scispace - formally typeset
Search or ask a question
Author

K. Narasimha Mallikarjunan

Bio: K. Narasimha Mallikarjunan is an academic researcher from Thiagarajar College of Engineering. The author has contributed to research in topics: Denial-of-service attack & Application layer DDoS attack. The author has an hindex of 3, co-authored 6 publications receiving 58 citations.

Papers
More filters
Proceedings ArticleDOI
01 Jan 2016
TL;DR: The overview of the state of art in DDoS attack detection strategies is introduced and it is shown that the group of systems that are used to perform the DoS attack is known as the botnets.
Abstract: Information security deals with a large number of subjects like spoofed message detection, audio processing, video surveillance and cyber-attack detections. However the biggest threat for the homeland security is cyber-attacks. Distributed Denial of Service attack is one among them. Interconnected systems such as database server, web server, cloud computing servers etc., are now under threads from network attackers. Denial of service is common attack in the internet which causes problem for both the user and the service providers. Distributed attack sources can be used to enlarge the attack in case of Distributed Denial of Service so that the effect of the attack will be high. Distributed Denial of Service attacks aims at exhausting the communication and computational power of the network by flooding the packets through the network and making malicious traffic in the network. In order to be an effective service the DDoS attack must be detected and mitigated quickly before the legitimate user access the attacker's target. The group of systems that is used to perform the DoS attack is known as the botnets. This paper introduces the overview of the state of art in DDoS attack detection strategies.

56 citations

Book ChapterDOI
01 Jan 2019
TL;DR: The experimental results on the real-time dataset confirm that the proposed machine learning approach can effectively detect network anomalies with high detection rate and low false positive rate.
Abstract: Dealing the Distributed Denial of Service (DDoS) attack is a continuing challenge in the field of network security. An Intrusion Detection System (IDS) is one of the solutions to detect the DDoS attack. The IDS system should always be updated with the attack disincentive to preserve the network security service. In this paper, we propose a new approach for anomaly detection using machine learning to secure the network and to determine the attack patterns. The major contribution is to create real-time dataset and to use the naive Bayes algorithm as a classifier for detecting and comparing its performance with the existing classifiers like random forest and J48 algorithm. The experimental results on the real-time dataset confirm that the proposed machine learning approach can effectively detect network anomalies with high detection rate and low false positive rate.

11 citations

Book ChapterDOI
01 Jan 2019
TL;DR: The proposed fog computing-based security approach has an attack forecasting module based on Gaussian process regression model, attack detection module using cognitive approach and correlation analysis, and fuzzy-based incident response module to handle the attacks.
Abstract: Internet of things (IoT) security continues to be a serious problem as the number of connected devices massively increasing day by day Autonomic security approaches are required for IoT applications to handle the exponentially growing attacks generated from the increasing number of connected devices With the limited computational and storage capabilities of IoT devices, it is difficult to implement autonomic capability at each device Hence, fog computing can be used to provide autonomic security characteristics to IoT applications The proposed fog computing-based security approach has (1) attack forecasting module based on Gaussian process regression model, (2) attack detection module using cognitive approach and correlation analysis, (3) fuzzy-based incident response module to handle the attacks The experimental results prove the effectiveness of the proposed approach in terms of detection accuracy and detection time

5 citations

Journal Article
TL;DR: This work applies cognitive analysis on the network traffic data logs to find the attacker category and infer his intentions, and proposes a Fuzzy-rule based approach to categorize the attacker.
Abstract: Computer security investigation would benefit from more information about the characteristics of the human attacker behind a security incident. Present security mechanisms focus on the characteristics of attack, rather than that of the attacker. Attacker behavior analysis is a challenging problem, as relevant data cannot be found easily. We apply cognitive analysis on the network traffic data logs to find the attacker category and infer his intentions. We propose a Fuzzy-rule based approach to categorize the attacker. To make the system more resilient, the attacker’s profile is subjected to behavioral analysis. Real time case study results assert that the proposed technique achieves a good accuracy in classifying the attacker, by discovering the attacker’s behavioral pattern. Further it can be used to assist security and forensic investigators in profiling human attackers.

3 citations

Book ChapterDOI
01 Jan 2019
TL;DR: The proposed DTMC technique proves to have improved results using stochastic modeling, which can be used for attack process modeling by dependability evaluation and to determine the security metrics, such as steady-state security and mean time to security failure quantitatively.
Abstract: One of the important phases of the computer system is to evaluate its security level. Increase in technology has brought more sophisticated intrusions with which the network security has become more challenging. Even though practically we cannot build a perfect system which is fully secure, we can ensure the security level of the system by quantitatively evaluating it, so that the system can be protected against many attacks. Security evaluation provided the probability of success in an intrusion system. The proposed technique involves converting a semi-Markov chain to proceed further as a discrete-time Markov chain to find the success rate of an attacker and the progression of an attacker over time is computed. The proposed DTMC model is analyzed to determine the security metrics, such as steady-state security and mean time to security failure quantitatively. The proposed DTMC technique proves to have improved results using stochastic modeling, which can be used for attack process modeling by dependability evaluation.

1 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This survey is a comprehensive approach which includes general DDoS attack motivations and specific reasons why attackers prefer IoT devices to launch DDoS attacks, and proposes to implement an essential first line of defense for IoT devices.
Abstract: A distributed denial of service (DDoS) attack is an attempt to partially or completely shut down the targeted server with a flood of internet traffic. The primary aim of this attack is to disrupt regular traffic flow to the victim’s server or network. DDoS attacks are volumetric attacks, and non-legacy IoT devices with low security such as webcams, baby monitoring devices and printers are compromised to form a botnet. High traffic from compromised IoT devices is rerouted to servers to disrupt their regular services. DDoS attacks are to an extent covered in the research literature. However, existing research do not discuss all DDoS attacks on general servers and botnet attacks on IoT devices and suggest few detection and mitigation solutions which are limited to addressing attacks on the cloud environment. Existing survey focuses either on the cloud layer or the IoT layer. A complete survey of DDoS attacks for both IoT and the cloud environment is not present in the current literature. Our survey is a comprehensive approach which includes general DDoS attack motivations and specific reasons why attackers prefer IoT devices to launch DDoS attacks. Various attack methods to compromise IoT devices and tools used to deploy botnet-infected IoT devices for DDoS attacks on the cloud layer are presented. A detailed attack classification on IoT devices and the cloud environment is presented considering that IoT devices are first compromised and then used by attackers against their primary targets on the cloud layer. Various state-of-the-art defense measures in the current literature for defense against DDoS attacks are present. Suggestions to implement an essential first line of defense for IoT devices are suggested. Our paper, to the best of our knowledge, is first to provide a holistic study of DDoS attacks from IoT devices to the cloud environment.

95 citations

Journal ArticleDOI
TL;DR: A new definition for the IoT is provided, in addition to a taxonomy of network forensic solutions, that were developed for both conventional, as well as, the IoT settings and the applicability of deep learning in network forensics is investigated.
Abstract: The constant miniaturization of hardware and an increase in power efficiency, have made possible the integration of intelligence into ordinary devices. This trend of augmenting so-called non-intelligent everyday devices with computational capabilities has led to the emergence of the Internet of Things (IoT) domain. With a wide variety of applications, such as home automation, smart grids/cities, and critical infrastructure management, the IoT systems make compelling targets for cyber-attacks. In order to effectively compromise these systems, adversaries employ different advanced persistent threat (APT) methods, with one such sophisticated method, being botnets. By employing a plethora of infected machines (bots), attackers manage to compromise the IoT systems and exploit them. Prior to the appearance of the IoT domain, specialized digital forensics mechanisms were developed, in order to investigate Botnet activities in small-scale systems. Since IoT enabled botnets are scalable, technologically diverse and make use of current high-speed networks, developing forensic mechanisms capable of investigating the IoT Botnet activities has become an important challenge in the cyber-security field. Various studies have proposed, deep learning as a viable solution for handling the IoT generated data, as it was designed to handle diverse data in large volumes, requiring near real-time processing. In this study, we provide a review of forensics and deep learning mechanisms employed to investigate botnets and their applicability in the IoT environments. We provide a new definition for the IoT, in addition to a taxonomy of network forensic solutions, that were developed for both conventional, as well as, the IoT settings. Furthermore, we investigate the applicability of deep learning in network forensics, the inherent challenges of applying network forensics techniques to the IoT, and provide future direction for research in this field.

88 citations

Journal ArticleDOI
TL;DR: A bibliographical review of definitions, classifications and applications concerning cyber attacks in networked control systems (NCSs) and cyber-physical systems (CPSs) from a control-oriented perspective.

81 citations

Journal ArticleDOI
TL;DR: A novel hybrid framework based on data stream approach for detecting DDoS attack with incremental learning is proposed and the naive Bayes, random forest, decision tree, multilayer perceptron (MLP), and k-nearest neighbors (K-NN) on the proxy side to make better results.

74 citations

Journal ArticleDOI
TL;DR: In this paper, a comprehensive survey of the unique security vulnerabilities exposed by the federated learning ecosystem is provided, highlighting the vulnerabilities sources, key attacks on FL, defenses, as well as their unique challenges.
Abstract: With more regulations tackling the protection of users’ privacy-sensitive data in recent years, access to such data has become increasingly restricted. A new decentralized training paradigm, known as Federated Learning (FL), enables multiple clients located at different geographical locations to learn a machine learning model collaboratively without sharing their data. While FL has recently emerged as a promising solution to preserve users’ privacy, this new paradigm’s potential security implications may hinder its widespread adoption. The existing FL protocols exhibit new unique vulnerabilities that adversaries can exploit to compromise the trained model. FL is often preferred in learning environments where security and privacy are the key concerns. Therefore, it is crucial to raise awareness of the consequences resulting from the new threats to FL systems. To date, the security of traditional machine learning systems has been widely examined. However, many open challenges and complex questions are still surrounding FL security. In this paper, we bridge the gap in FL literature by providing a comprehensive survey of the unique security vulnerabilities exposed by the FL ecosystem. We highlight the vulnerabilities sources, key attacks on FL, defenses, as well as their unique challenges, and discuss promising future research directions towards more robust FL.

72 citations