Hot topics: Denial-of-Service attacks on news websites in autocracies

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

Download Full-text

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

International Journal of Foundations of Computer Science ◽

10.1142/s012905411100857x ◽

2011 ◽

Vol 22 (05) ◽

pp. 1073-1098

Author(s):

SHLOMI DOLEV ◽

YUVAL ELOVICI ◽

ALEX KESSELMAN ◽

POLINA ZILBERMAN

Keyword(s):

Denial Of Service ◽

The Internet ◽

Traffic Classification ◽

Classification Rules ◽

Ddos Attacks ◽

Dos Attack ◽

Dos Attacks ◽

Worst Case ◽

Filtering Algorithm ◽

Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

Download Full-text

A Survey on Denial of Service Attacks and Preclusions

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2017100101 ◽

2017 ◽

Vol 11 (4) ◽

pp. 1-15 ◽

Cited By ~ 1

Author(s):

Nagesh K. ◽

Sumathy R. ◽

Devakumar P. ◽

Sathiyamurthy K.

Keyword(s):

Network Security ◽

Rapid Growth ◽

New Technologies ◽

Defense Mechanism ◽

Computer Network ◽

Denial Of Service ◽

The Internet ◽

Access To Services ◽

Dos Attacks

Security is concerned with protecting assets. The aspects of security can be applied to any situation- defense, detection and deterrence. Network security plays important role of protecting information, hardware and software on a computer network. Denial of service (DOS) attacks causes great impacts on the internet world. These attacks attempt to disrupt legitimate user's access to services. By exploiting computer's vulnerabilities, attackers easily consume victim's resources. Many special techniques have been developed to protest against DOS attacks. Some organizations constitute several defense mechanism tools to tackle the security problems. This paper has proposed various types of attacks and solutions associated with each layers of OSI model. These attacks and solutions have different impacts on the different environment. Thus the rapid growth of new technologies may constitute still worse impacts of attacks in the future.

Download Full-text

Intrusion Detection in IoT Networks Using Deep Learning Algorithm

Information ◽

10.3390/info11050279 ◽

2020 ◽

Vol 11 (5) ◽

pp. 279 ◽

Cited By ~ 1

Author(s):

Bambang Susilo ◽

Riri Fitri Sari

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Learning Strategies ◽

Learning Algorithm ◽

Human Life ◽

Denial Of Service ◽

The Internet ◽

Dos Attacks ◽

Deep Learning Algorithm ◽

Iot Devices

The internet has become an inseparable part of human life, and the number of devices connected to the internet is increasing sharply. In particular, Internet of Things (IoT) devices have become a part of everyday human life. However, some challenges are increasing, and their solutions are not well defined. More and more challenges related to technology security concerning the IoT are arising. Many methods have been developed to secure IoT networks, but many more can still be developed. One proposed way to improve IoT security is to use machine learning. This research discusses several machine-learning and deep-learning strategies, as well as standard datasets for improving the security performance of the IoT. We developed an algorithm for detecting denial-of-service (DoS) attacks using a deep-learning algorithm. This research used the Python programming language with packages such as scikit-learn, Tensorflow, and Seaborn. We found that a deep-learning model could increase accuracy so that the mitigation of attacks that occur on an IoT network is as effective as possible.

Download Full-text

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

Forensic Investigations and Risk Management in Mobile and Wireless Communications - Advances in Wireless Technologies and Telecommunication ◽

10.4018/978-1-5225-9554-0.ch005 ◽

2020 ◽

pp. 114-151

Author(s):

Sobana Sikkanan ◽

Kasthuri M.

Keyword(s):

Denial Of Service ◽

The Internet ◽

Dos Attack ◽

Dos Attacks ◽

Network Resources ◽

Systematic Analysis ◽

Network Bandwidth ◽

Research Areas ◽

History Analysis ◽

Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

Download Full-text

Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection

Sensors ◽

10.3390/s18082445 ◽

2018 ◽

Vol 18 (8) ◽

pp. 2445 ◽

Cited By ~ 10

Author(s):

Jorge Granjal ◽

João Silva ◽

Nuno Lourenço

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Denial Of Service ◽

The Internet ◽

Application Layer ◽

Dos Attacks ◽

Lower Accuracy ◽

Communication Environments ◽

The Internet Of Things ◽

Intrusion Detection And Prevention

It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments.

Download Full-text

Denial of Service (DoS) attack identification and analyse using sniffing technique in the network environment

E3S Web of Conferences ◽

10.1051/e3sconf/202020215003 ◽

2020 ◽

Vol 202 ◽

pp. 15003

Author(s):

Kagiraneza Alexis Fidele ◽

Suryono ◽

Wahyul Amien Syafei

Keyword(s):

Social Networking ◽

Denial Of Service ◽

Web Server ◽

The Internet ◽

Traffic Networks ◽

Network Environment ◽

Dos Attack ◽

Dos Attacks ◽

Massive Number ◽

Sniffing Technique

Network-based intruders such as (DoS) attacks have become one of the most significant internet interruptions. Some operations that rely on the internet, such as banking transactions, education, trade marketing, and social networking, have become the primary targets. The attacker is trying to surround and making it difficult for the system to defend. The research's objective is to recognize the characteristics and level of DoS attacks. In understanding the behavior of intruders against a target web server, Wireshark was used in all traffic networks—capturing the traffic in a networked environment. In this research, the user identifies the attack levels (TCP SYN, UDP, and HTTP protocol), ranging from low (Q1), medium (Q2), and high (Q4) attacks. The approach is to simulate the TCP, HTTP, and UDP flood attacks and analyze the attacks' effects on the network environment. In this work, normal scenarios and pattern attacks were compared. In this case, the intruder floods unwanted packets to the victim with a massive number of request packets; the SYN from the corresponding SYN-ACK replies are not achieved. This paper will identify the DoS attacks level and analyze the behavior of traffics.

Download Full-text

Distributed Denial of Service Attacks in Networks

Handbook of Research on Information Security and Assurance ◽

10.4018/978-1-59904-855-0.ch008 ◽

2009 ◽

pp. 85-97

Author(s):

Udaya Kiran Tupakula

Keyword(s):

Best Practices ◽

Denial Of Service ◽

The Internet ◽

Denial Of Service Attacks ◽

Ideal Solution ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

Research Directions ◽

The Ideal

In this chapter we discuss Distributed Denial of Service (DDoS) attacks in networks such as the Internet, which have become significantly prevalent over the recent years. We explain how DDoS attacks are performed and consider the ideal solution characteristics for defending against the DDoS attacks in the Internet. Then we present different research directions and thoroughly analyse some of the important techniques that have been recently proposed. Our analysis confirms that none of the proposed techniques can efficiently and completely counteract the DDoS attacks. Furthermore, as networks become more complex, they become even more vulnerable to DoS attacks when some of the proposed techniques are deployed in the Internet. The gap between the tools that can generate DDoS attacks and the tools that can detect or prevent DDoS attacks continues to increase. Finally, we briefly outline some best practices that the users are urged to follow to minimise the DoS attacks in the Internet.

Download Full-text

Advanced detection Denial of Service attack in the Internet of Things network based on MQTT protocol using fuzzy logic

Register Jurnal Ilmiah Teknologi Sistem Informasi ◽

10.26594/register.v7i2.2340 ◽

2021 ◽

Vol 7 (2) ◽

pp. 95

Author(s):

Mochamad Soebagja Budiana ◽

Ridha Muldina Negara ◽

Arif Indra Irawan ◽

Harashta Tatimma Larasati

Keyword(s):

Fuzzy Logic ◽

Feature Selection ◽

Internet Of Things ◽

Detection System ◽

Denial Of Service ◽

The Internet ◽

Traffic Intensity ◽

Dos Attacks ◽

Fuzzy Input ◽

The Internet Of Things

Message Queuing Telemetry Transport (MQTT) is one of the popular protocols used on the Internet of Things (IoT) networks because of its lightweight nature. With the increasing number of devices connected to the internet, the number of cybercrimes on IoT networks will increase. One of the most popular attacks is the Denial of Service (DoS) attack. Standard security on MQTT uses SSL/TLS, but SSL/TLS is computationally wasteful for low-powered devices. The use of fuzzy logic algorithms with the Intrusion Detection System (IDS) scheme is suitable for detecting DoS because of its simple nature. This paper uses a fuzzy logic algorithm embedded in a node to detect DoS in the MQTT protocol with feature selection nodes. This paper's contribution is that the nodes feature selection used will monitor SUBSCRIBE and SUBACK traffic and provide this information to fuzzy input nodes to detect DoS attacks. Fuzzy performance evaluation is measured against changes in the number of nodes and attack intervals. The results obtained are that the more the number of nodes and the higher the traffic intensity, the fuzzy performance will decrease, and vice versa. However, the number of nodes and traffic intensity will affect fuzzy performance.

Download Full-text

Generator of Slow Denial-of-Service Cyber Attacks

Sensors ◽

10.3390/s21165473 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5473

Author(s):

Marek Sikora ◽

Radek Fujdiak ◽

Karel Kuchar ◽

Eva Holasova ◽

Jiri Misurec

Keyword(s):

Cyber Security ◽

Denial Of Service ◽

Cyber Attacks ◽

Future Research ◽

The Internet ◽

Small Data ◽

Dos Attacks ◽

Network Systems ◽

Internet Service ◽

Detection Techniques

In today’s world, the volume of cyber attacks grows every year. These attacks can cause many people or companies high financial losses or loss of private data. One of the most common types of attack on the Internet is a DoS (denial-of-service) attack, which, despite its simplicity, can cause catastrophic consequences. A slow DoS attack attempts to make the Internet service unavailable to users. Due to the small data flows, these attacks are very similar to legitimate users with a slow Internet connection. Accurate detection of these attacks is one of the biggest challenges in cybersecurity. In this paper, we implemented our proposal of eleven major and most dangerous slow DoS attacks and introduced an advanced attack generator for testing vulnerabilities of protocols, servers, and services. The main motivation for this research was the absence of a similarly comprehensive generator for testing slow DoS vulnerabilities in network systems. We built an experimental environment for testing our generator, and then we performed a security analysis of the five most used web servers. Based on the discovered vulnerabilities, we also discuss preventive and detection techniques to mitigate the attacks. In future research, our generator can be used for testing slow DoS security vulnerabilities and increasing the level of cyber security of various network systems.

Download Full-text