scholarly journals Blocking Distributed Denial of Service Flooding Attacks with Dynamic Path Detectors

2020 ◽  
Vol 8 (6) ◽  
pp. 1318-1322
Author(s):  
Dr. E. Punarselvam
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Flooding Attacks ◽  
Dynamic Path

Preventing Distributed Denial-of-Service Flooding Attacks With Dynamic Path Identifiers

2017 ◽  
Vol 12 (8) ◽  
pp. 1801-1815 ◽  
Author(s):  
Hongbin Luo ◽  
Zhe Chen ◽  
Jiawei Li ◽  
Athanasios V. Vasilakos
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Flooding Attacks ◽  
Dynamic Path

scholarly journals Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

2021 ◽  
Vol 1 (2) ◽  
pp. 67-74
Author(s):  
Dalia Nashat ◽  
Fatma A. Hussain ◽  
Xiaohong Jiang
Keyword(s):  
Detection Probability ◽  
Odds Ratio ◽  
Detection Method ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Internet Routing ◽  
Denial Of Service Attack ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
Service Attack

Computer networks are vulnerable to many types of attacks while the Distributed Denial of Service attack (DDoS) serves as one of the top concerns for security professionals. The DDoS flooding attack denies the services by consuming the server resources to prevent the legitimate users from using their desired services. The hardness of detecting this attack lies in sending a stream of packets to the server with spoofed IP addresses, so that the internet routing infrastructure cannot distinguish the spoofed packets. Based on the odds ratio (OR) statistical measurement, in this work we propose a new detection method for the DDoS flooding attacks. By exploring the odds ratio to determine the risk factor of any incoming traffic to the server, the legitimate and attack traffic packets can be easily differentiated. Experimental results demonstrate the efficiency of the presented detection method in terms of its detection probability and detection time.

Proactive routing mutation against stealthy Distributed Denial of Service attacks: metrics, modeling, and analysis

2017 ◽  
Vol 15 (2) ◽  
pp. 219-230 ◽  
Author(s):  
Qi Duan ◽  
Ehab Al-Shaer ◽  
Samrat Chatterjee ◽  
Mahantesh Halappanavar ◽  
Christopher Oehmen
Keyword(s):  
Denial Of Service ◽  
Skewed Distribution ◽  
Distributed Denial Of Service ◽  
Flow Paths ◽  
Modeling And Analysis ◽  
Proactive Routing ◽  
Flooding Attacks ◽  
Critical Links ◽  
New Generation ◽  
The Impact

Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploits the inherent weakness of cyber infrastructure, including the deterministic nature of routing, skewed distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim’s end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and estimate the impact of such susceptibility on enterprises. Second, we develop proactive route mutation techniques to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and Quality of Service requirements. We implemented the proactive path mutation technique on a Software Defined Network using the OpenDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.

scholarly journals Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised counter-based algorithm in Hadoop

2018 ◽  
Vol 7 (4.36) ◽  
pp. 390
Author(s):  
Y. S.Kalai vani ◽  
Dr. P.Ranjana
Keyword(s):  
Intrusion Detection ◽  
Large Volume ◽  
Detection System ◽  
Denial Of Service ◽  
Detection Algorithm ◽  
Map Reduce ◽  
Distributed Denial Of Service ◽  
Huge Amount ◽  
Denial Of Service Attack ◽  
Flooding Attacks

A Distributed Denial of Service (DDOS) is one of the major threats in the cyber network and it causes the computers flooded with the Users Datagram Packet (UDP).This type of attack crashes the victim with large volume of traffic and the victim is not capable of performing normal communication and crashes it completely. To handle this DDOS attack the normal Intrusion Detection System is not suitable to hold and find the amount of the data in the network. Hadoop is a frame work that allows huge amount of data and it is used to processes the huge amount of data. A Map reduce program comprises of a Map task that performs filtering and sorting and a Reduce task that performs summary operation. The propose work  focuses on the detection algorithm based on Map Reduce platform which uses the Improvised counter based (MRICB)  algorithm to detect the DDOS flooding attacks. The MRICB algorithm is implemented with Map Reduce functionalities at the stage of verifying the Network IPS. This proposed algorithm also focuses  on the UDP flooding attack using anomaly based intrusion detection technique that identifies the kind of packets and the flow of packet in the node is more that the set threshold and also identifies  the source code causing UDP Flood attack . Thus it ensures the normal communication with large volume of traffic.   

A Survey of Botnet-Based DDoS Flooding Attacks of Application Layer

2016 ◽  
pp. 52-79 ◽  
Author(s):  
Esraa Alomari ◽  
Selvakumar Manickam ◽  
B. B. Gupta ◽  
Mohammed Anbar ◽  
Redhwan M. A. Saad ◽  
...  
Keyword(s):  
Denial Of Service ◽  
Internet Security ◽  
Sensitive Information ◽  
Distributed Denial Of Service ◽  
Cyber Attack ◽  
Open Problems ◽  
Ddos Attack ◽  
Flooding Attacks ◽  
Cyber Espionage ◽  
Detection Mechanisms

A Botnet can be used to launch a cyber-attack, such as a Distributed Denial of Service (DDoS) attack, against a target or to conduct a cyber-espionage campaign to steal sensitive information. This survey analyzes and compares the most important efforts carried out in an application-based detection area and this survey extended to cover the mitigation approaches for the Botnet-based DDoS flooding attacks. It accomplishes four tasks: first, an extensive illustration on Internet Security; second, an extensive comparison between representative detection mechanisms; third, the comparison between the mitigation mechanisms against Botnet-based DDoS flooding and fourth, the description of the most important problems and highlights in the area. We conclude that the area has achieved great advances so far, but there are still many open problems.

Sign in / Sign up

Export Citation Format

Share Document