Distributed reflection denial of service attack: A critical review

As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.

Download Full-text

Traffic deflection method for dos attack defense using a location-based routing protocol in the sensor network

Computer Science and Information Systems ◽

10.2298/csis120914029k ◽

2013 ◽

Vol 10 (2) ◽

pp. 685-701 ◽

Cited By ~ 2

Author(s):

Ho-Seok Kang ◽

Sung-Ryul Kim ◽

Pankoo Kim

Keyword(s):

Sensor Network ◽

Routing Protocol ◽

Denial Of Service ◽

Sensor Nodes ◽

Dos Attack ◽

Dos Attacks ◽

Negative Effects ◽

Denial Of Service Attack ◽

Service Attack ◽

Fatal Result

As the ubiquitous computing environment gets more attention and development, WSN (Wireless Sensor Network) is getting popular as well. Especially, the development of wireless communication and sensor equipment greatly contributes to the popularization of WSN. On the other hand, the safety and security of WSN attracts lots of attention due to such a development and distribution. The DoS (Denial of Service) attack, which gets more sophisticated and broadens its domain into various services fields, may have negative effects on WSN, making it vulnerable to attacks. Since WSN collects information through sensors that are already deployed, it is difficult to have its energy recharged. When WSN is under a DoS attack, sensor nodes consume lots of energy, bringing about a fatal result to the sensor network. In this paper, we propose a method to efficiently defend against DoS attacks by modifying routing protocols in the WSN. This method uses a location based routing protocol that is simple and easy to implement. In the WSN environment where the location-based routing protocol is implemented, this method disperses the DoS attack concentration of traffic by using the traffic deflection technique and blocks it out before arriving at the target destinations. To find out the number of traffic redirection nodes proper for this method, we have performed a few experiments, through which the number of such nodes was optimized.

Download Full-text

A Mitigation Technique for DoS Attack in Wireless Network Based Gradient Matrix and Firefly

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v8i1.546 ◽

2018 ◽

Vol 8 (1) ◽

pp. 136

Author(s):

Jeewanjot Kaur ◽

Taranjit Singh Aulakh

Keyword(s):

Research Effort ◽

Denial Of Service ◽

Traffic Monitoring ◽

Internet Security ◽

Cyber Attack ◽

Dos Attack ◽

Dos Attacks ◽

Network Resource ◽

Denial Of Service Attack ◽

Service Attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source. In this research a generalized model for detection has been created by studying the existing models and algorithms on DoS attacks. Internet security is vital to facilitate e-commerce transactions, and there has been continued research effort to provision network traffic monitoring at high speeds. In the proposed technique a threshold is also defined so that any other node id which is greater than that threshold may be prevented. In case of any intrusion IP backtracking and packet logging is used to detect the intruder and mitigate it. From result it may be clear that the QoS parameters are improved using proposed approach and there are improved by approx 15-18% from the existing approach.

Download Full-text

Denial-of-Service Attack

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2021.01.06 ◽

2021 ◽

Vol 10 (1) ◽

pp. 59-64

Author(s):

Ioana BALABAN

Keyword(s):

Denial Of Service ◽

Dos Attack ◽

Dos Attacks ◽

Denial Of Service Attack ◽

Service Attack ◽

Return Address

A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses. The network or server will not be able to find the return address of the attacker when sending the authentication approval, causing the server to wait before closing the connection. When the server closes the connection, the attacker sends more authentication messages with invalid return addresses. Hence, the process of authentication and server wait will begin again, keeping the network or server busy. This paper presents how DoS attacks are performed, the techniques used, the attack tools, the prevention of an attack and the some of the famous DoS attacks.

Download Full-text

Removing SYN flooding in TCP/IP Network

10.31224/osf.io/nwrj7 ◽

2019 ◽

Author(s):

Abbas Khurum

Keyword(s):

Communication Protocol ◽

Transmission Control Protocol ◽

Denial Of Service ◽

Transport Layer ◽

Distributed Denial Of Service ◽

Dos Attack ◽

Dos Attacks ◽

Transmission Control ◽

Wired Networks ◽

Ip Network

Transmission Control Protocol (TCP), the most popular transport layer communication protocol for the Internet. It was originally designed for wired networks, where Denial of Service (DoS) attacks are very common. This article analyzes the TCP SYN flood (a.k.a. SYN flood) Issue in TCP, that is a type of Distributed Denial of Service (DoS) attack that exploits part of the normal TCP three-way handshake to consume resources on the targeted server and render it unresponsive. At the end it proposes solution for TCP SYN flood.

Download Full-text

Analisis Explotasi Keamanan Web Denial of Service Attack

ComTech Computer Mathematics and Engineering Applications ◽

10.21512/comtech.v4i2.2597 ◽

2013 ◽

Vol 4 (2) ◽

pp. 1199

Author(s):

Junita Juwita Siregar

Keyword(s):

Denial Of Service ◽

Web Security ◽

Denial Of Service Attacks ◽

Dos Attacks ◽

Literature Study ◽

Authorized User ◽

Denial Of Service Attack ◽

Service Attack ◽

User Access ◽

Pass Through

Internet network which is public and global is unsafe, so the security of public Internet-based information system needs to be considered. When a data is sent from one computer to another on the Internet, it will pass through a number of other computers that are meant to give the user an opportunity to take over one or several computers. denial of service attacks is one of the web security systems which can inhibit the activity of the work of a service even turn it off, so the authorized user cannot use the service. There is an attempt of certain parties to prevent a user access to a system or network by flooding the traffic network with so much data from unregistered users. It makes the user unable to log into the network system. The purpose of this paper is to analyze the cause of the denial of service attack on a web system using literature study. The result of this research is a method to overcome denial of service attack as well as the prevention techniques. This study concludes that securing techniques should be implemented extra carefully on DoS attacks (Denial-of-Service Attacks). Therefore, the attacker cannot overwhelm the network IP address and disrupt communication between a server and its client that may reject user’s request access to a system or a network service provided by a host.

Download Full-text

A SURVEY ON CLOUD-DENIAL OF SERVICE

American Journal of Advanced Computing ◽

10.15864/ajac.1205 ◽

2020 ◽

Vol 1 (2) ◽

pp. 1-5

Author(s):

Bibek Naha ◽

Siddhartha Banerjee ◽

Sayanti Mondal

Keyword(s):

Cloud Computing ◽

Comparative Study ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Cloud Environment ◽

Dos Attack ◽

Huge Amount ◽

Denial Of Service Attack ◽

Service Attack ◽

Insight Into

Cloud Computing is one of the most nurtured as well as debated topic in today’s world. Billions of data of various fields ranging from personal users to large business enterprises reside in Cloud. Therefore, availability of this huge amount of data and services is of immense importance. The DOS (Denial of Service) attack is a well-known threat to the availability of data in a smaller premise. Whenever, it’s a Cloud environment this simple DOS attack takes the form of DDOS (Distributed Denial of Service) attack. This paper provides a generic insight into the various kinds of DOS as well as DDOS attacks. Moreover, a handful of countermeasures have also been depicted here. In a nutshell, it aims at raising an awareness by outlining a clear picture of the Cloud availability issues.Our paper gives a comparative study of different techniques of detecting DOS.

Download Full-text

DOS Attacks on Cloud Platform

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch025 ◽

2021 ◽

pp. 476-490

Author(s):

Rohit Kumar

Keyword(s):

Financial Services ◽

Denial Of Service ◽

Dos Attacks ◽

Security Issue ◽

Denial Of Service Attack ◽

Service Attack ◽

Utmost Care ◽

Cloud Network ◽

Financial Losses ◽

Very High

IaaS, PaaS, and SaaS models collectively form the Cloud Computing Infrastructure. The complexity of interrelationship of service models is very high and so security issue becomes essentials and must be developed with utmost care. Distributed DOS attacks are a major concern for different organization engaged in using cloud based services. The denial of service attack and distributed denial of service attacks in particular in cloud paradigms are big threat on a cloud network or platform. These attacks operate by rendering the server and network useless by sending unnecessary service and resource requests. The victims host or network isn't aware of such attacks and keeps providing recourses until they get exhausted. Due to resource exhaustions, the resources requests of genuine users doesn't get fulfilled. Severity of these attacks can lead to huge financial losses if, they are able to bring down servers executing financial services. This chapter presents DOS threats and methods to mitigate them in varied dimensions.

Download Full-text

Moving Target Defense Strategy for Mitigating Denial of Service Attack in the Public Cloud Environment

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f8077.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 1112-1115

Keyword(s):

Denial Of Service ◽

Moving Target ◽

Cloud Environment ◽

Public Cloud ◽

Dos Attack ◽

The Public ◽

Denial Of Service Attack ◽

Digital World ◽

Service Attack ◽

Attack Surface

Internet is a network of interconnected systems which works collaboratively and services the users without any disruption. But for achieving the same in real time, needs the new prominent technology cloud computing. The massive attractive features and simple pay-as-you-go model of cloud makes it reachable to all the users Denial-of-Service (DoS) plays a crucial role in making the services inaccessible to its intended users. The traditional DoS can no longer be successful in the cloud scenario as it poses the auto scaling feature. Still, the DoS can consume the bandwidth of the cloud customers as they need to pay for their complete usage. In spite of the huge number of recovery measures available in cloud, DoS becoming harder every day in terms of attack volume and severity. Hence complete mitigation against DoS attack is the expected solution which needs to be proved in today’s digital world. Moving Target Defence (MTD) is one such prominent emerging solution which aims to avoid the DDoS attacks in the cloud environment. The challenge of MTD is to change the attack surface periodically such that the attackers will be facing difficulty in even the attack attempts. This paper aims to provide solution for avoiding DoS attack by adopting MTD algorithm for making the web servers redundant in the cloud environment. Experimental simulations prove the effectiveness of MTD in the public cloud environment.

Download Full-text

An Implementation Of Botnet Detection Algorithm For Grid Networks

International Journal of Communication Networks and Security ◽

10.47893/ijcns.2011.1024 ◽

2011 ◽

pp. 68-72

Author(s):

G.Pradeep Reddy ◽

A.Ananda Rao

Keyword(s):

Denial Of Service ◽

Detection Algorithm ◽

Dos Attacks ◽

Ip Address ◽

Grid Networks ◽

Denial Of Service Attack ◽

Service Attack ◽

Potential Damage ◽

Taking Action ◽

Microsoft Windows

Grid is an emerging technology that aims at utilizing resources efficiently and effectively, A botnet is a collection of infected computers and the common attacks are A Distributed denial of service attack (DDOS) is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an Invalid or spoofed ip address. A botnet is taking action on the client itself via IRC Channels without the hackers having to login to the clients computer. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows xp, computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2007 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper focuses on improving the efficiency of the system performance over the network by implementing algorithm, It demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

Download Full-text

Impact of Denial-of-Service Attack on Directional Compact Geographic Forwarding Routing Protocol in Wireless Sensor Networks

Baghdad Science Journal ◽

10.21123/bsj.2021.18.4(suppl.).1371 ◽

2021 ◽

Vol 18 (4(Suppl.)) ◽

pp. 1371

Author(s):

Nasrina M Samir ◽

Maisarah Musni ◽

Zurina Mohd Hanapi ◽

Mohamed Ridzal Radzuan

Keyword(s):

Routing Protocol ◽

Smart Antenna ◽

Denial Of Service ◽

Delivery Ratio ◽

Communication Link ◽

Dos Attack ◽

Denial Of Service Attack ◽

Geographic Forwarding ◽

Service Attack ◽

The Impact

Directional Compact Geographic Forwarding (DCGF) routing protocol promises a minimal overhead generation by utilizing a smart antenna and Quality of Service (QoS) aware aggregation. However, DCGF was tested only in the attack-free scenario without involving the security elements. Therefore, an investigation was conducted to examine the routing protocol algorithm whether it is secure against attack-based networks in the presence of Denial-of-Service (DoS) attack. This analysis on DoS attack was carried out using a single optimal attacker, A1, to investigate the impact of DoS attack on DCGF in a communication link. The study showed that DCGF does not perform efficiently in terms of packet delivery ratio and energy consumption even on a single attacker.

Download Full-text