Showing papers on "Denial-of-service attack published in 2013"
TL;DR: The primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.
Abstract: Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks. In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.
1,153 citations
22 May 2013
TL;DR: This paper investigates effective solutions to mitigate Interest flooding and shows that NDN's inherent properties of storing per packet state on each router and maintaining flow balance provides the basis for effective DDoS mitigation algorithms.
Abstract: Distributed Denial of Service (DDoS) attacks are an ongoing problem in today's Internet, where packets from a large number of compromised hosts thwart the paths to the victim site and/or overload the victim machines. In a newly proposed future Internet architecture, Named Data Networking (NDN), end users request desired data by sending Interest packets, and the network delivers Data packets upon request only, effectively eliminating many existing DDoS attacks. However, an NDN network can be subject to a new type of DDoS attack, namely Interest packet flooding. In this paper we investigate effective solutions to mitigate Interest flooding. We show that NDN's inherent properties of storing per packet state on each router and maintaining flow balance (i.e., one Interest packet retrieves at most one Data packet) provides the basis for effective DDoS mitigation algorithms. Our evaluation through simulations shows that the solution can quickly and effectively respond and mitigate Interest flooding.
366 citations
TL;DR: It is shown that an adversary with limited resources can implement such attack, having a significant impact on network performance, and Poseidon is introduced: a framework for detecting and mitigating interest flooding attacks.
Abstract: Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.
328 citations
TL;DR: This work proposes a multiphase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph-based analytical models and reconfigurable virtual network-based countermeasures to significantly improve attack detection and mitigate attack consequences.
Abstract: Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multistep exploitation, low-frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multiphase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph-based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages OpenFlow network programming APIs to build a monitor and control plane over distributed programmable virtual switches to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution.
317 citations
01 Oct 2013
TL;DR: A denial-of-service (DoS) detection architecture for 6LoWPAN, the standard protocol designed by IETF as an adaptation layer for low-power lossy networks enabling low- power devices to communicate with the Internet, is presented.
Abstract: Smart objects connected to the Internet, constituting the so called Internet of Things (IoT), are revolutionizing human beings' interaction with the world. As technology reaches everywhere, anyone can misuse it, and it is always essential to secure it. In this work we present a denial-of-service (DoS) detection architecture for 6LoWPAN, the standard protocol designed by IETF as an adaptation layer for low-power lossy networks enabling low-power devices to communicate with the Internet. The proposed architecture integrates an intrusion detection system (IDS) into the network framework developed within the EU FP7 project ebbits. The aim is to detect DoS attacks based on 6LoWPAN. In order to evaluate the performance of the proposed architecture, preliminary implementation was completed and tested against a real DoS attack using a penetration testing system. The paper concludes with the related results proving to be successful in detecting DoS attacks on 6LoWPAN. Further, extending the IDS could lead to detect more complex attacks on 6LoWPAN.
251 citations
15 Apr 2013
TL;DR: By applying switched system theories, the existence of DoS attacks that make the dynamics of a power system unstable is proved and it is shown that the dynamic performance of the power system is affected strongly if the adversaries launch doS attacks before the dynamicsOf the powerSystem converge.
Abstract: While open communication infrastructures are embedded into smart grids to support vast amounts of data exchange, it makes smart grids vulnerable to cyber attacks. In this paper, we investigate the effects of Denial-of-Service (DoS) attacks on load frequency control (LFC) of smart grids. In contrast with existing works, we consider the problem that how DoS attacks affect the dynamic performance of a power system. The state space model of power systems under DoS attacks is formulated as a switched system. By applying switched system theories, the existence of DoS attacks that make the dynamics of a power system unstable is proved. A two-area power system is used to conduct case studies. The dynamic performance of the power system, such as convergence and steady-state errors, is compared under different DoS attack scenarios. It is shown that the dynamic performance of the power system is affected strongly if the adversaries launch DoS attacks before the dynamics of the power system converge.
175 citations
TL;DR: Methods to mitigate resource depletion attacks at the routing protocol layer, which permanently disable networks by quickly draining nodes' battery power, are discussed, including a new proof-of-concept protocol that provably bounds the damage caused by Vampires during the packet forwarding phase.
Abstract: Ad hoc low-power wireless networks are an exciting research direction in sensing and pervasive computing. Prior security work in this area has focused primarily on denial of communication at the routing or medium access control levels. This paper explores resource depletion attacks at the routing protocol layer, which permanently disable networks by quickly draining nodes' battery power. These "Vampire” attacks are not specific to any specific protocol, but rather rely on the properties of many popular classes of routing protocols. We find that all examined protocols are susceptible to Vampire attacks, which are devastating, difficult to detect, and are easy to carry out using as few as one malicious insider sending only protocol-compliant messages. In the worst case, a single Vampire can increase network-wide energy usage by a factor of O(N), where N in the number of network nodes. We discuss methods to mitigate these types of attacks, including a new proof-of-concept protocol that provably bounds the damage caused by Vampires during the packet forwarding phase.
170 citations
Patent•
17 Dec 2013
TL;DR: In this article, a cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud based proxy service.
Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.
164 citations
01 Jan 2013
TL;DR: A general cloud-based security overlay network that can be used as a transparent overlay network to provide services such as intrusion detection systems, antivirus and antispam software, and distributed denial-of-service prevention is proposed and analyzed.
Abstract: This article proposes and analyzes a general cloud-based security overlay network that can be used as a transparent overlay network to provide services such as intrusion detection systems, antivirus and antispam software, and distributed denial-of-service prevention. The authors analyze each of these in-cloud security services in terms of resiliency, effectiveness, performance, flexibility, control, and cost.
157 citations
[...]
TL;DR: This paper proposes a secure and efficient AKA protocol, called SE-AKA, which can fit in with all of the group authentication scenarios in the LTE networks and cannot only provide strong security including privacy-preservation and KFS/KBS, but also provide a group authentication mechanism which can effectively authenticate group devices.
152 citations
TL;DR: In this article, the proposed system combines entropy based intrusion detection system with anomaly detection system for providing multilevel Distributed Denial of Service (DDoS) in cloud environment. But, it fails to detect those attacks that are not included in database.
Abstract: Computing is a recent computing model; provides consistent access to wide area distributed resources. It revolutionized the IT world with its services provision infrastructure, less maintenance cost, data and service availability assurance, rapid accessibility and scalability. Grid and Cloud Computing Intrusion Detection System (GCCIDS) detects encrypted node communication and find the hidden attack trial which inspects and detects those attacks that network based and host based can't identify. It incorporates Knowledge and behavior analysis to identify specific intrusions. Signature based IDS monitor the packets in the network and identifies those threats by matching with database but It fails to detect those attacks that are not included in database. Signature based IDS will perform poor capturing in large volume of anomalies. Another problem is that Cloud Service Provider (CSP) hides the attack that is caused by intruder, due to distributed nature; cloud environment has high possibility for vulnerable resources. By impersonating legitimate users, the intruders can use a service's abundant resources maliciously. In Proposed System we combine few concepts which are available with new intrusion detection techniques. Here to merge Entropy based System with Anomaly detection System for providing multilevel Distributed Denial of Service (DDoS). This is done in two steps: First, Users are allowed to pass through router in network site in that it incorporates Detection Algorithm and detects for legitimate user. Second, again it pass through router placed in cloud site in that it incorporates confirmation Algorithm and checks for threshold value, if it's beyond the threshold value it considered as legitimate user, else it's an intruder found in environment. This System is represented and maintained by as third party. When attack happens in environment, it sends notification message for client and advisory report to Cloud Service Provider (CSP).
04 Nov 2013
TL;DR: An Intrusion Detection System (IDS) framework for IoT empowered by IPv6 over low-power personal area network (6LoWPAN) devices which includes a monitoring system and a detection engine has been integrated into the network framework developed within the EU FP7 project `ebbits'.
Abstract: The Internet of Things (IoT) is an emerging paradigm where smart objects are seamlessly connected to the overall Internet and can potentially cooperate to achieve common objectives such as supporting innovative home automation services. With reference to such a scenario, this paper presents an Intrusion Detection System (IDS) framework for IoT empowered by IPv6 over low-power personal area network (6LoWPAN) devices. In fact, 6LoWPAN is an interesting protocol supporting the realization of IoT in a resource constrained environment. 6LoWPAN devices are vulnerable to attacks inherited from both the wireless sensor networks and the Internet protocols. The proposed IDS framework which includes a monitoring system and a detection engine has been integrated into the network framework developed within the EU FP7 project `ebbits'. A penetration testing (PenTest) system had been used to evaluate the performance of the implemented IDS framework. Preliminary tests revealed that the proposed framework represents a promising solution for ensuring better security in 6LoWPANs.
24 Oct 2013
TL;DR: MOTAG is proposed, a moving target defense mechanism that secures service access for authenticated clients against flooding DDoS attacks and develops a greedy shuffling algorithm to minimize the number of proxy re- allocations (shuffles) while maximizing attack isolation.
Abstract: Distributed Denial of Service (DDoS) attacks still pose a significant threat to critical infrastructure and Internet services alike. In this paper, we propose MOTAG, a moving target defense mechanism that secures service access for authenticated clients against flooding DDoS attacks. MOTAG employs a group of dynamic packet indirection proxies to relay data traffic between legitimate clients and the protected servers. Our design can effectively inhibit external attackers' attempts to directly bombard the network infrastructure. As a result, attackers will have to collude with malicious insiders in locating secret proxies and then initiating attacks. However, MOTAG can isolate insider attacks from innocent clients by continuously "moving" secret proxies to new network locations while shuffling client-to-proxy assignments. We develop a greedy shuffling algorithm to minimize the number of proxy re- allocations (shuffles) while maximizing attack isolation. Simulations are used to investigate MOTAG's effectiveness on protecting services of different scales against intensified DDoS attacks.
01 Oct 2013
TL;DR: In this paper, the authors introduce Poseidon, a framework for detecting and mitigating interest flooding attacks in named-data networks (NDN), and report on results of extensive simulations assessing proposed countermeasure.
Abstract: Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. CCN focuses on content distribution, which is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.
Proceedings Article•
AT&T1
TL;DR: An overview of the current threat landscape against the availability of LTE mobility networks is presented and a set of areas of focus that should be considered in mobility security in order to guarantee availability against security attacks are identified.
Abstract: Modern LTE (Long Term Evolution) cellular networks provide advanced services for billions of users that go beyond traditional voice and short messaging traffic. The recent trend of Distributed Denial of Service (DDoS) attacks impacting the availability of communication systems illustrate the importance of strengthening the resiliency of mobility networks against Denial of Service (DoS) and DDoS threats, ensuring this way full LTE network availability against security attacks. In parallel, the advent of the Advanced Persistent Threat (APT) has capsized the common assumptions about attackers and threats. When it comes to very well planned and funded cyber-attacks, the scale of the threat is not the key element anymore. Instead, scenarios such as a local DoS attack, for example, against the cell service around a large corporation's headquarters or the Stock Exchange become very relevant. Therefore, traditionally overlooked low range threats, such as radio jamming, should not be de-prioritized in security studies. In this paper we present an overview of the current threat landscape against the availability of LTE mobility networks. We identify a set of areas of focus that should be considered in mobility security in order to guarantee availability against security attacks. Finally, we introduce potential research directions, including a new attack detection layer, to tackle these problems. The final goal is to rethink the architecture of a mobility network within the current security context and threat landscape and considering the current evolution towards a near future scenario where nearly every electronic device will be connected through Machine-to-Machine (M2M) systems.
10 Oct 2013
TL;DR: This paper establishes a coupled design framework which incorporates the cyber configuration policy of Intrusion Detection Systems (IDSs) and the robust control of dynamical system and proposes design algorithms based on value iteration methods and linear matrix inequalities for computing the optimal cyber security policy and control laws.
Abstract: The integration of control systems with modern information technologies has posed potential security threats for critical infrastructures. The communication channels of the control system are vulnerable to malicious jamming and Denial-of-Service (DoS) attacks, which lead to severe time-delays and degradation of control performances. In this paper, we design resilient controllers for cyber-physical control systems under DoS attacks. We establish a coupled design framework which incorporates the cyber configuration policy of Intrusion Detection Systems (IDSs) and the robust control of dynamical system. We propose design algorithms based on value iteration methods and linear matrix inequalities for computing the optimal cyber security policy and control laws. We illustrate the design principle with an example from power systems. The results are corroborated by numerical examples and simulations.
TL;DR: A new, stealthy from the attacker's viewpoint, flavor of DNSSEC-powered amplification attack that takes advantage of the vast number of DNS forwarders out there, which demonstrates that with a proper but simple planning and a reasonable amount of resources, a determined perpetrator is able to create a large torrent of bulky DNS packets towards its target.
TL;DR: The result shows that CBF has a high scoring speed, a small storage requirement, and an acceptable filtering accuracy, which specifically satisfies the real-time filtering requirements in cloud environment.
TL;DR: The paper analyzes systems vulnerability targeted by TCP segments when SYN flag is ON, which gives space for a DoS (Denial of Service) attack called SYN flooding attack or more often referred as a SYN flood attack.
Abstract: The paper analyzes systems vulnerability targeted by TCP (Transmission Control Protocol) segments when SYN flag is ON, which gives space for a DoS (Denial of Service) attack called SYN flooding attack or more often referred as a SYN flood attack. The effects of this type of attack are analyzed and presented in OPNET simulation environment. Furthermore, the paper presents two anomaly detection algorithms as an effective mechanism against this type of attack. Finally, practical approaches against SYN flood attack for Linux and Windows environment which are followed by are shown.
18 Sep 2013
TL;DR: This paper studies slow DoS attacks, analysing in detail the current threats and presenting a proper definition and categorisation for such attacks, to provide a useful framework for the study of this field, for the analysis of network vulnerabilities, and for the proposal of innovative intrusion detection methodologies.
Abstract: Denial of service (DoS) attacks evolved and consolidated as severe security threats to network servers, not only for internet service providers but also for governments. Earlier DoS attacks involved high-bandwidth flood-based approaches exploiting vulnerabilities of networking and transport protocol layers. Subsequently, distributed DoS attacks have been introduced amplifying not only the overall attack bandwidth but also the attack source, thus eluding simple counter measures based on source filtering. Current low bit-rate approaches, instead, exploit vulnerabilities of application layer protocols to accomplish DoS or DDoS attacks. Slow DoS attacks like, e.g., slowloris are particularly dangerous because they can bring down a well equipped server using small attacker’s bandwidth, hence they can effectively run on low performance hosts, such as routers, game consoles, or mobile phones. In this paper, we study slow DoS attacks, analysing in detail the current threats and presenting a proper definition and ...
TL;DR: A model of a product interaction for DoS prevention has been developed called “IP-CHOCK” that will lead to the prevention of DoS attacks and results demonstrate that the detection rate increases when optimal numbers of nodes are forged by the attackers.
Abstract: Privacy and Security have become an indispensable matter of attention in the Vehicular Ad-Hoc Network, which is vulnerable to many security threats these days. One of them is the Denial of Service (DoS) attacks, where a malicious node forges a large number of fake identities, i.e., Internet Protocol (IP) addresses in order to disrupt the proper functioning of fair data transfer between two fast-moving vehicles. In this paper, a distributed and robust approach is presented to defend against DoS attacks. In this proposed scheme, the fake identities of malicious vehicles are analyzed with the help of consistent existing IP address information. Beacon packets are exchanged periodically by all the vehicles to announce their presence and to become aware of the next node. Each node periodically keeps a record of its database by exchanging the information in its environment. If some nodes observe that they have similar IP addresses in the database, these similar IP addresses are identified as DoS attacks. However, it can be expected that security attacks are likely to increase in the coming future due to more and more wireless applications being developed onto the well-known exposed nature of the wireless medium. In this respect, the network availability is exposed to many types of attacks. A DoS attack on the network availability is being elaborated in this paper. A model of a product interaction for DoS prevention has been developed called "IP-CHOCK" that will lead to the prevention of DoS attacks. The proposed approach will be able to locate malicious nodes without the requirement of any secret information exchange and special hardware support. Simulation results demonstrate that the detection rate increases when optimal numbers of nodes are forged by the attackers.
29 Apr 2013
TL;DR: An Attacked Packet Detection Algorithm (APDA) which is used to detect the DOS (Denial-of-Service) attacks before the verification time is proposed which minimizes the overhead delay for processing and enhances the security in VANET.
Abstract: The security of VANET (Vehicular Ad Hoc Networks) is crucial as their very existence relates to critical life threatening situations. VANET is a subtype of the MANET. In which the mobile nodes are all vehicles equipped with an On-Board Unit (OBU) that enable them to send and to receive messages to the other Nodes in the network. In addition to communication among the vehicles, VANET interface with communication points provided by on road infrastructure. Many of the Researchers have already proved about the securing safety messages. Moreover VANET face several security attacks. In existing VANET systems is using a detection algorithm to detect the attacks at the verification time in which delay overhead occurred. The various security threats are misbehaving nodes give false information, Sybil attacks, selfish driver attacks, and etc. In this paper we proposed an Attacked Packet Detection Algorithm (APDA) which is used to detect the DOS (Denial-of-Service) attacks before the verification time. This minimizes the overhead delay for processing and enhances the security in VANET.
Journal Article•
TL;DR: An effective solution is proposed for DOS based attacks which use the redundancy elimination mechanism consists of rate decreasing algorithm and state transition mechanism as its components and adds a level of security to its already existing solutions of using various alternative options to counter affect the DOS attacks.
Abstract: Vehicular Ad hoc Networks is a special kind of mobile ad hoc network to provide communication among nearby vehicles and between vehicles and nearby fixed equipments. VANETs are mainly used for improving efficiency and safety of (future) transportation. There are chances of a number of possible attacks in VANET due to open nature of wireless medium. In this paper, we have classified these security attacks and logically organized/represented in a more lucid manner based on the level of effect of a particular security attack on intelligent vehicular traffic. Also, an effective solution is proposed for DOS based attacks which use the redundancy elimination mechanism consists of rate decreasing algorithm and state transition mechanism as its components. This solution basically adds a level of security to its already existing solutions of using various alternative options like channel-switching, frequency-hopping, communication technology switching and multiple-radio transceivers to counter affect the DOS attacks. Proposed scheme enhances the security in VANETs without using any cryptographic scheme.
TL;DR: A novel solution is proposed to handle DDoS attacks in mobile ad hoc networks (MANETs) because of the properties of ad hoc network such as dynamic topologies, low battery life, multicast routing, frequency of updates or network overhead, scalability, mobile agent based routing, and power aware routing.
Abstract: Distributed Denial of Service (DDoS) attacks in the
networks needs to be prevented or handled if it occurs, as early as possible
and before reaching the victim. Dealing with DDoS attacks is difficult due to
their properties such as dynamic attack rates, various kinds of targets, big
scale of botnet, etc. Distributed Denial of Service (DDoS) attack is hard to deal
with because it is difficult to distinguish legitimate traffic from malicious
traffic, especially when the traffic is coming at a different rate from
distributed sources. DDoS attack becomes more difficult to handle if it occurs
in wireless network because of the properties of ad hoc network such as dynamic
topologies, low battery life, multicast routing, frequency of updates or
network overhead, scalability, mobile agent based routing, and power aware
routing, etc. Therefore, it is better to prevent the distributed denial of
service attack rather than allowing it to occur and then taking the necessary
steps to handle it. This paper discusses various the attack mechanisms and
problems due to DDoS attack, also how MANET can be affected by these attacks. In
addition to this, a novel solution is proposed to handle DDoS attacks in mobile
ad hoc networks (MANETs).
03 Apr 2013
TL;DR: The affect of Black hole attack is measured on the network parameters followed by the proposal of a novel technique for the detection and prevention of Blackhole attack in WSN.
Abstract: Wireless Sensor Networks (WSNs) are prone to various attacks in which Blackhole a kind of Denial of Service (DoS) attack is very difficult to detect and defend. In blackhole attack, an intruder captures and re-programs a set of nodes in the network to block the packets they receive instead of forwarding them towards the base station. As a result any information that enters the blackhole region is captured and not able to reach destination causing high end-to-end delay and low throughput. Previously little amount of work is done for detection and prevention of the Blackhole attack in the WSN making its detection and prevention very crucial as per network performance is concerned. In this paper initially the affect of Blackhole attack is measured on the network parameters followed by the proposal of a novel technique for the detection and prevention of Blackhole attack in WSN.
13 May 2013
TL;DR: This paper projected a novel automatic security mechanism using SVM to defense against malicious attack occurring in AODV and introduced new proposed algorithm for detection of attacks in Ad-hoc networks based on SVM behavioral routing protocols to detect MANET attacks.
Abstract: Topology of MANET is dynamic in nature due to this characteristic in this network build routing mechanism more convoluted and anxious and consequently nodes are more vulnerable to compromise and are predominantly susceptible to denial of service attack (DoS) assail launched by malicious nodes or intruders [6].Reactive routing for instance AODV is more trendy than table driven routing exploit flooding to find out route. Attackers used this conception to initiate DoS attack akin to flooding; black hole and gray hole are the branded attack in MANET. In this paper we have projected a novel automatic security mechanism using SVM to defense against malicious attack occurring in AODV. Proposed method uses machine learning to categorize nodes as malicious. This system is far further resilient to the context changes general in MANET's, such as those due to malicious nodes changing their misbehavior patterns over time or quick changes in environmental factors, for instance the movement speed and communication range. This paper introduced new proposed algorithm for detection of attacks in Ad-hoc networks based on SVM behavioral routing protocols to detect MANET attacks. In this technique we have used the PMOR, PDER, and PMISR as metrics to evaluate the QoS of a link and into prediction of attacks.
Posted Content•
TL;DR: A modification to the confidence Based Filtering method (CBF) which is investigated for cloud computing environment based on correlation pattern to mitigate DDoS attacks on Cloud is proposed.
Abstract: Tremendous and extraordinary growths in the field of internet, intranet, extranet and its users have developed an innovative era of great global competition and contention. Denial of service attack by multiple nodes is accomplished of disturbing the services of rival servers. The attack can be for multiple reasons. So it is a major threat for cloud environment. Due to low effectiveness and large storage conventional defending approaches cannot be easily applied in cloud security. The effects of various attacks can decrease the influence of a cloud. So, in view of this challenge task, this paper aims at enhancing a proposed method for cloud security. We propose a modification to the confidence Based Filtering method (CBF) which is investigated for cloud computing environment based on correlation pattern to mitigate DDoS attacks on Cloud. The modification introduces nominal additional bandwidth and tries to increase the processing speed of the victim initiated server.
TL;DR: A novel scheme is proposed to detect DDoS attack efficiently by using MapReduce programming model and to provide a timeline of defense mechanism with their improvements to combat DDoS attacks.
Abstract: Distributed denial of service (DDoS) attacks continues to grow as a
threat to organizations worldwide. From the first known attack in 1999 to the
highly publicized Operation Ababil, the DDoS attacks have a history of flooding
the victim network with an enormous number of packets, hence exhausting the
resources and preventing the legitimate users to access them. After having
standard DDoS defense mechanism, still attackers are able to launch an attack.
These inadequate defense mechanisms need to be improved and integrated with
other solutions. The purpose of this paper is to study the characteristics of
DDoS attacks, various models involved in attacks and to provide a timeline of defense
mechanism with their improvements to combat DDoS attacks. In addition to this,
a novel scheme is proposed to detect DDoS attack efficiently by using MapReduce
programming model.
01 Jan 2013
TL;DR: The proposed method of integration between HTTP GET flooding among DDOS attacks and MapReduce processing for a fast attack detection in cloud computing environment is better than Snort detection method in experiment results because processing time of proposed method is shorter with increasing congestion.
Abstract: A distributed denial of service attacks are the most serious factor among network security risks in cloud computing environment. This study proposes a method of integration between HTTP GET flooding among DDOS attacks and MapReduce processing for a fast attack detection in cloud computing environment. This method is possible to ensure the availability of the target system for accurate and reliable detection based on HTTP GET flooding. In experiments, the processing time for performance evaluation compares a patten detection of attack features with the Snort detection. The proposed method is better than Snort detection method in experiment results because processing time of proposed method is shorter with increasing congestion.
Proceedings Article•
24 Jun 2013TL;DR: The effect of DDoS attacks on cloud resources is investigated and practical defense mechanisms against different types ofDDoS attacks in the cloud environment are recommended.
Abstract: Safety and reliability are important in the cloud computing environment. This is especially true today as distributed denial-of-service (DDoS) attacks constitute one of the largest threats faced by Internet users and cloud computing services. DDoS attacks target the resources of these services, lowering their ability to provide optimum usage of the network infrastructure. Due to the nature of cloud computing, the methodologies for preventing or stopping DDoS attacks are quite different compared to those used in traditional networks. In this paper, we investigate the effect of DDoS attacks on cloud resources and recommend practical defense mechanisms against different types of DDoS attacks in the cloud environment.