3,213 research outputs found
LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes
While there are various methods to detect application layer attacks or
intrusion attempts on an individual end host, it is not efficient to provide
all end hosts in the network with heavy-duty defense systems or software
firewalls. In this work, we leverage a new concept of programmable data planes,
to directly react on alerts raised by a victim and prevent further attacks on
the whole network by blocking the attack at the network edge. We call our
design LAMP, Layer 7 Attack Mitigation with Programmable data planes. We
implemented LAMP using the P4 data plane programming language and evaluated its
effectiveness and efficiency in the Behavioral Model (bmv2) environment
Toward Network-based DDoS Detection in Software-defined Networks
To combat susceptibility of modern computing systems to cyberattack, identifying and disrupting malicious traffic without human intervention is essential. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress
DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation
The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far
- …