The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The Mirai botnet and its variants and imitators are a wake-up call to the industry to better secure Internet of Things devices or risk exposing the Internet infrastructure to increasingly disruptive distributed denial-of-service attacks.
DoS(Denial of Service) or DDoS(Distributed DoS) attack is a major threaten and the most difficult problem to solve among many attacks. Moreover, it is very difficult to find a real origin of attackers because DoS/DDoS attacker uses spoofed IP addresses. To solve this problem, we propose a probabilistic route selection algorithm to trace the attacker's real origin. This algorithm uses three types of...
Distributed Denial of Service (DDoS) attacks pose one of the most serious security threats to the Internet. We examine the drawbacks of existing defense schemes. To combat these deficiencies, we propose a credit-based defense system: TrustGuard. Essentially, flows accumulate credit based on the diversity of their packet-size distribution. The more diverse the flow, the more credit it has. Since DDoS...
Distributed denial of service (DDoS) attacks is one of the major threats to the current Internet. After analyzing the characteristics of DDoS attacks and the existing approaches to detect DDoS attacks, a novel detection method based on conditional entropy is proposed in this paper. First, a group of statistical features based on conditional entropy is defined, which is named Traffic Feature Conditional...
IP spoofing has been exploited by Distributed Denial of Service (DDoS) attacks to conceal flooding sources and localities in flooding traffic, and prevent legitimate hosts into becoming reflectors, redirecting and amplifying flooding traffic. Thus, the ability to filter spoofed IP packets near victims is essential to their own protection as well as to their avoidance of becoming congestion and involuntary...
Distributed Denial of Service (DDoS) attacks have become one of the most serious threats to the Internet. In this paper, we propose Mantlet, an overlay-based approach to detect and mitigate DDoS attacks. Mantlet combines three innovative mechanisms for anti-spooflng, attack detection and mitigation, respectively. To circumvent IP spoofing, we first propose a probing mechanism named Bypass Check to...
Along with the internet fast developing recently, viruses, leaks and spy wares emerge in endlessly; worms, Trojans, and net thefts increase year by year. Maintaining Internet security becomes more and more important. Denial of service attack is among the hardest security problems to address because it is easy to launch, difficult to defend and trace. For the purpose of tracking IP address of the attackers,...
Among the diverse forms of malware, Botnet is the most widespread and serious threat which occurs commonly in today's cyber attacks. Botnets are collections of compromised computers which are remotely controlled by its originator (BotMaster) under a common Commond-and-Control (C&C) infrastructure. They provide a distributed platform for several illegal activities such as launching distributed...
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are posing major threat to today's essential Internet service. The need to protect servers and connected systems is an important aspect in network security. Hence this research work proposes a novel approach called Hop Count based Packet processing to counter DDoS attacks. DDoS attacks are difficult to identify at the source...
McAfee SecurityCenter Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide. ??McAfee claims that if you have installed McAfee SecurityCentre with anti-virus and anti-spyware and Firewall version 9.3 then you always have the most current security to combat the ever-evolving threats on the Internet for the duration of the subscription??...
This paper presents a DDoS (Distributed Denial of Service) two stage defense model based on roaming honeypot. The model can accurately identify the early features of DDoS attacks, and can automatically select effective detection features according to different types of DDoS attacks to accurately determine the legitimacy of IP flows with a smaller consumption, so that to a smaller consumption roam...
In this paper, we discuss the robustness of connectivity at the AS level of the Internet for DDoS attacks. Distributed denial of service attacks (DDoS) occur when the bandwidth or resources of a targeted system are flooded, usually one or few more servers becomes dysfunction. DDoS Attack is attacked by using DNS servers or slave PCs by computer viruses , etc. as an attack amplifier. We paid attention...
Distributed Denial of Service (DDoS) attacks are one of the most damaging threats against Internet based applications. Many of the DDoS defense mechanisms may unintentionally deny a certain portion of legitimate user accesses by mistaking them as attackers or may simply not block enough traffic to adequately protect the victim. Other better performing systems have not yet to reach adoption because...
We investigate the stability properties of a novel agent-based system for the detection of network bandwidth-based distributed denial of service (DDoS) attacks. The proposed system provides a description of the structure of flows which comprise the DDoS attack. In doing so, it facilitates DDoS mitigation at or near attack traffic sources. The constituent agents within the system operate at the inter...
Aiming at the shortage of existing DDoS attacks defense system, this paper puts forward an effective approach against DDoS attacks based on the three-way handshake process, and the key point lies in discarding the aggressive first handshake requests which consume a lot of system resources; thus it ensures that the new normal network request can be dealt with. An efficient defense system against DDoS...
There are two types of packet marking techniques in DDoS attacks defense. IP traceback reconstructs attack paths and entrance nodes, while path identification enables the victim identify and filter effectively malicious packets. In this paper, we propose an idea of organic combination of both that the upstream nodes identify and filter malicious packets. We specifically design a new packet marking...
The rapid consumer adoption of high-speed Internet connections has lead to the unprecedented interconnection of home networks. Consequently, the number of domestic home automation networks offering Internet connectivity has increased. These home automation networks are increasingly comprised of resource limited wireless sensor networks (WSN). This creates the potential for malicious users from across...
Distributed denial-of-service (DDoS) attacks present serious threats to servers in the Internet. We argue that the difference of the goals, manners and results of the interaction behaviors of normal flows and attack flows, which show different characteristics on IP addresses and ports. IAI (IP Address Interaction Feature) algorithm is proposed based on the addresses interaction, abrupt traffic change,...
Distributed Denial of Service (DDoS) attacks pose a major threat to today's cyber security. Defense against these attacks is complicated by source IP address spoofing, which is exploited by attackers to conceal source IP addresses and localities of malicious traffic. In this paper, we propose HPi (Hash-based Path Identification), a novel packet marking scheme to defeat DDoS attacks regardless of forged...
To defend DoS (Denial of Service) attacks, an access filtering mechanism is adopted in the firewall. The difficulty to define the filtering rules lies where normal and anomaly packets have to be distinguished in incoming packets. The purpose of our research is to explore the early detective method for anomaly accesses based on statistic analysis. In this paper, we defined the chi-square method, and...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.