The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Distributed Denial of Service (DDoS) has been one of the greatest threats to network security for years. In recent years, DDoS attackers turn to application layer, which makes DDoS attack detection systems based on net layer and transport layer lost their performance. In this layer, Web service is the most vulnerable application. The study in this paper analyzed the differentiation between user behavior...
We study the vulnerability in domain name system, so called as "Ghost domain names", which is discovered by Jiang, Liang, Li, Li, Duan and Wu in NDSS 2012. The ghost domain vulnerability allows a malicious domain name to stay resolvable long after it has been removed form the upper level server. Our study examines the feasibility of the ghost domain vulnerability still active and clarifies...
We present in this paper a collective approach for intrusion detection in wide area networks. We use the multi-agent paradigm to model the proposed distributed system. In this system, an agent, which plays several roles, is situated on each node of the net. The first role of an agent is to perform the work of a local intrusion detection system (IDS). Periodically, it proceeds to exchange security...
DNS cache poisoning is a stepping stone towards advanced (cyber) attacks, and can be used to monitor users' activities, for censorship, to distribute malware and spam, and even to subvert correctness and availability of Internet networks and services. The DNS infrastructure relies on challenge-response defences, which are deemed effective for thwarting attacks by (the common) off-path adversaries...
The exponential growth of the web and the use of social networks in our area, gave birth to a new concept called digital identity, it's all digital traces that can be left in the internet such as photos and various comments. However, these digital identities are exposed to many dangers such as phishing, fraud, cyber-crime and identity theft. However, with an interconnected world, it is important to...
With the global widespread usage of the Internet, more and more cyber-attacks are being performed. Many of these attacks utilize IP address spoofing. This paper describes IP spoofing attacks and the proposed methods currently available to detect or prevent them. In addition, it presents a statistical analysis of the Hop Count parameter used in our proposed IP spoofing detection algorithm. We propose...
Software-defined networks (SDN), an emergent paradigm for network management, define abstractions to represent network entities and logically centralize them in a network controller. We argue that SDN's abstraction is the most promising way to successfully create agent-based architectures to control and manage large-scale parts of the Internet. This article makes a strong case for these architectures...
Distributed Denial of Service (DDoS) attacks are one of the challenging network security problems to address. The existing defense mechanisms against DDoS attacks usually filter the attack traffic at the victim side. The problem is exacerbated when there are spoofed IP addresses in the attack packets. In this case, even if the attacking traffic can be filtered by the victim, the attacker may reach...
Anonymous declared that it would hack North Korea, the world-wide closing country on June 25 in 2013, using internal supporters, but it is not known to have succeeded in hacking concretely. However, our previous study suggested hacking with Ninja gate, not with the existing method by connected routing. As a result of this study, we mentioned that even though it is a closing network, it will need a...
Tracing denial-of-service (DoS) attacks back to their source is a difficult task for network administrators. The source of attacks, sometimes, comes from a single source or multiple sources that makes harder to an investigator to trace attackers back to their original computer. In order to make attacks more difficult to discover, sophisticated attackers could hide their original IP address by using...
Based on the researches, there is a high rate of fraudulent activities in the online auctions. For instance, this figure for 2008 was about $43M in the US. As a result it can be considered as a crucial problem. This issue has been always a concern of customers and users of the online auction. Due to interaction and mutual effects between Security and trust these two concepts need to be considered...
In this paper, a case study of cyber crime is presented in the context of JNTUHJAC website. CERT-In is identified as the organization relevant to handling this kind of cybercrime. This paper is an attempt to find and do away with the lacunae in the prevailing cyber laws and the I.T. Act 2000 and the related amendment act 2008 such that law takes cognizance of all kinds of cybercrimes perpetrated against...
By sending large amount of data flows from multiple sites, Distributed Denial-of-Service (DDoS) attacks target the victims. Many of the DDoS defense methods need to be implemented simultaneously and collaboratively on several nodes, making them difficult to implement, especially on nodes that need to maintain round-the-clock Internet connectivity. The defense methods rely on random or probabilistic...
Among various types of computer threats, botnet is the most serious one against cyber security as they provide several illegal activities such as denial of service attacks, spamming, click fraud and other type of espionage activities. A botnet is a network of infected computers called bots which are under the control of one person known as Botmaster. Botmaster will have full control over the compromised...
By sending large amount of data flows from multiple sites, Distributed Denial-of-Service (DDoS) attacks target the victims. Many of the DDoS defense methods need to be implemented simultaneously and collaboratively on several nodes, making them difficult to implement, especially on nodes that need to maintain round-the-clock Internet connectivity. The defense methods rely on random or probabilistic...
DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) is a simple and relatively effective traceback scheme among the available traceback methods. However, the existing DPM schemes inheret a critical drawback of scalability in tracing all possible attack sources, which roots at their static mark encoding and attempt to mark all Internet routers for their...
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks can result in huge loss of data and make resources unavailable for legitimate users. With continuous growth of Internet users and traffic, the importance of Intrusion Detection System (IDS) for detection of DoS/DDoS network attacks has also grown. Different techniques such as data mining and pattern recognition are being used...
Mapping origin-to-destination network-traffic-state is pivotal for network management and proactive security tasks. However, lack of flow-level measurements as well as potential anomalies pose major challenges toward achieving these goals. Leveraging the spatiotemporal correlation of nominal traffic, and the sparse nature of anomalies, this paper proposes a novel estimator to map out both nominal...
We statistically investigated the total ANY resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st, 2011 to December 31st, 2012. The obtained results are: (1) We found a significant increase in the inbound ANY RR based DNS query request traffic at November 28th, 2011. (2) In the DNS query request...
The Internet is a decentralized structure that offers speedy communication, has a global reach and provides anonymity, a characteristic invaluable for committing illegal activities. In parallel with the spread of the Internet, cybercrime has rapidly evolved from a relatively low volume crime to a common high volume crime. A typical example of such a crime is the spreading of spam emails, where the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.