Secure Dynamic Nonlinear Heterogeneous Vehicle Platooning: Denial-of-Service Cyber-Attack Case

2017 ◽

Vol 7 (3) ◽

pp. 59-75 ◽

Cited By ~ 2

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch028 ◽

2021 ◽

pp. 541-558

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

Review on EM-CURE Algorithm for Detection DDOS Attack

International Journal Of Engineering And Computer Science ◽

10.18535/ijecs/v7i1.04 ◽

2018 ◽

Vol 7 (01) ◽

pp. 23386-23489

Author(s):

Miss Priyanka P. Narode ◽

Prof I.R. Shaikh

Keyword(s):

Data Mining ◽

Network Flow ◽

Denial Of Service ◽

Attack Detection ◽

Cyber Attack ◽

Data Mining Technique ◽

Network Resource ◽

Data Mining Techniques ◽

Ddos Attack ◽

Efficient Detection

Distributed Denial of Service attack (DoS attack) is a cyber attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method because they are designed to restricted applications on limited environments.DDoS attack detection very difficult because the non-existence of predefined rules to correctly identify the genuine network flow. A combination of unsupervised data mining techniques as IDS are introduced. The Entropy Method concept in term of windowing the incoming packets is applied with data mining technique using Clustering Using Representative (CURE) as cluster analysis to detect the DDoS attack in network flow. The data is mainly collected from datasets. The CURE DDoS attack detection technique based on entropy gives a promising way to analyze this attack and construct an efficient detection model using a clustering data mining techniques. This approach has been evaluated and compared with several existing approaches in terms of accuracy, false alarm rate, detection rate, F. measure and Phi coefficient.

Download Full-text

Blockchain Technology towards the Mitigation of Distributed Denial of Service Attacks

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f7420.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 961-965

Keyword(s):

Denial Of Service ◽

Distributed Database ◽

Cyber Attacks ◽

Distributed Denial Of Service ◽

Cyber Attack ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Blockchain Technology ◽

Main Challenge ◽

Communication Devices

The Distributed Denial of Service attack become one of the most adverse effects among all Cyber-attack due to the high availability of the internet and unprotected internetconnected communication devices. There are many mitigation solutions available to reduce the risk of DDoS attacks, and the researcher represents many techniques to get rid of the DDoS attacks. The main challenge to identify and mitigate the attack is that attack traffic mixes with the legitimate system user traffic so it becomes very important to block the attack traffic because it costs in terms of money and system reputation. Blockchain technology presents the ideology of decentralized distributed database and transaction without the need of any central authority. But utilization of blockchain is not only limited to the financial sector but supply chain, IoT, hospitality sector used blockchain most. The most attractive features of the blockchain like immutability, distributed makes the use of blockchain for mitigation of various Cyber-attacks, and one of them is DDoS Attacks. The solution of DDoS attacks that utilize the blockchain is still in the infancy phase. In this paper, we propose the review or survey of DDoS attacks solutions based on blockchain. And also present the comparative study of Blockchain-based DDoS mitigation solutions for non-IOT domain or system. This paper also gives brief about the features of this interconnection of two emerging domain named DDoS Attacks and Blockchain Technology.

Download Full-text

Event-Based Secure Consensus of Multiple AUVs Under DoS Attacks

10.21203/rs.3.rs-394503/v1 ◽

2021 ◽

Author(s):

Lizuo Wen ◽

Shuanghe Yu ◽

Ying Zhao ◽

Yan Yan

Keyword(s):

Autonomous Underwater Vehicles ◽

Denial Of Service ◽

Underwater Vehicles ◽

Cyber Attack ◽

Dos Attacks ◽

Triggering Mechanism ◽

Secure Control ◽

Control Target ◽

Event Based ◽

Event Triggered

Abstract In this paper, the event-based triggering method is adopted to investigate the secure consensus issue of multiple autonomous underwater vehicles (AUVs) under denial-of-service (DoS) attacks. DoS attack is a form of time-sequence-based cyber attack, which can destroy the normal service of the control target or network. First, based on an event-triggered mechanism, a novel secure control protocol is proposed. Second, the upper bounds of attack duration and attack frequency are given to ensure that multiple AUVs under DoS attacks can reach consensus. Third, an event-triggered mechanism with exponential variables is developed to avoid the continuous update of the controller, thereby reducing the burdens of communication and calculation. Zeno behavior can be strictly ruled out for each AUV under this triggering mechanism. Finally, the simulation results illustrate the feasibility of the proposed scheme.

Download Full-text

A Survey of Botnet-Based DDoS Flooding Attacks of Application Layer

Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-0105-3.ch003 ◽

2016 ◽

pp. 52-79 ◽

Cited By ~ 8

Author(s):

Esraa Alomari ◽

Selvakumar Manickam ◽

B. B. Gupta ◽

Mohammed Anbar ◽

Redhwan M. A. Saad ◽

...

Keyword(s):

Denial Of Service ◽

Internet Security ◽

Sensitive Information ◽

Distributed Denial Of Service ◽

Cyber Attack ◽

Open Problems ◽

Ddos Attack ◽

Flooding Attacks ◽

Cyber Espionage ◽

Detection Mechanisms

A Botnet can be used to launch a cyber-attack, such as a Distributed Denial of Service (DDoS) attack, against a target or to conduct a cyber-espionage campaign to steal sensitive information. This survey analyzes and compares the most important efforts carried out in an application-based detection area and this survey extended to cover the mitigation approaches for the Botnet-based DDoS flooding attacks. It accomplishes four tasks: first, an extensive illustration on Internet Security; second, an extensive comparison between representative detection mechanisms; third, the comparison between the mitigation mechanisms against Botnet-based DDoS flooding and fourth, the description of the most important problems and highlights in the area. We conclude that the area has achieved great advances so far, but there are still many open problems.

Download Full-text

Voting based Intrusion Detection Framework for Securing Software-Defined Networks

10.36227/techrxiv.12720362 ◽

2020 ◽

Author(s):

Rochak Swami ◽

Mayank Dave ◽

Virender Ranga

Keyword(s):

Intrusion Detection ◽

Architectural Design ◽

Cross Validation ◽

Denial Of Service ◽

Cost Effective ◽

Research Paper ◽

Attack Detection ◽

Ensemble Model ◽

Cyber Attack ◽

Validation Technique

<div>Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed Denial of Service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research paper, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research paper, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets like UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F measure). Experimental results indicate that the proposed</div><div>models achieve better performance in terms of accuracy as compared to other existing models.</div>

Download Full-text

Detection of Cyber Attack in Networks using Machine Learning Techniques

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.36895 ◽

2021 ◽

Vol 9 (VII) ◽

pp. 2401-2404

Author(s):

Meghana M

Keyword(s):

Machine Learning ◽

Information Security ◽

Intrusion Detection ◽

Denial Of Service ◽

Intrusion Detection Systems ◽

Machine Learning Techniques ◽

Brute Force ◽

Cyber Attack ◽

Detection Systems ◽

Learning Techniques

The use of recent innovations provides unimaginable blessings to individuals, organizations, and governments, be that because it might, messes some up against them. for example, the protection of serious information, security of place away data stages, accessibility of knowledge so forth. Digital concern, that created an excellent deal of problems individuals and institutions, has received A level that might undermine open and nation security by totally different gatherings, as an example, criminal association, good individuals and digital activists. the foremost common risk to a network’s security is an intrusion like brute force, denial of service or maybe an infiltration from inside a network. this can be wherever machine learning comes into play. Intrusion Detection Systems (IDS) has been created to take care of a strategic distance from digital assaults.

Download Full-text

Cyber Physical Defense Framework for Distributed Smart Grid Applications

Frontiers in Energy Research ◽

10.3389/fenrg.2020.621650 ◽

2021 ◽

Vol 8 ◽

Author(s):

Ayush Sinha ◽

Manasi Mohandas ◽

Pankaj Pandey ◽

O. P. Vyas

Keyword(s):

Smart Grid ◽

Large Scale ◽

Impact Analysis ◽

Denial Of Service ◽

Attack Detection ◽

Cyber Attack ◽

Physical Defense ◽

Proposed Model ◽

Grid Applications ◽

Physical Spaces

Cyber-Physical Systems (CPS) is the amalgamation of highly sophisticated sensors with physical spaces. These close conjunctions of sensors with communication infrastructure intrinsically linking to society’s Critical Infrastructures (C.I.) are being witnessed more often in the context of Smart Grid (SG). As a backbone of C.I., Smart Grid demonstrates ability to precisely monitor large scale energy systems and designed in order to achieve complex local and global objectives. Being capable of performing such sophisticated operation it also bears the vulnerability of being exposed for cyber-physical co-ordinated attack that may lead to catastrophic effect. Many researchers have analyze the different stages of cyber-physical co-ordinated attacks like attack detection, prevention, impact analysis and recovery plans but there exist a research gap to address all the issues under single framework. Through this paper, we propose a novel Cyber Physical Defense Framework (CPDF) based on National Institute of Standards and Technology (NIST) guidelines to address the cyber attack on SG. Our work addresses the pre and post attack scenario, attack vector formulation through hierarchical PetriNet modeling and recovery mechanism. We have performed experiment for Distributed Denial of Service (DDoS) and False Data Injection attack (FDI) to validate our framework effectiveness and established the efficacy of proposed model. In the end, we have presented a case study of FDI attack detection using machine learning technique on IEEE 9-bus and 14-bus system.

Download Full-text

A Mitigation Technique for DoS Attack in Wireless Network Based Gradient Matrix and Firefly

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v8i1.546 ◽

2018 ◽

Vol 8 (1) ◽

pp. 136

Author(s):

Jeewanjot Kaur ◽

Taranjit Singh Aulakh

Keyword(s):

Research Effort ◽

Denial Of Service ◽

Traffic Monitoring ◽

Internet Security ◽

Cyber Attack ◽

Dos Attack ◽

Dos Attacks ◽

Network Resource ◽

Denial Of Service Attack ◽

Service Attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source. In this research a generalized model for detection has been created by studying the existing models and algorithms on DoS attacks. Internet security is vital to facilitate e-commerce transactions, and there has been continued research effort to provision network traffic monitoring at high speeds. In the proposed technique a threshold is also defined so that any other node id which is greater than that threshold may be prevented. In case of any intrusion IP backtracking and packet logging is used to detect the intruder and mitigate it. From result it may be clear that the QoS parameters are improved using proposed approach and there are improved by approx 15-18% from the existing approach.

Download Full-text