3,510 Hits in 5.5 sec

Detection and defense mechanisms against DDoS attacks: A review

Archana S. Pimpalkar, A. R. Bhagat Patil
2015 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS)  
Distributed Denial of Service (DDoS) attacks is launched by large number of compromised host to interrupt the services of the legitimate users.  ...  Once the packets are classified attack packets are dropped at the border router of the target network before reaching the victim.  ...  In [4] , A. Compagno, et al. presented defense against inertest flooding distributed denial of service attacks in Named Data networking.  ... 
doi:10.1109/iciiecs.2015.7193118 fatcat:35aawztearef7f2ecxlybff46e

Bayes Optimal DDoS Mitigation by Adaptive History-Based IP Filtering

Markus Goldstein, Christoph Lampert, Matthias Reif, Armin Stahl, Thomas Breuel
2008 Seventh International Conference on Networking (icn 2008)  
Distributed Denial of Service (DDoS) attacks are today the most destabilizing factor in the global internet and there is a strong need for sophisticated solutions.  ...  Our proposed practical algorithm "Adaptive History-Based IP Filtering" (AHIF) mitigates DDoS attacks near the victim and outperforms existing methods by at least 32% in terms of collateral damage.  ...  ACKNOWLEDGMENT This work is part of NetCentric Security, a project of Deutsche Telekom Laboratories supported by German Research Center for Artificial Intelligence DFKI GmbH.  ... 
doi:10.1109/icn.2008.64 dblp:conf/icn/GoldsteinLRSB08 fatcat:i4wnlp6rercz7dmgi4qrfs3a2e

Hybrid Evolutionary Algorithmn based Intrusion Detection System for Denial of Service Attacks

S. Mourougan, M. Aramudhan
2015 Indian Journal of Science and Technology  
One of the security problems is Denial of Service (DoS), is a type of attack that tries to prevent legitimate users from accessing either the services or resources, by generating large number of artificial  ...  Findings/Conclusion: In the proposed Intrusion Detection System model, attacks are identified by training the Particle Swarm Optimization classifiers with Genetic-Particle Swarm Optimization based on wrapper  ...  However, considering the fact that the sources of attack can be distributed in different networks, there is a lack of analysis for the traffic near the sources and also the detection of the source of SYN  ... 
doi:10.17485/ijst/2015/v8i35/86652 fatcat:a2wcttht2nbylowyslcofbamw4

Practical Verifiable In-network Filtering for DDoS defense [article]

Deli Gong, Muoi Tran, Shweta Shinde, Hao Jin, Vyas Sekar, Prateek Saxena, Min Suk Kang
2019 arXiv   pre-print
In light of ever-increasing scale and sophistication of modern DDoS attacks, it is time to revisit in-network filtering or the idea of empowering DDoS victims to install in-network traffic filters in the  ...  Our proof of concept demonstrates that a VIF filter implementation on commodity servers with TEE support can handle traffic at line rate (e.g., 10 Gb/s) and execute up to 3,000 filter rules.  ...  INTRODUCTION Distributed denial-of-service (DDoS) attacks are highly prevalent.  ... 
arXiv:1901.00955v2 fatcat:wcwxamf3nnejpeogjvw5hihc74

Password Based Scheme and Group Testing for Defending DDOS Attacks

Dayanandam G, Rao T V, S Pavan Kumar Reddy, Ravinuthala Sruthi
2013 International journal of network security and its applications  
They feel no denial-of service effect and communicate unhindered with the victim. Denial-of-service (DoS) and distributed-denial-of-service (DDoS) attacks pose a grave danger to Internet operation.  ...  The first large-scale appearance of distributed denial-of-service (DDoS) attacks occurred in mid-1999.  ... 
doi:10.5121/ijnsa.2013.5303 fatcat:cnksqgknzzbv5ekfsc24hl7req

Signature-based Traffic Classification and Mitigation for DDoS Attacks using Programmable Network Data Planes

Marinos Dimolianis, Adam Pavlidis, Vasilis Maglaris
2021 IEEE Access  
Distributed Denial of Service (DDoS) mitigation typically relies on source IP-based filtering rules; these may present scaling issues due to the vast amount of involved sources.  ...  Our approach was compared to source-based mechanisms in terms of (i) malicious traffic identification, (ii) filtering rules cardinality, and (iii) packet processing throughput required in modern high speed  ...  INTRODUCTION Distributed Denial of Service (DDoS) attacks originate from compromised hosts and/or exploited vulnerable systems producing traffic from a large number of sources [1] .  ... 
doi:10.1109/access.2021.3104115 fatcat:cktpbsqngrbshaeslxbx3sa76u

A generic language for application-specific flow sampling

Harsha V. Madhyastha, Balachander Krishnamurthy
2008 Computer communication review  
Our study, based on month-long datasets gathered at two different network locations, shows that by learning local traffic characteristics we can sample relevant flow records near-optimally with low false  ...  Current techniques for producing sampled flow records are either focused on selecting flows from which statistical estimates of traffic volume can be inferred, or have simplistic models for applications  ...  of this work, and Glenn Fowler for help with dss.  ... 
doi:10.1145/1355734.1355736 fatcat:lhqg66fvfbddtc6qoy5fftrpjy

A Review on Distributed Denial of Service (DDoS) Mitigation Techniques in Cloud Computing Environment

Junath Naseer Ahamed, N. Ch. S. N. Iyengar
2016 International Journal of Security and Its Applications  
Distributed Denial of Service (DDoS) attack becomes a serious hazard for cloud computing environments as they target the victim and completely suppress the Datacenter to serve for its legitimate clients.This  ...  Classifies attack, non-attack cases based on network traffic analysis via chaotic deviation. Precise traffic state prediction by Lyapunov"s chaotic equation.  ...  We would select the vital network parameters that change significantly during an attack phase and hence its pattern gives an essential clue to detect denial of service attack from normal traffic.  ... 
doi:10.14257/ijsia.2016.10.8.24 fatcat:iyxpwp7phra2nhb2unevnf2xye

A Hybrid Model is Proposed Based in The Combination of Genetic and MAFS in Cloud Environment

V. Chinnasamy, D. Maruthanayagam
2018 International Journal of Scientific Research in Computer Science Engineering and Information Technology  
Data security has a major issue in cloud computing environment; An intrusion detection system (IDS) is a component that helps to detect various types of malicious network traffic which cannot be detected  ...  using Service Measurement Index security attributes and new hybrid computation intelligence built on the combination of genetic with Artificial Fish Swarm in Intrusion Detection system.  ...  Denial of Service (DoS) is a type of attack that tries to prevent legitimate users from accessing either the services or resources.  ... 
doi:10.32628/cseit183887 fatcat:7xgiczr6zrcf7o7hfdhmuqoyri

An Empirical Evaluation On Comparative Machine Learning Techniques For Detection of The Distributed Denial of Service (DDoS) Attacks

Arnold Ojugo, Andrew Okonji Eboka
2020 Journal of Applied Science Engineering Technology and Education  
Our study investigates the detection of the distributed denial of service (DDoS) attacks using machine learning techniques.  ...  in parameter selection to avoid model overtraining, over-fitting and over-parameterization.  ...  Distributed Denial of Service (DDoS) Attack: Definition and Overview DDoS is a large-scale, coordinated attack on provisioned services to network resource(s) or a victim system, launched indirectly via  ... 
doi:10.35877/454ri.asci2192 fatcat:yzwaavh57zbyrgfn3nyliskm7i

Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection

Chi-Ho Tsang, Sam Kwong, Hanli Wang
2007 Pattern Recognition  
traffic with minimized number of features.  ...  Classification of intrusion attacks and normal network traffic is a challenging and critical problem in pattern recognition and network security.  ...  Acknowlegment The work described in this paper was supported by a grant from City University Strategic Grant 7001955.  ... 
doi:10.1016/j.patcog.2006.12.009 fatcat:m3spcbzhgjd7jnp2jy4f2pjdzq

Secure Collecting, Optimizing, and Deploying of Firewall Rules in Software-Defined Networks

Sunghwan Kim, Seunghyun Yoon, Jargalsaikhan Narantuya, Hyuk Lim
2020 IEEE Access  
Firewalls are a fundamental element of network security systems with the ability to block network data traffic flows according to pre-defined rules.  ...  The proposed firewall system makes the traffic flows that are destined to be dropped by a firewall be dropped in advance at the OF-enabled switch with the corresponding SDN flow rules.  ...  With SDN, it is possible to selectively forward legitimate traffic to its destination while filtering anomalies and attacks in the network.  ... 
doi:10.1109/access.2020.2967503 fatcat:d6vk5vfbcfd5hecspuerd2scku

Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight

Sharyar Wani, Mohammed Imthiyas, Hamad Almohamedh, Khalid M Alhamed, Sultan Almotairi, Yonis Gulzar
2021 Symmetry  
Distributed Denial of Service (DDoS) attack is a major threat impeding service to legitimate requests on any network.  ...  Although the first DDoS attack was reported in 1996, the complexity and sophistication of these attacks has been ever increasing.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/sym13020227 fatcat:tftfhqczzrasjnxoxpputrh4ey

Duo: Software Defined Intrusion Tolerant System Using Dual Cluster

Yongjae Lee, Seunghyeon Lee, Hyunmin Seo, Changhoon Yoon, Seungwon Shin, Hyunsoo Yoon
2018 Security and Communication Networks  
Then, Duo classifies traffic into benign and suspicious with the help of SDN/NFV technology that also allows dynamically forwarding the classified traffic to White and Gray servers, respectively, based  ...  In Duo, there are two types of servers: some servers with long exposure time (White server) and others with short exposure time (Gray server).  ...  Acknowledgments The authors thank Jaehyun Nam for his comments on initial design and his help in testing. This work was supported  ... 
doi:10.1155/2018/6751042 fatcat:vsfp2yxoarc6pb34gjq62xovkm

Protection Against Denial of Service Attacks: A Survey

G. Loukas, G. Oke
2009 Computer journal  
Denial of Service (DoS) is a prevalent threat in today's networks because DoS attacks are easy to launch, while defending a network resource against them is disproportionately difficult.  ...  We then provide an extensive literature review on the existing research on denial of service protection with an emphasis on the research of the last years and the most demanding aspects of defence.  ...  Our aim with this paper is to provide a comprehensive survey of the existing research on Denial of Service attacks and discuss the directions that this research can take in the near future.  ... 
doi:10.1093/comjnl/bxp078 fatcat:ohslj352kfcpfnfvki2a2wxorm
« Previous Showing results 1 — 15 out of 3,510 results