The Impact of DDoS Attacks on the Power Usage of Virtual Execution Environments

2021 ◽  
Author(s):  
Austin White ◽  
Michael Galloway ◽  
Patrick O boyle ◽  
Sierra Wyllie
Keyword(s):  
Ddos Attacks ◽  
Virtual Execution ◽  
The Impact

scholarly journals Detection of Unknown DDoS Attacks with Deep Learning and Gaussian Mixture Model

2021 ◽  
Vol 11 (11) ◽  
pp. 5213
Author(s):  
Chin-Shiuh Shieh ◽  
Wan-Wei Lin ◽  
Thanh-Tuan Nguyen ◽  
Chi-Hong Chen ◽  
Mong-Fong Horng ◽  
...  
Keyword(s):  
Deep Learning ◽  
Gaussian Mixture Model ◽  
Mixture Model ◽  
Denial Of Service ◽  
Gaussian Mixture ◽  
Mitigation Measures ◽  
Distribution Model ◽  
Ddos Attacks ◽  
Open Set ◽  
The Impact

DDoS (Distributed Denial of Service) attacks have become a pressing threat to the security and integrity of computer networks and information systems, which are indispensable infrastructures of modern times. The detection of DDoS attacks is a challenging issue before any mitigation measures can be taken. ML/DL (Machine Learning/Deep Learning) has been applied to the detection of DDoS attacks with satisfactory achievement. However, full-scale success is still beyond reach due to an inherent problem with ML/DL-based systems—the so-called Open Set Recognition (OSR) problem. This is a problem where an ML/DL-based system fails to deal with new instances not drawn from the distribution model of the training data. This problem is particularly profound in detecting DDoS attacks since DDoS attacks’ technology keeps evolving and has changing traffic characteristics. This study investigates the impact of the OSR problem on the detection of DDoS attacks. In response to this problem, we propose a new DDoS detection framework featuring Bi-Directional Long Short-Term Memory (BI-LSTM), a Gaussian Mixture Model (GMM), and incremental learning. Unknown traffic captured by the GMM are subject to discrimination and labeling by traffic engineers, and then fed back to the framework as additional training samples. Using the data sets CIC-IDS2017 and CIC-DDoS2019 for training, testing, and evaluation, experiment results show that the proposed BI-LSTM-GMM can achieve recall, precision, and accuracy up to 94%. Experiments reveal that the proposed framework can be a promising solution to the detection of unknown DDoS attacks.

scholarly journals Dolus : cyber defense using pretense against DDoS attacks in cloud platforms

2017 ◽  
Author(s):  
◽  
Roshan Lal Neupane
Keyword(s):  
Virtual Machines ◽  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Cloud Services ◽  
Ddos Attacks ◽  
Child Play ◽  
Original Target ◽  
Multiple Network ◽  
The Impact

Cloud-hosted services are being increasingly used in online businesses in e.g., retail, healthcare, manufacturing, entertainment due to benefits such as scalability and reliability. These benefits are fueled by innovations in orchestration of cloud platforms that make them totally programmable as Software Defined everything Infrastructures (SDxI). At the same time, sophisticated targeted attacks such as Distributed Denial-of-Service (DDoS) are growing on an unprecedented scale threatening the availability of online businesses. In this thesis, we present a novel defense system called Dolus to mitigate the impact of DDoS attacks launched against high-value services hosted in SDxI-based cloud platforms. Our Dolus system is able to initiate a pretense in a scalable and collaborative manner to deter the attacker based on threat intelligence obtained from attack feature analysis in a two-stage ensemble learning scheme. Using foundations from pretense theory in child play, Dolus takes advantage of elastic capacity provisioning via quarantine virtual machines and SDxI policy co-ordination across multiple network domains. To maintain the pretense of false sense of success after attack identification, Dolus uses two strategies: (i) dummy traffic pressure in a quarantine to mimic target response time profiles that were present before legitimate users were migrated away, and (ii) Scapy-based packet manipulation to generate responses with spoofed IP addresses of the original target before the attack traffic started being quarantined. From the time gained through pretense initiation, Dolus enables cloud service providers to decide on a variety of policies to mitigate the attack impact, without disrupting the cloud services experience for legitimate users. We evaluate the efficacy of Dolus using a GENI Cloud testbed and demonstrate its real-time capabilities to: (a) detect DDoS attacks and redirect attack traffic to quarantine resources to engage the attacker under pretense, and (b) coordinate SDxI policies to possibly block DDoS attacks closer to the attack source(s).

scholarly journals Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽  
2020 ◽  
pp. 899-906
Keyword(s):  
Denial Of Service ◽  
The Other ◽  
High Rate ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Huge Number ◽  
Security Issues ◽  
Ddos Attack ◽  
Legitimate User ◽  
The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

SIMULATION OF DDOS ATTACKS ON CLOUD COMPUTER SYSTEMS

2020 ◽  
pp. 75-85
Author(s):  
Zinchenko Olha ◽  
Keyword(s):  
Cloud Computing ◽  
Ddos Attacks ◽  
Computing Systems ◽  
Business Applications ◽  
Enterprise Network Security ◽  
Rapid Spread ◽  
Corporate Network ◽  
It Organizations ◽  
New Applications ◽  
The Impact

In conditions of high business competition, IT organizations need to respond quickly to the needs of their users who need resources to support business applications. This is due to the rapid spread of the cloud computing model, in which resources can be deployed independently and on demand. Cloud computing is a source of tools to automate the deployment of resources, so IT organizations do not have to spend so much time doing this process manually. When deploying new applications, moving virtual servers or commissioning new instances due to dynamic applications, the network must respond quickly and provide the required type of connection. There has been a significant breakthrough in software configured networks (SDN / NFV) over the past few years. SDN / NFV organizations need to increase network adaptability by automating the network on cloud computing platforms.However, the new challenges posed by the combination of cloud computing and SDN / NFV, especially in the area of enterprise network security, are still poorly understood. This article is about solving this important problem. The article examines the impact on the mechanisms of protection against network attacks in the corporate network, which uses both technologies, simulates DDoS-attacks on cloud computing systems. It has been shown that SDN / NFV technology can really help protect against DDoS attacks if the security architecture is designed correctly.

scholarly journals A Multivariant Stream Analysis Approach to Detect and Mitigate DDoS Attacks in Vehicular Ad Hoc Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Raenu Kolandaisamy ◽  
Rafidah Md Noor ◽  
Ismail Ahmedy ◽  
Iftikhar Ahmad ◽  
Muhammad Reza Z’aba ◽  
...  
Keyword(s):  
Ad Hoc Networks ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Time Windows ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
Hoc Networks ◽  
The Impact

Vehicular Ad Hoc Networks (VANETs) are rapidly gaining attention due to the diversity of services that they can potentially offer. However, VANET communication is vulnerable to numerous security threats such as Distributed Denial of Service (DDoS) attacks. Dealing with these attacks in VANET is a challenging problem. Most of the existing DDoS detection techniques suffer from poor accuracy and high computational overhead. To cope with these problems, we present a novel Multivariant Stream Analysis (MVSA) approach. The proposed MVSA approach maintains the multiple stages for detection DDoS attack in network. The Multivariant Stream Analysis gives unique result based on the Vehicle-to-Vehicle communication through Road Side Unit. The approach observes the traffic in different situations and time frames and maintains different rules for various traffic classes in various time windows. The performance of the MVSA is evaluated using an NS2 simulator. Simulation results demonstrate the effectiveness and efficiency of the MVSA regarding detection accuracy and reducing the impact on VANET communication.

scholarly journals Controlled DDoS Attack on IPv4/IPv6 Network Using Distributed Computing Infrastructure

2020 ◽  
Vol 44 (2) ◽  
pp. 297-316
Author(s):  
Michal Čerňanský ◽  
Ladislav Huraj ◽  
Marek Šimon
Keyword(s):  
Experimental Results ◽  
Ddos Attacks ◽  
Test Environment ◽  
Ddos Attack ◽  
Simple Tool ◽  
Ipv6 Network ◽  
Experimental Testbed ◽  
Ipv6 Networks ◽  
The Impact

The paper focuses on design, background and experimental results of real environment of DDoS attacks. The experimental testbed is based on employment of a tool for IT automation to perform DDoS attacks under monitoring. DDoS attacks are still serious threat in both IPv4 and IPv6 networks and creation of simple tool to test the network for DDoS attack and to allow evaluation of vulnerabilities and DDoS countermeasures of the networks is necessary. In proposed testbed, Ansible orchestration tool is employed to perform and coordinate DDoS attacks. Ansible is a powerful tool and simplifies the implementation of the test environment. Moreover, no special hardware is required for the attacks execution, the testbed uses existing infrastructure in an organization. The case study of implementation of this environment shows straightforwardness to create a testbed comparable with a botnet with ten thousand bots. Furthermore, the experimental results demonstrate the potential of the proposed environment and present the impact of the attacks on particular target servers in IPv4 and IPv6 networks.

scholarly journals The Impact of Mobility Patterns on MANET Vulnerability to DDoS Attacks

2012 ◽  
Vol 119 (3) ◽  
Author(s):  
M. Stojanovic ◽  
V. Acimovic-Raspopovic ◽  
V. Timcenko
Keyword(s):  
Ddos Attacks ◽  
Mobility Patterns ◽  
The Impact

scholarly journals Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World

2019 ◽  
Vol 4 (4) ◽  
pp. 1008-1017
Author(s):  
Rajeev Singh ◽  
T. P. Sharma
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
5G Networks ◽  
Dos Attack ◽  
Ddos Attack ◽  
Digital World ◽  
Iot Devices ◽  
The Impact ◽  
Day By Day

Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.

Sign in / Sign up

Export Citation Format

Share Document