Denial of Service Resilience of Authentication Systems

2011 ◽  
pp. 188-208
Author(s):  
Valer Bocan ◽  
Mihai Fagadar-Cosma
Keyword(s):  
Detailed Analysis ◽  
Denial Of Service ◽  
Attack Detection ◽  
Communication Process ◽  
Network Services ◽  
Dos Attack ◽  
Dos Attacks ◽  
Authentication System

Cryptographic authentication systems are currently the de facto standard for securing clients access to network services. Although they offer enhanced security for the parties involved in the communication process, they still have a vulnerable point represented by their susceptibility to denial of service (DoS) attacks. The present chapter addresses two important aspects related to the security of authentication systems and their resistance against strong DoS attacks, represented by attack detection and attack prevention. In this respect, we present a detailed analysis of the methods used to evaluate the attack state of an authentication system as well as of the countermeasures that can be deployed to prevent or repel a DoS attack.

Denial of Service Resilience of Authentication Systems

2013 ◽  
pp. 451-470 ◽  
Author(s):  
Valer Bocan ◽  
Mihai Fagadar-Cosma
Keyword(s):  
Detailed Analysis ◽  
Denial Of Service ◽  
Attack Detection ◽  
Communication Process ◽  
Network Services ◽  
Dos Attack ◽  
Dos Attacks ◽  
Authentication System

Cryptographic authentication systems are currently the de facto standard for securing clients access to network services. Although they offer enhanced security for the parties involved in the communication process, they still have a vulnerable point represented by their susceptibility to denial of service (DoS) attacks. The present chapter addresses two important aspects related to the security of authentication systems and their resistance against strong DoS attacks, represented by attack detection and attack prevention. In this respect, we present a detailed analysis of the methods used to evaluate the attack state of an authentication system as well as of the countermeasures that can be deployed to prevent or repel a DoS attack.

scholarly journals Deep Reinforcement Learning for Building Honeypots against Runtime DOS Attack

2021 ◽  
Author(s):  
Selvakumar Veluchamy ◽  
RubaSoundar Kathavarayan
Keyword(s):  
Reinforcement Learning ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Dos Attack ◽  
Dos Attacks ◽  
Server Side ◽  
Intelligent Decision Making ◽  
Deep Recurrent Neural Network ◽  
And Performance

Abstract Honeypot is a network environment used to protect the legitimate network resources from attacks. Honeypot creates an environment that impresses attackers to inject their activities to steal resources. This is a way to detect the attacks by doing attack detection procedures. In this work, Denial of Service (DoS) attacks are effectively detected by proposed honeypot system. Machine Learning (ML) and Deep Learning (DL) methods evolve in many areas to build intelligent decision making systems. This work uses DL approaches and secures event validation procedures for finding predicting DoS attacks. The proposed system called Deep Adaptive Reinforcement Learning for Honeypots (DARLH) is implemented to monitor internal and external DoS attacks. In the honeypot environment, the proposed DARLH system implements DARL based IDS (Intrusion Detection System) agents and Deep Recurrent Neural Network (DRNN) based IDS agents for monitoring multiple runtime DoS attacks. These techniques support for dynamic IDS against DoS attack. In addition, the DARLH creates protected poison distribution and server side supervision system for keeping the monitoring events legitimate. This work is implemented and performance is evaluated. The results are compared with existing systems like GNBH, BCH and RNSG. In this comparison, the proposed system provides 5–10% better results than other systems.

scholarly journals Cyber DoS attack based security simulator for VANET

2020 ◽  
Vol 10 (6) ◽  
pp. 5832
Author(s):  
Muntadher Naeem Yasir ◽  
Muayad Sadik Croock
Keyword(s):  
Cyber Security ◽  
Information Exchange ◽  
Network Performance ◽  
Ad Hoc ◽  
High Efficiency ◽  
Denial Of Service ◽  
Attack Detection ◽  
Dos Attack ◽  
Dos Attacks ◽  
High Importance

At the late years, researches focused on the cyber Denial of Service (DoS) attacks in the Vehicle Ad hoc Networks (VANETS). This is due to high importance of ensuring the save receiving of information in terms of Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I) and Vehicle to Road Side Unit (V2R). In this paper, a cyber-security system is proposed to detect and block the DoS attacks in VANET. In addition, a simulator for VENAT based on lightweight authentication and key exchange is presented to simulate the network performance and attacks. The proposed system consists of three phases: registration, authentication as well as communications and DoS attack detection. These phases improve the system ability to detect the attacks in efficient way. Each phase working is based in a proposed related algorithm under the guidance of lightweight protocol. In order to test the proposed system, a prototype is considered includes six cars and we adopt police cars due to high importance of exchanged information. Different case studies have been considered to evaluate the proposed system and the obtained results show a high efficiency of performance in terms of information exchange and attack detection.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
pp. 115-123
Author(s):  
Budi Jaya ◽  
Y Yuhandri ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons

scholarly journals Output Feedback NCS of DoS Attacks Triggered by Double-Ended Events

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Xinzhi Feng ◽  
Yang Yang ◽  
Xiaozhong Qi ◽  
Chunming Xu ◽  
Ze Ji
Keyword(s):  
Control System ◽  
Denial Of Service ◽  
Network Control ◽  
Control Performance ◽  
Network Control System ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Attacks ◽  
Elastic Event ◽  
Event Triggering

In recent years, the research of the network control system under the event triggering mechanism subjected to network attacks has attracted foreign and domestic scholars’ wide attention. Among all kinds of network attacks, denial-of-service (DoS) attack is considered the most likely to impact the performance of NCS significantly. The existing results on event triggering do not assess the occurrence of DoS attacks and controller changes, which will reduce the control performance of the addressed system. Aiming at the network control system attacked by DoS, this paper combines double-ended elastic event trigger control, DoS attack, and quantitative feedback control to study the stability of NCS with quantitative feedback of DoS attack triggered by a double-ended elastic event. Simulation examples show that this method can meet the requirements of control performance and counteract the known periodic DoS attacks, which save limited resources and improve the system’s antijamming ability.

scholarly journals DOS Attacks on TCP/IP Layers in WSN

2013 ◽  
Vol 1 (2013) ◽  
pp. 40-45
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Networks ◽  
Sensor Network ◽  
Low Cost ◽  
Denial Of Service ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Renewable Energy Resources ◽  
Dos Attack ◽  
Dos Attacks

The emergence of sensor networks as one of the dominant technology trends in the coming decades has posed numerous unique challenges on their security to researchers. These networks are likely to be composed of thousands of tiny sensor nodes, which are low-cost devices equipped with limited memory, processing, radio, and in many cases, without access to renewable energy resources. While the set of challenges in sensor networks are diverse, we focus on security of Wireless Sensor Network in this paper. First, we propose some of the security goal for Wireless Sensor Network. To perform any task in WSN, the goal is to ensure the best possible utilization of sensor resources so that the network could be kept functional as long as possible. In contrast to this crucial objective of sensor network management, a Denial of Service (DoS) attack targets to degrade the efficient use of network resources and disrupts the essential services in the network. DoS attack could be considered as one of th

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

2021 ◽  
pp. 20-48
Author(s):  
Sobana Sikkanan ◽  
Kasthuri M.
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Dos Attack ◽  
Dos Attacks ◽  
Network Resources ◽  
Systematic Analysis ◽  
Network Bandwidth ◽  
Research Areas ◽  
History Analysis ◽  
Near Future

The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

2011 ◽  
Vol 22 (05) ◽  
pp. 1073-1098
Author(s):  
SHLOMI DOLEV ◽  
YUVAL ELOVICI ◽  
ALEX KESSELMAN ◽  
POLINA ZILBERMAN
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Traffic Classification ◽  
Classification Rules ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Worst Case ◽  
Filtering Algorithm ◽  
Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

scholarly journals Choosing an appropriate architecture to protect the information system from multi-level DDOS attacks

2021 ◽  
Vol 45 (1) ◽  
Author(s):  
V. V. Borodan ◽  
◽  
D. O. Guy
Keyword(s):  
Information System ◽  
Denial Of Service ◽  
Network Services ◽  
Brute Force ◽  
Ddos Attacks ◽  
Dos Attack ◽  
System Protection ◽  
Multi Level ◽  
Brute Force Attack ◽  
Technical Measures

The paper examines multi-level DDoS attacks, which are a type of denial of service (DoS) attack, which aims to ban network services by failing target servers or consuming their resources, so that these servers can no longer provide services to legitimate users. DDoS attacks are divided into several classes, which include: Telnet brute force attack, SYN flood attack, ICMP flood attack, Smurf attack, Ping flood, HTTP Get Flooding request attack and HTTP Post. It is concluded that in order to create an effective information security architecture and, at the same time, effective measures to combat DDoS attacks, it is important to understand the different methods of DDoS. The architecture of information system protection against multilevel DDoS-attacks based on SDN and analysis of network traffic correlation is presented. Recommendations for protecting the information system from multi-level DDoS-attacks have been developed. It is noted that in addition to technical measures, organizations also need to implement procedural measures at the level of protection, detection and response.

scholarly journals Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020 ◽  
Author(s):  
Budi Jaya ◽  
Yuhandri Yunus ◽  
S Sumijan
Keyword(s):  
Denial Of Service ◽  
Digital Evidence ◽  
Dos Attack ◽  
Dos Attacks ◽  
Research Results ◽  
Security Enhancement ◽  
Software And Hardware ◽  
Operational Activities ◽  
Network Router ◽  
Live Forensics

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons.

Sign in / Sign up

Export Citation Format

Share Document