackers who can flood the networks with burst header packets (BHPs), causing a denial of service (DoS) attack, also known as a BHP flooding attack. Nowadays, a set of machine learning (ML) methods have been embedded into OBS core switches to detect these BHP flooding attacks. However, due to the redundant features of BHP data and the limited capability of OBS core switches, the existing technology still requires major improvements to work effectively and efficiently. In this paper, an efficient and effective ML-based security approach is proposed for detecting BHP flooding attacks. The proposed approach consists of a feature selection phase and a classification phase. The feature selection phase uses the information gain (IG) method to select the most important features, enhancing the efficiency of detection. For the classification phase, a decision tree (DT) classifier is used to build the model based on the selected features of BHPs, reducing the overfitting problem and improving the accuracy of detection. A set of experiments are conducted on a public dataset of OBS networks using 10-fold cross-validation and holdout techniques. Experimental results show that the proposed approach achieved the highest possible classification accuracy of 100% by using only three features.

APA, Harvard, Vancouver, ISO, and other styles

24

SINGH, SATWINDER, ABHINAV BHANDARI, KRISHAN KUMAR SALUJA, and A. L. SANGAL. "Study to Validate the Performance of Flooding Based Distributed Denial of Service Attacks." International Journal of Computer Networks and Communications Security 8, no. 1 (January 31, 2020): 1–9. http://dx.doi.org/10.47277/ijcncs/8(1)1.

Full text

Abstract:

Network technology has experienced explosive growth in the past decades. The generally accepted viewpoint in the security world is that no system or network is totally protected which makes network security an important concern. The work done in this paper focuses on Distributed Denial of Service Attacks (DDoS) where legitimate users are prevented from accessing network services. Distributed Denial of Service (DDoS) Attacks has been increasingly found to be disturbing the normal working of organizations causing billions of rupees of losses. Organizations are trying their best to reduce their losses from these systems. The focus of this paper is to providing our results of experiments in this regard for flooding based DDoS attacking in the simulation environment with NS2.35. This paper point out that the bandwidth may be more easily flooded by UDP-type attacking than by TCP-type one at different attack strength. In this paper we done the validation of DropTail and RED queue under the flooding based DDoS attack, which is better for the legitimate user under the flooding attack

APA, Harvard, Vancouver, ISO, and other styles

25

Mahapatra, Bandana, and Srikanta Patnaik. "Security Measure to Detect and Avoid Flooding Attacks using Multi-Agent System in MANETS." International Journal of Electrical and Computer Engineering (IJECE) 7, no. 2 (April 1, 2017): 919. http://dx.doi.org/10.11591/ijece.v7i2.pp919-925.

Full text

Abstract:

Security is considered as one of the major challenge when it comes to infrastructure less and self dependent network without any centralized control. The vulnerability of Adhoc Network makes it susceptible to external attacks like flooding of hello messages or propagating fake routing messages etc. Such attacks generates a variety of problems like disturbing the network by flooding messages that results in waste of battery which is a vital resource to maintain the life span of the network. Most importantly cause agents to die when unable to reach destination due to fake routing messages causing a heavy loss on part of the nodes generating them to maintain the route knowledge. The paper proposes a novel technique to identify the flooding attack and measure to overcome them using Multi-Agent system.

APA, Harvard, Vancouver, ISO, and other styles

26

Azis, Muhammad Misbahul, Yufiz Azhar, and Syaifuddin Syaifuddin. "Analisa Sistem Identifikasi DDoS Menggunakan KNN Pada Jaringan Software Defined Network(SDN)." Jurnal Repositor 2, no. 7 (May 31, 2020): 915. http://dx.doi.org/10.22219/repositor.v2i7.762.

Full text

Abstract:

AbstrakAbstrak - Kebutuhan pada jaringan mengutamakan performa untuk mendukung sebuah efisiensi jaringan merupakan hal penting untuk saat ini. Penentuan konfigurasi yang semakin banyak dan kompleks serta kontrol jaringan yang semakin rumit, membuat jaringan semakin tidak fleksibel dan susah untuk diterapkan pada sebuah topologi jaringan yang besar. Software Defined Network (SDN) muncul dengan mekanisme yang dapat menyelesaikan masalah tersebut. Pada dasarnya konsep dari Software Defined Network (SDN) adalah memisahkan kontroller dan data/forwarding plane, sehingga mampu untuk me-menejemen jaringan yang begitu banyak dalam sebuah kontroller. Namun pada kontroller belum memiliki keamanan yang cukup untuk melindungi dari serangan jaringan seperti DDoS, SYN Flooding Attack sehingga kontroller akan menjadi target dari attacker. Sehingga penelitian ini mengusulkan penambahan aplikasi machine learning pada kontroller untuk menangani serangan seperti DDoS dan SYN Flooding Attack. Dalam penelitian ini kontroller yang digunakan adalah ryu controller yang menggunakan bahasa pemrograman python. Dalam penelitian ini menggunakan topologi linear pada mininet dan membuat paket dalam format .pcap untuk pengujian serangan yang dilakukan. Sehingga dapat mengetahui rata-rata jumlah paket yang masuk dan keluar dan keberhasilan dalam melakukan mitigasi terhadap paket yang dianggap DDoS.Abstract The need for the network to prioritize performance to support a network efficiency is important for now. Determination of configurations that are more and more complex and increasingly complicated network control, makes the network more inflexible and difficult to apply to a large network topology. Software Defined Network (SDN) appears with a mechanism that can solve the problem. Basically the concept of Software Defined Network (SDN) is to separate the controller and the data / forwarding plane, so that it is able to manage so many networks in a controller. But the controller does not have enough security to protect against network attacks such as DDoS, SYN Flooding Attack so the controller will be the target of the attacker. So this study proposes adding machine learning applications to controllers to handle attacks such as DDoS and SYN Flooding Attack. In this study the controller used is the Ryu controller that uses the Python programming language. In this study using a linear topology on Mininet and create a package in. Pcap format for testing attacks carried out. So as to know the average number of incoming and outgoing packages and success in mitigating packages that are considered DDoS.

APA, Harvard, Vancouver, ISO, and other styles

27

WANG, Shang-Guang, Qi-Bo SUN, and Fang-Chun YANG. "Detecting SIP Flooding Attacks Against IMS Network." Journal of Software 22, no. 4 (June 21, 2011): 761–72. http://dx.doi.org/10.3724/sp.j.1001.2011.03818.

Full text

APA, Harvard, Vancouver, ISO, and other styles

28

Xue, Lei, Xiaobo Ma, Xiapu Luo, Edmond W. W. Chan, Tony T. N. Miu, and Guofei Gu. "LinkScope: Toward Detecting Target Link Flooding Attacks." IEEE Transactions on Information Forensics and Security 13, no. 10 (October 2018): 2423–38. http://dx.doi.org/10.1109/tifs.2018.2815555.

Full text

APA, Harvard, Vancouver, ISO, and other styles

29

Mink, Dustin M., Jeffrey McDonald, Sikha Bagui, William B. Glisson, Jordan Shropshire, Ryan Benton, and Samuel Russ. "Near-Real-Time IDS for the U.S. FAA’s NextGen ADS-B." Big Data and Cognitive Computing 5, no. 2 (June 16, 2021): 27. http://dx.doi.org/10.3390/bdcc5020027.

Full text

Abstract:

Modern-day aircraft are flying computer networks, vulnerable to ground station flooding, ghost aircraft injection or flooding, aircraft disappearance, virtual trajectory modifications or false alarm attacks, and aircraft spoofing. This work lays out a data mining process, in the context of big data, to determine flight patterns, including patterns for possible attacks, in the U.S. National Air Space (NAS). Flights outside the flight patterns are possible attacks. For this study, OpenSky was used as the data source of Automatic Dependent Surveillance-Broadcast (ADS-B) messages, NiFi was used for data management, Elasticsearch was used as the log analyzer, Kibana was used to visualize the data for feature selection, and Support Vector Machine (SVM) was used for classification. This research provides a solution for attack mitigation by packaging a machine learning algorithm, SVM, into an intrusion detection system and calculating the feasibility of processing US ADS-B messages in near real time. Results of this work show that ADS-B network attacks can be detected using network attack signatures, and volume and velocity calculations show that ADS-B messages are processable at the scale of the U.S. Next Generation (NextGen) Air Traffic Systems using commodity hardware, facilitating real time attack detection. Precision and recall close to 80% were obtained using SVM.

APA, Harvard, Vancouver, ISO, and other styles

30

Anugrah, Ino, and Raden Hengki Rahmanto. "Sistem Keamanan Jaringan Local Area Network Menggunakan Teknik De-Militarized Zone." PIKSEL : Penelitian Ilmu Komputer Sistem Embedded and Logic 5, no. 2 (February 25, 2018): 91–106. http://dx.doi.org/10.33558/piksel.v5i2.271.

Full text

Abstract:

ABSTRACT Islamic University”45” computer network needs a safe network to strengthen the network security systems to protect servers from attacks such as Port Scanning and DoS attack (Denial of Service). One of the network security techniques is De-Militarized Zone (DMZ) that is a mechanism to protect the internal system from hacker attacks or other parties who want to enter the system with no access. The purpose of this Project is to implement LAN network security system using De-Militarized Zone (DMZ) technique, with a single firewall that supports the internal and external networks. The results of the DMZ technique implementation at the Islamic University's "45", it is found that filter DoS attack can be implemented well. Data analysis results show DoS attack with the type of ICMP Flooding attack, and UDP Flooding attack can be blocked with Percentage of success is 98%. Keywords : attack, network security, de-militarized zone ABSTRAK Jaringan komputer Universitas Islam “45” memerlukan keamanan jaringan untuk dapat memperkuat sistem keamanan jaringan pada server dari serangan seperti Port Scanning dan DoS (Denial of Service). Salah satu teknik keamanan jaringan yaitu De-Militarized Zone (DMZ) yang merupakan mekanisme untuk melindungi sistem internal dari serangan hacker atau pihak-pihak lain yang ingin memasuki sistem tanpa mempunyai hak akses. Tujuan Tugas Akhir ini adalah untuk mengimplementasikan sistem keamanan jaringan LAN menggunakan teknik De-Militarized Zone (DMZ). metode dasar adalah dengan menggunakan firewall tunggal yang menjadi penyangga jaringan internal dan external. Hasil penelitian implementasi teknik DMZ pada layanan server jaringan komputer Universitas Islam “45” dapat melakukan filter DoS attack dengan baik, data hasil analisa menunjukan DoS attack dengan jenis ICMP Flooding attack, dan UDP Flooding attack dapat di-block dengan Persentase keberhasilan sebesar 98%. Kata kunci : Serangan, Keamanan jaringan, De-Militarized Zone

APA, Harvard, Vancouver, ISO, and other styles

31

Nazih, Waleed, Yasser Hifny, Wail Elkilani, Tamer Abdelkader, and Hossam Faheem. "Efficient Detection of Attacks in SIP Based VoIP Networks Using Linear l1-SVM Classifier." International Journal of Computers Communications & Control 14, no. 4 (August 5, 2019): 518–29. http://dx.doi.org/10.15837/ijccc.2019.4.3563.

Full text

Abstract:

The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signaling function in Voice over IP (VoIP) networks. The SIP protocol is very popular because of its flexibility, simplicity, and easy implementation, so it is a target of many attacks. In this paper, we propose a new system to detect the Denial of Service (DoS) attacks (i.e. malformed message and invite flooding) and Spam over Internet Telephony (SPIT) attack in the SIP based VoIP networks using a linear Support Vector Machine with l1 regularization (i.e. l1-SVM) classifier. In our approach, we project the SIP messages into a very high dimensional space using string based n-gram features. Hence, a linear classifier is trained on the top of these features. Our experimental results show that the proposed system detects malformed message, invite flooding, and SPIT attacks with a high accuracy. In addition, the proposed system outperformed other systems significantly in the detection speed.

APA, Harvard, Vancouver, ISO, and other styles

32

Dhanapal A and Nithyanandam P. "The HTTP Flooding Attack Detection to Secure and Safeguard Online Applications in the Cloud." International Journal of Information System Modeling and Design 10, no. 3 (July 2019): 41–58. http://dx.doi.org/10.4018/ijismd.2019070103.

Full text

Abstract:

Cloud computing is the cutting edge and has become inevitable in all forms of computing. This is due to its nature of elasticity, cost-effectiveness, availability, etc. The online applications like e-commerce, and e-healthcare applications are moving to the cloud to reduce their operational cost. These applications have the vulnerability of a HTTP flooding Distributed Denial of Service attack in the cloud. This flooding attack aims to overload the application, making it unable to process genuine requests and bring it down. So, these applications need to be secured and safeguarded against such attacks. This HTTP flooding attack is one of the key challenging issues as it shows normal behaviour with regard to all lower networking layers like TCP 3-way handshaking by mimicking genuine requests and it is even harder in the cloud due to the cloud properties. This article offers a solution for detecting a HTTP flooding attack in the cloud by using the novel TriZonal Linear Prediction (TLP) model. The solution was implemented using OpenStack and the FIFA Worldcup '98 data set for experimentation.

APA, Harvard, Vancouver, ISO, and other styles

33

Ghazali. "Flooding Distributed Denial of Service Attacks-A Review." Journal of Computer Science 7, no. 8 (August 1, 2011): 1218–23. http://dx.doi.org/10.3844/jcssp.2011.1218.1223.

Full text

APA, Harvard, Vancouver, ISO, and other styles

34

Al-Allouni, H., A. Rohiem, M. Hashem, and A. El-moghazy. "Problems of SIP Flooding Attacks Anomaly Detection Algorithms." International Conference on Electrical Engineering 7, no. 7 (May 1, 2010): 1–14. http://dx.doi.org/10.21608/iceeng.2010.33241.

Full text

APA, Harvard, Vancouver, ISO, and other styles

35

Jian Yuan and K. Mills. "Monitoring the Macroscopic Effect of DDoS Flooding Attacks." IEEE Transactions on Dependable and Secure Computing 2, no. 4 (October 2005): 324–35. http://dx.doi.org/10.1109/tdsc.2005.50.

Full text

APA, Harvard, Vancouver, ISO, and other styles

36

Yeung, Daniel S., Shuyuan Jin, and Xizhao Wang. "Covariance-Matrix Modeling and Detecting Various Flooding Attacks." IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans 37, no. 2 (March 2007): 157–69. http://dx.doi.org/10.1109/tsmca.2006.889480.

Full text

APA, Harvard, Vancouver, ISO, and other styles

37

Baik, Namkyun, and Namhi Kang. "Multi-Phase Detection of Spoofed SYN Flooding Attacks." International Journal of Grid and Distributed Computing 11, no. 3 (March 31, 2018): 23–32. http://dx.doi.org/10.14257/ijgdc.2018.11.3.03.

Full text

APA, Harvard, Vancouver, ISO, and other styles

38

Wang, Shangguang, Qibo Sun, Hua Zou, and Fangchun Yang. "Detecting SYN flooding attacks based on traffic prediction." Security and Communication Networks 5, no. 10 (February 24, 2012): 1131–40. http://dx.doi.org/10.1002/sec.428.

Full text

APA, Harvard, Vancouver, ISO, and other styles

39

Alsulaiman, Lama, and Saad Al-Ahmadi. "Performance Evaluation of Machine Learning Techniques for DOS Detection in Wireless Sensor Network." International Journal of Network Security & Its Applications 13, no. 2 (March 31, 2021): 21–29. http://dx.doi.org/10.5121/ijnsa.2021.13202.

Full text

Abstract:

The nature of Wireless Sensor Networks (WSN) and the widespread of using WSN introduce many security threats and attacks. An effective Intrusion Detection System (IDS) should be used to detect attacks. Detecting such an attack is challenging, especially the detection of Denial of Service (DoS) attacks. Machine learning classification techniques have been used as an approach for DoS detection. This paper conducted an experiment using Waikato Environment for Knowledge Analysis (WEKA)to evaluate the efficiency of five machine learning algorithms for detecting flooding, grayhole, blackhole, and scheduling at DoS attacks in WSNs. The evaluation is based on a dataset, called WSN-DS. The results showed that the random forest classifier outperforms the other classifiers with an accuracy of 99.72%.

APA, Harvard, Vancouver, ISO, and other styles

40

Bdair Alghuraibawi, Adnan Hasan, Rosni Abdullah, Selvakumar Manickam, and Zaid Abdi Alkareem Alyasseri. "Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detection system: A comprehensive review." International Journal of Electrical and Computer Engineering (IJECE) 11, no. 6 (December 1, 2021): 5216. http://dx.doi.org/10.11591/ijece.v11i6.pp5216-5228.

Full text

Abstract:

Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.

APA, Harvard, Vancouver, ISO, and other styles

41

Bi, Jia Na, and E. Xu. "A Secure and Energy-Efficient Rooting Protocol for WSN." Applied Mechanics and Materials 347-350 (August 2013): 1699–704. http://dx.doi.org/10.4028/www.scientific.net/amm.347-350.1699.

Full text

Abstract:

In directed diffusion rooting protocol, interest and exploratory data are disseminated by flooding, which will bring broadcast storm resulting in substantial energy consumption of wireless sensor networks. Grid-based directed diffusion rooting protocol can improve energy efficiency where geographic grids are constructed by self-organization of nodes using location information. Flooding of interest and exploratory data is limited in grid head nodes. But grid-based directed diffusion rooting protocol considers less about security. To adapt to environments with high security requirements, traffic attack detection and secure data aggregation schemes are added to grid-based directed diffusion rooting protocol. Simulation shows that the proposed schemes can real-time predict traffic attacks and improve accuracy of data aggregation results when networks are under attacks. At the same time, the protocol consumes less energy and extends lifetime of networks.

APA, Harvard, Vancouver, ISO, and other styles

42

Jatmika, Andy Hidayat, I. Made Windra Yudistiana, and Ariyan Zubaidi. "Analisis Optimasi Kinerja Protokol Routing AODV dan AOMDV dengan Menggunakan Metode RFAP untuk Mencegah RREQ Flooding Attacks pada Jaringan MANET." Jurnal Teknologi Informasi, Komputer, dan Aplikasinya (JTIKA ) 1, no. 1 (March 26, 2019): 9–18. http://dx.doi.org/10.29303/jtika.v1i1.13.

Full text

Abstract:

One sector that greatly influences it is in terms of network security. This is due to the characteristics of the MANET network that are dynamic so that the MANET network is very easily disturbed by irresponsible parties. One of the attacks that can occur in MANET network is Route Request (RREQ) Flooding Attacks. In RREQ flooding attacks in the form of fake nodes that are outside the area of the network and broadcast RREQ to the destination node in the network, so that it meets the bandwidth capacity which results in a decrease in quality in determining the route of sending data or information to the destination node. To prevent the occurrence of RREQ flooding attacks, a prevention method for these attacks is required, namely the RREQ Flooding Attacks Prevention (RFAP). This method works by finding nodes that are likely to be malicious nodes then isolated from the network to be restored to normal nodes. This research will optimize the AODV and AOMDV routing protocols by adding RFAP prevention methods and knowing the performance of the two protocols in terms of throughput, average end-to-end delay and normalized routing load. Based on the results of the simulation, that the application of the method RFAP on AODV routing protocol can produce network quality is better than AOMDV protocol, both in terms of throughput, average end-to-end delay and normalized routing load.

APA, Harvard, Vancouver, ISO, and other styles

43

Elsherif, Ahmed A., and Arwa A. Aldaej. "DDOS Botnets Attacks Detection in Anomaly Traffic: A Comparative Study." Journal of Information Security and Cybercrimes Research 3, no. 1 (November 20, 2020): 64–74. http://dx.doi.org/10.26735/zrxn1433.

Full text

Abstract:

One of the major challenges that faces the acceptance and growth rate of business and governmental sites is a Botnet-based DDoS attack. A flooding DDoS strikes a victim machine by means of sending a vast amount of malicious traffic, causing a significant drop in the service quality (QoS) in IoT devices. Nonetheless, it is not that easy to detect and tackle flooding DDoS attacks, owing to the significant number of attacking machines, the usage of source-address spoofing, and the common areas shared between legitimate and malicious traffic. New kinds of attacks are identified daily, and some remain undiscovered, accordingly, this paper aims to improve the traffic classification algorithm of network traffic, that hackers use to try to be ambiguous or misleading. A recorded simulated traffic was used for both samples; normal and DDoS attack traffic, approximately 104.000 cases of each, where both datasets -which were created for this study- represent the input data in order to create a classification model, to be used as a tool to mitigate the risk of being attacked. The next step is putting datasets in a format suitable for classification. This process is done through preprocessing techniques, to convert categorical data into numerical data. A classification process is applied to capture datasets, to create a classification model, by using five classification algorithms which are; Decision Tree, Support Vector Machine, Naive Bayes, K-Neighbours and Random Forest. The core code used for classification is the python code, which is controlled by a user interface. The highest prediction, precision and accuracy are obtained using the Decision Tree and Random Forest classification algorithms, which also have the lowest processing time.

APA, Harvard, Vancouver, ISO, and other styles

44

Poongodi, M., and S. Bose. "A Firegroup Mechanism to Provide Intrusion Detection and Prevention System Against DDos Attack in Collaborative Clustered Networks." International Journal of Information Security and Privacy 8, no. 2 (April 2014): 1–18. http://dx.doi.org/10.4018/ijisp.2014040101.

Full text

Abstract:

Distributed Denial of Service (DDOS) attacks are the major concern for security in the collaborative networks. Although non DDOS attacks are also make the network performances poor, the effect of DDOS attacks is severe. In DDOS attacks, flooding of the particular node as victim and jam it with massive traffic happens and the complete network performance is affected. In this paper, a novel Intrusion Detection and Prevention System is designed which detects the flooding DDOS attacks based on Firecol and prevents the attacks based on Dynamic Growing Self Organizing Tree (DGSOT) for collaborative networks. Simulation results in NS2 shows that DGSOT with Firecol (Firegroup) produces better intrusion detection and prevention system. Performance metrics based on the parameters delay, throughput, average path length, packet data ratio and energy conservation are better in Firegroup than the traditional Firecol system.

APA, Harvard, Vancouver, ISO, and other styles

45

Lutscher, Philipp M., Nils B. Weidmann, Margaret E. Roberts, Mattijs Jonker, Alistair King, and Alberto Dainotti. "At Home and Abroad: The Use of Denial-of-service Attacks during Elections in Nondemocratic Regimes." Journal of Conflict Resolution 64, no. 2-3 (July 25, 2019): 373–401. http://dx.doi.org/10.1177/0022002719861676.

Full text

Abstract:

In this article, we study the political use of denial-of-service (DoS) attacks, a particular form of cyberattack that disables web services by flooding them with high levels of data traffic. We argue that websites in nondemocratic regimes should be especially prone to this type of attack, particularly around political focal points such as elections. This is due to two mechanisms: governments employ DoS attacks to censor regime-threatening information, while at the same time, activists use DoS attacks as a tool to publicly undermine the government’s authority. We analyze these mechanisms by relying on measurements of DoS attacks based on large-scale Internet traffic data. Our results show that in authoritarian countries, elections indeed increase the number of DoS attacks. However, these attacks do not seem to be directed primarily against the country itself but rather against other states that serve as hosts for news websites from this country.

APA, Harvard, Vancouver, ISO, and other styles

46

Zhao, Min, Danyang Qin, Ruolin Guo, and Guangchao Xu. "Efficient Protection Mechanism Based on Self-Adaptive Decision for Communication Networks of Autonomous Vehicles." Mobile Information Systems 2020 (June 10, 2020): 1–9. http://dx.doi.org/10.1155/2020/2168086.

Full text

Abstract:

The communication network of autonomous vehicles is composed of multiple sensors working together, and its dynamic topology makes it vulnerable to common attacks such as black hole attack, gray hole attack, rushing attack, and flooding attack, which pose a threat to the safety of passengers and vehicles; most of the existing safety detection mechanisms for a vehicle can only detect attacks but cannot intelligently defend against attacks. To this end, an efficient protection mechanism based on self-adaptive decision (SD-EPM) is proposed, which is divided into the offline phase and the online phase. The online phase consists of two parts: intrusion detection and efficient response. Attack detection and defense in the vehicular ad hoc networks (VANETs) are performed in terms of the attack credibility value (AC), the network performance attenuation value (NPA), and the list of self-adaptive decision. The simulation results show that the proposed mechanism can correctly identify the attack and respond effectively to different attack types. And, the negative impact on VANETs is small.

APA, Harvard, Vancouver, ISO, and other styles

47

Jaideep, Gera, and Bhanu Prakash Battula. "Detection of DDOS attacks in distributed peer to peer networks." International Journal of Engineering & Technology 7, no. 2.7 (March 18, 2018): 1051. http://dx.doi.org/10.14419/ijet.v7i2.7.12227.

Full text

Abstract:

Peer to Peer (P2P) network in the real world is a class of systems that are made up of thousands of nodes in distributed environments. The nodes are decentralized in nature. P2P networks are widely used for sharing resources and information with ease. Gnutella is one of the well known examples for such network. Since these networks spread across the globe with large scale deployment of nodes, adversaries use them as a vehicle to launch DDoS attacks. P2P networks are exploited to make attacks over hosts that provide critical services to large number of clients across the globe. As the attacker does not make a direct attack it is hard to detect such attacks and considered to be high risk threat to Internet based applications. Many techniques came into existence to defeat such attacks. Still, it is an open problem to be addressed as the flooding-based DDoS is difficult to handle as huge number of nodes are compromised to make attack and source address spoofing is employed. In this paper, we proposed a framework to identify and secure P2P communications from a DDoS attacks in distributed environment. Time-to-Live value and distance between source and victim are considered in the proposed framework. A special agent is used to handle information about nodes, their capacity, and bandwidth for efficient trace back. A Simulation study has been made using NS2 and the experimental results reveal the significance of the proposed framework in defending P2P network and target hosts from high risk DDoS attacks.

APA, Harvard, Vancouver, ISO, and other styles

48

Ponnuviji, N. P., and M. Vigilson Prem. "An Enhanced Way of Distributed Denial of Service Attack Detection by Applying Machine Learning Algorithms in Cloud Computing." Journal of Computational and Theoretical Nanoscience 17, no. 8 (August 1, 2020): 3765–69. http://dx.doi.org/10.1166/jctn.2020.9317.

Full text

Abstract:

Cloud Computing has revolutionized the Information Technology by allowing the users to use variety number of resources in different applications in a less expensive manner. The resources are allocated to access by providing scalability flexible on-demand access in a virtual manner, reduced maintenance with less infrastructure cost. The majority of resources are handled and managed by the organizations over the internet by using different standards and formats of the networking protocols. Various research and statistics have proved that the available and existing technologies are prone to threats and vulnerabilities in the protocols legacy in the form of bugs that pave way for intrusion in different ways by the attackers. The most common among attacks is the Distributed Denial of Service (DDoS) attack. This attack targets the cloud’s performance and cause serious damage to the entire cloud computing environment. In the DDoS attack scenario, the compromised computers are targeted. The attacks are done by transmitting a large number of packets injected with known and unknown bugs to a server. A huge portion of the network bandwidth of the users’ cloud infrastructure is affected by consuming enormous time of their servers. In this paper, we have proposed a DDoS Attack detection scheme based on Random Forest algorithm to mitigate the DDoS threat. This algorithm is used along with the signature detection techniques and generates a decision tree. This helps in the detection of signature attacks for the DDoS flooding attacks. We have also used other machine learning algorithms and analyzed based on the yielded results.

APA, Harvard, Vancouver, ISO, and other styles

49

Hsu, Fu-Hau, Chia-Hao Lee, Chun-Yi Wang, Rui-Yi Hung, and YungYu Zhuang. "DDoS Flood and Destination Service Changing Sensor." Sensors 21, no. 6 (March 11, 2021): 1980. http://dx.doi.org/10.3390/s21061980.

Full text

Abstract:

In this paper, we aim to detect distributed denial of service (DDoS) attacks, and receive a notification of destination service, changing immediately, without the additional efforts of other modules. We designed a kernel-based mechanism to build a new Transmission Control Protocol/Internet Protocol (TCP/IP) connection smartly by the host while the users or clients not knowing the location of the next host. Moreover, we built a lightweight flooding attack detection mechanism in the user mode of an operating system. Given that reinstalling a modified operating system on each client is not realistic, we managed to replace the entry of the system call table with a customized sys_connect. An effective defense depends on fine detection and defensive procedures. In according with our experiments, this novel mechanism can detect flooding DDoS successfully, including SYN flood and ICMP flood. Furthermore, through cooperating with a specific low cost network architecture, the mechanism can help to defend DDoS attacks effectively.

APA, Harvard, Vancouver, ISO, and other styles

50

Argyraki, K., and D. R. Cheriton. "Scalable Network-Layer Defense Against Internet Bandwidth-Flooding Attacks." IEEE/ACM Transactions on Networking 17, no. 4 (August 2009): 1284–97. http://dx.doi.org/10.1109/tnet.2008.2007431.

Full text

APA, Harvard, Vancouver, ISO, and other styles

We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!