Botnet-Originated DDOS Attacks and their Mitigation: A new spiral in the arms race on the Internet

Security in IoT Devices

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch017 ◽

2021 ◽

pp. 312-327

Author(s):

N. JEYANTHI ◽

Shreyansh Banthia ◽

Akhil Sharma

Keyword(s):

Internet Of Things ◽

The Internet ◽

Ddos Attacks ◽

General Survey ◽

Internet Infrastructure ◽

Ddos Attack ◽

Comprehensive View ◽

Iot Devices

An attempt to do a comparison between the various DDoS attack types that exist by analysing them in various categories that can be formed, to provide a more comprehensive view of the problem that DDoS poses to the internet infrastructure today. Then DDoS and its relevance with respect to IoT (Internet of Things) devices are analysed where attack types have been explained and possible solutions available are analysed. This chapter does not propose any new solutions to mitigating the effects of DDoS attacks but just provides a general survey of the prevailing attack types along with analysis of the underlying structures that make these attacks possible, which would help researchers in understanding the DDoS problem better.

Download Full-text

Booters: can anything justify distributed denial-of-service (DDoS) attacks for hire?

Journal of Information Communication and Ethics in Society ◽

10.1108/jices-09-2016-0033 ◽

2017 ◽

Vol 15 (01) ◽

pp. 90-104 ◽

Cited By ~ 5

Author(s):

David Douglas ◽

José Jair Santanna ◽

Ricardo de Oliveira Schmidt ◽

Lisandro Zambenedetti Granville ◽

Aiko Pras

Keyword(s):

Heavy Traffic ◽

Denial Of Service ◽

Civil Disobedience ◽

Third Party ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Law Enforcement Agencies ◽

Content Type ◽

Testing Tools

Purpose This paper aims to examine whether there are morally defensible reasons for using or operating websites (called ‘booters’) that offer distributed denial-of-service (DDoS) attacks on a specified target to users for a price. Booters have been linked to some of the most powerful DDoS attacks in recent years. Design/methodology/approach The authors identify the various parties associated with booter websites and the means through which booters operate. Then, the authors present and evaluate the two arguments that they claim may be used to justify operating and using booters: that they are a useful tool for testing the ability of networks and servers to handle heavy traffic, and that they may be used to perform DDoS attacks as a form of civil disobedience on the internet. Findings The authors argue that the characteristics of existing booters disqualify them from being morally justified as network stress testing tools or as a means of performing civil disobedience. The use of botnets that include systems without the permission of their owners undermines the legitimacy of both justifications. While a booter that does not use any third-party systems without permission might in principle be justified under certain conditions, the authors argue that it is unlikely that any existing booters meet these requirements. Practical/implications Law enforcement agencies may use the arguments presented here to justify shutting down the operation of booters, and so reduce the number of DDoS attacks on the internet. Originality/value The value of this work is in critically examining the potential justifications for using and operating booter websites and in further exploring the ethical aspects of using DDoS attacks as a form of civil disobedience.

Download Full-text

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

International Journal of Foundations of Computer Science ◽

10.1142/s012905411100857x ◽

2011 ◽

Vol 22 (05) ◽

pp. 1073-1098

Author(s):

SHLOMI DOLEV ◽

YUVAL ELOVICI ◽

ALEX KESSELMAN ◽

POLINA ZILBERMAN

Keyword(s):

Denial Of Service ◽

The Internet ◽

Traffic Classification ◽

Classification Rules ◽

Ddos Attacks ◽

Dos Attack ◽

Dos Attacks ◽

Worst Case ◽

Filtering Algorithm ◽

Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

Download Full-text

DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Security and Communication Networks ◽

10.1155/2018/7178164 ◽

2018 ◽

Vol 2018 ◽

pp. 1-30 ◽

Cited By ~ 34

Author(s):

Michele De Donno ◽

Nicola Dragoni ◽

Alberto Giaretta ◽

Angelo Spognardi

Keyword(s):

Comparative Analysis ◽

Internet Of Things ◽

Detailed Analysis ◽

Real World ◽

General Framework ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

The Internet Of Things

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

Download Full-text

Security in IoT Devices

Security Breaches and Threat Prevention in the Internet of Things - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2296-6.ch005 ◽

2017 ◽

pp. 96-116

Author(s):

N. Jeyanthi ◽

Shreyansh Banthia ◽

Akhil Sharma

Keyword(s):

Internet Of Things ◽

The Internet ◽

Ddos Attacks ◽

General Survey ◽

Internet Infrastructure ◽

Ddos Attack ◽

Comprehensive View ◽

Iot Devices

An attempt to do a comparison between the various DDoS attack types that exist by analysing them in various categories that can be formed, to provide a more comprehensive view of the problem that DDoS poses to the internet infrastructure today. Then DDoS and its relevance with respect to IoT (Internet of Things) devices are analysed where attack types have been explained and possible solutions available are analysed. This chapter does not propose any new solutions to mitigating the effects of DDoS attacks but just provides a general survey of the prevailing attack types along with analysis of the underlying structures that make these attacks possible, which would help researchers in understanding the DDoS problem better.

Download Full-text

Data Mining Techniques for Distributed Denial of Service Attacks Detection in the Internet of Things

Advances in Data Mining and Database Management - Data Mining Trends and Applications in Criminal Science and Investigations ◽

10.4018/978-1-5225-0463-4.ch010 ◽

2016 ◽

pp. 275-334 ◽

Cited By ~ 1

Author(s):

Pheeha Machaka ◽

Fulufhelo Nelwamondo

Keyword(s):

Data Mining ◽

Internet Of Things ◽

Denial Of Service ◽

Current Data ◽

The Internet ◽

Denial Of Service Attacks ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Data Mining Techniques ◽

The Internet Of Things

This chapter reviews the evolution of the traditional internet into the Internet of Things (IoT). The characteristics and application of the IoT are also reviewed, together with its security concerns in terms of distributed denial of service attacks. The chapter further investigates the state-of-the-art in data mining techniques for Distributed Denial of Service (DDoS) attacks targeting the various infrastructures. The chapter explores the characteristics and pervasiveness of DDoS attacks. It also explores the motives, mechanisms and techniques used to execute a DDoS attack. The chapter further investigates the current data mining techniques that are used to combat and detect these attacks, their advantages and disadvantages are explored. Future direction of the research is also provided.

Download Full-text

Botnet and Internet of Things (IoTs)

Security, Privacy, and Forensics Issues in Big Data - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-9742-1.ch013 ◽

2020 ◽

pp. 304-316

Author(s):

Kamal Alieyan ◽

Ammar Almomani ◽

Rosni Abdullah ◽

Badr Almutairi ◽

Mohammad Alauthman

Keyword(s):

Internet Of Things ◽

Cyber Attacks ◽

The Internet ◽

Ddos Attacks ◽

Botnet Detection ◽

The Public ◽

Detection Techniques ◽

Channel Information ◽

Iot Devices ◽

The Internet Of Things

In today's internet world the internet of things (IoT) is becoming the most significant and developing technology. The primary goal behind the IoT is enabling more secure existence along with the improvement of risks at various life levels. With the arrival of IoT botnets, the perspective towards IoT products has transformed from enhanced living enabler into the internet of vulnerabilities for cybercriminals. Of all the several types of malware, botnet is considered as really a serious risk that often happens in cybercrimes and cyber-attacks. Botnet performs some predefined jobs and that too in some automated fashion. These attacks mostly occur in situations like phishing against any critical targets. Files sharing channel information are moved to DDoS attacks. IoT botnets have subjected two distinct problems, firstly, on the public internet. Most of the IoT devices are easily accessible. Secondly, in the architecture of most of the IoT units, security is usually a reconsideration. This particular chapter discusses IoT, botnet in IoT, and various botnet detection techniques available in IoT.

Download Full-text

Cyber-Physical System and Internet of Things Security

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch018 ◽

2021 ◽

pp. 328-357

Author(s):

Thomas Ulz ◽

Sarah Haas ◽

Christian Steger

Keyword(s):

Internet Of Things ◽

Public Awareness ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Industrial Iot ◽

Confidential Data ◽

Iot Devices ◽

The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

Download Full-text

Botnet and Internet of Things (IoTs)

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch007 ◽

2021 ◽

pp. 138-150

Author(s):

Kamal Alieyan ◽

Ammar Almomani ◽

Rosni Abdullah ◽

Badr Almutairi ◽

Mohammad Alauthman

Keyword(s):

Internet Of Things ◽

Cyber Attacks ◽

The Internet ◽

Ddos Attacks ◽

Botnet Detection ◽

The Public ◽

Detection Techniques ◽

Channel Information ◽

Iot Devices ◽

The Internet Of Things

In today's internet world the internet of things (IoT) is becoming the most significant and developing technology. The primary goal behind the IoT is enabling more secure existence along with the improvement of risks at various life levels. With the arrival of IoT botnets, the perspective towards IoT products has transformed from enhanced living enabler into the internet of vulnerabilities for cybercriminals. Of all the several types of malware, botnet is considered as really a serious risk that often happens in cybercrimes and cyber-attacks. Botnet performs some predefined jobs and that too in some automated fashion. These attacks mostly occur in situations like phishing against any critical targets. Files sharing channel information are moved to DDoS attacks. IoT botnets have subjected two distinct problems, firstly, on the public internet. Most of the IoT devices are easily accessible. Secondly, in the architecture of most of the IoT units, security is usually a reconsideration. This particular chapter discusses IoT, botnet in IoT, and various botnet detection techniques available in IoT.

Download Full-text