663 research outputs found
Flooding attacks to internet threat monitors (ITM): Modeling and counter measures using botnet and honeypots
The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring
system whose goal is to measure, detect, characterize, and track threats such
as distribute denial of service(DDoS) attacks and worms. To block the
monitoring system in the internet the attackers are targeted the ITM system. In
this paper we address flooding attack against ITM system in which the attacker
attempt to exhaust the network and ITM's resources, such as network bandwidth,
computing power, or operating system data structures by sending the malicious
traffic. We propose an information-theoretic frame work that models the
flooding attacks using Botnet on ITM. Based on this model we generalize the
flooding attacks and propose an effective attack detection using Honeypots
Content and popularity analysis of Tor hidden services
Tor hidden services allow running Internet services while protecting the
location of the servers. Their main purpose is to enable freedom of speech even
in situations in which powerful adversaries try to suppress it. However,
providing location privacy and client anonymity also makes Tor hidden services
an attractive platform for every kind of imaginable shady service. The ease
with which Tor hidden services can be set up has spurred a huge growth of
anonymously provided Internet services of both types. In this paper we analyse
the landscape of Tor hidden services. We have studied Tor hidden services after
collecting 39824 hidden service descriptors on 4th of Feb 2013 by exploiting
protocol and implementation flaws in Tor: we scanned them for open ports; in
the case of HTTP services, we analysed and classified their content. We also
estimated the popularity of hidden services by looking at the request rate for
hidden service descriptors by clients. We found that while the content of Tor
hidden services is rather varied, the most popular hidden services are related
to botnets.Comment: 6 pages, 3 figures, 2 table
Bitcoin over Tor isn't a good idea
Bitcoin is a decentralized P2P digital currency in which coins are generated
by a distributed set of miners and transaction are broadcasted via a
peer-to-peer network. While Bitcoin provides some level of anonymity (or rather
pseudonymity) by encouraging the users to have any number of random-looking
Bitcoin addresses, recent research shows that this level of anonymity is rather
low. This encourages users to connect to the Bitcoin network through
anonymizers like Tor and motivates development of default Tor functionality for
popular mobile SPV clients. In this paper we show that combining Tor and
Bitcoin creates an attack vector for the deterministic and stealthy
man-in-the-middle attacks. A low-resource attacker can gain full control of
information flows between all users who chose to use Bitcoin over Tor. In
particular the attacker can link together user's transactions regardless of
pseudonyms used, control which Bitcoin blocks and transactions are relayed to
the user and can \ delay or discard user's transactions and blocks. In
collusion with a powerful miner double-spending attacks become possible and a
totally virtual Bitcoin reality can be created for such set of users. Moreover,
we show how an attacker can fingerprint users and then recognize them and learn
their IP address when they decide to connect to the Bitcoin network directly.Comment: 11 pages, 4 figures, 4 table
Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art
Botnets are prevailing mechanisms for the facilitation of the distributed
denial of service (DDoS) attacks on computer networks or applications.
Currently, Botnet-based DDoS attacks on the application layer are latest and
most problematic trends in network security threats. Botnet-based DDoS attacks
on the application layer limits resources, curtails revenue, and yields
customer dissatisfaction, among others. DDoS attacks are among the most
difficult problems to resolve online, especially, when the target is the Web
server. In this paper, we present a comprehensive study to show the danger of
Botnet-based DDoS attacks on application layer, especially on the Web server
and the increased incidents of such attacks that has evidently increased
recently. Botnet-based DDoS attacks incidents and revenue losses of famous
companies and government websites are also described. This provides better
understanding of the problem, current solution space, and future research scope
to defend against such attacks efficiently
Central Pivot Heuristics for Botnet Attack Defense in Iot
Botnet assaults on IoT systems have become a big issue, and several strategies for botnet protection have been investigated by the academic and industry communities. While many of these methods are practical and effective for botnet attack prevention, one of the important limits is the load factor on the servers that manage monitoring and control in addition to catering to client system requests. To address load factor difficulties, the focus of this study report is on the conditions of installing a four-layer security control system based on the notion of central pivot points. Inspired by the effective and systematic Markov Chains concept, this publication proposes a four-layer filtering model that shows if botnet detection and prevention methods for servers are required. The model's simulated experimental study demonstrates the potential scope of deploying the system. The study also highlights the future possibilities of model improvisation that can reduce any erroneous signal production that is judged necessary
- …