Detection Method of Distributed Denial-of-Service Flooding Attacks Using Analysis of Flow Information

2014 ◽  
Vol 14 (1) ◽  
pp. 203-209 ◽  
Author(s):  
Jae-Hyun Jun ◽  
Min-Jun Kim ◽  
Jeong-Hyun Cho ◽  
Cheol-Woong Ahn ◽  
Sung-Ho Kim
Keyword(s):  
Detection Method ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Flooding Attacks ◽  
Flow Information

scholarly journals Detection of Distributed Denial of Service Flooding Attack Using Odds Ratio

2021 ◽  
Vol 1 (2) ◽  
pp. 67-74
Author(s):  
Dalia Nashat ◽  
Fatma A. Hussain ◽  
Xiaohong Jiang
Keyword(s):  
Detection Probability ◽  
Odds Ratio ◽  
Detection Method ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Internet Routing ◽  
Denial Of Service Attack ◽  
Flooding Attack ◽  
Flooding Attacks ◽  
Service Attack

Computer networks are vulnerable to many types of attacks while the Distributed Denial of Service attack (DDoS) serves as one of the top concerns for security professionals. The DDoS flooding attack denies the services by consuming the server resources to prevent the legitimate users from using their desired services. The hardness of detecting this attack lies in sending a stream of packets to the server with spoofed IP addresses, so that the internet routing infrastructure cannot distinguish the spoofed packets. Based on the odds ratio (OR) statistical measurement, in this work we propose a new detection method for the DDoS flooding attacks. By exploring the odds ratio to determine the risk factor of any incoming traffic to the server, the legitimate and attack traffic packets can be easily differentiated. Experimental results demonstrate the efficiency of the presented detection method in terms of its detection probability and detection time.

scholarly journals A Stacked Deep Learning Approach for IoT Cyberattack Detection

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Bandar Alotaibi ◽  
Munif Alotaibi
Keyword(s):  
Deep Learning ◽  
Detection Method ◽  
Denial Of Service ◽  
Large Datasets ◽  
Learning Approach ◽  
Distributed Denial Of Service ◽  
Learning Method ◽  
Traffic Data ◽  
Security Breaches ◽  
Iot Devices

Internet of things (IoT) devices and applications are dramatically increasing worldwide, resulting in more cybersecurity challenges. Among these challenges are malicious activities that target IoT devices and cause serious damage, such as data leakage, phishing and spamming campaigns, distributed denial-of-service (DDoS) attacks, and security breaches. In this paper, a stacked deep learning method is proposed to detect malicious traffic data, particularly malicious attacks targeting IoT devices. The proposed stacked deep learning method is bundled with five pretrained residual networks (ResNets) to deeply learn the characteristics of the suspicious activities and distinguish them from normal traffic. Each pretrained ResNet model consists of 10 residual blocks. We used two large datasets to evaluate the performance of our detection method. We investigated two heterogeneous IoT environments to make our approach deployable in any IoT setting. Our proposed method has the ability to distinguish between benign and malicious traffic data and detect most IoT attacks. The experimental results show that our proposed stacked deep learning method can provide a higher detection rate in real time compared with existing classification techniques.

scholarly journals A Proposal of Highly Responsive Distributed Denial-of-Service Attacks Detection Using Real-Time Burst Detection Method

2018 ◽  
Vol 26 (0) ◽  
pp. 257-266
Author(s):  
Shotaro Usuzaki ◽  
Yuki Arikawa ◽  
Hisaaki Yamaba ◽  
Kentaro Aburada ◽  
Shin-Ichiro Kubota ◽  
...  
Keyword(s):  
Real Time ◽  
Detection Method ◽  
Denial Of Service ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Burst Detection

Proactive routing mutation against stealthy Distributed Denial of Service attacks: metrics, modeling, and analysis

2017 ◽  
Vol 15 (2) ◽  
pp. 219-230 ◽  
Author(s):  
Qi Duan ◽  
Ehab Al-Shaer ◽  
Samrat Chatterjee ◽  
Mahantesh Halappanavar ◽  
Christopher Oehmen
Keyword(s):  
Denial Of Service ◽  
Skewed Distribution ◽  
Distributed Denial Of Service ◽  
Flow Paths ◽  
Modeling And Analysis ◽  
Proactive Routing ◽  
Flooding Attacks ◽  
Critical Links ◽  
New Generation ◽  
The Impact

Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploits the inherent weakness of cyber infrastructure, including the deterministic nature of routing, skewed distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim’s end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and estimate the impact of such susceptibility on enterprises. Second, we develop proactive route mutation techniques to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and Quality of Service requirements. We implemented the proactive path mutation technique on a Software Defined Network using the OpenDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.

scholarly journals Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised counter-based algorithm in Hadoop

2018 ◽  
Vol 7 (4.36) ◽  
pp. 390
Author(s):  
Y. S.Kalai vani ◽  
Dr. P.Ranjana
Keyword(s):  
Intrusion Detection ◽  
Large Volume ◽  
Detection System ◽  
Denial Of Service ◽  
Detection Algorithm ◽  
Map Reduce ◽  
Distributed Denial Of Service ◽  
Huge Amount ◽  
Denial Of Service Attack ◽  
Flooding Attacks

A Distributed Denial of Service (DDOS) is one of the major threats in the cyber network and it causes the computers flooded with the Users Datagram Packet (UDP).This type of attack crashes the victim with large volume of traffic and the victim is not capable of performing normal communication and crashes it completely. To handle this DDOS attack the normal Intrusion Detection System is not suitable to hold and find the amount of the data in the network. Hadoop is a frame work that allows huge amount of data and it is used to processes the huge amount of data. A Map reduce program comprises of a Map task that performs filtering and sorting and a Reduce task that performs summary operation. The propose work  focuses on the detection algorithm based on Map Reduce platform which uses the Improvised counter based (MRICB)  algorithm to detect the DDOS flooding attacks. The MRICB algorithm is implemented with Map Reduce functionalities at the stage of verifying the Network IPS. This proposed algorithm also focuses  on the UDP flooding attack using anomaly based intrusion detection technique that identifies the kind of packets and the flow of packet in the node is more that the set threshold and also identifies  the source code causing UDP Flood attack . Thus it ensures the normal communication with large volume of traffic.   

A Survey of Botnet-Based DDoS Flooding Attacks of Application Layer

2016 ◽  
pp. 52-79 ◽  
Author(s):  
Esraa Alomari ◽  
Selvakumar Manickam ◽  
B. B. Gupta ◽  
Mohammed Anbar ◽  
Redhwan M. A. Saad ◽  
...  
Keyword(s):  
Denial Of Service ◽  
Internet Security ◽  
Sensitive Information ◽  
Distributed Denial Of Service ◽  
Cyber Attack ◽  
Open Problems ◽  
Ddos Attack ◽  
Flooding Attacks ◽  
Cyber Espionage ◽  
Detection Mechanisms

A Botnet can be used to launch a cyber-attack, such as a Distributed Denial of Service (DDoS) attack, against a target or to conduct a cyber-espionage campaign to steal sensitive information. This survey analyzes and compares the most important efforts carried out in an application-based detection area and this survey extended to cover the mitigation approaches for the Botnet-based DDoS flooding attacks. It accomplishes four tasks: first, an extensive illustration on Internet Security; second, an extensive comparison between representative detection mechanisms; third, the comparison between the mitigation mechanisms against Botnet-based DDoS flooding and fourth, the description of the most important problems and highlights in the area. We conclude that the area has achieved great advances so far, but there are still many open problems.

Sign in / Sign up

Export Citation Format

Share Document