scholarly journals An Overview of Distributed Denial of Service Traffic Detection Approaches

2019 ◽  
Vol 31 (4) ◽  
pp. 453-464
Author(s):  
Ivan Cvitić ◽  
Dragan Peraković ◽  
Marko Periša ◽  
Siniša Husnjak
Keyword(s):  
Critical Infrastructure ◽  
Detection System ◽  
Autonomous Vehicle ◽  
Denial Of Service ◽  
Model Development ◽  
Detection Methods ◽  
Future Research ◽  
Distributed Denial Of Service ◽  
Negative Consequences ◽  
Iot Devices

The availability of information and communication (IC) resources is a growing problem caused by the increase in the number of users, IC services, and the capacity constraints. IC resources need to be available to legitimate users at the required time. The availability is of crucial importance in IC environments such as smart city, autonomous vehicle, or critical infrastructure management systems. In the mentioned and similar environments the unavailability of resources can also have negative consequences on people's safety. The distributed denial of service (DDoS) attacks and traffic that such attacks generate, represent a growing problem in the last decade. Their goal is to disable access to the resources for legitimate users. This paper analyses the trends of such traffic which indicates the importance of its detection methods research. The paper also provides an overview of the currently used approaches used in detection system and model development. Based on the analysis of the previous research, the disadvantages of the used approaches have been identified which opens the space and gives the direction for future research. Besides the mentioned this paper highlights a DDoS traffic generated through Internet of things (IoT) devices as an evolving threat that needs to be taken into consideration in the future studies.

scholarly journals Hybrid Intrusion Detection System for DDoS Attacks

2016 ◽  
Vol 2016 ◽  
pp. 1-8 ◽  
Author(s):  
Özge Cepheli ◽  
Saliha Büyükçorak ◽  
Güneş Karabulut Kurt
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Hybrid Detection ◽  
Security Problem

Distributed denial-of-service (DDoS) attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS), for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals Towards Effective Detection of Recent DDoS Attacks: A Deep Learning Approach

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Ivandro Ortet Lopes ◽  
Deqing Zou ◽  
Francis A Ruambo ◽  
Saeed Akbar ◽  
Bin Yuan
Keyword(s):  
Deep Learning ◽  
Intrusion Detection System ◽  
State Of The Art ◽  
Detection System ◽  
Denial Of Service ◽  
Model Performance ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Validation Metrics ◽  
High Processing

Distributed Denial of Service (DDoS) is a predominant threat to the availability of online services due to their size and frequency. However, developing an effective security mechanism to protect a network from this threat is a big challenge because DDoS uses various attack approaches coupled with several possible combinations. Furthermore, most of the existing deep learning- (DL-) based models pose a high processing overhead or may not perform well to detect the recently reported DDoS attacks as these models use outdated datasets for training and evaluation. To address the issues mentioned earlier, we propose CyDDoS, an integrated intrusion detection system (IDS) framework, which combines an ensemble of feature engineering algorithms with the deep neural network. The ensemble feature selection is based on five machine learning classifiers used to identify and extract the most relevant features used by the predictive model. This approach improves the model performance by processing only a subset of relevant features while reducing the computation requirement. We evaluate the model performance based on CICDDoS2019, a modern and realistic dataset consisting of normal and DDoS attack traffic. The evaluation considers different validation metrics such as accuracy, precision, F1-Score, and recall to argue the effectiveness of the proposed framework against state-of-the-art IDSs.

scholarly journals Intrusion Detection System for AES Encripted Low-Power IoT Networks

2021 ◽  
Author(s):  
Eduardo De Oliveira Burger Monteiro Luiz ◽  
Alessandro Copetti ◽  
Luciano Bertini ◽  
Juliano Fontoura Kazienko
Keyword(s):  
Low Power ◽  
Detection System ◽  
Denial Of Service ◽  
Security Requirements ◽  
Power Devices ◽  
Dos Attacks ◽  
Reflection Attack ◽  
Ipv6 Protocol ◽  
Iot Devices ◽  
High Level

The introduction of the IPv6 protocol solved the problem of providingaddresses to network devices. With the emergence of the Internetof Things (IoT), there was also the need to develop a protocolthat would assist in connecting low-power devices. The 6LoWPANprotocols were created for this purpose. However, such protocolsinherited the vulnerabilities and threats related to Denial of Service(DoS) attacks from the IPv4 and IPv6 protocols. In this paper, weprepare a network environment for low-power IoT devices usingCOOJA simulator and Contiki operating system to analyze theenergy consumption of devices. Besides, we propose an IntrusionDetection System (IDS) associated with the AES symmetric encryptionalgorithm for the detection of reflection DoS attacks. Thesymmetric encryption has proven to be an appropriate methoddue to low implementation overhead, not incurring in large powerconsumption, and keeping a high level of system security. The maincontributions of this paper are: (i) implementation of a reflectionattack algorithm for IoT devices; (ii) implementation of an intrusiondetection system using AES encryption; (iii) comparison ofthe power consumption in three distinct scenarios: normal messageexchange, the occurrence of a reflection attack, and runningIDS algorithm. Finally, the results presented show that the IDSwith symmetric cryptography meets the security requirements andrespects the energy limits of low-power sensors.

Multi-Aspect DDOS Detection System for Securing Cloud Network

2019 ◽  
pp. 1952-1983
Author(s):  
Pourya Shamsolmoali ◽  
Masoumeh Zareapoor ◽  
M.Afshar Alam
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Denial Of Service ◽  
Complex Form ◽  
Internet Security ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Detection ◽  
Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

Detecting DDoS Attacks on Multiple Network Hosts

2019 ◽  
pp. 121-139 ◽  
Author(s):  
Konstantinos F. Xylogiannopoulos ◽  
Panagiotis Karampelas ◽  
Reda Alhajj
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Detection Methods ◽  
Distributed Denial Of Service ◽  
Secondary Sources ◽  
Ddos Attack ◽  
Timely Fashion ◽  
Multiple Network ◽  
Ddos Attack Detection ◽  
Low Traffic

The proliferation of low security internet of things devices has widened the range of weapons that malevolent users can utilize in order to attack legitimate services in new ways. In the recent years, apart from very large volumetric distributed denial of service attacks, low and slow attacks initiated from intelligent bot networks have been detected to target multiple hosts in a network in a timely fashion. However, even if the attacks seem to be “innocent” at the beginning, they generate huge traffic in the network without practically been detected by the traditional DDoS attack detection methods. In this chapter, an advanced pattern detection method is presented that is able to collect and classify in real time all the incoming traffic and detect a developing slow and low DDoS attack by monitoring the traffic in all the hosts of the network. The experimental analysis on a real dataset provides useful insights about the effectiveness of the method by identifying not only the main source of attack but also secondary sources that produce low traffic, targeting though multiple hosts.

scholarly journals Recent Advancements in Intrusion Detection Systems for the Internet of Things

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Zeeshan Ali Khan ◽  
Peter Herrmann
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Iot Applications ◽  
Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

scholarly journals Survey of Countering DoS/DDoS Attacks on SIP Based VoIP Networks

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1827
Author(s):  
Waleed Nazih ◽  
Wail S. Elkilani ◽  
Habib Dhahri ◽  
Tamer Abdelkader
Keyword(s):  
Low Cost ◽  
Denial Of Service ◽  
Voice Over Ip ◽  
Session Initiation Protocol ◽  
Future Research ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Voip Services

Voice over IP (VoIP) services hold promise because of their offered features and low cost. Most VoIP networks depend on the Session Initiation Protocol (SIP) to handle signaling functions. The SIP is a text-based protocol that is vulnerable to many attacks. Denial of Service (DoS) and distributed denial of service (DDoS) attacks are the most harmful types of attacks, because they drain VoIP resources and render SIP service unavailable to legitimate users. In this paper, we present recently introduced approaches to detect DoS and DDoS attacks, and classify them based on various factors. We then analyze these approaches according to various characteristics; furthermore, we investigate the main strengths and weaknesses of these approaches. Finally, we provide some remarks for enhancing the surveyed approaches and highlight directions for future research to build effective detection solutions.

Sign in / Sign up

Export Citation Format

Share Document