Blockchain Technology towards the Mitigation of Distributed Denial of Service Attacks

The Distributed Denial of Service attack become one of the most adverse effects among all Cyber-attack due to the high availability of the internet and unprotected internetconnected communication devices. There are many mitigation solutions available to reduce the risk of DDoS attacks, and the researcher represents many techniques to get rid of the DDoS attacks. The main challenge to identify and mitigate the attack is that attack traffic mixes with the legitimate system user traffic so it becomes very important to block the attack traffic because it costs in terms of money and system reputation. Blockchain technology presents the ideology of decentralized distributed database and transaction without the need of any central authority. But utilization of blockchain is not only limited to the financial sector but supply chain, IoT, hospitality sector used blockchain most. The most attractive features of the blockchain like immutability, distributed makes the use of blockchain for mitigation of various Cyber-attacks, and one of them is DDoS Attacks. The solution of DDoS attacks that utilize the blockchain is still in the infancy phase. In this paper, we propose the review or survey of DDoS attacks solutions based on blockchain. And also present the comparative study of Blockchain-based DDoS mitigation solutions for non-IOT domain or system. This paper also gives brief about the features of this interconnection of two emerging domain named DDoS Attacks and Blockchain Technology.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2017070103 ◽

2017 ◽

Vol 7 (3) ◽

pp. 59-75 ◽

Cited By ~ 2

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

Mathematical model on distributed denial of service attack through Internet of things in a network

Nonlinear Engineering ◽

10.1515/nleng-2017-0094 ◽

2019 ◽

Vol 8 (1) ◽

pp. 486-495 ◽

Cited By ~ 3

Author(s):

Bimal Kumar Mishra ◽

Ajit Kumar Keshri ◽

Dheeresh Kumar Mallick ◽

Binay Kumar Mishra

Keyword(s):

Mathematical Model ◽

Internet Of Things ◽

Equilibrium Points ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Different Types ◽

Service Attack ◽

Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch028 ◽

2021 ◽

pp. 541-558

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

Download Full-text

A Novel Approach to Develop and Deploy Preventive Measures for Different Types of DDoS Attacks

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2020040101 ◽

2020 ◽

Vol 14 (2) ◽

pp. 1-19

Author(s):

Khundrakpam Johnson Singh ◽

Janggunlun Haokip ◽

Usham Sanjota Chanu

Keyword(s):

Preventive Measures ◽

Denial Of Service ◽

External Environment ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

New Era ◽

Denial Of Service Attack ◽

Novel Approach ◽

Different Types ◽

Service Attack

In the new era of computers, everyone relies on the internet for basic day-to-day activities to sophisticated and secret tasks. The cyber threats are increasing, not only theft and manipulation of someone's information, but also forcing the victim to deny other requests. A DDoS (Distributed Denial of Service) attack, which is one of the serious issues in today's cyber world needs to be detected and their advance towards the server should be blocked. In the article, the authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC. The IPtables when appropriately selected and implemented can establish a relatively secure barrier for the system and the external environment.

Download Full-text

Optimasi Keamanan Informasi Pendaftaran Event Menggunakan Teknologi Blockchain

Jurnal Ilmiah FIFO ◽

10.22441/fifo.2020.v12i1.007 ◽

2020 ◽

Vol 12 (1) ◽

pp. 74

Author(s):

Iqbal Busthomi ◽

Imam Riadi ◽

Rusydi Umar

Keyword(s):

Web Application ◽

Denial Of Service ◽

Cyber Attacks ◽

Data Consistency ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Registration Data ◽

Event System ◽

Start Up ◽

Cpu Usage

Abstract CV. Nyebar is an IT-based start-up that deals with event data management using a web-based application. The Event system provides account registration services as a Member and Organizer. Members of the Event System must first have an account and log-in to be able to register for the event. The process of registering events so far has not been properly secured. The event registration process will send registrant information, but the information sent has not been secured and validated first, so the Event System is still vulnerable to cyber-attacks including the registration data sniffing attack and Distributed Denial of Service (DDoS) attacks. DDoS attacks are carried out by sending messages and packet requests continuously to the business sector, hosting, social sites originating from bot at one time, resulting in overloaded network servers because of the resources (bandwidth, memory, and CPU usage) they have. the network server is used up. Blockchain which has three techniques/mechanisms including the use of hashes and proof-of-work mechanisms which can be an alternative security for event registration information because it can maintain information security, data consistency, and DDoS attacks.Keyword: Web Application, Distributed Denial of Service (DDoS), BlockchainAbstrak CV. Nyebar merupakan start-up berbasis IT yang bergelut dibidang pengelolaan data event menggunakan sebuah aplikasi berbasis web. Sistem Event menyediakan layanan pendaftaran akun sebagai Member dan Organizer. Member dari Sistem Event harus memiliki akun dan log-in terlebih dahulu untuk mendaftar sebuah event. Proses pendaftaran event sejauh ini belum diamankan dengan baik. Proses pendaftaran event akan mengirimkan informasi pendaftar, namun informasi yang dikirimkan belum diamanakan dan divalidasi terlebih dahulu, sehingga Sistem Event masih rentan akan serangan siber diantaranya adalah serangan sniffing data pendaftaran dan serangan Distributed Denial of Service (DDoS). Serangan DDoS dilakukan dengan mengirimkan pesan dan permintaan paket secara terus menerus kepada sektor bisnis, hosting, situs sosial yang berasal dari bot dalam satu waktu, sehingga mengakibatkan server jaringan menjadi overload karena sumber daya (bandwith, memory, dan CPU usage) yang dimiliki server jaringan habis terpakai. Blockchain yang memiliki dua teknik/mekanisme antara lain adalah penggunaan hash dan mekanisme proof-of-work, yang dapat menjadi alternatif pengamanan informasi pemdaftaran event karena dapat menjaga keamanan informasi, kekonsistenan data, dan serangan dari DDoS.Keyword: Aplikasi Web, Distributed Denial of Service (DDoS), Teknologi Blockchain

Download Full-text

Shield Advanced Mitigation System of Distributed Denial of Service Attack in Integration of Internet of Things and Cloud Computing Environment

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a4841.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 1300-1306

Keyword(s):

Cloud Computing ◽

Internet Of Things ◽

Denial Of Service ◽

Cloud Services ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Ddos Attack ◽

Service Attack ◽

Verification Process

Cloud services among public and business companies have become popular in recent years. For production activities, many companies rely on cloud technology. Distributed Denial of Services (DDoS) attack is an extremely damaging general and critical type of cloud attacks. Several efforts have been made in recent years to identify numerous types of DDoS attacks. This paper discusses the different types of DDoS attacks and their cloud computing consequences. Distributed Denial of Service attack (DDoS) is a malicious attempt to disrupt the normal movement of a targeted server, service or network through influx of internet traffic overwhelming the target or its infrastructure. The use of multiple affected computer systems as a source of attacks makes DDoS attacks effective. Computers and other networked tools, including IoT phones, may be included on exploited machines. A DDoS attack from a high level resembles a traffic jam that is caused by roads that prevents normal travel at their desired destination. So DDoS Attack is a major challenging problem in integrated Cloud and IoT. Hence, this paper proposes Shield Advanced Mitigation System of Distributed Denial of Service Attack in the integration of Internet of Things and Cloud Computing Environment. This secure architecture use two verification process to identify whether user is legitimate or malicious. Dynamic Captcha Testing with Equal Probability test for first verification process, moreover Zigsaw Image Puzzle Test is used for second verification process, and Intrusion Detection Prevention System is used to identify and prevent malicious user, moreover reverse proxy is used to hide server location. These functional components and flow could strengthen security in Client side network to provide cloud services furthermore to overcome distributed denial of service attack in the integration of Internet of Things and Cloud Environment.

Download Full-text

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

Journal of Sensors ◽

10.1155/2016/5017248 ◽

2016 ◽

Vol 2016 ◽

pp. 1-13 ◽

Cited By ~ 8

Author(s):

Katarzyna Mazur ◽

Bogdan Ksiezopolski ◽

Radoslaw Nielek

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Denial Of Service ◽

Monitoring Network ◽

Wireless Sensor ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Ddos Attack ◽

Service Attack

The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

Download Full-text

A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression

Proceedings ◽

10.3390/proceedings2020063051 ◽

2020 ◽

Vol 63 (1) ◽

pp. 51

Author(s):

Swathi Sambangi ◽

Lakshmeeswari Gondi

Keyword(s):

Machine Learning ◽

Denial Of Service ◽

Classification Problem ◽

Attack Detection ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

Multiple Sources ◽

Denial Of Service Attack ◽

Network Bandwidth

The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.

Download Full-text

An New Efficient Cluster Based Detection Mechanisms for Distributed Denial of Services (DDoS) Attacks

International Journal of Mathematics and Computers in Simulation ◽

10.46300/9102.2021.15.27 ◽

2021 ◽

Vol 15 ◽

pp. 147-152

Author(s):

K. Saravanan ◽

R. Asokan

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Host System ◽

Denial Of Service Attack ◽

Cluster Aggregation ◽

The Core ◽

Service Attack ◽

Detection Mechanisms ◽

Statistical Anomaly Detection

Cluster aggregation of statistical anomaly detection is a mechanism for defending against denial of service attack (dos) and distributed denial-of-service (DDoS) attacks. DDoS attacks are treated as a congestioncontrol problem; because most of the congestion is occurred in the malicious hosts not follow the normal endto- end congestion control. Upstream routers are also notified to drop such packets in order that the router’s resources are used to route legitimate traffic hence term cluster aggregation. If the victim suspects that the cluster aggregations are solved by most of the clients, it increases the complexity of the cluster aggregation. This aggregation solving technique allows the traversal of the attack traffic throughout the intermediate routers before reaching the destination. In this proposal, the aggregation solving mechanism is cluster aggregation to the core routers rather than having at the victim. The router based cluster aggregation mechanism checks the host system whether it is legitimate or not by providing a aggregation to be solved by the suspected host.

Download Full-text

Optimal software-defined network topology for distributed denial of service attack mitigation

Bulletin of Electrical Engineering and Informatics ◽

10.11591/eei.v9i6.2581 ◽

2020 ◽

Vol 9 (6) ◽

pp. 2588-2594

Author(s):

Branislav Mladenov ◽

Georgi Iliev

Keyword(s):

Network Topology ◽

Network Architecture ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Optimal Network ◽

Service Attack ◽

Network Topologies ◽

Sdn Controller

Distributed denial of service (DDoS) attacks are a major threat to all internet services. The main goal is to disrupt normal traffic and overwhelms the target. Software-defined networking (SDN) is a new type of network architecture where control and data plane are separated. A successful attack may block the SDN controller which may stop processing the new request and will lead to a total disruption of the whole network. The main goal of this paper is to find the optimal network topology and size which can handle Distributed denial of service attack without management channel bandwidth exhaustion or run out of SDN controller CPU and memory. Through simulations, it is shown that mesh topologies with more connections between switches are more resistant to DDoS attacks than liner type network topologies.

Download Full-text