scholarly journals Modeling and Defense Denial-of-Service in Content-Centric Networking

2016 ◽  
Keyword(s):  
Denial Of Service ◽  
Content Centric Networking

scholarly journals Secure and DoS-Resilient Fragment Authentication in CCN-Based Vehicular Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-12
Author(s):  
Sangwon Hyun ◽  
Hyoungshick Kim
Keyword(s):  
Vehicular Networks ◽  
Denial Of Service ◽  
Content Delivery ◽  
Dos Attacks ◽  
Promising Alternative ◽  
Content Centric Networking ◽  
Transmission Unit ◽  
Communication Environments ◽  
Maximum Transmission

Content-Centric Networking (CCN) is considered as a promising alternative to traditional IP-based networking for vehicle-to-everything communication environments. In general, CCN packets must be fragmented and reassembled based on the Maximum Transmission Unit (MTU) size of the content delivery path. It is thus challenging to securely protect fragmented packets against attackers who intentionally inject malicious fragments to disrupt normal services on CCN-based vehicular networks. This paper presents a new secure content fragmentation method that is resistant to Denial-of-Service (DoS) attacks in CCN-based vehicular networks. Our approach guarantees the authenticity of each fragment through the immediate fragment verification at interim nodes on the routing path. Our experiment results demonstrate that the proposed approach provides much stronger security than the existing approach named FIGOA, without imposing a significant overhead in the process. The proposed method achieves a high immediate verification probability of 98.2% on average, which is 52% higher than that of FIGOA, while requiring only 14% more fragments than FIGOA.

scholarly journals Faster Data Forwarding in Content-Centric Network via Overlaid Packet Authentication Architecture

2020 ◽  
Vol 12 (20) ◽  
pp. 8746
Author(s):  
Taek-Young Youn ◽  
Joongheon Kim ◽  
David Mohaisen ◽  
Seog Chung Seo
Keyword(s):  
Denial Of Service ◽  
Future Internet ◽  
Public Key ◽  
Data Forwarding ◽  
Content Centric Networking ◽  
Data Packets ◽  
Denial Of Service Attack ◽  
Network Bandwidth ◽  
Public Verifiability ◽  
Content Centric Network

Content-Centric Networking (CCN) is one of the emerging paradigms for the future Internet, which shifts the communication paradigm from host-centric to data-centric. In CCN, contents are delivered by their unique names, and a public-key-based signature is built into data packets to verify the authenticity and integrity of the contents. To date, research has tried to accelerate the validation of the given data packets, but existing techniques were designed to improve the performance of content verification from the requester’s viewpoint. However, we need to efficiently verify the validity of data packets in each forwarding engine, since the transmission of invalid packets influences not only security but also performance, which can lead to a DDoS (Distributed Denial of Service) attack on CCN. For example, an adversary can inject a number of meaningless packets into CCN to consume the forwarding engines’ cache and network bandwidth. In this paper, a novel authentication architecture is introduced, which can support faster forwarding by accelerating the performance of data validation in forwarding engines. Since all forwarding engines verify data packets, our authentication architecture can eliminate invalid packets before they are injected into other CCN nodes. The architecture utilizes public-key based authentication algorithms to support public verifiability and non-repudiation, but a novel technique is proposed in this paper to reduce the overhead from using PKI for verifying public keys used by forwarding engines and end-users in the architecture. The main merit of this work is in improving the performance of data-forwarding in CCN regardless of the underlying public-key validation mechanism, such as PKI, by reducing the number of accesses to the mechanism. Differently from existing approaches that forgive some useful features of the Naive CCN for higher performance, the proposed technique is the only architecture which can support all useful features given by the Naive CCN.

Verification of Content-Centric Networking Using Proof Assistant

2016 ◽  
Vol E99.B (11) ◽  
pp. 2297-2304
Author(s):  
Sosuke MORIGUCHI ◽  
Takashi MORISHIMA ◽  
Mizuki GOTO ◽  
Kazuko TAKAHASHI
Keyword(s):  
Proof Assistant ◽  
Content Centric Networking

Web-Based Three-Layer Protection Mechanism Against Distributed Denial of Service

2019 ◽  
Vol 51 (9) ◽  
pp. 24-31
Author(s):  
Askar T. Rakhmanov ◽  
Shukhrat K. Kamalov ◽  
Komil F. Kerimov
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Web Based ◽  
Protection Mechanism

HULK and DDoS Attacks in Web Applications with Detection Mechanism

2018 ◽  
Vol 6 (6) ◽  
pp. 192
Author(s):  
Amit Sharma
Keyword(s):  
Web Applications ◽  
Denial Of Service ◽  
Single Server ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Detection Mechanism ◽  
Plan Execution ◽  
Social Affair ◽  
Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

Analisis Penerapan Virtual Private Network Menggunakan Tools Hacking

2019 ◽  
Author(s):  
Amarudin ◽  
Sampurna Dadi Riskiono
Keyword(s):  
Denial Of Service ◽  
Virtual Private Network ◽  
Private Network

Akhir-akhir ini sudah mulai banyak perusahaan yang memanfaatkan protokol Virtual Private Network (VPN) sebagai media akses/komunikasi antar jaringan interlokal. VPN adalah sebuah protokol keamanan jaringan yang dapat digunakan sebagai salah satu cara untuk meningkatkan keamanan jaringan dari sisi transmisi data. Dengan pemanfaatan VPN, koneksi antar jaringan dapat terbentuk secara virtual walaupun tidak terbentuk secara fisik. Selain itu, dengan memanfaatkan protokol VPN, user (client) dapat mengkases Server secara private melalui jaringan public. Dengan demikian komunikasi antara Client dan Server terjaga dari Sniffing (penyadapan) dari pihak yang tidak bertanggung jawab. Akan tetap tingkat keamanan yang dihasilkan dari penerapan VPN ini perlu dilakukan pengkajian yang lebih dalam. Sehingga tingkat keamanannya dapat diketahui apakah sudah termasuk dalam kategori aman ataukah masih ada peluang bug yang membahayakan dari penetrasi. Dalam penelitian ini dilakukan pengujian Scanning dan Sniffing pada penerapan VPN menggunakan toos hacking yaitu Nmap dan Wireshark. Sedangkan pengujian performansi service pada VPN Server, dilakukan pengujian Denial of Service (DoS) menggunakan tools hacking yaitu LOIC. Adapun objek penelitian ini adalah perangkat Mikrotik RouterOS yang digunakan pada Universitas Teknokrat Indonesia. Hasil penelitian yang didapatkan bahwa komunikasi data antar jaringan (antara VPN Server dan VPN Client) dapat terenkripsi dengan baik. Akan tetapi dari segi konektifitas antar jaringan sangat dipengaruhi oleh performansi bandwidth yang digunakan oleh sistem jaringan tersebut. Selain itu berdasarkan hasil pengujian performansi service pada VPN Server didapatkan hasil bahwa service pada VPN Server dapat dimatikan pada request (ping) sebesar 1.899.276 request. Hal ini dipengaruhi oleh spesifikasi perangkat Mikrotik RouterOS yang digunakan. Adapun untuk penelitian selanjutnya perlu dilakukan pengujian performansi konektifitas menggunakan bandwith yang lebih besar dan untuk menguji performansi service VPN Server menggunakan spesifikasi perangkat Mikrotik yang lebih baik.

Sign in / Sign up

Export Citation Format

Share Document