Detecting DDoS Attacks Using the Analysis of Network Traffic as Dynamical System1 The work was financially supported by the Ministry of Education and Science of Russia by lot code 2017-14-579-0002 on the topic: “The development of effective algorithms for network attacks detection based on identifying of deviations in the traffic of extremely large volumes arriving at border routers of the data network and creating a sample of software complex for detection and prevention of information security threats aimed at denial of service”. Agreement No. 14.578.21.0261 for granting a subsidy on September, 26, 2017, the unique identifier of the work (project) is RFME-FI57817×0261

Distributed Denial of Service (DDoS) attack is considered one of the major security threats in the current Internet. Although many solutions have been suggested for the DDoS defense, real progress in fighting those attacks is still missing. In this chapter, the authors analyze and experiment with cluster-based filtering for DDoS defense. In cluster-based filtering, unsupervised learning is used to create profile of the network traffic. Then the profiled traffic is passed through the filters of different capacity to the servers. After applying this mechanism, the legitimate traffic will get better bandwidth capacity than the malicious traffic. Thus the effect of bad or malicious traffic will be lesser in the network. Before describing the proposed solutions, a detail survey of the different DDoS countermeasures have been presented in the chapter.

Download Full-text

A Survey of Network and Information Security

International Journal of Informatics and Computation ◽

10.35842/ijicom.v1i2.6 ◽

2019 ◽

Vol 1 (2) ◽

pp. 15

Author(s):

Huang Jie

Keyword(s):

Cloud Computing ◽

Network Security ◽

Information Security ◽

Ad Hoc Network ◽

Ad Hoc ◽

Wireless Sensor ◽

Security Threats ◽

Network Attacks ◽

Related Data ◽

Security Issues

Security threats and shows abnormality about security, safety, privacy and trust as network security-related data, in short, security-related data. Apparently, the first step to detect network attacks and intrusions is to collect the security-related data. In this paper, we will present a lot of approaches to solving Networks and Information Security issues. We survey network security in LTE technologies, Vehicular Ad-Hoc Network, and security in Wireless Sensor Network. Internet of Things. In this paper, we describe many methods in Information Security. Is consist of Information Security in Big Data and Cloud Computing.

Download Full-text

Detection of DDoS Attacks in Software Defined Networking Using Entropy

Applied Sciences ◽

10.3390/app12010370 ◽

2021 ◽

Vol 12 (1) ◽

pp. 370

Author(s):

Cong Fan ◽

Nitheesh Murugan Kaliyamurthy ◽

Shi Chen ◽

He Jiang ◽

Yiwen Zhou ◽

...

Keyword(s):

Detection Method ◽

Denial Of Service ◽

Software Defined Networking ◽

Attack Detection ◽

Detection Methods ◽

Network Architectures ◽

Security Threats ◽

Ddos Attacks ◽

Internet Users ◽

Detection Effect

Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.

Download Full-text

An Adaptive Approach for Defending against DDoS Attacks

Mathematical Problems in Engineering ◽

10.1155/2010/570940 ◽

2010 ◽

Vol 2010 ◽

pp. 1-15 ◽

Cited By ~ 9

Author(s):

Muhai Li ◽

Ming Li

Keyword(s):

Traffic Control ◽

Denial Of Service ◽

Ddos Attacks ◽

Defense System ◽

Simulation Test ◽

Network Attacks ◽

Adaptive Approach ◽

Control Approach ◽

Malicious Attack ◽

The Common

In various network attacks, the Distributed Denial-of-Service (DDoS) attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Download Full-text

An Analysis of DDoS Attacks on the Instant Messengers

Security and Communication Networks ◽

10.1155/2019/1751285 ◽

2019 ◽

Vol 2019 ◽

pp. 1-8

Author(s):

Mohammad Faisal ◽

Sohail Abbas ◽

Haseeb Ur Rahman ◽

Muhammad Zahid Khan ◽

Arif Ur Rahman

Keyword(s):

Cyber Security ◽

Denial Of Service ◽

Theoretic Model ◽

Security Threats ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Test Bed ◽

Game Theoretic ◽

Game Theoretic Model ◽

Voice Calls

Latest technologies of voice over IP (VoIP) and mobile messaging for smartphones messengers such as WhatsApp, Viber, Skype, etc., offer free-of-charge facilities of worldwide SMS, MMS, and voice calls to their users, unlike the traditional and expensive cellular or telephone networks’ services. Customers of the formerly mentioned messengers are estimated in millions because of the attractive features offered by them. However, these messengers face many cyber security threats and the required security features are either not available at all or are insufficient for efficiently countering the threats. Professionals working in the domain of cyber security are challenged by the devastating effects of distributed denial of service (DDoS) attacks on all major platforms including Apple Macintosh, Windows, Unix, and Linux. In this paper, we demonstrate the effect of DDoS attack on the performance of an IRC server using a test bed. We use a game theoretic model to analyze the feasibility of DDoS attacks on the IRC platform, keeping in view the attacker’s objective. The analysis will help the security experts to propose appropriate countermeasures to reduce the attackers’ utility, thereby making it less attractive for those attackers to launch the attack.

Download Full-text

Information Security Threats to Network Based Information Systems

Encyclopedia of Multimedia Technology and Networking, Second Edition ◽

10.4018/978-1-60566-014-1.ch093 ◽

2009 ◽

pp. 691-696

Author(s):

Sumeet Gupta

Keyword(s):

Information Security ◽

Credit Card ◽

New World ◽

Denial Of Service ◽

The Internet ◽

Security Threats ◽

Root Cause ◽

Internet Users ◽

Malicious Codes ◽

Online Experience

While Internet has opened a whole new world of opportunity for interaction and business by removing many trade barriers, it has also opened up new possibilities and means of criminal acts altogether unheard of in the off-line world. Why do people commit crimes online? Perhaps, some of them attempt to gain unauthorised access to other’s money. Some people have fun doing so and there are others who do it to take revenge or to harm others. While the motivation of conducting criminal acts may be the same as in the off-line world, the manner of such criminal acts is unique to the Internet. The vulnerability of the information transmitted over Internet is the root cause of the sprawling of criminal acts over Internet. Both users and vendors become vulnerable to criminal acts that undermine security due to easy accessibility of Internet and easy exploitation of security loopholes in the Internet. These criminal acts can adversely affect Internet users, particularly online vendors and customers. Therefore, it is important that Internet users not only become conversant of such criminal acts but also take suitable measures to counter and avoid becoming victims of these criminal acts. In this article we examine some of the major information security threats to Internet users with particular emphasis on electronic commerce and propose plausible solutions for a safer online experience. The information security threats can be categorised into threats to the users, threats to the vendors, and threats to both users and vendors. Electronic embezzlement, sniffing and spoofing, and denial-of-service attacks are examples of threat to the vendor. Credit card frauds and malicious codes are examples of threats to the users. Cybervandalism and phishing are examples of threats to both users and vendors.

Download Full-text

A Review on Various Sniffing Attacks and its Mitigation Techniques

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v12.i3.pp1117-1125 ◽

2018 ◽

Vol 12 (3) ◽

pp. 1117

Author(s):

B. Prabadevi ◽

N. Jeyanthi

Keyword(s):

Denial Of Service ◽

Vital Role ◽

Sensitive Information ◽

Security Threats ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Man In The Middle ◽

Mitigation Techniques ◽

Detection Mechanisms

<p>Security in the era of digital computing plays a vital role. Of various attacks in the field of computing, Distributed Denial of service (DDoS) attacks, Man-in-the-Middle Attack (MITM) and data theft have their major impact on the emerging applications. The sniffing attacks, one of the most prominent reasons for DDoS attacks, are the major security threats in the client-server computing. The content or packet sniffer snorts the most sensitive information from the network and alters or disturbs the legitimate functionality of the victim system. Therefore it is extremely important to have a greater knowledge on these vulnerabilities, their issues, and various mitigation techniques. This study analyses the existing sniffing attacks, variations of sniffing attacks and prevention or detection mechanisms. The reasons for most vital Ransomware are also discussed.</p>

Download Full-text

Application of Fractal Methods to Ensure the Cyber-Resilience of Self-Organizing Networks

Nonlinear Phenomena in Complex Systems ◽

10.33581/1561-4085-2019-22-4-336-341 ◽

2019 ◽

Vol 22 (4) ◽

pp. 336-341

Author(s):

D. V. Ivanov ◽

D. A. Moskvin

Keyword(s):

Information Security ◽

Network Structure ◽

Self Regulation ◽

Security Threats ◽

Self Organizing Networks ◽

Self Organizing ◽

Fractal Methods

In the article the approach and methods of ensuring the security of VANET-networks based on automated counteraction to information security threats through self-regulation of the network structure using the theory of fractal graphs is provided.

Download Full-text

HULK and DDoS Attacks in Web Applications with Detection Mechanism

International Journal of Emerging Research in Management and Technology ◽

10.23956/ijermt.v6i6.268 ◽

2018 ◽

Vol 6 (6) ◽

pp. 192

Author(s):

Amit Sharma

Keyword(s):

Web Applications ◽

Denial Of Service ◽

Single Server ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Application Layer ◽

Detection Mechanism ◽

Plan Execution ◽

Social Affair ◽

Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

Download Full-text

Classification of Cloud Systems Cyber-security Threats and Solutions Directives

Application and Theory of Computer Technology ◽

10.22496/atct20170227147 ◽

2017 ◽

Vol 2 (3) ◽

pp. 1

Author(s):

Hanane Bennasar ◽

Mohammad Essaaidi ◽

Ahmed Bendahmane ◽

Jalel Benothmane

Keyword(s):

Cloud Computing ◽

Cyber Security ◽

Data Security ◽

Denial Of Service ◽

Security Threats ◽

Huge Number ◽

Open Problems ◽

Long Period ◽

Near Future

Cloud computing cyber security is a subject that has been in top flight for a long period and even in near future. However, cloud computing permit to stock up a huge number of data in the cloud stockage, and allow the user to pay per utilization from anywhere via any terminal equipment. Among the major issues related to Cloud Computing security, we can mention data security, denial of service attacks, confidentiality, availability, and data integrity. This paper is dedicated to a taxonomic classification study of cloud computing cyber-security. With the main objective to identify the main challenges and issues in this field, the different approaches and solutions proposed to address them and the open problems that need to be addressed.

Download Full-text