scholarly journals Controlled DDoS Attack on IPv4/IPv6 Network Using Distributed Computing Infrastructure

2020 ◽  
Vol 44 (2) ◽  
pp. 297-316
Author(s):  
Michal Čerňanský ◽  
Ladislav Huraj ◽  
Marek Šimon
Keyword(s):  
Experimental Results ◽  
Ddos Attacks ◽  
Test Environment ◽  
Ddos Attack ◽  
Simple Tool ◽  
Ipv6 Network ◽  
Experimental Testbed ◽  
Ipv6 Networks ◽  
The Impact

The paper focuses on design, background and experimental results of real environment of DDoS attacks. The experimental testbed is based on employment of a tool for IT automation to perform DDoS attacks under monitoring. DDoS attacks are still serious threat in both IPv4 and IPv6 networks and creation of simple tool to test the network for DDoS attack and to allow evaluation of vulnerabilities and DDoS countermeasures of the networks is necessary. In proposed testbed, Ansible orchestration tool is employed to perform and coordinate DDoS attacks. Ansible is a powerful tool and simplifies the implementation of the test environment. Moreover, no special hardware is required for the attacks execution, the testbed uses existing infrastructure in an organization. The case study of implementation of this environment shows straightforwardness to create a testbed comparable with a botnet with ten thousand bots. Furthermore, the experimental results demonstrate the potential of the proposed environment and present the impact of the attacks on particular target servers in IPv4 and IPv6 networks.

Evaluating the Impact of DDoS Attacks in Vehicular Ad-Hoc Networks

2020 ◽  
Vol 12 (4) ◽  
pp. 1-18
Author(s):  
Kaushik Adhikary ◽  
Shashi Bhushan ◽  
Sunil Kumar ◽  
Kamlesh Dutta
Keyword(s):  
Ad Hoc Networks ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Experimental Results ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Attack ◽  
Hoc Networks ◽  
The Impact

The presence of either malicious vehicles or inaccessibility of network services makes vehicular ad-hoc networks (VANETs) easy targets for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as distributed DoS (DDoS) attack. A lot of works have been done by researchers in securing the vehicular communication against the DDoS attacks. In this paper, efforts have been made to simulate the DDoS attacks in VANETs as well as to study their impact on the performance of networks. The experimental results are presented using six important metrics, which are collision, jitter, delay, packet drop, ratio-in-out, and throughput. The experimental results show that the impact of distributed DoS (DDoS) attack on networks performance is very critical and must be addressed to ensure the smooth functioning of networks.

scholarly journals Performance Evaluations of IPTables Firewall Solutions under DDoS attacks

2015 ◽  
Vol 11 (2) ◽  
pp. 35-45 ◽  
Author(s):  
M. Šimon ◽  
L. Huraj ◽  
M. Čerňanský
Keyword(s):  
Ddos Attacks ◽  
Grid Environment ◽  
Computing Systems ◽  
Packet Filtering ◽  
Ddos Attack ◽  
Ipv6 Network ◽  
Pros And Cons ◽  
System Administrator ◽  
Ipv6 Networks ◽  
A Chain

Abstract The paper presents design, background and experimental results of the IPTables applied in IPv4 and IP6Tables applied in IPv6 network compared through several tested parameters. The experimental testbed environment is based on P2P grid utilized for DDoS attacks. IPTables tool is used for packet filtering and consequently for preventing DoS/DDoS attacks. It allows a system administrator to configure the tables, the chains and rules it stores in order to manage the incoming and outgoing packets. The packets are treated according to the rules’ results provided by the packet processing. A rule in a chain can be bound with another chain in the table etc. We employ the P2P grid environment to carry out as well as to coordinate DDoS attack on the availability of services to simulate real DDoS attack launched indirectly through many compromised computing systems. The same routing protocols as well as the same firewall rules were used for IPv4 and for IPv6 network. The main aim was to analyse pros and cons of new IP6Tables tool compared with IPTables in IPv4 networks in light of the resistance to DDoS attacks which is still one of the most significant threats in the IPv6 networks.

scholarly journals Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽  
2020 ◽  
pp. 899-906
Keyword(s):  
Denial Of Service ◽  
The Other ◽  
High Rate ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Huge Number ◽  
Security Issues ◽  
Ddos Attack ◽  
Legitimate User ◽  
The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

Cybersecurity Attacks in Vehicle-to-Infrastructure Applications and Their Prevention

2018 ◽  
Vol 2672 (19) ◽  
pp. 66-78 ◽  
Author(s):  
Mhafuzul Islam ◽  
Mashrur Chowdhury ◽  
Hongda Li ◽  
Hongxin Hu
Keyword(s):  
Denial Of Service ◽  
Data Communication ◽  
Point Of View ◽  
Environmental Benefits ◽  
Connected Vehicle ◽  
Ddos Attack ◽  
Stop Sign ◽  
Vehicle To Infrastructure ◽  
The Impact

A connected vehicle (CV) environment is comprised of diverse computing infrastructure, data communication and dissemination, and data collection systems that are vulnerable to the same cyberattacks as all traditional computing environments. Cyberattacks can jeopardize the expected safety, mobility, energy, and environmental benefits from CV applications. As cyberattacks can lead to severe consequences such as traffic incidents, it has become one of the primary concerns in CV applications. In this paper, we evaluate the impact of cyberattacks on the vehicle-to-infrastructure (V2I) network from a V2I application point of view. Then, we develop a novel V2I cybersecurity architecture, named CVGuard, which can detect and prevent cyberattacks on the V2I applications. In designing CVGuard, key challenges, such as scalability, resiliency and future usability were considered. A case study using a distributed denial of service (DDoS) attack on a V2I application, “Stop Sign Gap Assist (SSGA)” application, shows that CVGuard was effective in mitigating the adverse safety effects created by a DDoS attack. In our case study, because of the DDoS attack, conflicts between the minor and major road vehicles occurred at an unsignalized intersection, which could have caused crashes. A reduction of conflicts between vehicles occurred because CVGuard was in operation. The reduction of conflicts was compared based on the number of conflicts before and after the implementation and operation of the CVGuard security platform. Analysis revealed that the strategies adopted by CVGuard were successful in reducing the conflicts by 60% where a DDoS attack compromised the SSGA application at an unsignalized intersection.

scholarly journals Tuning Parallel SAT Solvers

10.29007/z3g2 ◽  
2019 ◽  
Author(s):  
Thorsten Ehlers ◽  
Dirk Nowotka
Keyword(s):  
Model Checking ◽  
Database Management ◽  
Bounded Model Checking ◽  
Experimental Results ◽  
Massively Parallel ◽  
Sat Solving ◽  
Sat Solvers ◽  
Sat Solver ◽  
The Impact

In this paper we present new implementation details and benchmarking results for our parallel portfolio solver TopoSAT2. In particular, we discuss ideas and implementation details for the exchange of learned clauses in a massively-parallel SAT solver which is designed to run more that 1, 000 solver threads in parallel. Furthermore, we go back to the roots of portfolio SAT solving, and discuss the impact of diversifying the solver by using different restart- , branching- and clause database management heuristics. We show that these techniques can be used to tune the solver towards different problems. However, in a case study on formulas derived from Bounded Model Checking problems we see the best performance when using a rather simple clause exchange strategy. We show details of these tests and discuss possible explanations for this phenomenon.As computing times on massively-parallel clusters are expensive, we consider it especially interesting to share these kind of experimental results.

scholarly journals A Case Study of IPv6 Network Performance: Packet Delay, Loss, and Reordering

2017 ◽  
Vol 2017 ◽  
pp. 1-10 ◽  
Author(s):  
Fuliang Li ◽  
Xingwei Wang ◽  
Tian Pan ◽  
Jiahai Yang
Keyword(s):  
Network Performance ◽  
Loss Rate ◽  
Performance Metrics ◽  
Deep Understanding ◽  
Packet Delay ◽  
Packet Reordering ◽  
Link Utilization ◽  
Ipv6 Network ◽  
Ipv6 Networks

Internet Protocol (IP) is used to identify and locate computers on the Internet. Currently, IPv4 still routes most Internet traffic. However, with the exhausting of IPv4 addresses, the transition to IPv6 is imminent, because, as the successor of IPv4, IPv6 can provide a larger available address space. Existing studies have addressed the notion that IPv6-centric next generation networks are widely deployed and applied. In order to gain a deep understanding of IPv6, this paper revisits several critical IPv6 performance metrics. Our extensive measurement shows that packet delay and loss rate of IPv6 are similar to IPv4 when the AS-level paths are roughly the same. Specifically, when the link utilization exceeds a threshold, for example, 0.83 in our study, variation of packet delay presents a similar pattern with the variation of link utilization. If packet delay of a path is large, packet-loss rate of that path is more likely to fluctuate. In addition, we conduct a first-ever analysis of packet reordering in IPv6 world. Few IPv6 probe packets are out-of-order and the reordering rate is 2.3⁎10-6, which is much lower than that of 0.79% in IPv4 world. Our analysis consolidates an experimental basis for operators and researchers of IPv6 networks.

scholarly journals Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World

2019 ◽  
Vol 4 (4) ◽  
pp. 1008-1017
Author(s):  
Rajeev Singh ◽  
T. P. Sharma
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
5G Networks ◽  
Dos Attack ◽  
Ddos Attack ◽  
Digital World ◽  
Iot Devices ◽  
The Impact ◽  
Day By Day

Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.

Performance Analysis of DDoS Attack on SDN and Proposal of Cracking Agorithm

2020 ◽  
Vol 11 (4) ◽  
pp. 1-12
Author(s):  
Ankur Dumka ◽  
Alaknanda Ashok ◽  
Parag Verma
Keyword(s):  
Performance Analysis ◽  
Software Defined Network ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Ip Addresses ◽  
The Impact

The software-defined network (SDN) emerges as an updated technology that changes the scenario of networking where the network is managed by means of software. Any network is always not secure, and hence, the research in terms of securing this network is an area of research. DDoS is one of the attacks that makes a network insecure. This paper proposes the impact in terms of performance of SDN networks due to DDoS attack and proposes a new algorithm for increasing the performance of network. The proposed algorithm prevents the DDoS attack at the application level of flooding by keeping track of IP addresses and thus improves the performance of the network by preventing from DDoS attacks.

scholarly journals Detection of Adversarial DDoS Attacks Using Generative Adversarial Networks with Dual Discriminators

Symmetry ◽  
2022 ◽  
Vol 14 (1) ◽  
pp. 66
Author(s):  
Chin-Shiuh Shieh ◽  
Thanh-Tuan Nguyen ◽  
Wan-Wei Lin ◽  
Yong-Lin Huang ◽  
Mong-Fong Horng ◽  
...  
Keyword(s):  
Machine Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Training Data ◽  
Generative Adversarial Networks ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Adversarial Networks ◽  
Ddos Detection ◽  
The Impact

DDoS (Distributed Denial of Service) has emerged as a serious and challenging threat to computer networks and information systems’ security and integrity. Before any remedial measures can be implemented, DDoS assaults must first be detected. DDoS attacks can be identified and characterized with satisfactory achievement employing ML (Machine Learning) and DL (Deep Learning). However, new varieties of aggression arise as the technology for DDoS attacks keep evolving. This research explores the impact of a new incarnation of DDoS attack–adversarial DDoS attack. There are established works on ML-based DDoS detection and GAN (Generative Adversarial Network) based adversarial DDoS synthesis. We confirm these findings in our experiments. Experiments in this study involve the extension and application of the GAN, a machine learning framework with symmetric form having two contending neural networks. We synthesize adversarial DDoS attacks utilizing Wasserstein Generative Adversarial Networks featuring Gradient Penalty (GP-WGAN). Experiment results indicate that the synthesized traffic can traverse the detection systems such as k-Nearest Neighbor (KNN), Multi-Layer Perceptron (MLP) and Random Forest (RF) without being identified. This observation is a sobering and pessimistic wake-up call, implying that countermeasures to adversarial DDoS attacks are urgently needed. To this problem, we propose a novel DDoS detection framework featuring GAN with Dual Discriminators (GANDD). The additional discriminator is designed to identify adversary DDoS traffic. The proposed GANDD can be an effective solution to adversarial DDoS attacks, as evidenced by the experimental results. We use adversarial DDoS traffic synthesized by GP-WGAN to train GANDD and validate it alongside three other DL technologies: DNN (Deep Neural Network), LSTM (Long Short-Term Memory) and GAN. GANDD outperformed the other DL models, demonstrating its protection with a TPR of 84.3%. A more sophisticated test was also conducted to examine GANDD’s ability to handle unseen adversarial attacks. GANDD was evaluated with adversarial traffic not generated from its training data. GANDD still proved effective with a TPR around 71.3% compared to 7.4% of LSTM.

Sign in / Sign up

Export Citation Format

Share Document