VM Profile Based Optimized Network Attack Pattern Detection Scheme for DDOS Attacks in Cloud

2013 ◽  
pp. 255-261 ◽  
Author(s):  
Sanchika Gupta ◽  
Padam Kumar
Keyword(s):  
Pattern Detection ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Network Attack ◽  
Attack Pattern

scholarly journals RECONFIGURABLE SELF-ADDRESSABLE MEMORY-BASED FSM A SCALABLE INTRUSION DETECTION ENGINE

2012 ◽  
pp. 144-151
Author(s):  
B. SRILATHA ◽  
KRISHNA KISHORE
Keyword(s):  
High Speed ◽  
Finite State Machine ◽  
State Machine ◽  
Network Attack ◽  
Memory Efficiency ◽  
Attack Pattern ◽  
Current State ◽  
Incoming Packet ◽  
Finite State ◽  
Attack Patterns

One way to detect and thwart a network attack is to compare each incoming packet with predefined patterns, also Called an attack pattern database, and raise an alert upon detecting a match. This article presents a novel pattern-matching Engine that exploits a memory-based, programmable state machine to achieve deterministic processing rates that are Independent of packet and pattern characteristics. Our engine is a self addressable memory based finite state machine (samFsm), whose current state coding exhibits all its possible next states. Moreover, it is fully reconfigurable in that new attack Patterns can be updated easily. A methodology was developed to program the memory and logic. Specifically, we merge “non-equivalent” states by introducing “super characters” on their inputs to further enhance memory efficiency without Adding labels. This is the most high speed self addressable memory based fsm.sam-fsm is one of the most storage-Efficient machines and reduces the memory requirement by 60 times. Experimental results are presented to demonstrate the Validity of sam-fsm.

Traffic Classification Features and its Application in DDoS Detection

2013 ◽  
Vol 380-384 ◽  
pp. 2673-2676
Author(s):  
Ze Yu Xiong
Keyword(s):  
Detection Method ◽  
Single Point ◽  
Attack Detection ◽  
Traffic Classification ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Ddos Detection ◽  
Point Detection ◽  
Ddos Attack Detection ◽  
Collaborative Detection

DDoS attacks have relatively low proportion of normal flow in the boundary network at the attack traffic,In this paper,we establish DDoS attack detection method based on defense stage and defensive position, and design and implement collaborative detection of DDoS attacks. Simulation results show that our approach has good timeliness, accuracy and scalability than the single-point detection and route-based distributed detection scheme.

scholarly journals Long-Memory Dependence Statistical Models for DDoS Attacks Detection

2015 ◽  
Vol 20 (4) ◽  
pp. 31-40
Author(s):  
Tomasz Andrysiak ◽  
Łukasz Saganowski ◽  
Mirosław Maszewski ◽  
Piotr Grad
Keyword(s):  
Network Traffic ◽  
Long Memory ◽  
Statistical Models ◽  
Likelihood Function ◽  
Information Criteria ◽  
Abnormal Behavior ◽  
Ddos Attacks ◽  
Network Attack ◽  
Function Selection ◽  
Selection Of

Abstract DDoS attacks detection method based on modelling the variability with the use of conditional average and variance in examined time series is proposed in this article. Variability predictions of the analyzed network traffic are realized by estimated statistical models with long-memory dependence ARFIMA, Adaptive ARFIMA, FIGARCH and Adaptive FIGARCH. We propose simple parameter estimation models with the use of maximum likelihood function. Selection of sparingly parameterized form of the models is realized by means of information criteria representing a compromise between brevity of representation and the extent of the prediction error. In the described method we propose using statistical relations between the forecasted and analyzed network traffic in order to detect abnormal behavior possibly being a result of a network attack. Performed experiments confirmed effectiveness of the analyzed method and cogency of the statistical models.

scholarly journals IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks

2021 ◽  
Vol 19 (2) ◽  
pp. 1280-1303
Author(s):  
Jiushuang Wang ◽  
◽  
Ying Liu ◽  
Huifen Feng
Keyword(s):  
Internet Of Things ◽  
Firefly Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Ddos Attack ◽  
Improved Firefly Algorithm ◽  
Iot Devices ◽  
Ddos Attack Detection

<abstract><p>Network security has become considerably essential because of the expansion of internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recent numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). Therefore, we propose a DDoS attack detection scheme to secure the real-time in the software-defined the internet of things (SD-IoT) environment. In this article, we utilize improved firefly algorithm to optimize the convolutional neural network (CNN), to provide detection for DDoS attacks in our proposed SD-IoT framework. Our results demonstrate that our scheme can achieve higher than 99% DDoS behavior and benign traffic detection accuracy.</p></abstract>

Traffic Weight Based CAT Distributed Detection Scheme Against DDoS Attacks

2012 ◽  
Vol 7 (1) ◽  
pp. 192-196
Author(s):  
Zaihong Zhou ◽  
Dongqing Xie ◽  
Jiawei Luo ◽  
Jian Zhou
Keyword(s):  
Distributed Detection ◽  
Ddos Attacks ◽  
Detection Scheme

scholarly journals Preventing Manet From Blackhole And Grayhole Attacks Using Reverse Tracing Technique

2017 ◽  
Author(s):  
Pathan Aiyaz Khan
Keyword(s):  
Black Hole ◽  
Wireless Network ◽  
Security Threats ◽  
Malicious Nodes ◽  
Detection Scheme ◽  
Network Attack ◽  
Security Issues ◽  
Dynamic Topology ◽  
Cable Lines ◽  
The Cost

Network which is not connected by any type of cable is a wireless network. The main purpose of using wireless network is that it enables users to avoid the cost of introducing cable lines in the building or making connection between different locations. These networks are highly affected by network attack. One of these attacks are black hole attacks in which malicious node claims that it has the fresh and shortest path. As MANET doesn't have any standard infrastructure and the dynamic topology that makes these networks highly susceptible to security flaws like exploiting vulnerabilities to routing protocols and transferring harmful packets in the networks. These security issues results in adverse effect on this network. Now the task is to prevent MANET from these security threats. As this paper is based on DSR protocol hence we developed a scheme called the Cooperative Bait Detection Scheme (CBDS), which directly focus on detection and prevention of malicious nodes introducing gray hole/black hole attacks in MANETs. To implement this CBDS we use back tracing method. Hence from our proposed system we won't require any special hardware or detection node to prevent against blackhole attacks.

Sign in / Sign up

Export Citation Format

Share Document