Distributed Denial of Service Attacks in Networks

2009 ◽  
pp. 85-97
Author(s):  
Udaya Kiran Tupakula
Keyword(s):  
Best Practices ◽  
Denial Of Service ◽  
The Internet ◽  
Denial Of Service Attacks ◽  
Ideal Solution ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Research Directions ◽  
The Ideal

In this chapter we discuss Distributed Denial of Service (DDoS) attacks in networks such as the Internet, which have become significantly prevalent over the recent years. We explain how DDoS attacks are performed and consider the ideal solution characteristics for defending against the DDoS attacks in the Internet. Then we present different research directions and thoroughly analyse some of the important techniques that have been recently proposed. Our analysis confirms that none of the proposed techniques can efficiently and completely counteract the DDoS attacks. Furthermore, as networks become more complex, they become even more vulnerable to DoS attacks when some of the proposed techniques are deployed in the Internet. The gap between the tools that can generate DDoS attacks and the tools that can detect or prevent DDoS attacks continues to increase. Finally, we briefly outline some best practices that the users are urged to follow to minimise the DoS attacks in the Internet.

scholarly journals AntibIoTic: Protecting IoT Devices Against DDoS Attacks

2017 ◽  
Author(s):  
Michele De Donno ◽  
Nicola Dragoni ◽  
Alberto Giaretta ◽  
Manuel Mazzara
Keyword(s):  
Denial Of Service ◽  
Main Idea ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
The World ◽  
Iot Devices

The 2016 is remembered as the year that showed to the world how dangerous distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DoS attacks perpetrated through IoT devices.

Data Mining Techniques for Distributed Denial of Service Attacks Detection in the Internet of Things

2016 ◽  
pp. 275-334 ◽  
Author(s):  
Pheeha Machaka ◽  
Fulufhelo Nelwamondo
Keyword(s):  
Data Mining ◽  
Internet Of Things ◽  
Denial Of Service ◽  
Current Data ◽  
The Internet ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Data Mining Techniques ◽  
The Internet Of Things

This chapter reviews the evolution of the traditional internet into the Internet of Things (IoT). The characteristics and application of the IoT are also reviewed, together with its security concerns in terms of distributed denial of service attacks. The chapter further investigates the state-of-the-art in data mining techniques for Distributed Denial of Service (DDoS) attacks targeting the various infrastructures. The chapter explores the characteristics and pervasiveness of DDoS attacks. It also explores the motives, mechanisms and techniques used to execute a DDoS attack. The chapter further investigates the current data mining techniques that are used to combat and detect these attacks, their advantages and disadvantages are explored. Future direction of the research is also provided.

Data Mining Techniques for Distributed Denial of Service Attacks Detection in the Internet of Things

2020 ◽  
pp. 561-608
Author(s):  
Pheeha Machaka ◽  
Fulufhelo Nelwamondo
Keyword(s):  
Data Mining ◽  
Internet Of Things ◽  
Denial Of Service ◽  
Current Data ◽  
The Internet ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Data Mining Techniques ◽  
The Internet Of Things

This chapter reviews the evolution of the traditional internet into the Internet of Things (IoT). The characteristics and application of the IoT are also reviewed, together with its security concerns in terms of distributed denial of service attacks. The chapter further investigates the state-of-the-art in data mining techniques for Distributed Denial of Service (DDoS) attacks targeting the various infrastructures. The chapter explores the characteristics and pervasiveness of DDoS attacks. It also explores the motives, mechanisms and techniques used to execute a DDoS attack. The chapter further investigates the current data mining techniques that are used to combat and detect these attacks, their advantages and disadvantages are explored. Future direction of the research is also provided.

scholarly journals Mitigation of Distributed Denial of Service Attacks in the Cloud

2017 ◽  
Vol 17 (4) ◽  
pp. 32-51 ◽  
Author(s):  
Wael Alosaimi ◽  
Michal Zak ◽  
Khalid Al-Begain ◽  
Roobaea Alroobaea ◽  
Mehedi Masud
Keyword(s):  
Denial Of Service ◽  
Cloud Services ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Future Directions ◽  
Edos Attacks ◽  
Weak Points

Abstract Cybersecurity attacks resulting in loss of availability of cloud services can have significantly higher impact than those in the traditional stand-alone enterprise setups. Therefore, availability attacks, such as Denial of Service attacks (DoS); Distributed DoS attacks (DDoS) and Economical Denial of Sustainability (EDoS) attacks receive increasingly more attention. This paper surveys existing DDoS attacks analyzing the principles, ways of launching and their variants. Then, current mitigation systems are critically discussed. Based on the identification of the weak points, the paper proposes a new mitigation system named as DDoS-Mitigation System (DDoS-MS) that attempts to overcome the identified gap. The proposed framework is evaluated, and an enhanced version of the proposed system called Enhanced DDoS-MS is presented. In the end, the paper presents some future directions of the proposed framework.

Booters: can anything justify distributed denial-of-service (DDoS) attacks for hire?

2017 ◽  
Vol 15 (01) ◽  
pp. 90-104 ◽  
Author(s):  
David Douglas ◽  
José Jair Santanna ◽  
Ricardo de Oliveira Schmidt ◽  
Lisandro Zambenedetti Granville ◽  
Aiko Pras
Keyword(s):  
Heavy Traffic ◽  
Denial Of Service ◽  
Civil Disobedience ◽  
Third Party ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Law Enforcement Agencies ◽  
Content Type ◽  
Testing Tools

Purpose This paper aims to examine whether there are morally defensible reasons for using or operating websites (called ‘booters’) that offer distributed denial-of-service (DDoS) attacks on a specified target to users for a price. Booters have been linked to some of the most powerful DDoS attacks in recent years. Design/methodology/approach The authors identify the various parties associated with booter websites and the means through which booters operate. Then, the authors present and evaluate the two arguments that they claim may be used to justify operating and using booters: that they are a useful tool for testing the ability of networks and servers to handle heavy traffic, and that they may be used to perform DDoS attacks as a form of civil disobedience on the internet. Findings The authors argue that the characteristics of existing booters disqualify them from being morally justified as network stress testing tools or as a means of performing civil disobedience. The use of botnets that include systems without the permission of their owners undermines the legitimacy of both justifications. While a booter that does not use any third-party systems without permission might in principle be justified under certain conditions, the authors argue that it is unlikely that any existing booters meet these requirements. Practical/implications Law enforcement agencies may use the arguments presented here to justify shutting down the operation of booters, and so reduce the number of DDoS attacks on the internet. Originality/value The value of this work is in critically examining the potential justifications for using and operating booter websites and in further exploring the ethical aspects of using DDoS attacks as a form of civil disobedience.

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

2011 ◽  
Vol 22 (05) ◽  
pp. 1073-1098
Author(s):  
SHLOMI DOLEV ◽  
YUVAL ELOVICI ◽  
ALEX KESSELMAN ◽  
POLINA ZILBERMAN
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Traffic Classification ◽  
Classification Rules ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Worst Case ◽  
Filtering Algorithm ◽  
Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

scholarly journals DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

2018 ◽  
Vol 2018 ◽  
pp. 1-30 ◽  
Author(s):  
Michele De Donno ◽  
Nicola Dragoni ◽  
Alberto Giaretta ◽  
Angelo Spognardi
Keyword(s):  
Comparative Analysis ◽  
Internet Of Things ◽  
Detailed Analysis ◽  
Real World ◽  
General Framework ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
The Internet Of Things

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices

2018 ◽  
Vol 10 (2) ◽  
pp. 58-74 ◽  
Author(s):  
Kavita Sharma ◽  
B. B. Gupta
Keyword(s):  
Defense Mechanisms ◽  
Computer Network ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Common People ◽  
Ddos Attack ◽  
Legitimate User

This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.

Sign in / Sign up

Export Citation Format

Share Document