An SDN-Enabled Architecture for IT/OT Converged Networks: A Proposal and Qualitative Analysis under DDoS Attacks

Real-time business practices require huge amounts of data directly from the production assets. This new thirst for accurate and timely data has forced the convergence of the traditionally business-focused information technology (IT) environment with the production-focused operational technology (OT). Recently, software-defined network (SDN) methodologies have benefitted OT networks with enhanced situational awareness, centralized configuration, deny-by-default forwarding rules, and increased performance. What makes SDNs so innovative is the separation between the control plane and the data plane, centralizing the command in the controllers. However, due to their young age, the use of SDNs in the industry context has not yet matured comprehensive SDN-based architectures for IT/OT networks, which are also resistant to security attacks such as denial-of-service ones, which may occur in SDN-based industrial IoT (IIoT) networks. One main motivation is that the lack of comprehensive SDN-based architectures for IT/OT networks making it difficult to effectively simulate, analyze, and identify proper detection and mitigation strategies for DoS attacks in IT/OT networks. No consolidated security solutions are available that provide DoS detection and mitigation strategies in IT/OT networks. Along this direction, this paper’s contributions are twofold. On the one hand, this paper proposes a convergent IT/OT SDN-based architecture applied in a real implementation of an IT/OT support infrastructure called SIRDAM4.0 within the context of the SBDIOI40 project. On the other hand, this paper proposes a qualitative analysis on how this architecture works under DoS attacks, focusing on what the specific problems and vulnerabilities are. In particular, we simulated several distributed denial-of-service (DDoS) attack scenarios within the context of the proposed architecture to show the minimum effort needed by the attacker to hack the network, and our obtained experimental results show how it is possible to compromise the network, thus considerably worsening the performance and, in general, the functioning of the network. Finally, we conclude our analysis with a brief description on the importance of employing machine learning approaches for attack detection and for mitigation techniques.

Download Full-text

Modeling and Simulation of Low Rate of Denial of Service Attacks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.484-485.1063 ◽

2014 ◽

Vol 484-485 ◽

pp. 1063-1066

Author(s):

Kui Liang Xia

Keyword(s):

High Efficiency ◽

Denial Of Service ◽

Research Work ◽

Attack Detection ◽

Detection Methods ◽

Dos Attacks ◽

Denial Of Service Attack ◽

Service Attack ◽

User Data ◽

Low Rate

The low-rate denial of service attack is more applicable to the network in recent years as a means of attack, which is different from the traditional field type DoS attacks at the network end system or network using adaptive mechanisms exist loopholes flow through the low-rate periodic attacks on the implementation of high-efficiency attacked by an intruder and not be found, resulting in loss of user data or a computer deadlock. LDos attack since there has been extensive attention of researchers, the attack signature analysis and detection methods to prevent network security have become an important research topic. Some have been proposed for the current attacks were classified LDoS describe and model, and then in NS-2 platform for experimental verification, and then LDoS attack detection to prevent difficulties are discussed and summarized for the future such attacks detection method research work to provide a reference.

Download Full-text

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

Security and Communication Networks ◽

10.1155/2019/1574749 ◽

2019 ◽

Vol 2019 ◽

pp. 1-15 ◽

Cited By ~ 6

Author(s):

Francisco Sales de Lima Filho ◽

Frederico A. F. Silveira ◽

Agostinho de Medeiros Brito Junior ◽

Genoveva Vargas-Solar ◽

Luiz F. Silveira

Keyword(s):

Machine Learning ◽

Network Traffic ◽

Service Providers ◽

Detection System ◽

Denial Of Service ◽

Sampling Rate ◽

Attack Detection ◽

Dos Attacks ◽

Internet Service ◽

Benchmark Datasets

Users and Internet service providers (ISPs) are constantly affected by denial-of-service (DoS) attacks. This cyber threat continues to grow even with the development of new protection technologies. Developing mechanisms to detect this threat is a current challenge in network security. This article presents a machine learning- (ML-) based DoS detection system. The proposed approach makes inferences based on signatures previously extracted from samples of network traffic. The experiments were performed using four modern benchmark datasets. The results show an online detection rate (DR) of attacks above 96%, with high precision (PREC) and low false alarm rate (FAR) using a sampling rate (SR) of 20% of network traffic.

Download Full-text

A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression

Proceedings ◽

10.3390/proceedings2020063051 ◽

2020 ◽

Vol 63 (1) ◽

pp. 51

Author(s):

Swathi Sambangi ◽

Lakshmeeswari Gondi

Keyword(s):

Machine Learning ◽

Denial Of Service ◽

Classification Problem ◽

Attack Detection ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

Multiple Sources ◽

Denial Of Service Attack ◽

Network Bandwidth

The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.

Download Full-text

Generative Adversarial Networks Based Cognitive Feedback Analytics System for Integrated Cyber-Physical System and Industrial Iot Networks

10.21203/rs.3.rs-924288/v1 ◽

2021 ◽

Author(s):

Kamal Upreti ◽

Mohammad Haider Syed ◽

Mohammad Shabbir Alam ◽

Adi Alhudhaif ◽

Mohammed Shuaib ◽

...

Keyword(s):

Denial Of Service ◽

Cyber Physical Systems ◽

Generative Adversarial Networks ◽

Dos Attacks ◽

Physical Systems ◽

Adversarial Networks ◽

Industrial Iot ◽

Cognitive Feedback ◽

Feedback Data ◽

Response Feedback

Abstract In the modern era of technologies, the internet grows in the advancement of our day-to-day life like automation devices. The devices to set up industries with integrated cyber-physical systems and industrial IoT applications. Generative adversarial networks (GAN) can generate Cognitive feedback analysis with various data for both generator and discriminator in a supervised model. Neural networks are used for artificial intelligence algorithms, but in adversarial networks, feedback analytics is analyzed with the significance of data. The modern age of intelligent manufacturing will indeed be ushered in by Cyber-Physical Production Systems (CPPS). However, because of the connections between the virtual and physical worlds, CPPS would be subject to cross-domain assaults. Against Denial-of-Service (DoS) threats, this paper concentrates on complex performance feedback management of Cyber-Physical Systems (CPS). To begin, a swapping system modelling approach for the complex response feedback CPS is provided by analyzing the distinct effects of DoS assaults on the sensor-controller (S-C) and controller-to-actuator (C-A) channels, accordingly. Given the difference in bandwidth between the dual channels and the accused's energy cap, it is reasonable to conclude that an offender can only jam a single communication stream at a point and also that the possible number of successive DoS attacks is limited. Second, using a packet-based transfer scheme, a nested switching paradigm is built on the foundation of the switching mechanism, considering both the spatial heterogeneity and the temporal durability of DoS attacks. The probability of discriminator gets analyzed feedback data to check whether actual data or fake data is sampled, and it is generated. Cognitive feedback supports genetic algorithms to sample the feedback data in a system for advanced technologies.

Download Full-text

Decision Tree and Neural Network Based Hybrid Algorithm for Detecting and Preventing Ddos Attacks in VANETS

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e2652.039520 ◽

2020 ◽

Vol 9 (5) ◽

pp. 669-675

Keyword(s):

Neural Network ◽

Decision Tree ◽

Traffic Management ◽

Hybrid Algorithm ◽

Denial Of Service ◽

Attack Detection ◽

Ddos Attacks ◽

Dos Attacks ◽

Ddos Attack ◽

Different Types

The demand of Vehicular Adhoc Networks (VANETs) has been increasing in the area of vehicular and infrastructure communications. It has been felt that there is requirement of sharing of critical information related to safety and traffic management among different types of vehicles in a secure way. To ensure the smooth operation of the network, the availability of network resources is needed. The presence of either malicious vehicles or inaccessibility of network services makes VANET easy target for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as Distributed DoS (DDoS) attack. The DDoS attacks are very dangerous and hard to be addressed in real time. The machine learning based DDoS attack detection algorithms have been proposed and presented by the research community in literature. In this paper, a hybrid algorithm of Decision Tree and Neural Network is presented for detecting and preventing different types of DDoS attacks in VANETs with highly efficient results. The simulation based experiments are carried out in order to evaluate and compare the performance of proposed hybrid algorithm with respect to different performance parameters. Based on experiments results, it has been found that the performance of hybrid algorithm has been increased significantly.

Download Full-text

Denial of Service Resilience of Authentication Systems

IT Policy and Ethics ◽

10.4018/978-1-4666-2919-6.ch021 ◽

2013 ◽

pp. 451-470 ◽

Cited By ~ 1

Author(s):

Valer Bocan ◽

Mihai Fagadar-Cosma

Keyword(s):

Detailed Analysis ◽

Denial Of Service ◽

Attack Detection ◽

Communication Process ◽

Network Services ◽

Dos Attack ◽

Dos Attacks ◽

Authentication System

Cryptographic authentication systems are currently the de facto standard for securing clients access to network services. Although they offer enhanced security for the parties involved in the communication process, they still have a vulnerable point represented by their susceptibility to denial of service (DoS) attacks. The present chapter addresses two important aspects related to the security of authentication systems and their resistance against strong DoS attacks, represented by attack detection and attack prevention. In this respect, we present a detailed analysis of the methods used to evaluate the attack state of an authentication system as well as of the countermeasures that can be deployed to prevent or repel a DoS attack.

Download Full-text

Deep Reinforcement Learning for Building Honeypots against Runtime DOS Attack

10.21203/rs.3.rs-207770/v1 ◽

2021 ◽

Author(s):

Selvakumar Veluchamy ◽

RubaSoundar Kathavarayan

Keyword(s):

Reinforcement Learning ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Dos Attack ◽

Dos Attacks ◽

Server Side ◽

Intelligent Decision Making ◽

Deep Recurrent Neural Network ◽

And Performance

Abstract Honeypot is a network environment used to protect the legitimate network resources from attacks. Honeypot creates an environment that impresses attackers to inject their activities to steal resources. This is a way to detect the attacks by doing attack detection procedures. In this work, Denial of Service (DoS) attacks are effectively detected by proposed honeypot system. Machine Learning (ML) and Deep Learning (DL) methods evolve in many areas to build intelligent decision making systems. This work uses DL approaches and secures event validation procedures for finding predicting DoS attacks. The proposed system called Deep Adaptive Reinforcement Learning for Honeypots (DARLH) is implemented to monitor internal and external DoS attacks. In the honeypot environment, the proposed DARLH system implements DARL based IDS (Intrusion Detection System) agents and Deep Recurrent Neural Network (DRNN) based IDS agents for monitoring multiple runtime DoS attacks. These techniques support for dynamic IDS against DoS attack. In addition, the DARLH creates protected poison distribution and server side supervision system for keeping the monitoring events legitimate. This work is implemented and performance is evaluated. The results are compared with existing systems like GNBH, BCH and RNSG. In this comparison, the proposed system provides 5–10% better results than other systems.

Download Full-text

Denial of Service Resilience of Authentication Systems

Digital Identity and Access Management ◽

10.4018/978-1-61350-498-7.ch011 ◽

2011 ◽

pp. 188-208

Author(s):

Valer Bocan ◽

Mihai Fagadar-Cosma

Keyword(s):

Detailed Analysis ◽

Denial Of Service ◽

Attack Detection ◽

Communication Process ◽

Network Services ◽

Dos Attack ◽

Dos Attacks ◽

Authentication System

Download Full-text

GOF-SLFN- An Intelligent Attack Detection System against Denial of Service (DoS) attacks based on Glow Worm Swarm optimized Single Layer Feed Forward Networks for vehicular Cyber Physical Systems (VCPS)

IOP Conference Series Materials Science and Engineering ◽

10.1088/1757-899x/925/1/012001 ◽

2020 ◽

Vol 925 ◽

pp. 012001

Author(s):

Rama Mercy Sam Sigamani ◽

Padmavathi Ganapathi

Keyword(s):

Detection System ◽

Denial Of Service ◽

Single Layer ◽

Cyber Physical Systems ◽

Attack Detection ◽

Dos Attacks ◽

Feed Forward ◽

Physical Systems

Download Full-text

Cyber DoS attack based security simulator for VANET

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i6.pp5832-5843 ◽

2020 ◽

Vol 10 (6) ◽

pp. 5832

Author(s):

Muntadher Naeem Yasir ◽

Muayad Sadik Croock

Keyword(s):

Cyber Security ◽

Information Exchange ◽

Network Performance ◽

Ad Hoc ◽

High Efficiency ◽

Denial Of Service ◽

Attack Detection ◽

Dos Attack ◽

Dos Attacks ◽

High Importance

At the late years, researches focused on the cyber Denial of Service (DoS) attacks in the Vehicle Ad hoc Networks (VANETS). This is due to high importance of ensuring the save receiving of information in terms of Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I) and Vehicle to Road Side Unit (V2R). In this paper, a cyber-security system is proposed to detect and block the DoS attacks in VANET. In addition, a simulator for VENAT based on lightweight authentication and key exchange is presented to simulate the network performance and attacks. The proposed system consists of three phases: registration, authentication as well as communications and DoS attack detection. These phases improve the system ability to detect the attacks in efficient way. Each phase working is based in a proposed related algorithm under the guidance of lightweight protocol. In order to test the proposed system, a prototype is considered includes six cars and we adopt police cars due to high importance of exchanged information. Different case studies have been considered to evaluate the proposed system and the obtained results show a high efficiency of performance in terms of information exchange and attack detection.

Download Full-text