Immune Danger Theory Based Model for SYN Flooding Attack Situation Awareness

2011 ◽  
Vol 181-182 ◽  
pp. 66-71 ◽  
Author(s):  
Fei Xian Sun ◽  
Zhi Gang Wu
Keyword(s):  
Situation Awareness ◽  
Computer Network ◽  
Attack Detection ◽  
Model Framework ◽  
Danger Theory ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
Proposed Model ◽  
Computer Network Security ◽  
Syn Flooding

This paper explores a novel danger theory based model to aware the situation for TCP SYN flooding attacks. Within in the presented model, the TCP SYN flooding attacks are looked as dangerous exogenous patterns, and induce danger signals to aware the situation of host computers, which is realized by hosted-based artificial immune detectors. After summarizing the danger theory, the model framework, correlative concepts, TCP SYN flooding attack detection, danger signal computation and attack situation awareness methods are described. Following that, the interrelated techniques are compared. Theoretical analysis results show that the proposed model is valid. Thus, it provides a good solution to computer network security.

scholarly journals SYN flooding attack detection by TCP handshake anomalies

2011 ◽  
Vol 5 (7) ◽  
pp. 709-724 ◽  
Author(s):  
Martine Bellaïche ◽  
Jean-Charles Grégoire
Keyword(s):  
Attack Detection ◽  
Flooding Attack ◽  
Syn Flooding

scholarly journals Slow flooding attack detection in cloud using change point detection approach

2018 ◽  
Vol 7 (2.30) ◽  
pp. 33
Author(s):  
Dr Baldev Singh ◽  
Dr S.N. Panda ◽  
Dr Gurpinder Singh Samra
Keyword(s):  
Change Point ◽  
Service Providers ◽  
Cloud Service ◽  
Attack Detection ◽  
Change Point Detection ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
Detection Approach ◽  
Cloud Service Providers ◽  
Point Detection

Cloud computing is one of the high-demand services and prone to numerous types of attacks due to its Internet based backbone. Flooding based attack is one such type of attack over the cloud that exhausts the numerous resources and services of an individual or an enterprise by way of sending useless huge traffic. The nature of this traffic may be of slow or fast type. Flooding attacks are caused by way of sending massive volume of packets of TCP, UDP, ICMP traffic and HTTP Posts. The legitimate volume of traffic is suppressed and lost in traffic flooding traffics. Early detection of such attacks helps in minimization of the unauthorized utilization of resources on the target machine. Various inbuilt load balancing and scalability options to absorb flooding attacks are in use by cloud service providers up to ample extent still to maintain QoS at the same time by cloud service providers is a challenge. In this proposed technique. Change Point detection approach is proposed here to detect flooding DDOS attacks in cloud which are based on the continuous variant pattern of voluminous (flooding) traffic and is calculated by using various traffic data based metrics that are primary and computed in nature. Golden ration is used to compute the threshold and this threshold is further used along with the computed metric values of normal and malicious traffic for flooding attack detection. Traffic of websites is observed by using remote java script. 

scholarly journals Avoiding and Isolating Flooding Attack by Enhancing AODV MANET Protocol (AIF_AODV)

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Mahmoud Abu Zant ◽  
Adwan Yasin
Keyword(s):  
Dos Attacks ◽  
Network Resources ◽  
Malicious Nodes ◽  
Flooding Attack ◽  
End To End Delay ◽  
Flooding Attacks ◽  
Proposed Model ◽  
Aodv Protocol ◽  
End To End ◽  
Network Flooding

Security in MANET is an essential task in preventing the harm that could be caused by malicious nodes in the network. Flooding attack is one of DoS attacks that aim to exhaust the network resources by flooding the network with a lot of fake packets and messages. There are different forms of Flooding attacks, and the most common form is the request one. Request Flooding attack keeps flooding the network with a lot of requests to the fake nodes that do not exist in the network. In this research, we presented a new enhanced AODV protocol AIF AODV that can detect and isolate flooding nodes in the network. NS-2.35 is used to simulate and to prove the efficiency of the proposed technique. The results of the enhanced protocol in terms of Throughput, End to End Delay, PDF, ARE, and NRL are very close to the native AODV without Flooding attack. The comparisons with other models showed that the proposed model AIF_AODV has a better Throughput characteristic.

A Method Based on BP Neural Network to Detect SIP DOS Flooding Attack

2012 ◽  
Vol 263-266 ◽  
pp. 2773-2778
Author(s):  
Hai Xiu Cheng ◽  
Bi Zeng
Keyword(s):  
Neural Network ◽  
Bp Neural Network ◽  
Detection Method ◽  
Attack Detection ◽  
Ip Multimedia Subsystem ◽  
Network Characteristics ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
The Neural Network ◽  
Simulation Results

In order to detect the SIP flooding attacks in IMS (IP Multimedia Subsystem) network, the paper proposes a flooding attack detection method based on BP neural network, and analyses causes of SIP flooding attack, and thus determine the BP the input of the neural network characteristics. The simulation results show that this method has better detection performance.

Design of computer network security defense system based on artificial intelligence and neural network

2021 ◽  
pp. 1-13
Author(s):  
Keqiang Zhan
Keyword(s):  
Neural Network ◽  
Artificial Intelligence ◽  
Network Security ◽  
Computer Network ◽  
Attack Detection ◽  
Rapid Expansion ◽  
Network Technology ◽  
New Model ◽  
Computer Network Security ◽  
The Impact

In recent years, the application of network technology has become popular, and the application of the Internet has occupied a large proportion in people’s daily life. The issue of network security has also begun to be paid attention to. In recent years, due to the rapid expansion of network applications, malicious events such as network threats have occurred from time to time. Many computers do not have a good protection structure so that they are often vulnerable to attacks during network interconnection. Traditional computer protection measures are border-based protection, but with the development of network technology, this protection system can no longer guarantee computer security. Therefore, in order to keep computers safe in the current network environment, the role of artificial intelligence in the computer field should be given full play. The artificial intelligence analysis system can analyze and predict the situation of computer network security based on the situation of network security. This paper integrates convolutional neural network algorithms on the basis of traditional machine learning to establish a new network intrusion model. This paper verifies the feasibility of the model through experiments, and the experimental results show that the accuracy of the new model proposed in this paper can reach more than 90% for KDDCUP99 data detection. In addition, traditional computer protection systems have many errors when dealing with DNN attack detection. In order to reduce the occurrence of this situation, this paper proposes a standardized attack detection model based on deep nerves. The detection precision of this model is higher and the results obtained are more accurate. In addition, this new model can also synthesize the impact of different network attacks on the security situation, and construct attack situation predictions for computer systems.

scholarly journals An Efficient and Effective Approach for Flooding Attack Detection in Optical Burst Switching Networks

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Bandar Almaslukh
Keyword(s):  
Feature Selection ◽  
Information Gain ◽  
Denial Of Service ◽  
Optical Burst Switching ◽  
Attack Detection ◽  
Burst Switching ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
Selection Phase ◽  
Optical Burst

Optical burst switching (OBS) networks are frequently compromised by attackers who can flood the networks with burst header packets (BHPs), causing a denial of service (DoS) attack, also known as a BHP flooding attack. Nowadays, a set of machine learning (ML) methods have been embedded into OBS core switches to detect these BHP flooding attacks. However, due to the redundant features of BHP data and the limited capability of OBS core switches, the existing technology still requires major improvements to work effectively and efficiently. In this paper, an efficient and effective ML-based security approach is proposed for detecting BHP flooding attacks. The proposed approach consists of a feature selection phase and a classification phase. The feature selection phase uses the information gain (IG) method to select the most important features, enhancing the efficiency of detection. For the classification phase, a decision tree (DT) classifier is used to build the model based on the selected features of BHPs, reducing the overfitting problem and improving the accuracy of detection. A set of experiments are conducted on a public dataset of OBS networks using 10-fold cross-validation and holdout techniques. Experimental results show that the proposed approach achieved the highest possible classification accuracy of 100% by using only three features.

Sign in / Sign up

Export Citation Format

Share Document