Botnet Threats to E-Commerce Web Applications and Their Detection

2018 ◽  
pp. 48-81 ◽  
Author(s):  
Rizwan Ur Rahman ◽  
Deepak Singh Tomar
Keyword(s):  
Research And Development ◽  
Web Applications ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Application Research ◽  
Identity Fraud ◽  
Security Issues ◽  
Security Challenges ◽  
Different Types

Security issues in e-commerce web applications are still exploratory, and in spite of an increase in e-commerce application research and development, lots of security challenges remain unanswered. Botnets are the most malicious threats to web applications, especially the e-commerce applications. Botnet is a network of BOTs. It executes automated scripts to launch different types of attack on web applications. Botnets are typically controlled by one or more hackers known as Bot masters and are exploited for different types of attacks including Dos (denial of service), DDos (distributed denial of service), phishing, spreading of malware, adware, Spyware, identity fraud, and logic bombs. The aim of this chapter is to scrutinize to what degree botnets can cause a threat to e-commerce security. In the first section, an adequate overview of botnets in the context of e-commerce security is presented in order to provide the reader with an understanding of the background for the remaining sections.

Botnet Threats to E-Commerce Web Applications and Their Detection

2021 ◽  
pp. 104-137
Author(s):  
Rizwan Ur Rahman ◽  
Deepak Singh Tomar
Keyword(s):  
Research And Development ◽  
Web Applications ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Application Research ◽  
Identity Fraud ◽  
Security Issues ◽  
Security Challenges ◽  
Different Types

Security issues in e-commerce web applications are still exploratory, and in spite of an increase in e-commerce application research and development, lots of security challenges remain unanswered. Botnets are the most malicious threats to web applications, especially the e-commerce applications. Botnet is a network of BOTs. It executes automated scripts to launch different types of attack on web applications. Botnets are typically controlled by one or more hackers known as Bot masters and are exploited for different types of attacks including Dos (denial of service), DDos (distributed denial of service), phishing, spreading of malware, adware, Spyware, identity fraud, and logic bombs. The aim of this chapter is to scrutinize to what degree botnets can cause a threat to e-commerce security. In the first section, an adequate overview of botnets in the context of e-commerce security is presented in order to provide the reader with an understanding of the background for the remaining sections.

SDN-Based Secure Architecture for IoT

2020 ◽  
Vol 11 (4) ◽  
pp. 1-16
Author(s):  
Shailendra Mishra
Keyword(s):  
Denial Of Service ◽  
Network Size ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Network Load ◽  
Security Challenges ◽  
Man In The Middle ◽  
Attack Scenario ◽  
Gain Access ◽  
Security Of Iot

Internet of things (IoT) means connecting things through the internet. The growing market for IoT also attracts malicious individuals trying to gain access to the marketplace. Security issues are among the most significant worries in companies that rely on the cloud of things to do business. SDN-based architecture has improved the security of IoT networks. The centralized controller is responsible for managing the critical network's operations, and growing the network size increases the network load in the controller. Controllers in SDN-based architecture are still facing security challenges such as unauthorized access, configuration issues, distributed denial of service (DDoS) attacks, and a man-in-the-middle (MITM) attacks. The attack scenario and security of SDN-based IoT networks are evaluated in this research. The simulation results show that the proposed approach and security solutions are fast and effective in mitigating the attacks.

HULK and DDoS Attacks in Web Applications with Detection Mechanism

2018 ◽  
Vol 6 (6) ◽  
pp. 192
Author(s):  
Amit Sharma
Keyword(s):  
Web Applications ◽  
Denial Of Service ◽  
Single Server ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Detection Mechanism ◽  
Plan Execution ◽  
Social Affair ◽  
Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Potential Security Issues in a Peer-to-Peer Network from a Database Perspective

2011 ◽  
pp. 131-144
Author(s):  
Sridhar Asvathanarayanan
Keyword(s):  
Denial Of Service ◽  
Database Security ◽  
Vital Role ◽  
Peer To Peer ◽  
Peer Networks ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Peer Network ◽  
Peer To Peer Networks ◽  
Peer To Peer Network

Computing strategies have constantly undergone changes, from being completely centralized to client-servers and now to peer-to-peer networks. Databases on peer-to-peer networks offer significant advantages in terms of providing autonomy to data owners, to store and manage the data that they work with and, at the same time, allow access to others. The issue of database security becomes a lot more complicated and the vulnerabilities associated with databases are far more pronounced when considering databases on a peer-to-peer network. Issues associated with database security in a peer-to-peer environment could be due to file sharing, distributed denial of service, and so forth, and trust plays a vital role in ensuring security. The components of trust in terms of authentication, authorization, and encryption offer methods to ensure security.

A Novel Approach to Develop and Deploy Preventive Measures for Different Types of DDoS Attacks

2020 ◽  
Vol 14 (2) ◽  
pp. 1-19
Author(s):  
Khundrakpam Johnson Singh ◽  
Janggunlun Haokip ◽  
Usham Sanjota Chanu
Keyword(s):  
Preventive Measures ◽  
Denial Of Service ◽  
External Environment ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
New Era ◽  
Denial Of Service Attack ◽  
Novel Approach ◽  
Different Types ◽  
Service Attack

In the new era of computers, everyone relies on the internet for basic day-to-day activities to sophisticated and secret tasks. The cyber threats are increasing, not only theft and manipulation of someone's information, but also forcing the victim to deny other requests. A DDoS (Distributed Denial of Service) attack, which is one of the serious issues in today's cyber world needs to be detected and their advance towards the server should be blocked. In the article, the authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC. The IPtables when appropriately selected and implemented can establish a relatively secure barrier for the system and the external environment.

scholarly journals Security-Oriented Network Architecture

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Weiyu Jiang ◽  
Bingyang Liu ◽  
Chuang Wang ◽  
Xue Yang
Keyword(s):  
Network Architecture ◽  
Denial Of Service ◽  
Comprehensive Analysis ◽  
Distributed Denial Of Service ◽  
Arms Races ◽  
Network Attacks ◽  
Security Issues ◽  
Man In The Middle ◽  
Ip Spoofing ◽  
End To End

Internet benefits societies by constantly connecting devices and transmitting data across the world. However, due to the lack of architectural built-in security, the pervasive network attacks faced by the entire information technology are considered to be unending and inevitable. As Internet evolves, security issues are regularly fixed according to a patch-like strategy. Nevertheless, the patch-like strategy generally results in arms races and passive situations, leaving an endless lag in both existing and emerging attacking surface. In this paper, we present NAIS (Network Architecture with Intrinsic Security)—a network architecture towards trustworthiness and security. By solving stubborn security issues like IP spoofing, MITM (man-in-the-middle) attacks, and DDoS (distributed denial of service) attacks at architectural level, NAIS is envisioned to provide the most secure end-to-end communication in the network layer. This paper first presents a comprehensive analysis of network security at Internet range. Then, the system design of NAIS is elaborated with particular design philosophies and four security techniques. Such philosophies and techniques intertwine internally and contribute to a communication environment with authenticity, privacy, accountability, confidentiality, integrity, and availability. Finally, we evaluate the security functionalities on the packet forwarding performance, demonstrating that NAIS can efficiently provide security and trustworthiness in Internet end-to-end communication.

scholarly journals Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽  
2020 ◽  
pp. 899-906
Keyword(s):  
Denial Of Service ◽  
The Other ◽  
High Rate ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Huge Number ◽  
Security Issues ◽  
Ddos Attack ◽  
Legitimate User ◽  
The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

scholarly journals Survey of DoS/DDoS attacks in IoT

2021 ◽  
Vol 3 (1) ◽  
pp. 23-28
Author(s):  
Rozan Khader ◽  
Derar Eleyan
Keyword(s):  
Smart Cities ◽  
Denial Of Service ◽  
Wearable Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Iot Security ◽  
Counter Measures ◽  
Security Issues ◽  
Iot Devices ◽  
Internet Of Thing

The term internet of thing (IoT) has gained much popularity in the last decade. Which can be defined as various connected devices over the internet. IoT has rapidly  spread to include all aspects of our lives. For instance, smart houses, smart cities, and variant wearable devices. IoT devices work to do their desired goals, which is to develop a person life with his/her minimal involvement. At the same time, IoT devices have many weaknesses, which attackers exploit to affect these devices security. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are considered the most common attacks that strike IoT security. The main aim of these attacks is to make victim systems down and inaccessible for legitimate users by malicious malware. This paper objective is to discuss and review security issues related to DoS/DDoS Attacks and their counter measures i.e. prevention based on IoT devices layers structure.

Potential Security Issues in a Peer-to-Peer Network from a Database Perspective

2008 ◽  
pp. 1070-1079
Author(s):  
Sridhar Asvathanarayanan
Keyword(s):  
Denial Of Service ◽  
Database Security ◽  
Vital Role ◽  
Peer To Peer ◽  
Peer Networks ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Peer Network ◽  
Peer To Peer Networks ◽  
Peer To Peer Network

Computing strategies have constantly undergone changes, from being completely centralized to client-servers and now to peer-to-peer networks. Databases on peer-to-peer networks offer significant advantages in terms of providing autonomy to data owners, to store and manage the data that they work with and, at the same time, allow access to others. The issue of database security becomes a lot more complicated and the vulnerabilities associated with databases are far more pronounced when considering databases on a peer-to-peer network. Issues associated with database security in a peer-to-peer environment could be due to file sharing, distributed denial of service, and so forth, and trust plays a vital role in ensuring security. The components of trust in terms of authentication, authorization, and encryption offer methods to ensure security.

Sign in / Sign up

Export Citation Format

Share Document