RESEARCH OF THE ISSUES OF IMPROVEMENT OF PROTECTION SYSTEMS AGAINST DDOS-ATTACKS BASED ON THE COMPREHENSIVE ANALYSIS OF MODERN INTERACTION MECHANISMS

The article presents the results of an analysis of the growth in the development of botnet networks and new cyber threats when they are used by cybercriminals. A review and comparison of the models for the implementation of botnet networks is carried out, as a result of which there are two main types. The main types of attacks carried out using the infrastructure of distributed computer networks are identified and classified, formed into 7 main groups, taking into account the relevance, prevalence and amount of damage. Based on the results of the analysis, it was determined that the most widespread and relevant type of attack is “Denial of Service”. The article presents a classification of services that provide services to ensure the protection of network resources from distributed attacks by the "Denial of Service" type, by the type of deployment, the level of security and the types of services provided. The comparison criteria are given taking into account their infrastructure, availability of technical support and a test period, available types of protection, capabilities, additional options, notification and reporting, as well as licensing. Practically implemented and shown a way to integrate the DDoS-Guard Protection service with an additional module at the application level, which made it possible to expand the methods of protection against DDoS attacks. Various modifications of the combined use of the module and the modified system make it possible to increase the expected level of detection and prevention of cyber - attacks.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2017070103 ◽

2017 ◽

Vol 7 (3) ◽

pp. 59-75 ◽

Cited By ~ 2

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch028 ◽

2021 ◽

pp. 541-558

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

Download Full-text

Proposed statistical-based approach for detecting distribute denial of service against the controller of software defined network (SADDCS)

MATEC Web of Conferences ◽

10.1051/matecconf/201821802012 ◽

2018 ◽

Vol 218 ◽

pp. 02012 ◽

Cited By ~ 3

Author(s):

Mohammad A. AL-Adaileh ◽

Mohammed Anbar ◽

Yung-Wey Chong ◽

Ahmed Al-Ani

Keyword(s):

Statistical Analysis ◽

Denial Of Service ◽

Attack Detection ◽

Detection Accuracy ◽

Ddos Attacks ◽

Large Area ◽

Network Resources ◽

Network Resource ◽

High Bandwidth ◽

Sdn Controller

Software-defined networkings (SDNs) have grown rapidly in recent years be-cause of SDNs are widely used in managing large area networks and securing networks from Distributed Denial of Services (DDoS) attacks. SDNs allow net-works to be monitored and managed through centralized controller. Therefore, SDN controllers are considered as the brain of networks and are considerably vulnerable to DDoS attacks. Thus, SDN controller suffer from several challenges that exhaust network resources. For SDN controller, the main target of DDoS attacks is to prevent legitimate users from using a network resource or receiving their services. Nevertheless, some approaches have been proposed to detect DDoS attacks through the examination of the traffic behavior of networks. How-ever, these approaches take too long to process all incoming packets, thereby leading to high bandwidth consumption and delays in the detection of DDoS at-tacks. In addition, most existing approaches for the detection of DDoS attacks suffer from high positive/negative false rates and low detection accuracy. This study proposes a new approach to detecting DDoS attacks. The approach is called the statistical-based approach for detecting DDoS against the controllers of software-defined networks. The proposed approach is designed to detect the presence of DDoS attacks accurately, reduce false positive/negative flow rates, and minimize the complexity of targeting SDN controllers according to a statistical analysis of packet features. The proposed approach passively captures net-work traffic, filters traffic, and selects the most significant features that contribute to DDoS attack detection. The general stages of the proposed approach are (i) da-ta preprocessing, (ii) statistical analysis, (iii) correlation identification between two vectors, and (iv) rule-based DDoS detection.

Download Full-text

Detecting DDoS Attacks Using Polyscale Analysis and Deep Learning

International Journal of Cognitive Informatics and Natural Intelligence ◽

10.4018/ijcini.2020010102 ◽

2020 ◽

Vol 14 (1) ◽

pp. 17-34

Author(s):

Maryam Ghanbari ◽

Witold Kinsner

Keyword(s):

Smart Grid ◽

Input Data ◽

Denial Of Service ◽

Support Vector ◽

Discrete Wavelet ◽

Ddos Attacks ◽

Ddos Attack ◽

Infrastructure Services ◽

Distinguishing Features

Distributed denial-of-service (DDoS) attacks are serious threats to the availability of a smart grid infrastructure services because they can cause massive blackouts. This study describes an anomaly detection method for improving the detection rate of a DDoS attack in a smart grid. This improvement was achieved by increasing the classification of the training and testing phases in a convolutional neural network (CNN). A full version of the variance fractal dimension trajectory (VFDTv2) was used to extract inherent features from the stochastic fractal input data. A discrete wavelet transform (DWT) was applied to the input data and the VFDTv2 to extract significant distinguishing features during data pre-processing. A support vector machine (SVM) was used for data post-processing. The implementation detected the DDoS attack with 87.35% accuracy.

Download Full-text

Efficient Classification of DDoS Attacks Using an Ensemble Feature Selection Algorithm

Journal of Intelligent Systems ◽

10.1515/jisys-2017-0472 ◽

2017 ◽

Vol 29 (1) ◽

pp. 71-83 ◽

Cited By ~ 2

Author(s):

Khundrakpam Johnson Singh ◽

Tanmay De

Keyword(s):

Feature Selection ◽

Denial Of Service ◽

Computation Time ◽

Threshold Value ◽

Ddos Attacks ◽

Selection Algorithm ◽

Feature Selection Algorithm ◽

Cyber Threats ◽

The Given

Abstract In the current cyber world, one of the most severe cyber threats are distributed denial of service (DDoS) attacks, which make websites and other online resources unavailable to legitimate clients. It is different from other cyber threats that breach security parameters; however, DDoS is a short-term attack that brings down the server temporarily. Appropriate selection of features plays a crucial role for effective detection of DDoS attacks. Too many irrelevant features not only produce unrelated class categories but also increase computation overhead. In this article, we propose an ensemble feature selection algorithm to determine which attribute in the given training datasets is efficient in categorizing the classes. The result of the ensemble algorithm when compared to a threshold value will enable us to decide the features. The selected features are deployed as training inputs for various classifiers to select a classifier that yields maximum accuracy. We use a multilayer perceptron classifier as the final classifier, as it provides better accuracy when compared to other conventional classification models. The proposed method classifies the new datasets into either attack or normal classes with an efficiency of 98.3% and also reduces the overall computation time. We use the CAIDA 2007 dataset to evaluate the performance of the proposed method using MATLAB and Weka 3.6 simulators.

Download Full-text

Optimasi Keamanan Informasi Pendaftaran Event Menggunakan Teknologi Blockchain

Jurnal Ilmiah FIFO ◽

10.22441/fifo.2020.v12i1.007 ◽

2020 ◽

Vol 12 (1) ◽

pp. 74

Author(s):

Iqbal Busthomi ◽

Imam Riadi ◽

Rusydi Umar

Keyword(s):

Web Application ◽

Denial Of Service ◽

Cyber Attacks ◽

Data Consistency ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Registration Data ◽

Event System ◽

Start Up ◽

Cpu Usage

Abstract CV. Nyebar is an IT-based start-up that deals with event data management using a web-based application. The Event system provides account registration services as a Member and Organizer. Members of the Event System must first have an account and log-in to be able to register for the event. The process of registering events so far has not been properly secured. The event registration process will send registrant information, but the information sent has not been secured and validated first, so the Event System is still vulnerable to cyber-attacks including the registration data sniffing attack and Distributed Denial of Service (DDoS) attacks. DDoS attacks are carried out by sending messages and packet requests continuously to the business sector, hosting, social sites originating from bot at one time, resulting in overloaded network servers because of the resources (bandwidth, memory, and CPU usage) they have. the network server is used up. Blockchain which has three techniques/mechanisms including the use of hashes and proof-of-work mechanisms which can be an alternative security for event registration information because it can maintain information security, data consistency, and DDoS attacks.Keyword: Web Application, Distributed Denial of Service (DDoS), BlockchainAbstrak CV. Nyebar merupakan start-up berbasis IT yang bergelut dibidang pengelolaan data event menggunakan sebuah aplikasi berbasis web. Sistem Event menyediakan layanan pendaftaran akun sebagai Member dan Organizer. Member dari Sistem Event harus memiliki akun dan log-in terlebih dahulu untuk mendaftar sebuah event. Proses pendaftaran event sejauh ini belum diamankan dengan baik. Proses pendaftaran event akan mengirimkan informasi pendaftar, namun informasi yang dikirimkan belum diamanakan dan divalidasi terlebih dahulu, sehingga Sistem Event masih rentan akan serangan siber diantaranya adalah serangan sniffing data pendaftaran dan serangan Distributed Denial of Service (DDoS). Serangan DDoS dilakukan dengan mengirimkan pesan dan permintaan paket secara terus menerus kepada sektor bisnis, hosting, situs sosial yang berasal dari bot dalam satu waktu, sehingga mengakibatkan server jaringan menjadi overload karena sumber daya (bandwith, memory, dan CPU usage) yang dimiliki server jaringan habis terpakai. Blockchain yang memiliki dua teknik/mekanisme antara lain adalah penggunaan hash dan mekanisme proof-of-work, yang dapat menjadi alternatif pengamanan informasi pemdaftaran event karena dapat menjaga keamanan informasi, kekonsistenan data, dan serangan dari DDoS.Keyword: Aplikasi Web, Distributed Denial of Service (DDoS), Teknologi Blockchain

Download Full-text

Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2018040104 ◽

2018 ◽

Vol 10 (2) ◽

pp. 58-74 ◽

Cited By ~ 8

Author(s):

Kavita Sharma ◽

B. B. Gupta

Keyword(s):

Defense Mechanisms ◽

Computer Network ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

Network Resources ◽

Common People ◽

Ddos Attack ◽

Legitimate User

This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.

Download Full-text

Deep Learning Method for Prediction of DDoS Attacks on Social Media

Advances in Data Science and Adaptive Analysis ◽

10.1142/s2424922x19500025 ◽

2019 ◽

Vol 11 (01n02) ◽

pp. 1950002

Author(s):

Rasim M. Alguliyev ◽

Ramiz M. Aliguliyev ◽

Fargana J. Abdullayeva

Keyword(s):

Social Media ◽

Deep Learning ◽

Social Networking ◽

Cyber Attacks ◽

Test Accuracy ◽

Learning Method ◽

Ddos Attacks ◽

Twitter Data ◽

Social Events

Recently, data collected from social media enable to analyze social events and make predictions about real events, based on the analysis of sentiments and opinions of users. Most cyber-attacks are carried out by hackers on the basis of discussions on social media. This paper proposes the method that predicts DDoS attacks occurrence by finding relevant texts in social media. To perform high-precision classification of texts to positive and negative classes, the CNN model with 13 layers and improved LSTM method are used. In order to predict the occurrence of the DDoS attacks in the next day, the negative and positive sentiments in social networking texts are used. To evaluate the efficiency of the proposed method experiments were conducted on Twitter data. The proposed method achieved a recall, precision, [Formula: see text]-measure, training loss, training accuracy, testing loss, and test accuracy of 0.85, 0.89, 0.87, 0.09, 0.78, 0.13, and 0.77, respectively.

Download Full-text

Distributed Denial of Service Attacks and Defense in Cloud Computing

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch027 ◽

2021 ◽

pp. 522-540

Author(s):

Gopal Singh Kushwah ◽

Virender Ranga

Keyword(s):

Cloud Computing ◽

Denial Of Service ◽

High Availability ◽

Distributed Denial Of Service ◽

Security Issue ◽

Network Resources ◽

Ddos Attack ◽

On Demand ◽

Learning Machine

Cloud computing has now become a part of many businesses. It provides on-demand resources to its users based on pay-as-you-use policy, across the globe. The high availability feature of this technology is affected by distributed denial of service (DDoS) attack, which is a major security issue. In this attack, cloud or network resources are exhausted, resulting in a denial of service for legitimate users. In this chapter, a classification of various types of DDoS attacks has been presented, and techniques for defending these attacks in cloud computing have been discussed. A discussion on challenges and open issues in this area is also given. Finally, a conceptual model based on extreme learning machine has been proposed to defend these attacks.

Download Full-text

SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks

Information ◽

10.3390/info10030106 ◽

2019 ◽

Vol 10 (3) ◽

pp. 106 ◽

Cited By ~ 21

Author(s):

Pedro Manso ◽

José Moura ◽

Carlos Serrão

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Network Performance ◽

Detection System ◽

Denial Of Service ◽

Cyber Attacks ◽

Normal Operation ◽

Ddos Attacks ◽

Network Infrastructure ◽

Sdn Controller

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.

Download Full-text