Towards Utilizing Blockchain for Countering Distributed Denial-of-Service (DDoS)

While both SOAP and REST have been used widely to implement Web services and software integration, over time REST has emerged as the predominant approach. REST provides developers with a lower barrier to entry for implementation and greater development flexibility than SOAP. Its architectural conventions and best practices can be integrated into Web services incrementally as opposed to the all-or-nothing adoption of SOAP. In order to achieve generality, SOAP standards are extensive, rigid, and complex. This complexity can lead to implementations that introduce significant overhead on the network bandwidth consumption, execution times, and throughput of SOAP services, especially in the emerging resource-restricted mobile realm. This chapter provides an overview of the logical and physical design of modern Web services and discusses the strengths and weaknesses of the predominant styles. It provides evidence and reasoning behind the emergence of REST as the leader for the development of next-generation Web APIs and services. The chapter also delineates the key technologies that underlie REST and describes emerging and future research directions in support of REST-based APIs and service development.

Download Full-text

Security of the Cloud

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Emerging Research in Cloud Distributed Computing Systems ◽

10.4018/978-1-4666-8213-9.ch012 ◽

2015 ◽

pp. 363-404 ◽

Cited By ~ 1

Author(s):

Khalid Al-Begain ◽

Michal Zak ◽

Wael Alosaimi ◽

Charles Turyagyenda

Keyword(s):

Service Providers ◽

Denial Of Service ◽

Cloud Service ◽

Future Research ◽

Cloud Environment ◽

Ddos Attacks ◽

Security Attacks ◽

Edos Attacks ◽

Future Research Directions ◽

Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Download Full-text

Auditing Defense Against XSS Worms in Online Social Network-Based Web Applications

Application Development and Design ◽

10.4018/978-1-5225-3422-8.ch038 ◽

2018 ◽

pp. 879-909

Author(s):

Pooja Chaudhary ◽

Shashank Gupta ◽

B. B. Gupta

Keyword(s):

Social Network ◽

Cyber Security ◽

Web Applications ◽

Online Social Network ◽

Denial Of Service ◽

Future Research ◽

Ddos Attacks ◽

Research Guidelines ◽

High Level ◽

Precise Interpretation

Nowadays, users of Online Social Network (OSN) are less familiar with cyber security threats that occur in such networks, comprising Cross-Site Scripting (XSS) worms, Distributed Denial of Service (DDoS) attacks, Phishing, etc. Numerous defensive methodologies exist for mitigating the effect of DDoS attacks and Phishing vulnerabilities from OSN. However, till now, no such robust defensive solution is proposed for the complete alleviation of XSS worms from such networks. This chapter discusses the detailed incidences of XSS attacks in the recent period on the platforms of OSN. A high level of taxonomy of XSS worms is illustrated in this article for the precise interpretation of its exploitation in multiple applications of OSN like Facebook, Twitter, LinkedIn, etc. We have also discussed the key contributions of current defensive solutions of XSS attacks on the existing platforms of OSN. Based on this study, we identified the current performance issues in these existing solutions and recommend future research guidelines.

Download Full-text

Security of the Cloud

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch075 ◽

2018 ◽

pp. 1511-1554

Author(s):

Khalid Al-Begain ◽

Michal Zak ◽

Wael Alosaimi ◽

Charles Turyagyenda

Keyword(s):

Service Providers ◽

Denial Of Service ◽

Cloud Service ◽

Future Research ◽

Cloud Environment ◽

Ddos Attacks ◽

Security Attacks ◽

Edos Attacks ◽

Future Research Directions ◽

Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Download Full-text

Auditing Defense against XSS Worms in Online Social Network-Based Web Applications

Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-0105-3.ch010 ◽

2016 ◽

pp. 216-245 ◽

Cited By ~ 14

Author(s):

Pooja Chaudhary ◽

Shashank Gupta ◽

B. B. Gupta

Keyword(s):

Social Network ◽

Cyber Security ◽

Web Applications ◽

Online Social Network ◽

Denial Of Service ◽

Future Research ◽

Ddos Attacks ◽

Research Guidelines ◽

High Level ◽

Precise Interpretation

Nowadays, users of Online Social Network (OSN) are less familiar with cyber security threats that occur in such networks, comprising Cross-Site Scripting (XSS) worms, Distributed Denial of Service (DDoS) attacks, Phishing, etc. Numerous defensive methodologies exist for mitigating the effect of DDoS attacks and Phishing vulnerabilities from OSN. However, till now, no such robust defensive solution is proposed for the complete alleviation of XSS worms from such networks. This chapter discusses the detailed incidences of XSS attacks in the recent period on the platforms of OSN. A high level of taxonomy of XSS worms is illustrated in this article for the precise interpretation of its exploitation in multiple applications of OSN like Facebook, Twitter, LinkedIn, etc. We have also discussed the key contributions of current defensive solutions of XSS attacks on the existing platforms of OSN. Based on this study, we identified the current performance issues in these existing solutions and recommend future research guidelines.

Download Full-text

Increasing the Performability of Wireless Web Services

Handbook of Research in Mobile Business, Second Edition ◽

10.4018/978-1-60566-156-8.ch048 ◽

2009 ◽

pp. 518-528

Author(s):

Wenbing Zhao

Keyword(s):

Wireless Communication ◽

Web Services ◽

Mobile Devices ◽

Future Research ◽

Battery Life ◽

Research Directions ◽

Computing Power ◽

Network Bandwidth ◽

Technical Issues ◽

Future Research Directions

Wireless Web services are becoming a reality, if they have not already. The unique characteristics of the mobile devices and wireless communication medium, such as limited computing power, limited network bandwidth, limited battery life, unpredictable online time, mobility, and so forth,, imply that the infrastructure for wireless Web services will be very different from its wired counterpart. This chapter discusses the challenges and the stateof- the-art solutions to ensure highly performable wireless Web services. In particular, this chapter’s focus is on three technical issues: optimization of the wireless Web services messaging protocol, caching, and fault tolerance. Finally, limitations of the current approaches and an outline of future research directions on wireless Web services are also discussed.

Download Full-text

Survey of Countering DoS/DDoS Attacks on SIP Based VoIP Networks

Electronics ◽

10.3390/electronics9111827 ◽

2020 ◽

Vol 9 (11) ◽

pp. 1827

Author(s):

Waleed Nazih ◽

Wail S. Elkilani ◽

Habib Dhahri ◽

Tamer Abdelkader

Keyword(s):

Low Cost ◽

Denial Of Service ◽

Voice Over Ip ◽

Session Initiation Protocol ◽

Future Research ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Voip Services

Voice over IP (VoIP) services hold promise because of their offered features and low cost. Most VoIP networks depend on the Session Initiation Protocol (SIP) to handle signaling functions. The SIP is a text-based protocol that is vulnerable to many attacks. Denial of Service (DoS) and distributed denial of service (DDoS) attacks are the most harmful types of attacks, because they drain VoIP resources and render SIP service unavailable to legitimate users. In this paper, we present recently introduced approaches to detect DoS and DDoS attacks, and classify them based on various factors. We then analyze these approaches according to various characteristics; furthermore, we investigate the main strengths and weaknesses of these approaches. Finally, we provide some remarks for enhancing the surveyed approaches and highlight directions for future research to build effective detection solutions.

Download Full-text

On Distributed Denial of Service Current Defense Schemes

Technologies ◽

10.3390/technologies7010019 ◽

2019 ◽

Vol 7 (1) ◽

pp. 19 ◽

Cited By ~ 9

Author(s):

Seth Kotey ◽

Eric Tchao ◽

James Gadze

Keyword(s):

Service Provider ◽

Defense Mechanisms ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Major Threat ◽

Highly Skilled

Distributed denial of service (DDoS) attacks are a major threat to any network-based service provider. The ability of an attacker to harness the power of a lot of compromised devices to launch an attack makes it even more complex to handle. This complexity can increase even more when several attackers coordinate to launch an attack on one victim. Moreover, attackers these days do not need to be highly skilled to perpetrate an attack. Tools for orchestrating an attack can easily be found online and require little to no knowledge about attack scripts to initiate an attack. Studies have been done severally to develop defense mechanisms to detect and defend against DDoS attacks. As defense schemes are designed and developed, attackers are also on the move to evade these defense mechanisms and so there is a need for a continual study in developing defense mechanisms. This paper discusses the current DDoS defense mechanisms, their strengths and weaknesses.

Download Full-text

A SELECTIVE SURVEY OF DISTRIBUTED DENIAL-OF-SERVICE (DDOS) ATTACKS AND DEFENSE MECHANISMS

International Journal on Information Sciences and Computing ◽

10.18000/ijisac.50019 ◽

2008 ◽

Vol 2 (1) ◽

pp. 22-28

Author(s):

Gupta BB

Keyword(s):

Defense Mechanisms ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks

Download Full-text

Defense mechanisms against Distributed Denial of Service attacks: Comparative Review

Journal of Information Security and Cybercrimes Research ◽

10.26735/lqez4186 ◽

2021 ◽

Vol 4 (1) ◽

pp. 81-94

Author(s):

Fahad Alatawi

Keyword(s):

Defense Mechanisms ◽

Large Scale ◽

Defense Mechanism ◽

Denial Of Service ◽

Detection Accuracy ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Response Mechanism ◽

Packet Filtering ◽

Comparative Review

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

Download Full-text