2,772 research outputs found
An Efficient Analytical Solution to Thwart DDoS Attacks in Public Domain
In this paper, an analytical model for DDoS attacks detection is proposed, in
which propagation of abrupt traffic changes inside public domain is monitored
to detect a wide range of DDoS attacks. Although, various statistical measures
can be used to construct profile of the traffic normally seen in the network to
identify anomalies whenever traffic goes out of profile, we have selected
volume and flow measure. Consideration of varying tolerance factors make
proposed detection system scalable to the varying network conditions and attack
loads in real time. NS-2 network simulator on Linux platform is used as
simulation testbed. Simulation results show that our proposed solution gives a
drastic improvement in terms of detection rate and false positive rate.
However, the mammoth volume generated by DDoS attacks pose the biggest
challenge in terms of memory and computational overheads as far as monitoring
and analysis of traffic at single point connecting victim is concerned. To
address this problem, a distributed cooperative technique is proposed that
distributes memory and computational overheads to all edge routers for
detecting a wide range of DDoS attacks at early stage.Comment: arXiv admin note: substantial text overlap with arXiv:1203.240
DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation
The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far
Towards Loop-Free Forwarding of Anonymous Internet Datagrams that Enforce Provenance
The way in which addressing and forwarding are implemented in the Internet
constitutes one of its biggest privacy and security challenges. The fact that
source addresses in Internet datagrams cannot be trusted makes the IP Internet
inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is
open to attacks to the privacy of datagram sources, because source addresses in
Internet datagrams have global scope. The fact an Internet datagrams are
forwarded based solely on the destination addresses stated in datagram headers
and the next hops stored in the forwarding information bases (FIB) of relaying
routers allows Internet datagrams to traverse loops, which wastes resources and
leaves the Internet open to further attacks. We introduce PEAR (Provenance
Enforcement through Addressing and Routing), a new approach for addressing and
forwarding of Internet datagrams that enables anonymous forwarding of Internet
datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and
prevents Internet datagrams from looping, even in the presence of routing-table
loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington,
D.C., US
- …