scispace - formally typeset
Search or ask a question
Topic

DDoS mitigation

About: DDoS mitigation is a research topic. Over the lifetime, 237 publications have been published within this topic receiving 8082 citations.


Papers
More filters
01 Jan 2015
TL;DR: This work designs an algorithm which is based on threshold vector to detect DDOS for cloud and provides a security for DDOS by designing an image text fusion turing which improves the security of the system.
Abstract: Cloud computing is been the interesting topic in recent time. It provides and offers various services to end user or clients. Cloud provides a storage services which is stored in it data center but user always feel insecure of their virtualized storage data. So security is always an issue specially security risk like including Distributed Denial of Service (DDOS) attack.Many cloud providers like amazon, drop box provide service based on http protocol.So here we propose efficient DDOS mitigation system for cloud environment. Here we design an algorithm which is based on threshold vector to detect DDOS for cloud. We tested our approach on different http data set and found that our system improves the detection accuracy of DDOS in Cloud. We also provide a security for DDOS by designing an image text fusion turing which improves the security of our system. We designed and implemented our system and also evaluated the performance which shows that our system works efficiently to mitigate the DDOS traffic from the Internet.
Posted Content
TL;DR: In this article, the authors focus on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the context of 5G MEC, providing solutions that involve the virtualized environment and the management entities from the MEC architecture.
Abstract: Multi-access Edge Computing (MEC) is a 5G-enabling solution that aims to bring cloud-computing capabilities closer to the end-users. This paper focuses on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the context of 5G MEC, providing solutions that involve the virtualized environment and the management entities from the MEC architecture. The proposed solutions aim to reduce the risk of affecting legitimate traffic in the context of DDoS attacks. Our work supports the idea of using a network flow collector that sends the data to an anomaly detection system based on artificial intelligence techniques and, as an improvement over the previous work, it contributes to redirecting detected anomalies for isolation to a separate virtual machine. This virtual machine uses deep packet inspection tools to analyze the traffic and provides services until the final verdict. We decrease the risk of compromising the virtual machine that provides services to legitimate users by isolating the suspicious traffic. The management entities of the MEC architecture allow to re-instantiate or reconfigure the virtual machines. Hence, if the machine inspecting the isolated traffic crashes because of an attack, the damaged machine can be restored while the services provided to legitimate users are not affected.
Patent
15 Jan 2020
TL;DR: In this article, a plurality of traffic logs (16) recorded at one or more network elements during DDoS attacks are analyzed and a DDoS mitigation device is configured as a function of the determined transaction sources such as e.g. a firewall, a router or other appliances having a traffic filtering function.
Abstract: An apparatus (20) may access (25) a plurality of traffic logs (16) recorded at one or more network elements during a plurality of distributed denial of service (DDoS) attacks. A traffic log (16) comprises source information relating to transaction sources from which transactions received by a said network element during a said DDoS attack originate. The apparatus (20) may correlating the traffic logs (16) to determine transaction sources of that appear in a number of traffic logs higher than a defined threshold. The apparatus (20) may configure (27) a DDoS mitigation device (29) as a function of the determined transaction sources such as e.g. a firewall, a router or other appliances having a traffic filtering function.
Posted Content
TL;DR: In this paper, two methods based on the ability of Variational Autoencoders to learn latent representations from network traffic flows are proposed, one based on a classifier and the other based on an anomaly detection method where the variational autoencoder is used to learn the abstract feature representations of exclusively legitimate traffic.
Abstract: DoS and DDoS attacks have been growing in size and number over the last decade and existing solutions to mitigate these attacks are in general inefficient. Compared to other types of malicious cyber attacks, DoS and DDoS attacks are particularly more challenging to combat. With their ability to mask themselves as legitimate traffic, developing methods to detect these types of attacks on a packet or flow level, has proven to be a difficult task. In this paper, we explore the potential of Variational Autoencoders to serve as a component within an intelligent security solution that differentiates between normal and malicious traffic. Two methods based on the ability of Variational Autoencoders to learn latent representations from network traffic flows are proposed. The first method resorts to a classifier based on the latent encodings obtained from Variational Autoencoders learned from traffic traces. The second method is rather an anomaly detection method where the Variational Autoencoder is used to learn the abstract feature representations of exclusively legitimate traffic. Then anomalies are filtered out by relying on the reconstruction loss of the Variational Autoencoder. Both of the proposed methods have been thoroughly tested on two separate datasets with a similar feature space. The results show that both methods are promising, with a slight superiority of the classifier based method over the anomaly based one. %that the first method is able to successfully detect individual traffic flows with high precision on the training and validation data, slightly less successfully on the test data. For the second method, the Variational Autoencoder will require further adjustments to be able to sufficiently filter out anomalies from network traffic flows.
Journal ArticleDOI
TL;DR: In this model using HSMM observations are performed in milliseconds for the analysis of network traffic flow packets, this result in optimal detection and mitigation of DDoS attack.
Abstract: Distributed Denial of Service (DDoS) remains a serious problem in cyber security. Some recent DDoS incidents show that such attacks continue to cause serious threats to the Internet. It does not allow the legitimate users to access the resources provided by the servers. With the growth in technology, the DDoS attackers have improved their sophistication, by automating the attacks. The attackers exploit the protocol vulnerabilities to create these kinds of DDoS attacks. The detection of DDoS attack is complicated, since they mix with the legitimate packet traffic. Later separation of DDoS attack packets from legitimate packet is highly difficult, since false DDoS alarm may lead to blocking a legitimate packet. The rate of arrival of the packets is very high in the case of DDoS attack; it’s the same in the case of the flash crowd. This makes the detection of DDoS even more difficult. The proposed model uses the Hidden Semi-Markov model (HSMM) which is an extension of the Hidden Markov model (HMM) deals with explicit state duration. In this model using HSMM observations are performed in milliseconds for the analysis of network traffic flow packets, this result in optimal detection and mitigation of DDoS attack.

Network Information
Related Topics (5)
Server
79.5K papers, 1.4M citations
85% related
Network packet
159.7K papers, 2.2M citations
84% related
Mobile computing
51.3K papers, 1M citations
84% related
Wireless ad hoc network
49K papers, 1.1M citations
83% related
Wireless network
122.5K papers, 2.1M citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202119
202034
201932
201831
201728
201618