DESIGNING A SECURE NETWORK SOLUTION AGAINST DHCP ATTACKS

DHCP is an important aspect in small and large networks, since it facilitates the IP configuration of computers. However, DHCP is vulnerable to different attacks; therefore, the essential objective of this paper is to propose solutions against DHCP attacks. The paper gives an explanation about how DHCP works and understand the handshake mechanism and give a brief summary about DHCP attack, how they occur and how they affect the security of the enterprise since a leakage of sensitive Information could happen, which threatens the enterprise's security or a denial of service that immobilizes the network. Three effective countermeasures are looked up and tested against DHCP attacks, and each one successfully prevented the attack.

Download Full-text

Automated Security Assessment Framework for Wearable BLE-enabled Health Monitoring Devices

ACM Transactions on Internet Technology ◽

10.1145/3448649 ◽

2022 ◽

Vol 22 (1) ◽

pp. 1-31

Author(s):

Ghazale Amel Zendehdel ◽

Ratinder Kaur ◽

Inderpreet Chopra ◽

Natalia Stakhanova ◽

Erik Scheme

Keyword(s):

Health Monitoring ◽

Denial Of Service ◽

Security And Privacy ◽

Clinical Settings ◽

Security Assessment ◽

Embedded Devices ◽

Data Manipulation ◽

Speed To Market ◽

Secure Network ◽

Monitoring Devices

The growth of IoT technology, increasing prevalence of embedded devices, and advancements in biomedical technology have led to the emergence of numerous wearable health monitoring devices (WHMDs) in clinical settings and in the community. The majority of these devices are Bluetooth Low Energy (BLE) enabled. Though the advantages offered by BLE-enabled WHMDs in tracking, diagnosing, and intervening with patients are substantial, the risk of cyberattacks on these devices is likely to increase with device complexity and new communication protocols. Furthermore, vendors face risk and financial tradeoffs between speed to market and ensuring device security in all situations. Previous research has explored the security and privacy of such devices by manually testing popular BLE-enabled WHMDs in the market and generally discussed categories of possible attacks, while mostly focused on IP devices. In this work, we propose a new semi-automated framework that can be used to identify and discover both known and unknown vulnerabilities in WHMDs. To demonstrate its implementation, we validate it with a number of commercially available BLE-enabled enabled wearable devices. Our results show that the devices are vulnerable to a number of attacks, including eavesdropping, data manipulation, and denial of service attacks. The proposed framework could therefore be used to evaluate potential devices before adoption into a secure network or, ideally, during the design and implementation of new devices.

Download Full-text

Practical Measures for Securing Government Networks

Handbook of Research on Public Information Technology ◽

10.4018/978-1-59904-857-4.ch037 ◽

2008 ◽

pp. 386-394

Author(s):

Stephen K. Aikins

Keyword(s):

Information Security ◽

Denial Of Service ◽

Cost Effective ◽

Internet Security ◽

The State ◽

Sensitive Information ◽

Dos Attacks ◽

Security Vulnerabilities ◽

Internal Resources ◽

State And Local

The modern network and Internet security vulnerabilities expose state and local government networks to numerous threats such as denial of service (DoS) attacks, computer viruses, unauthorized access, confidentiality breaches, and so forth. For example, in June 2005, the state of Delaware saw a spike of 141,000 instances of “suspicious activity” due to a variant of the mytopb worm, which could have brought the state’s network to its knees had appropriate steps not been taken (Jarrett, 2005; National Association of State Chief Information Officers [NASCIO], 2006b). On an average day, the state of Michigan blocks 22,059 spam e-mails, 21,702 e-mail viruses, 4,239 Web defacements, and six remote computer takeover attempts. Delaware fends off nearly 3,000 attempts at entering the state’s network daily (NASCIO, 2006b). Governments have the obligation to manage their information security risks by securing mission- critical internal resources such as financial records and taxpayer sensitive information on their networks. Consequently, public-sector information security officers are faced with the challenge to contain damage from compromised systems, prevent internally and Internet-launched attacks, provide systems for logging and intrusion detection, and build frameworks for administrators to securely manage government networks (Oxlenhandler, 2003). This chapter discusses some of the cost-effective measures needed to address government agency information security vulnerabilities and related threats.

Download Full-text

Deep Learning based Ensemble Convolutional Neural Network Solution for Distributed Denial of Service Detection in SDNs

2019 UK/ China Emerging Technologies (UCET) ◽

10.1109/ucet.2019.8881856 ◽

2019 ◽

Cited By ~ 2

Author(s):

Shahzeb Haider ◽

Adnan Akhunzada ◽

Ghufran Ahmed ◽

Mohsin Raza

Keyword(s):

Neural Network ◽

Deep Learning ◽

Convolutional Neural Network ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Network Solution

Download Full-text

Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

10.21203/rs.3.rs-997888/v1 ◽

2021 ◽

Author(s):

Kathiroli Raja ◽

Krithika Karthikeyan ◽

Abilash B ◽

Kapal Dev ◽

Gunasekaran Raja

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Production Management ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Sensitive Information ◽

Smart Meters ◽

Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified, 1 stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

Download Full-text

XSS MBot: Mobile Botnet for Stealthy DDoS Attacks

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i8669.078919 ◽

2019 ◽

Vol 8 (9) ◽

pp. 2832-2836

Keyword(s):

Mobile Devices ◽

Mobile Device ◽

Denial Of Service ◽

Denial Of Service Attacks ◽

Sensitive Information ◽

Ddos Attacks ◽

Mobile Botnet ◽

Mobile Malware ◽

Cross Site

Mobile devices are overgrowing; nowadays people are using mobile devices for different activities. Over the years malware attacks on mobile devices are increasing, the primary intention of the attacker is to steal sensitive information and turn the infected mobile device into a member of the botnet. We studied differences between traditional botnets and mobile botnets, also analyzed different mobile botnet attacks. Mobile malware applications spread through Cross-site Scripting vulnerabilities in trusted websites. Developed a mobile malware which can perform Denial-of-service attacks and used this malware to test and review mobile botnet attacks. We also studied solutions to prevent these mobile botnet attacks.

Download Full-text

A Survey of Botnet-Based DDoS Flooding Attacks of Application Layer

Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-0105-3.ch003 ◽

2016 ◽

pp. 52-79 ◽

Cited By ~ 8

Author(s):

Esraa Alomari ◽

Selvakumar Manickam ◽

B. B. Gupta ◽

Mohammed Anbar ◽

Redhwan M. A. Saad ◽

...

Keyword(s):

Denial Of Service ◽

Internet Security ◽

Sensitive Information ◽

Distributed Denial Of Service ◽

Cyber Attack ◽

Open Problems ◽

Ddos Attack ◽

Flooding Attacks ◽

Cyber Espionage ◽

Detection Mechanisms

A Botnet can be used to launch a cyber-attack, such as a Distributed Denial of Service (DDoS) attack, against a target or to conduct a cyber-espionage campaign to steal sensitive information. This survey analyzes and compares the most important efforts carried out in an application-based detection area and this survey extended to cover the mitigation approaches for the Botnet-based DDoS flooding attacks. It accomplishes four tasks: first, an extensive illustration on Internet Security; second, an extensive comparison between representative detection mechanisms; third, the comparison between the mitigation mechanisms against Botnet-based DDoS flooding and fourth, the description of the most important problems and highlights in the area. We conclude that the area has achieved great advances so far, but there are still many open problems.

Download Full-text

A PROACTIVE APPROACH TO NETWORK FORENSICS INTRUSION (DENIAL OF SERVICE FLOOD ATTACK) USING DYNAMIC FEATURES, SELECTION AND CONVOLUTION NEURAL NETWORK

Open Journal of Physical Science (ISSN: 2734-2123) ◽

10.52417/ojps.v2i2.237 ◽

2021 ◽

Vol 2 (2) ◽

pp. 01-09

Author(s):

G. George ◽

C. Uppin

Keyword(s):

Computer Networks ◽

Denial Of Service ◽

The United States ◽

Sensitive Information ◽

Features Selection ◽

Dynamic Features ◽

Network Forensics ◽

Proactive Approach ◽

Highly Sensitive ◽

Use Of Internet

Currently, the use of internet-connected applications for storage by different organizations have rapidly increased with the vast need to store data, cybercrimes are also increasing and have affected large organizations and countries as a whole with highly sensitive information, countries like the United States of America, United Kingdom and Nigeria. Organizations generate a lot of information with the help of digitalization, these highly classified information are now stored in databases via the use of computer networks. Thus, allowing for attacks by cybercriminals and state-sponsored agents. Therefore, these organizations and countries spend more resources analyzing cybercrimes instead of preventing and detecting cybercrimes. The use of network forensics plays an important role in investigating cybercrimes; this is because most cybercrimes are committed via computer networks. This paper proposes a new approach to analyzing digital evidence in Nigeria using a proactive method of forensics with the help of deep learning algorithms - Convolutional Neural Networks (CNN) to proactively classify malicious packets from genuine packets and log them as they occur.

Download Full-text

Enhanced Health-Care Protection Using Advanced Encryption Standard and Diffie Hellman Key Exchange Algorithm

International Journal of Advanced Trends in Computer Science and Engineering ◽

10.30534/ijatcse/2021/331022021 ◽

2021 ◽

Vol 10 (2) ◽

pp. 692-696

Keyword(s):

Denial Of Service ◽

Modern Technology ◽

Vital Role ◽

Modern World ◽

Sensitive Information ◽

Efficient Manner ◽

Diffie Hellman ◽

Patient’S Information ◽

Diffie Hellman Key Exchange ◽

The Given

In the modern world as technology develops, it is very crucial to secure, share and store the data. Especially, when it deals with medical data it is very important to secure that sensitive information. Sensitive information might be the pulse, temperature, or any disease-related symptoms. Such factors must not be shared unless or until with the users’ permission. When any services or any user overcome the given act then the victim will be addressed in the court of law for the denial of service. Such activities must not be welcomed as in the world of modern technology; it is easy to secure the data as well as to share the data. Hence, it is significant to overcome privacy issues and security attacks. The co-factors associated with transmitting and securing data involves bandwidth and energy. Bandwidth and energy play a vital role during the transmission of data. Hence in this paper, we introduce a novel system of creating a portal for the patients who can enroll with their medical details and fix appointments with the doctor and get the prescription. First, the Nth Degree Truncated Polynomial Ring Unit (NTRU) method is used to encrypt the data collected where the private chats among the patient can be secured. Those data will be transmitted to the nearby cloud-let in an energy-efficient manner. Secondly, patients can communicate with other patients about their diseases where the disease based group can be created to share the information. Thirdly, patient’s information is divided into tables and stored in the cloud for proper protection. As group chats and personal chats are involved, security is a must during communication and as an additional feature, the data are collected in a buffer format in the mobile, which paves way for reducing the bandwidth and energy consumption.

Download Full-text

A Review on Various Sniffing Attacks and its Mitigation Techniques

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v12.i3.pp1117-1125 ◽

2018 ◽

Vol 12 (3) ◽

pp. 1117

Author(s):

B. Prabadevi ◽

N. Jeyanthi

Keyword(s):

Denial Of Service ◽

Vital Role ◽

Sensitive Information ◽

Security Threats ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Man In The Middle ◽

Mitigation Techniques ◽

Detection Mechanisms

<p>Security in the era of digital computing plays a vital role. Of various attacks in the field of computing, Distributed Denial of service (DDoS) attacks, Man-in-the-Middle Attack (MITM) and data theft have their major impact on the emerging applications. The sniffing attacks, one of the most prominent reasons for DDoS attacks, are the major security threats in the client-server computing. The content or packet sniffer snorts the most sensitive information from the network and alters or disturbs the legitimate functionality of the victim system. Therefore it is extremely important to have a greater knowledge on these vulnerabilities, their issues, and various mitigation techniques. This study analyses the existing sniffing attacks, variations of sniffing attacks and prevention or detection mechanisms. The reasons for most vital Ransomware are also discussed.</p>

Download Full-text

Secure Network-on-Chip Against Black Hole and Tampering Attacks

10.18122/td/1687/boisestate ◽

2020 ◽

Author(s):

Luka Daoud

Keyword(s):

Black Hole ◽

Energy Consumption ◽

Information Gain ◽

Semiconductor Industry ◽

Denial Of Service ◽

Network On Chip ◽

Sensitive Information ◽

Threat Model ◽

Area Overhead ◽

On Chip

The Network-on-Chip (NoC) has become the communication heart of Multiprocessors-System-on-Chip (MPSoC). Therefore, it has been subject to a plethora of security threats to degrade the system performance or steal sensitive information. Due to the globalization of the modern semiconductor industry, many different parties take part in the hardware design of the system. As a result, the NoC could be infected with a malicious circuit, known as a Hardware Trojan (HT), to leave a back door for security breach purposes. HTs are smartly designed to be too small to be uncovered by offline circuit-level testing, so the system requires an online monitoring to detect and prevent the HT in runtime. This dissertation focuses on HTs inside the router of a NoC designed by a third party. It explores two HT-based threat models for the MPSoC, where the NoC experiences packet-loss and packet-tampering once the HT in the infected router is activated and is in the attacking state. Extensive experiments for each proposed architecture were conducted using a cycle-accurate simulator to demonstrate its effectiveness on the performance of the NoC-based system. The first threat model is the Black Hole Router (BHR) attack, where it silently discards the packets that are passing through without further announcement. The effect of the BHR is presented and analyzed to show the potency of the attack on a NoC-based system. A countermeasure protocol is proposed to detect the BHR at runtime and counteract the deliberate packet-dropping attack with a 26.9% area overhead, an average 21.31% performance overhead and a 22% energy consumption overhead. The protocol is extended to provide an efficient and power-gated scheme to enhance the NoC throughput and reduce the energy consumption by using end-to-end (e2e) approach. The power-gated e2e technique locates the BHR and avoids it with a 1% performance overhead and a 2% energy consumption overhead. The second threat model is a packet-integrity attack, where the HT tampers with the packet to apply a denial-of-service attack, steal sensitive information, gain unauthorized access, or misroute the packet to an unintended node. An authentic and secure NoC platform is proposed to detect and countermeasure the packet-tampering attack to maintain data-integrity and authenticity while keeping its secrecy with a 24.21% area overhead. The proposed NoC architecture is not only able to detect the attack, but also locates the infected router and isolates it from the network.

Download Full-text