Multi-Aspect DDOS Detection System for Securing Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

Download Full-text

Performance Analysis of an Effective Approach to Protect Cloud Systems against Application Layer Based Attacks

International Journal of Online and Biomedical Engineering (iJOE) ◽

10.3991/ijoe.v15i03.9931 ◽

2019 ◽

Vol 15 (03) ◽

pp. 82

Author(s):

Hosam F. El-Sofany ◽

Samir Abou El-Seoud

Keyword(s):

Cloud Computing ◽

Web Applications ◽

Complexity Analysis ◽

Denial Of Service ◽

Ddos Attacks ◽

Application Layer ◽

Analysis Model ◽

New Paradigm ◽

Dos Attacks ◽

Web Based

Cloud computing is a new paradigm for hosting hardware and software resources and provides a web-based services to organizations and consumers. It also provides an easy to use and on-demand access to cloud based computing resources that can be published by easy, minimal administration and with a great efficiency. Services of cloud computing are accessing and sharing through internet connection thus it is open for attacker to attack on its security. Application layer based attacks is one of Distributed Denial of Service attacks (DDoS) that can cause a big problem in cloud security. The main objective of DDoS attacks is to infect computer resources (e.g., software applications, network, CPU, etc.) and make them not working properly for the authorized users. In DDoS, the attacker tries to overload the web-based service with traffic. HTTP and XML-based DDoS attacks are founded under the application layer based category of DoS attacks. This category of attack is focused on particular web applications. The main objective of this research paper is to introduce an effective approach to protect cloud-based systems against application layer based attacks. Complexity analysis, effectiveness and performance evaluations of the presented approach are presented. The feedbacks of the experimental results were highly promising, for protecting cloud computing systems against both DoS and DDoS attacks. Correlation analysis model is also used to validate the efficiency of the proposed approach.

Download Full-text

Hybrid Intrusion Detection System for DDoS Attacks

Journal of Electrical and Computer Engineering ◽

10.1155/2016/1075648 ◽

2016 ◽

Vol 2016 ◽

pp. 1-8 ◽

Cited By ~ 17

Author(s):

Özge Cepheli ◽

Saliha Büyükçorak ◽

Güneş Karabulut Kurt

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Detection Methods ◽

Detection Accuracy ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Hybrid Detection ◽

Security Problem

Distributed denial-of-service (DDoS) attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS), for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

Download Full-text

Towards Effective Detection of Recent DDoS Attacks: A Deep Learning Approach

Security and Communication Networks ◽

10.1155/2021/5710028 ◽

2021 ◽

Vol 2021 ◽

pp. 1-14

Author(s):

Ivandro Ortet Lopes ◽

Deqing Zou ◽

Francis A Ruambo ◽

Saeed Akbar ◽

Bin Yuan

Keyword(s):

Deep Learning ◽

Intrusion Detection System ◽

State Of The Art ◽

Detection System ◽

Denial Of Service ◽

Model Performance ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Validation Metrics ◽

High Processing

Distributed Denial of Service (DDoS) is a predominant threat to the availability of online services due to their size and frequency. However, developing an effective security mechanism to protect a network from this threat is a big challenge because DDoS uses various attack approaches coupled with several possible combinations. Furthermore, most of the existing deep learning- (DL-) based models pose a high processing overhead or may not perform well to detect the recently reported DDoS attacks as these models use outdated datasets for training and evaluation. To address the issues mentioned earlier, we propose CyDDoS, an integrated intrusion detection system (IDS) framework, which combines an ensemble of feature engineering algorithms with the deep neural network. The ensemble feature selection is based on five machine learning classifiers used to identify and extract the most relevant features used by the predictive model. This approach improves the model performance by processing only a subset of relevant features while reducing the computation requirement. We evaluate the model performance based on CICDDoS2019, a modern and realistic dataset consisting of normal and DDoS attack traffic. The evaluation considers different validation metrics such as accuracy, precision, F1-Score, and recall to argue the effectiveness of the proposed framework against state-of-the-art IDSs.

Download Full-text

Intrusion Detection System for AES Encripted Low-Power IoT Networks

10.14210/cotb.v12.p392-399 ◽

2021 ◽

Author(s):

Eduardo De Oliveira Burger Monteiro Luiz ◽

Alessandro Copetti ◽

Luciano Bertini ◽

Juliano Fontoura Kazienko

Keyword(s):

Low Power ◽

Detection System ◽

Denial Of Service ◽

Security Requirements ◽

Power Devices ◽

Dos Attacks ◽

Reflection Attack ◽

Ipv6 Protocol ◽

Iot Devices ◽

High Level

The introduction of the IPv6 protocol solved the problem of providingaddresses to network devices. With the emergence of the Internetof Things (IoT), there was also the need to develop a protocolthat would assist in connecting low-power devices. The 6LoWPANprotocols were created for this purpose. However, such protocolsinherited the vulnerabilities and threats related to Denial of Service(DoS) attacks from the IPv4 and IPv6 protocols. In this paper, weprepare a network environment for low-power IoT devices usingCOOJA simulator and Contiki operating system to analyze theenergy consumption of devices. Besides, we propose an IntrusionDetection System (IDS) associated with the AES symmetric encryptionalgorithm for the detection of reflection DoS attacks. Thesymmetric encryption has proven to be an appropriate methoddue to low implementation overhead, not incurring in large powerconsumption, and keeping a high level of system security. The maincontributions of this paper are: (i) implementation of a reflectionattack algorithm for IoT devices; (ii) implementation of an intrusiondetection system using AES encryption; (iii) comparison ofthe power consumption in three distinct scenarios: normal messageexchange, the occurrence of a reflection attack, and runningIDS algorithm. Finally, the results presented show that the IDSwith symmetric cryptography meets the security requirements andrespects the energy limits of low-power sensors.

Download Full-text

SOFT COMPUTING BASED AUTONOMOUS LOW RATE DDOS ATTACK DETECTION AND SECURITY FOR CLOUD COMPUTING

Journal of Soft Computing Paradigm - September 2019 ◽

10.36548/jscp.2019.2.003 ◽

2019 ◽

Vol 2019 (2) ◽

pp. 80-90 ◽

Cited By ~ 4

Author(s):

Mugunthan S. R.

Keyword(s):

Cloud Computing ◽

Soft Computing ◽

High Speed ◽

Denial Of Service ◽

Attack Detection ◽

Ddos Attacks ◽

Counter Measures ◽

Cloud Architecture ◽

Ddos Attack Detection ◽

Low Rate

The fundamental advantage of the cloud environment is its instant scalability in rendering the service according to the various demands. The recent technological growth in the cloud computing makes it accessible to people from everywhere at any time. Multitudes of user utilizes the cloud platform for their various needs and store their complete details that are personnel as well as confidential in the cloud architecture. The storage of the confidential information makes the cloud architecture attractive to its hackers, who aim in misusing the confidential/secret information’s. The misuse of the services and the resources of the cloud architecture has become a common issue in the day to day usage due to the DDOS (distributed denial of service) attacks. The DDOS attacks are highly mature and continue to grow at a high speed making the detecting and the counter measures a challenging task. So the paper uses the soft computing based autonomous detection for the Low rate-DDOS attacks in the cloud architecture. The proposed method utilizes the hidden Markov Model for observing the flow in the network and the Random forest in classifying the detected attacks from the normal flow. The proffered method is evaluated to measure the performance improvement attained in terms of the Recall, Precision, specificity, accuracy and F-measure.

Download Full-text

Visualization Technique for Intrusion Detection

Security and Privacy Management, Techniques, and Protocols - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5583-4.ch011 ◽

2018 ◽

pp. 276-290

Author(s):

Mohamed Cheikh ◽

Salima Hacini ◽

Zizette Boufaida

Keyword(s):

Intrusion Detection ◽

Computer Security ◽

Detection System ◽

Denial Of Service ◽

High Rate ◽

False Alarms ◽

Dos Attacks ◽

Network Parameter ◽

A New Technique ◽

Parameter Values

Intrusion detection system (IDS) plays a vital and crucial role in a computer security. However, they suffer from a number of problems such as low detection of DoS (denial-of-service)/DDoS (distributed denial-of-service) attacks with a high rate of false alarms. In this chapter, a new technique for detecting DoS attacks is proposed; it detects DOS attacks using a set of classifiers and visualizes them in real time. This technique is based on the collection of network parameter values (data packets), which are automatically represented by simple geometric graphs in order to highlight relevant elements. Two implementations for this technique are performed. The first is based on the Euclidian distance while the second is based on KNN algorithm. The effectiveness of the proposed technique has been proven through a simulation of network traffic drawn from the 10% KDD and a comparison with other classification techniques for intrusion detection.

Download Full-text

Practical Measures for Securing Government Networks

Handbook of Research on Public Information Technology ◽

10.4018/978-1-59904-857-4.ch037 ◽

2008 ◽

pp. 386-394

Author(s):

Stephen K. Aikins

Keyword(s):

Information Security ◽

Denial Of Service ◽

Cost Effective ◽

Internet Security ◽

The State ◽

Sensitive Information ◽

Dos Attacks ◽

Security Vulnerabilities ◽

Internal Resources ◽

State And Local

The modern network and Internet security vulnerabilities expose state and local government networks to numerous threats such as denial of service (DoS) attacks, computer viruses, unauthorized access, confidentiality breaches, and so forth. For example, in June 2005, the state of Delaware saw a spike of 141,000 instances of “suspicious activity” due to a variant of the mytopb worm, which could have brought the state’s network to its knees had appropriate steps not been taken (Jarrett, 2005; National Association of State Chief Information Officers [NASCIO], 2006b). On an average day, the state of Michigan blocks 22,059 spam e-mails, 21,702 e-mail viruses, 4,239 Web defacements, and six remote computer takeover attempts. Delaware fends off nearly 3,000 attempts at entering the state’s network daily (NASCIO, 2006b). Governments have the obligation to manage their information security risks by securing mission- critical internal resources such as financial records and taxpayer sensitive information on their networks. Consequently, public-sector information security officers are faced with the challenge to contain damage from compromised systems, prevent internally and Internet-launched attacks, provide systems for logging and intrusion detection, and build frameworks for administrators to securely manage government networks (Oxlenhandler, 2003). This chapter discusses some of the cost-effective measures needed to address government agency information security vulnerabilities and related threats.

Download Full-text

DOS Attacks on Cloud Platform

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch025 ◽

2021 ◽

pp. 476-490

Author(s):

Rohit Kumar

Keyword(s):

Financial Services ◽

Denial Of Service ◽

Dos Attacks ◽

Security Issue ◽

Denial Of Service Attack ◽

Service Attack ◽

Utmost Care ◽

Cloud Network ◽

Financial Losses ◽

Very High

IaaS, PaaS, and SaaS models collectively form the Cloud Computing Infrastructure. The complexity of interrelationship of service models is very high and so security issue becomes essentials and must be developed with utmost care. Distributed DOS attacks are a major concern for different organization engaged in using cloud based services. The denial of service attack and distributed denial of service attacks in particular in cloud paradigms are big threat on a cloud network or platform. These attacks operate by rendering the server and network useless by sending unnecessary service and resource requests. The victims host or network isn't aware of such attacks and keeps providing recourses until they get exhausted. Due to resource exhaustions, the resources requests of genuine users doesn't get fulfilled. Severity of these attacks can lead to huge financial losses if, they are able to bring down servers executing financial services. This chapter presents DOS threats and methods to mitigate them in varied dimensions.

Download Full-text

Mitigate DoS and DDoS Attack in Mobile Ad Hoc Networks

International Journal of Digital Crime and Forensics ◽

10.4018/jdcf.2011010102 ◽

2011 ◽

Vol 3 (1) ◽

pp. 14-36 ◽

Cited By ~ 7

Author(s):

Antonis Michalas ◽

Nikos Komninos ◽

Neeli R. Prasad

Keyword(s):

Game Theory ◽

Ad Hoc Networks ◽

Ad Hoc Network ◽

Ad Hoc ◽

Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

Mobile Ad Hoc ◽

Hoc Networks ◽

Cryptographic Puzzles

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

Download Full-text