Denial-of-Service and Botnet Analysis, Detection, and Mitigation

2020 ◽  
pp. 114-151
Author(s):  
Sobana Sikkanan ◽  
Kasthuri M.
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Resources ◽  
Systematic Analysis ◽  
Network Bandwidth ◽  
Research Areas ◽  
History Analysis ◽  
Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

2021 ◽  
pp. 20-48
Author(s):  
Sobana Sikkanan ◽  
Kasthuri M.
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Resources ◽  
Systematic Analysis ◽  
Network Bandwidth ◽  
Research Areas ◽  
History Analysis ◽  
Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

2011 ◽  
Vol 22 (05) ◽  
pp. 1073-1098
Author(s):  
SHLOMI DOLEV ◽  
YUVAL ELOVICI ◽  
ALEX KESSELMAN ◽  
POLINA ZILBERMAN
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Traffic Classification ◽  
Classification Rules ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Worst Case ◽  
Filtering Algorithm ◽  
Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

scholarly journals Denial of Service (DoS) attack identification and analyse using sniffing technique in the network environment

2020 ◽  
Vol 202 ◽  
pp. 15003
Author(s):  
Kagiraneza Alexis Fidele ◽  
Suryono ◽  
Wahyul Amien Syafei
Keyword(s):  
Social Networking ◽  
Denial Of Service ◽  
Web Server ◽  
The Internet ◽  
Traffic Networks ◽  
Network Environment ◽  
Dos Attack ◽  
Dos Attacks ◽  
Massive Number ◽  
Sniffing Technique

Network-based intruders such as (DoS) attacks have become one of the most significant internet interruptions. Some operations that rely on the internet, such as banking transactions, education, trade marketing, and social networking, have become the primary targets. The attacker is trying to surround and making it difficult for the system to defend. The research's objective is to recognize the characteristics and level of DoS attacks. In understanding the behavior of intruders against a target web server, Wireshark was used in all traffic networks—capturing the traffic in a networked environment. In this research, the user identifies the attack levels (TCP SYN, UDP, and HTTP protocol), ranging from low (Q1), medium (Q2), and high (Q4) attacks. The approach is to simulate the TCP, HTTP, and UDP flood attacks and analyze the attacks' effects on the network environment. In this work, normal scenarios and pattern attacks were compared. In this case, the intruder floods unwanted packets to the victim with a massive number of request packets; the SYN from the corresponding SYN-ACK replies are not achieved. This paper will identify the DoS attacks level and analyze the behavior of traffics.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
pp. 115-123
Author(s):  
Budi Jaya ◽  
Y Yuhandri ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons

scholarly journals Output Feedback NCS of DoS Attacks Triggered by Double-Ended Events

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Xinzhi Feng ◽  
Yang Yang ◽  
Xiaozhong Qi ◽  
Chunming Xu ◽  
Ze Ji
Keyword(s):  
Control System ◽  
Denial Of Service ◽  
Network Control ◽  
Control Performance ◽  
Network Control System ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Attacks ◽  
Elastic Event ◽  
Event Triggering

In recent years, the research of the network control system under the event triggering mechanism subjected to network attacks has attracted foreign and domestic scholars’ wide attention. Among all kinds of network attacks, denial-of-service (DoS) attack is considered the most likely to impact the performance of NCS significantly. The existing results on event triggering do not assess the occurrence of DoS attacks and controller changes, which will reduce the control performance of the addressed system. Aiming at the network control system attacked by DoS, this paper combines double-ended elastic event trigger control, DoS attack, and quantitative feedback control to study the stability of NCS with quantitative feedback of DoS attack triggered by a double-ended elastic event. Simulation examples show that this method can meet the requirements of control performance and counteract the known periodic DoS attacks, which save limited resources and improve the system’s antijamming ability.

scholarly journals DOS Attacks on TCP/IP Layers in WSN

2013 ◽  
Vol 1 (2013) ◽  
pp. 40-45
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Networks ◽  
Sensor Network ◽  
Low Cost ◽  
Denial Of Service ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Renewable Energy Resources ◽  
Dos Attack ◽  
Dos Attacks

The emergence of sensor networks as one of the dominant technology trends in the coming decades has posed numerous unique challenges on their security to researchers. These networks are likely to be composed of thousands of tiny sensor nodes, which are low-cost devices equipped with limited memory, processing, radio, and in many cases, without access to renewable energy resources. While the set of challenges in sensor networks are diverse, we focus on security of Wireless Sensor Network in this paper. First, we propose some of the security goal for Wireless Sensor Network. To perform any task in WSN, the goal is to ensure the best possible utilization of sensor resources so that the network could be kept functional as long as possible. In contrast to this crucial objective of sensor network management, a Denial of Service (DoS) attack targets to degrade the efficient use of network resources and disrupts the essential services in the network. DoS attack could be considered as one of th

Event-triggered H∞ control for networked control systems under denial-of-service attacks

2020 ◽  
pp. 014233122096641
Author(s):  
Liruo Zhang ◽  
Sing Kiong Nguang ◽  
Shen Yan
Keyword(s):  
Control Systems ◽  
Networked Control Systems ◽  
Denial Of Service ◽  
Sufficient Conditions ◽  
Networked Control ◽  
Linear Matrix ◽  
Dos Attacks ◽  
Network Resources ◽  
Zigbee Protocol ◽  
Event Triggered

This paper investigates the event-triggered H∞ control for networked control systems under the denial-of-service (DoS) attacks. First, a novel system model is established considering random, time-constraint DoS attacks. Second, an event-triggered scheme including an off-time is proposed to reduce the unnecessary occupation of network resources, with which a prescribed minimum inter-triggering time is guaranteed and Zeno problem is avoided. Third, sufficient conditions for the existence of an event-triggered controller which ensures the exponential stability of the closed-loop system with desired H∞ performance are formulated in linear matrix inequalities (LMIs). Finally, the effectiveness of the proposed method is examined by two illustrative examples, where a real communication network based on the ZigBee protocol is utilized.

A Survey on Denial of Service Attacks and Preclusions

2017 ◽  
Vol 11 (4) ◽  
pp. 1-15 ◽  
Author(s):  
Nagesh K. ◽  
Sumathy R. ◽  
Devakumar P. ◽  
Sathiyamurthy K.
Keyword(s):  
Network Security ◽  
Rapid Growth ◽  
New Technologies ◽  
Defense Mechanism ◽  
Computer Network ◽  
Denial Of Service ◽  
The Internet ◽  
Access To Services ◽  
Dos Attacks

Security is concerned with protecting assets. The aspects of security can be applied to any situation- defense, detection and deterrence. Network security plays important role of protecting information, hardware and software on a computer network. Denial of service (DOS) attacks causes great impacts on the internet world. These attacks attempt to disrupt legitimate user's access to services. By exploiting computer's vulnerabilities, attackers easily consume victim's resources. Many special techniques have been developed to protest against DOS attacks. Some organizations constitute several defense mechanism tools to tackle the security problems. This paper has proposed various types of attacks and solutions associated with each layers of OSI model. These attacks and solutions have different impacts on the different environment. Thus the rapid growth of new technologies may constitute still worse impacts of attacks in the future.

scholarly journals Network Threats Mitigation Using Software-Defined Networking for the 5G Internet of Radio Light System

2019 ◽  
Vol 2019 ◽  
pp. 1-22 ◽  
Author(s):  
Krzysztof Cabaj ◽  
Marcin Gregorczyk ◽  
Wojciech Mazurczyk ◽  
Piotr Nowakowski ◽  
Piotr Żórawski
Keyword(s):  
Communication Networks ◽  
Denial Of Service ◽  
Experimental Results ◽  
The Internet ◽  
5G Networks ◽  
Security Framework ◽  
High Quality ◽  
User Experiences ◽  
Wide Range ◽  
Near Future

Currently 5G communication networks are envisioned to offer in a near future a wide range of high-quality services and unfaltering user experiences. In order to achieve this, several issues including security, privacy, and trust aspects need to be solved so that the 5G networks can be widely welcomed and accepted. Considering above, in this paper, we take a step towards these requirements by proposing a dedicated SDN-based integrated security framework for the Internet of Radio Light (IoRL) system that is following 5G architecture design. In particular, we present how TCP SYN-based scanning activities and DHCP-related network threats like Denial of Service (DoS), traffic eavesdropping, etc. can be detected and mitigated using such an approach. Enclosed experimental results prove that the proposed security framework is effective and efficient and thus can be considered as a promising defensive solution.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
Author(s):  
Budi Jaya ◽  
Yuhandri Yunus ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons.

Sign in / Sign up

Export Citation Format

Share Document