Mitigating Denial of Service Attacks with Load Balancing

Denial of service (DoS) attack continues to pose a huge risk to online businesses. The attack has moved from attack at the network level – layer 3 and layer 4 to the layer 7 of the OSI model. This layer 7 attack or application layer attack is not easily detectable by firewalls and most intrusion Detection systems and other security tools but have the capability of bringing down a well-equipped web server. The wide availability and easy accessibility of the attack tools makes this type of security risk very easy to execute, very prolific and difficult to completely mitigate. There have been an increasing number of such attacks against the web server infrastructures of many organisations being recorded. The aim of this research is to look at some layer 7 application DDoS attack tools and test open source tools that offer some form of defense against these attacks. The research deployed open source load balancing software, HAProxy as a first line of defense against Denial of Service attack. The three components of the popular free open source data analysis tool, Elastic stack framework- Logstash, Elasticsearch and Kibana were used to collect logs from the web server, filter and query the logs and then display results in dashboards and graphs to help in the identification of an attack by analysing the visually displayed log data. Rules are also setup to alert the business of anomalies detected based on pre-determined benchmarks

Efficient Network Traffic Classification and Visualizing Abnormal Part Via Hybrid Deep Learning Approach : Xception + Bidirectional GRU

Due to a rapid development in the field of information and communication, the information technologies yielded novel changes in both individual and organizational operations. Therefore, the accessibility of information became easier and more convenient than before, and malicious approaches such as hacking or spying aimed at various information kept increasing. With the aim of preventing malicious approaches, both classification and detecting malicious traffic are vital. Therefore, our research utilized various deep learning and machine learning models for better classification. The given dataset consists of normal and malicious data and these data types are png files. In order to achieve precise classification, our experiment consists of three steps. Firstly, only vanilla CNN was used for the classification and the highest score was 86.2%. Second of all, for the hybrid approach, the machine learning classifiers were used instead of fully connected layers from the vanilla CNN and it yielded about 87% with the extra tree classifier. At last, the Xception model was combined with the bidirectional GRU and it attained a 95.6% accuracy score, which was the highest among all

A new framework to alleviate DDoS vulnerabilities in cloud computing

In the communication age, the Internet has growing very fast and most industries rely on it. An essential part of Internet, Web applications like online booking, e-banking, online shopping, and e-learning plays a vital role in everyday life. Enhancements have been made in this domain, in which the web servers depend on cloud location for resources. Many organizations around the world change their operations and data storage from local to cloud platforms for many reasons especially the availability factor. Even though cloud computing is considered a renowned technology, it has many challenges, the most important one is security. One of the major issue in the cloud security is Distributed Denial of Service attack (DDoS), which results in serious loss if the attack is successful and left unnoticed. This paper focuses on preventing and detecting DDoS attacks in distributed and cloud environment. A new framework has been suggested to alleviate the DDoS attack and to provide availability of cloud resources to its users. The framework introduces three screening tests VISUALCOM, IMGCOM, and AD-IMGCOM to prevent the attack and two queues with certain constraints to detect the attack. The result of our framework shows an improvement and better outcomes and provides a recovered from attack detection with high availability rate. Also, the performance of the queuing model has been analysed

Impact of Feature Selection Methods on Machine Learning-based for Detecting DDoS Attacks : Literature Review

Cybersecurity attacks are becoming increasingly sophisticated and increasing with the development of technology so that they present threats to both the private and public sectors, especially Denial of Service (DoS) attacks and their variants which are often known as Distributed Denial of Service (DDoS). One way to minimize this attack is by using traditional mitigation solutions such as human-assisted network traffic analysis techniques but experiencing some limitations and performance problems. To overcome these limitations, Machine Learning (ML) has become one of the main techniques to enrich, complement and enhance the traditional security experience. The way ML works are based on the process of data collection, training and output. ML is influenced by several factors, one of which is feature engineering. In this study, we focus on the literature review of several recent studies which show that the feature selection process greatly impacts the level of accuracy of this ML. Datasets such as KDD, UNSW-NB15 and others also affect the level of accuracy of ML. Based on this literature review, this study can observe several feature engineering strategies with relevant impacts that can be chosen to improve ML solutions on DDoS attacks

Packet Resonance Strategy: A Spoof Attack Detection and Prevention Mechanism in Cloud Computing Environment

Distributed Denial of Service (DDoS) is a major threat to server availability. The attackers hide from view by impersonating their IP addresses as the legitimate users. This Spoofed IP helps the attacker to pass through the authentication phase and to launch the attack. Surviving spoof detection techniques could not resolve different styles of attacks. Packet Resonance Strategy (PRS) armed to detect various types of spoof attacks that destruct the server resources or data theft at Datacenter. PRS ensembles to any Cloud Service Provider (CSP) as they are exclusively responsible for any data leakage and sensitive information hack. PRS uses two-level detection scheme, allows the clients to access Datacenter only when they surpass initial authentication at both levels. PRS provides faster data transmission and time sensitiveness of cloud computing tasks to the authenticated clients. Experimental results proved that the proposed methodology is a better light-weight solution and deployable at server-end

Detecting and tracing slow attacks on mobile phone user service

The lower bandwidth of mobile devices has until recently filtered the range of attacks on the Internet. However, recent research shows that DOS and DDOS attacks, worms and viruses, and a whole range of social engineering attacks are impacting on broadband smartphone users. In our research we have developed a metric-based system to detect the traditional slow attacks that can be effective using limited resources, and then employed combinations of Internet trace back techniques to identify sources of attacks. Our research question asked: What defence mechanisms are effective? We critically evaluate the available literature to appraise the current state of the problem area and then propose an innovative solution for the detection and investigation of attacks

Selected Computing Research Papers Volume 7 June 2018

Contents Critical Evaluation of Arabic Sentimental Analysis and Their Accuracy on Microblogs (Maha Al-Sakran) Evaluating Current Research on Psychometric Factors Affecting Teachers in ICT Integration (Daniel Otieno Aoko) A Critical Analysis of Current Measures for Preventing Use of Fraudulent Resources in Cloud Computing (Grant Bulman) An Analytical Assessment of Modern Human Robot Interaction Systems (Dominic Button) Critical Evaluation of Current Power Management Methods Used in Mobile Devices (One Lekula) A Critical Evaluation of Current Face Recognition Systems Research Aimed at Improving Accuracy for Class Attendance (Gladys B. Mogotsi) Usability of E-commerce Website Based on Perceived Homepage Visual Aesthetics (Mercy Ochiel) An Overview Investigation of Reducing the Impact of DDOS Attacks on Cloud Computing within Organisations (Jabed Rahman) Critical Analysis of Online Verification Techniques in Internet Banking Transactions (Fredrick Tshane

SIEM-based detection and mitigation of IoT-botnet DDoS attacks

The Internet of Things (IoT) is becoming an integral part of our daily life including health, environment, homes, military, etc. The enormous growth of IoT in recent years has attracted hackers to take advantage of their computation and communication capabilities to perform different types of attacks. The major concern is that IoT devices have several vulnerabilities that can be easily exploited to form IoT botnets consisting of millions of IoT devices and posing significant threats to Internet security. In this context, DDoS attacks originating from IoT botnets is a major problem in today’s Internet that requires immediate attention. In this paper, we propose a Security Information and Event Management-based IoT botnet DDoS attack detection and mitigation system. This system detects and blocks DDoS attack traffic from compromised IoT devices by monitoring specific packet types including TCP SYN, ICMP and DNS packets originating from these devices. We discuss a prototype implementation of the proposed system and we demonstrate that SIEM based solutions can be configured to accurately identify and block malicious traffic originating from compromised IoT devices

Selected Computing Research Papers Volume 1 June 2012

An Evaluation of Anti-phishing Solutions (Arinze Bona Umeaku) ..................................... 1 A Detailed Analysis of Current Biometric Research Aimed at Improving Online Authentication Systems (Daniel Brown) .............................................................................. 7 An Evaluation of Current Intrusion Detection Systems Research (Gavin Alexander Burns) .................................................................................................... 13 An Analysis of Current Research on Quantum Key Distribution (Mark Lorraine) ............ 19 A Critical Review of Current Distributed Denial of Service Prevention Methodologies (Paul Mains) ............................................................................................... 29 An Evaluation of Current Computing Methodologies Aimed at Improving the Prevention of SQL Injection Attacks in Web Based Applications (Niall Marsh) .............. 39 An Evaluation of Proposals to Detect Cheating in Multiplayer Online Games (Bradley Peacock) ............................................................................................................... 45 An Empirical Study of Security Techniques Used In Online Banking (Rajinder D G Singh) .......................................................................................................... 51 A Critical Study on Proposed Firewall Implementation Methods in Modern Networks (Loghin Tivig) .................................................................................................... 5