1,229 Hits in 6.1 sec

Detection and Classification of DDoS Flooding Attacks on Software-Defined Networks: A Case Study for the Application of Machine Learning

Abimbola O. Sangodoyin, Mobayode O. Akinsolu, Prashant Pillai, Vic Grout
2021 IEEE Access  
DDoS flooding attacks can render SDN controllers unavailable to their underlying infrastructure, causing service disruption or a complete outage in many cases.  ...  The general principle is illustrated through a case study, in which, experimental data (i.e. jitter, throughput, and response time metrics) from a representative SDN architecture suitable for typical midsized  ...  Considering the flow classes obtainable on a data center network, a DDoS flooding attack detection approach is proposed in [31] through the use of a correlation analysis model.  ... 
doi:10.1109/access.2021.3109490 fatcat:3vzjvonqjzgrdcr3bq5tb2pyoy

Router Forensic Analysis against Distributed Denial of Service (DDoS) Attacks

Oldy Ray Prayogo, Imam Riadi
2020 International Journal of Computer Applications  
A Distributed Denial of Service (DDoS) attack is a multicomputer attack targeting a single device to increase the amount of network traffic and paralyze the target.  ...  This research uses the Network Forensic Generic Process Model which has 8 stages, namely preparation, detection, collection, preservation, examination, analysis, investigation, presentation, and using  ...  Waghmode (2017) has researched to detect DDoS attacks by conducting Multivariate Correlation Analysis (MCA) and ANN analysis on the KDD Cup 99 dataset.  ... 
doi:10.5120/ijca2020920944 fatcat:7dsrkuqsrna3fdxdyoil4wpa3y

Graph analysis of network flow connectivity behaviors

2019 Turkish Journal of Electrical Engineering and Computer Sciences  
After that, a network flow connectivity behavior analysis framework is present based on NFCGs.  ...  Given a set of flows, edges of a NFCG are generated by connecting pairwise hosts who communicate with each other.  ...  Acknowledgment This work was supported by the National Natural Science Foundation of China (No. 61471101, 61571094).  ... 
doi:10.3906/elk-1808-148 fatcat:jjiy2dzo7jgf3ecqalm4iv7gnq

BotNet Detection: Enhancing Analysis by Using Data Mining Techniques [chapter]

Erdem Alparslan, Adem Karahoca, Dilek Karahoc
2012 Advances in Data Mining Knowledge Discovery and Applications  
Strayer et al. (2008) suggested a mechanism to detect botnet C&C traffic by a passive analysis applied on network flow information.  ...  Botnets are often used for DDoS attacks to consume network bandwidth of victim system from wide range of IP addresses.  ... 
doi:10.5772/48804 fatcat:b4h7mwi5wvh7pjun4l3g4psrqm

Internet Traffic Analysis: MapReduce based Traffic Flow Classification in Hadoop Environment

Sathish Kumar M, PG Student, Department of Computer Science and Engineering R.V. College of Engineering Bangalore, Karnataka, India
2020 International Journal of Advanced Research in Computer Science  
In recent days, due to the increase in the number of flow, the internet traffic is increased. The increasing traffic is flooding with the DDoS flows from multiple DDoS attackers.  ...  The main objective of this paper is to classify structured as well as unstructured data of IP, TCP, HTTP and NetFlow analysis.  ...  In general, web traffic for a particular website is estimated based on the increased number of visits. But, in our work, we study the web traffic created by bots (attacker devices).  ... 
doi:10.26483/ijarcs.v11i2.6507 fatcat:c6wlshon7vgyhmrdxuirwhqq4i

Hunting attacks in the dark: clustering and correlation analysis for unsupervised anomaly detection

Johan Mazel, Pedro Casas, Romain Fontugne, Kensuke Fukuda, Philippe Owezarski
2015 International Journal of Network Management  
Unsupervised detection is accomplished by means of robust clustering techniques, combining sub-space clustering with correlation analysis to blindly identify anomalies.  ...  Network anomalies and attacks represent a serious challenge to ISPs, who need to cope with an increasing number of unknown events that put their networks' integrity at risk.  ...  The problem of network anomaly detection has been extensively studied during the last decade.  ... 
doi:10.1002/nem.1903 fatcat:h5yesz62vjhzvpdvq3ejmlllde

Complex methods detect anomalies in real time based on time series analysis

Abed Saif Alghawli
2021 Alexandria Engineering Journal  
The methods signature and entropy analysis are briefly described, and the results of their application showed a high degree of anomaly detection.  ...  Real time anomaly detection is important to performance and efficiency in many areas. This paper offers a complex method for detecting abnormal telecommunication traffic.  ...  Acknowledgements This project was supported by the Deanship of Scientific Research at Prince Sattam Bin Abdulaziz University under the research project No. 2020/01/16647.  ... 
doi:10.1016/j.aej.2021.06.033 fatcat:kgcd2caoqngbjk4qxtztegxuia

A Human-Centred Model for Network Flow Analysis

Thibaud Merien, David Brosset, Xavier Bellekens, Christophe Claramunt
2018 2018 2nd Cyber Security in Networking Conference (CSNet)  
These attacks often influence the behaviour of the system, leading to the detection of the attack. In this manuscript we model the path of an attack through the network by graphs.  ...  Computer networks are ubiquitous and growing exponentially, with a predicted 50 billion devices connected by 2050.  ...  The intention classification is related to the objectives of the analysis and the case study.  ... 
doi:10.1109/csnet.2018.8602913 dblp:conf/csnet/MerienBBC18 fatcat:gusxj2y2j5du3eu6vse5cobq3q

Analysis of Challenges in Modern Network Forensic Framework

Sirajuddin Qureshi, Jianqiang Li, Faheem Akhtar, Saima Tunio, Zahid Hussain Khand, Ahsan Wajahat, Neetesh Saxena
2021 Security and Communication Networks  
Network forensics can be an expansion associated with network security design which typically emphasizes avoidance and detection of community assaults.  ...  This paper proposed a thematic taxonomy of classifications of network forensic techniques based on extensive.  ...  traceback technique is useful when packets' origin is to be identified in case of spoofing attacks and DDoS attacks [29] . e DDoS and botnet attacks are mostly observed in the distribution networks,  ... 
doi:10.1155/2021/8871230 fatcat:nkrfvnk3vvdzxk5xihfzx7vrda

A Review of Topological Data Analysis for Cybersecurity [article]

Thomas Davies
2022 arXiv   pre-print
In cybersecurity it is often the case that malicious or anomalous activity can only be detected by combining many weak indicators of compromise, any one of which may not raise suspicion when taken alone  ...  This makes the problem of analysing cybersecurity data particularly well suited to Topological Data Analysis (TDA), a field that studies the high level structure of data using techniques from algebraic  ...  Acknowledgements This research was supported by the Defence and Security programme at the Alan Turing Institute, funded by the UK Government.  ... 
arXiv:2202.08037v1 fatcat:tkw5cnl2kfe7namu7kuoznlzn4

Attacker Traceability on Ethereum through Graph Analysis

Hang Zhu, Weina Niu, Xuhan Liao, Xiaosong Zhang, Xiaofen Wang, Beibei Li, Zheyuan He, Yu Yao
2022 Security and Communication Networks  
To this end, we propose a traceability method on Ethereum, using graph analysis to track attackers.  ...  Through graph analysis, we found accounts that are strongly associated with these attacks and are still active. We have done a systematic analysis of these accounts to analyze their threats.  ...  Because the relationship presented by users based on Ethereum is a kind of graph, it is more reasonable to use graphs to map the flow of funds, call relationships, and establish relationships when studying  ... 
doi:10.1155/2022/3448950 fatcat:x7qol35atrb5rcbzhgl7235xsy

An Experimental Analysis of Current DDoS attacks Based on a Provider Edge Router Honeynet

Stamatia Triantopoulou, Dimitrios Papanikas, Panayiotis Kotzanikolaou
2019 2019 10th International Conference on Information, Intelligence, Systems and Applications (IISA)  
SSDP source analysis: case study A Simple Service Discovery Protocol (SSDP) attack is a reflection-based DDoS attack that exploits Universal Plug and Play (UPnP) networking protocols in order to send an  ...  However, in case the network supports ICMP-based traffic, we can detect this attack by looking for large number of ping requests going to a range of IP addresses on your network.  ... 
doi:10.1109/iisa.2019.8900732 dblp:conf/iisa/TriantopoulouPK19 fatcat:igfrz2hpyzgp7jwdxaotimwvle

Bitcoin Mining based Botnet Analysis

Pallaw Singh, Anchit Bijalwan
2016 International Journal of Computer Applications  
We further propose a framework and a security algorithm to protect our system from being a part of botnet thus protecting our system form attacks such as spamming , non-availability, DDoS etc.  ...  In this paper we discuss how bitcoin are generated and how botnet generate bitcoing.We further analyze the network flow of two botnets namely Neris and ZeroAccess and provide a DNS relation in identifying  ...  in the case of the two malware we studied the attack that uses our processor/GPU to mine Bitcoin and spam in some cases.  ... 
doi:10.5120/ijca2016910719 fatcat:cbi3uehrd5br5i6yuc32uoti34

SENATUS: An Approach to Joint Traffic Anomaly Detection and Root Cause Analysis [article]

Atef Abdelkefi and Yuming Jiang and Sachin Sharma
2017 arXiv   pre-print
We show the effectiveness of SENATUS in diagnosing anomaly types: network scans and DoS/DDoS attacks.  ...  In this paper, we propose a novel approach, called SENATUS, for joint traffic anomaly detection and root-cause analysis.  ...  ACKNOWLEDGMENT This research was partly funded by the EU FP7 Marie Curie Actions Cleansky Project, Contract No. 607584.  ... 
arXiv:1711.09008v1 fatcat:gy2zpn3dorav3o7mscrtcnck6m

Analysis of Security Aspects for Dynamic Resource Management in Distributed Systems

VS Tondre
2011 International Journal of Computer Science Engineering and Information Technology  
It is used to locate and eliminate possible attackers instead of dealing with the issue of detecting a DDoS attack.  ...  Irrelevance Anomaly -A filtering rule in a firewall is irrelevant if this rule does match any traffic that may flow through this firewall.  ... 
doi:10.5121/ijcseit.2011.1501 fatcat:bwc67rwzsnbj3mwmcf6jiqkouu
« Previous Showing results 1 — 15 out of 1,229 results