On Investigating the Effectiveness of Biometric Readers in Thwarting Network Attacks: A Secure Architecture Design Proposal

2015 ◽  
Vol 24 (2) ◽  
pp. 199-213
Author(s):  
Zouheir Trabelsi ◽  
Mohamed Al Hemairy ◽  
Mohammad M. Masud
Keyword(s):  
Laboratory Experiments ◽  
Denial Of Service ◽  
Local Area Networks ◽  
Local Area ◽  
Architecture Design ◽  
Dos Attack ◽  
Dos Attacks ◽  
User Identification ◽  
Network Attacks ◽  
Design Proposal

AbstractBiometrics readers are deployed in many public sites and are used for user identification and verification. Nowadays, most biometrics readers can be connected to local area networks, and consequently, they are potential targets for network attacks. This article investigates the robustness of several fingerprint and iris readers against common denial of service (DoS) attacks. This investigation has been conducted using a set of laboratory experiments and DoS attack generator tools. The experiments show clearly that the tested biometric readers are very vulnerable to common DoS attacks, and their recognition performances deteriorate significantly once they are under DoS attacks. Finally, the article lists some security consideration that should be taken into consideration when designing secure biometrics readers.

scholarly journals Output Feedback NCS of DoS Attacks Triggered by Double-Ended Events

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Xinzhi Feng ◽  
Yang Yang ◽  
Xiaozhong Qi ◽  
Chunming Xu ◽  
Ze Ji
Keyword(s):  
Control System ◽  
Denial Of Service ◽  
Network Control ◽  
Control Performance ◽  
Network Control System ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Attacks ◽  
Elastic Event ◽  
Event Triggering

In recent years, the research of the network control system under the event triggering mechanism subjected to network attacks has attracted foreign and domestic scholars’ wide attention. Among all kinds of network attacks, denial-of-service (DoS) attack is considered the most likely to impact the performance of NCS significantly. The existing results on event triggering do not assess the occurrence of DoS attacks and controller changes, which will reduce the control performance of the addressed system. Aiming at the network control system attacked by DoS, this paper combines double-ended elastic event trigger control, DoS attack, and quantitative feedback control to study the stability of NCS with quantitative feedback of DoS attack triggered by a double-ended elastic event. Simulation examples show that this method can meet the requirements of control performance and counteract the known periodic DoS attacks, which save limited resources and improve the system’s antijamming ability.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
pp. 115-123
Author(s):  
Budi Jaya ◽  
Y Yuhandri ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons

scholarly journals DOS Attacks on TCP/IP Layers in WSN

2013 ◽  
Vol 1 (2013) ◽  
pp. 40-45
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Networks ◽  
Sensor Network ◽  
Low Cost ◽  
Denial Of Service ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Renewable Energy Resources ◽  
Dos Attack ◽  
Dos Attacks

The emergence of sensor networks as one of the dominant technology trends in the coming decades has posed numerous unique challenges on their security to researchers. These networks are likely to be composed of thousands of tiny sensor nodes, which are low-cost devices equipped with limited memory, processing, radio, and in many cases, without access to renewable energy resources. While the set of challenges in sensor networks are diverse, we focus on security of Wireless Sensor Network in this paper. First, we propose some of the security goal for Wireless Sensor Network. To perform any task in WSN, the goal is to ensure the best possible utilization of sensor resources so that the network could be kept functional as long as possible. In contrast to this crucial objective of sensor network management, a Denial of Service (DoS) attack targets to degrade the efficient use of network resources and disrupts the essential services in the network. DoS attack could be considered as one of th

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

2021 ◽  
pp. 20-48
Author(s):  
Sobana Sikkanan ◽  
Kasthuri M.
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Resources ◽  
Systematic Analysis ◽  
Network Bandwidth ◽  
Research Areas ◽  
History Analysis ◽  
Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

2011 ◽  
Vol 22 (05) ◽  
pp. 1073-1098
Author(s):  
SHLOMI DOLEV ◽  
YUVAL ELOVICI ◽  
ALEX KESSELMAN ◽  
POLINA ZILBERMAN
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Traffic Classification ◽  
Classification Rules ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Worst Case ◽  
Filtering Algorithm ◽  
Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
Author(s):  
Budi Jaya ◽  
Yuhandri Yunus ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons.

SCAFFY

2021 ◽  
Vol 15 (3) ◽  
pp. 106-128
Author(s):  
Muraleedharan N. ◽  
Janet B.
Keyword(s):  
Critical Infrastructure ◽  
State Of The Art ◽  
Denial Of Service ◽  
Classification Performance ◽  
Dos Attack ◽  
Dos Attacks ◽  
Flow Parameters ◽  
Machine Learning Model ◽  
The Common ◽  
Catastrophic Impact

Denial of service (DoS) attack is one of the common threats to the availability of critical infrastructure and services. As more and more services are online enabled, the attack on the availability of these services may have a catastrophic impact on our day-to-day lives. Unlike the traditional volumetric DoS, the slow DoS attacks use legitimate connections with lesser bandwidth. Hence, it is difficult to detect slow DoS by monitoring bandwidth usage and traffic volume. In this paper, a novel machine learning model called ‘SCAFFY' to classify slow DoS on HTTP traffic using flow level parameters is explained. SCAFFY uses a multistage approach for the feature section and classification. Comparison of the classification performance of decision tree, random forest, XGBoost, and KNN algorithms are carried out using the flow parameters derived from the CICIDS2017 and SUEE datasets. A comparison of the result obtained from SCAFFY with two recent works available in the literature shows that the SCAFFY model outperforms the state-of-the-art approaches in classification accuracy.

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

2020 ◽  
pp. 114-151
Author(s):  
Sobana Sikkanan ◽  
Kasthuri M.
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Resources ◽  
Systematic Analysis ◽  
Network Bandwidth ◽  
Research Areas ◽  
History Analysis ◽  
Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

Denial of Service (DoS) Attacks Over Cloud Environment

2021 ◽  
pp. 491-521
Author(s):  
Thangavel M. ◽  
Nithya S ◽  
Sindhuja R
Keyword(s):  
Cloud Computing ◽  
Capacity Planning ◽  
Denial Of Service ◽  
Cloud Services ◽  
The Other ◽  
Complete Analysis ◽  
Cloud Environment ◽  
Dos Attack ◽  
Dos Attacks ◽  
The Impact

Cloud computing is the fastest growing technology in today's world. Cloud services provide pay as go models on capacity or usage. For providing better cloud services, capacity planning is very important. Proper capacity planning will maximize efficiency and on the other side proper control over the resources will help to overcome from attacks. As the technology develops in one side, threats and vulnerabilities to security also increases on the other side. A complete analysis of Denial of Service (DOS) attacks in cloud computing and how are they done in the cloud environment and the impact of reduced capacity in cloud causes greater significance. Among all the cloud computing attacks, DOS is a major threat to the cloud environment. In this book chapter, we are going to discuss DOS attack in the cloud and its types, what are the tools used to perform DOS attack and how they are detected and prevented. Finally it deals with the measures to protect the cloud services from DOS attack and also penetration testing for DOS attack.

Denial-of-Service (DoS) Attack and Botnet

2021 ◽  
pp. 49-73
Author(s):  
Arushi Arora ◽  
Sumit Kumar Yadav ◽  
Kavita Sharma
Keyword(s):  
Defense Mechanism ◽  
Denial Of Service ◽  
The Other ◽  
Denial Of Service Attacks ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Commercial Software ◽  
Other Hand ◽  
Insight Into

This chapter describes how the consequence and hazards showcased by Denial of Service attacks have resulted in the surge of research studies, commercial software and innovative cogitations. Of the DoS attacks, the incursion of its variant DDoS can be quite severe. A botnet, on the other hand, is a group of hijacked devices that are connected by internet. These botnet servers are used to perform DDoS attacks effectively. In this chapter, the authors attempt to provide an insight into DoS attacks and botnets, focusing on their analysis and mitigation. They also propose a defense mechanism to mitigate our system from botnet DDoS attacks. This is achieved by using a through access list based configuration. The artful engineering of malware is a weapon used for online crime and the ideas behind it are profit-motivated. The last section of the chapter provides an understanding of the WannaCry Ransomware Attack which locked computers in more than 150 countries.

Sign in / Sign up

Export Citation Format

Share Document