Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
Today DNS servers run on many different applications and operating systems what means there are many options how to protect DNS server. Each regular application has implemented security mechanisms that protect the system from standard attacks. DNS service works on application layer, however it is possible to prevent many threats already on lower layers. This paper deals about DNS security mechanisms...
Software-Defined Networking (SDN) is a novel paradigm in networking that changed the way the conventional networks are built and managed. The idea of SDN is based upon the dissociation of the control plane from networking devices to better optimize each. The control of the whole network becomes the responsibility of the controller. In an SDN network, locations of all hosts can be monitored with the...
Named Data Networking (NDN) is considered to be a viable candidate to replace the host-centric IP model in the next generation of the Internet. Although NDN is known to be resistant to classical DoS and spoofing attacks, vulnerability to NDN-specific attacks nevertheless arises from the use of stateful routing to satisfy requests (Interests). Prime among these attacks, Interest flooding attacks on...
Botnet-based Distributed Denial of Service (DDoS) attacks are considered as the main concerns and problems of today's Internet. The damage of these attacks are very serious since the number of computers involved in these attacks is huge and distributed worldwide. However, many protocols such as Domain Name System (DNS) have several security vulnerabilities nowadays that are utilized by botnet attackers...
As the largest country code Top Level Domain (ccTLD) name service, .CN receives billions of queries every day. Under the threat of Distributed Denial-of-Service (DDoS) attacks, effective mechanism for client classification is especially important for such busy ccTLD service. In this paper, by analyzing the query log of .CN name service, we propose a novel client classification method based on client...
Distributed Reflective Denial of Service attacks (DRDoS) represent an ever growing security threat. These attacks are characterized by spoofed UDP traffic that is sent to genuine machines, called amplifiers, whose response to the spoofed IP, i.e. the victim machine, is amplified and could be 500 times larger in size than the originating request. In this paper, we provide a method and a tool for Internet...
Distributed Denial of Service (DDoS) is one kind of attacks using multiple computers. An attacker would act as a fake service requester that drains resources in computer target. This makes the target cannot serve the real request service. Thus we need to develop DDoS detector system. The proposed system consists of traffic capture, packet analyzer, and packet displayer. The system utilizes Ntopng...
Distributed Denial of Service attacks against high-profile targets have become more frequent in recent years. In response to such massive attacks, several architectures have adopted proxies to introduce layers of indirection between end users and target services and reduce the impact of a DDoS attack by migrating users to new proxies and shuffling clients across proxies so as to isolate malicious...
Methods and ways to perform denial-of-service attack are analyzed and classified in this work. Famous Denial-of-Service attack classifications are reviewed and analyzed. New elements of modern DoS attack classification are proposed.
As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals...
3G mobile networks have gained high user popularity due to the tremendous growth of the smart phone market. However, their complex signaling procedures and limited soft capacity made them vulnerable to new denial-of-service (DoS) attacks involving the control plane. More importantly, this type of frauds can also affect the successors of the 3G and their related paradigms such as smart cities. In this...
Current practices in network security deployment require multiple specialised devices as firewalls, traffic shapers, sensors or Intrusion Detection Systems (IDSs) to handle malicious traffic. This practice not only increases the overall operational costs but also makes network administration complicated. The high cost of Distributed Denial of Service (DDoS) mitigation devices empowers centralised...
The availability of online services is threatened by the Distributed Denial of Service (DDoS) attacks. As computing resources are getting cheaper, DDoS attacks are becoming more frequent and powerful. When DDoS attacks are directed towards a specific service, a small number of bots can overwhelm the service, making it unavailable to legitimate users. This paper presents Adaptive Bubble Burst (ABB),...
The explosion of interconnected devices and the Internet of Things has triggered new important challenges in the area of internet security, due to the various device vulnerabilities and increased potential for cyber-attacks. This paper touches on the areas of Cybersecurity, intrusion detection, prevention systems and artificial intelligence. Our aim is to create a system capable of understanding,...
As one of the most harmful DDoS (distributed deny of service) attacks, the DNS (domain name system) amplification attack has been a big threat to nowadays networks. Researchers have done much work to defend against this kind of attack in traditional networks. The SDN (software defined network) architecture, as a clear indication of future networking architecture, faces the same threat of DNS amplification...
DRDoS (Distributed Reflection Denial of Service) attack is a kind of DoS (Denial of Service) attack, in which third-party servers are tricked into sending large amounts of data to the victims. That is, attackers use source address IP spoofing to hide their identity and cause third-parties to send data to the victims as identified by the source address field of the IP packet. This is called reflection...
In order to enhance the ability of software defined network (SDN) proactive security protection, this paper puts forward a path hopping based SDN network defense (PH-SND) technology. PH-SND technology models the path hopping problem as a constraint solving problem, and utilizes satisfiability modulo theory solver to obtain multiple paths, which satisfy overlap and capacity constraints. According to...
In this paper, an approach to protecting virtual machines (VMs) against denial of service (DoS) attacks in a cloud environment is proposed. An open source cloud computing platform (Eucalyptus) has been deployed, and experimentation was carried out on this setup. We investigate attacks emanating from one or more virtual machines (VMs) to another VM in a multi-tenancy cloud environment. Various types...
Distributed Denial of Service (DDoS) attacks are becoming one of the major threats in the distributed data center networks which are loosely connected. Recent work has found new ways to attack network link instead of network servers. However, existing methods have limitations when detecting the link attacks, particularly in data store. To address this issue, in this paper, we propose an attack detection...
As more and more cloud services are exposed to DDoS attacks, DDoS attack detect has become a new challenging task because large packet traces captured on fast links could not be easily handled on a single server with limited computing and memory resources. In this paper, we propose a Hadoop based model to identify abnormal packets and compute the statistics according to the number of abnormal packets...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.