scholarly journals Creation of a DDOS attack using HTTP-GET Flood with the Cyber Kill Chain methodology

2019 ◽  
Vol 16 (1) ◽  
pp. 41-47
Author(s):  
Jeferson Eleazar Martínez-Lozano ◽  
Pedro Sandino Atencio-Ortiz
Keyword(s):  
Web Application ◽  
The Internet ◽  
Application Layer ◽  
Web Servers ◽  
Ddos Attack ◽  
Internet Application ◽  
Cyber Kill Chain

This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the development of the research, a systematic UFONet tool is applied and the results obtained are analyzed and it is recommended to protect the Internet application services of said attacks through web application firewalls (WAF) whose presence allows the DDoS traffic of the application layer (including the HTTP-GET flood) arrives effortlessly at the destination server.

scholarly journals Development of a web based smart city infrastructure for refuse disposal management

2017 ◽  
Author(s):  
◽  
Adeyemo Joke Oluwatimilehin
Keyword(s):  
Feature Extraction ◽  
Smart City ◽  
Web Application ◽  
The Internet ◽  
Client Application ◽  
Application Layer ◽  
Web Based ◽  
Statistical Feature ◽  
The Status ◽  
Refuse Disposal

The future of modern cities largely depends on how well they can tackle intrinsic problems that confront them by embracing the next era of digital revolution. A vital element of such revolution is the creation of smart cities and associated technology infrastructures. Smart city is an emerging phenomenon that involves the deployment of information communication technology wares into public or private infrastructure to provide intelligent data gathering and analysis. Key areas that have been considered for smart city initiatives include monitoring of weather, energy consumption, environmental conditions, water usage and host of others. To align with the smart city revolution in the area of environmental cleanliness, this study involves the development of a web based smart city infrastructure for refuse disposal management using the design science research approach. The Jalali smart city reference architecture provided a template to develop the proposed architecture in this study. The proposed architecture contains four layers, which are signal sensing and processing, network, intelligent user application and Internet of Things (IoT) web application layers. A proof of concept prototype was designed and implemented based on the proposed architecture. The signal sensing and processing layer was implemented to produce a smart refuse bin, which is a bin that contains the Arduino microcontroller board, Wi-Fi transceiver, proximity sensor, gas sensor, temperature sensor and other relevant electronic components. The network layer provides interconnectivity among the layers via the internet. The intelligent user application layer was realized with non browser client application, statistical feature extraction and pattern classifiers. Whereas the IoT web application layer was realised with ThingSpeak, which is an online web application for IoT based projects. The sensors in the smart refuse bin, generates multivariate dataset that corresponds to the status of refuse in the bin. Training and testing features were extracted from the dataset using first order statistical feature extraction method. Afterward, Multilayer Perceptron Artificial Neural Network (MLP-ANN) and support vector machine were trained and compared experimentally. The MLP-ANN gave the overall best accuracy of 98.0%, and the least mean square error of 0.0036. The ThingSpeak web application connects seamlessly at all times via the internet to receive data from the smart refuse bin. Refuse disposal management agents can therefore query ThingSpeak for refuse status data via the non browser client application. The client application, then uses the trained MLP-ANN to appositely classify such data in order to determine the status of the bin.

scholarly journals Preventing & Isolating Distributed Denial of Service (DDOS) attack in Wireless Mesh Networks (WMN's)

2019 ◽  
Vol 8 (9S) ◽  
pp. 447-454
Keyword(s):  
Wireless Mesh Networks ◽  
Shortest Path ◽  
Mesh Networks ◽  
Denial Of Service ◽  
The Internet ◽  
Covert Channel ◽  
Distributed Denial Of Service ◽  
Application Layer ◽  
Ddos Attack ◽  
Wireless Mesh

Wireless Mesh networks (WMN’s) are prone to a number of attacks & these attacks compromise the security of these networks. Attaining security in these networks is a challenging task. It is logical to consider that there are many types of scripts in the internet. The virus can either be a key logger or somebody else's mischief. With this script we can steal any information. Since the existence of virus cannot be ignored, therefore the authors have tried to present their work on first detecting it and later on fixing it. With the help of different protocols present in the Application Layer, a hacker takes information out of the script. The authors have used Covert Channel, which has been mentioned in many essays. Now with the help of this channel, the information will go to all and it will not go to any of the informatics. This research proposal envisions a methodology to first detect the selfish node in the network & later on provides a technique for mitigation of the same.NS2 simulator has been used to simulate & analyze the performance of our proposed methodology for Open Shortest Path First (OSPF) protocol in WMN’s.

scholarly journals WEB DDoS Attack Detection Method Based on Semisupervised Learning

2021 ◽  
Vol 2021 ◽  
pp. 1-10
Author(s):  
Xiang Yu ◽  
Wenchao Yu ◽  
Shudong Li ◽  
Xianfei Yang ◽  
Ying Chen ◽  
...  
Keyword(s):  
Web Application ◽  
False Positive Rate ◽  
Semisupervised Learning ◽  
Attack Detection ◽  
Application Layer ◽  
Ddos Attack ◽  
Web Attacks ◽  
Positive Rate ◽  
Ddos Attack Detection ◽  
The Web

Since the services on the Internet are becoming increasingly abundant, all walks of life are inextricably linked with the Internet. Simultaneously, the Internet’s WEB attacks have never stopped. Relative to other common WEB attacks, WEB DDoS (distributed denial of service) will cause serious damage to the availability of the target network or system resources in a short period of time. At present, most researches are centered around machine learning-related DDoS attack detection algorithms. According to previous studies, unsupervised methods generally have a high false positive rate, while supervisory methods cannot handle large amount of network traffic data, and the performance is often limited by noise and irrelevant data. Therefore, this paper proposes a semisupervised learning detection model combining spectral clustering and random forest to detect the DDoS attack of the WEB application layer and compares it with other existing detection schemes to verify the semisupervised learning model proposed in this paper. While ensuring a low false positive rate, there is a certain improvement in the detection rate, which is more suitable for the WEB application layer DDoS attack detection.

scholarly journals Analisis Perbandingan Kinerja Web Server Apache dan Nginx Menggunakan Httperf Pada Portal Berita (Studi Kasus beritalinux.com)

2017 ◽  
Vol 5 (2) ◽  
Author(s):  
Intan Ferina Irza ◽  
Zulhendra Zulhendra ◽  
Efrizon Efrizon
Keyword(s):  
Web Application ◽  
Web Server ◽  
The Internet ◽  
Application Server ◽  
Media Content ◽  
Web Servers ◽  
Connection Request ◽  
Web Server Performance ◽  
Data Request

The internet world in the globalization era is now developing. Anyone and anywhere can access the internet if you already have the tools and connections are adequate. There are two-ways relationship in accessing a web, they are Client and Server. Good Web Server performance can affect the quality of two-ways relationship between Client and Server. There are two Web Servers that are widely used today are Apache and Nginx. As a media content provider is expected to meet all the needs of users, especially in terms of performance of the device itself. To prove how the apache and nginx Web Server performance compare to the data request by the user, it is necessary to do a test and compare the parameters of each Web Server. Based on the problems above, the authors want to analyze and compare the performance of both Web servers are Apache and Nginx, so users can choose the best Web Server. The author only compares the parameters of throughput, connection, request, reply and error by assigning load to each test and performed on attributes that exist on beritalinux.com virtually. After testing, the results obtained where in responding and connecting data that requested by the client of web application server nginx was superior to apache. From these results, it is recommended to admin on beritalinux.com to use nginx web server for better website performance.Keywords: Analysis, Performance, Web Server, Apache, Nginx, HTTPERF

scholarly journals Secured and progressive transmission of compressed images on the Internet: application to telemedicine

2005 ◽  
Author(s):  
Marie Babel ◽  
Benoit Parrein ◽  
Olivier Deforges ◽  
Nicolas Normand ◽  
Jean-Pierre Guedon ◽  
...  
Keyword(s):  
The Internet ◽  
Progressive Transmission ◽  
Compressed Images ◽  
Internet Application

scholarly journals Traffic flow features as metrics (TFFM): detection of application layer level DDOS attack scope of IOT traffic flows

2018 ◽  
Vol 7 (2.7) ◽  
pp. 203 ◽  
Author(s):  
Kalathiripi Rambabu ◽  
N Venkatram
Keyword(s):  
Traffic Flow ◽  
Traffic Flows ◽  
Application Layer ◽  
Continuous Growth ◽  
Loosely Coupled ◽  
Ddos Attack ◽  
Proposed Model ◽  
Flow Features ◽  
Target Network ◽  
Iot Devices

The phenomenal and continuous growth of diversified IOT (Internet of Things) dependent networks has open for security and connectivity challenges. This is due to the nature of IOT devices, loosely coupled behavior of internetworking, and heterogenic structure of the networks.  These factors are highly vulnerable to traffic flow based DDOS (distributed-denial of services) attacks. The botnets such as “mirae” noticed in recent past exploits the IoT devises and tune them to flood the traffic flow such that the target network exhaust to response to benevolent requests. Hence the contribution of this manuscript proposed a novel learning-based model that learns from the traffic flow features defined to distinguish the DDOS attack prone traffic flows and benevolent traffic flows. The performance analysis was done empirically by using the synthesized traffic flows that are high in volume and source of attacks. The values obtained for statistical metrics are evincing the significance and robustness of the proposed model

Sign in / Sign up

Export Citation Format

Share Document