7,123 research outputs found
Recommended from our members
ForChaos: Real Time Application DDoS detection using Forecasting and Chaos Theory in Smart Home IoT Network
Recently, D/DoS attacks have been launched by zombie IoT devices in smart home networks. They pose a great threat to to network systems with Application Layer DDoS attacks being especially hard to detect due to their stealth and seemingly legitimacy. In this paper, we propose we propose ForChaos, a lightweight detection algorithm for IoT devices, that is based on forecasting and chaos theory to identify flooding and DDoS attacks. For every time-series behaviour collected, a forecasting-technique prediction is generated, based on a number of features, and the error between the two values is calcualted. In order to assess the error of the forecasting from the actual value, the lyapunov exponent is used to detect potential malicious behaviour. In NS-3 we evaluate our detection algorithm through a series of experiments in Flooding and Slow-Rate DDoS attacks. The results are presented and discussed in detail and compared with related studies, demonstrating its effectiveness and robustness
Cyber DoS attack based security simulator for VANET
At the late years, researches focused on the cyber Denial of Service (DoS) attacks in the Vehicle Ad hoc Networks (VANETS). This is due to high importance of ensuring the save receiving of information in terms of Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I) and Vehicle to Road Side Unit (V2R). In this paper, a cyber-security system is proposed to detect and block the DoS attacks in VANET. In addition, a simulator for VENAT based on lightweight authentication and key exchange is presented to simulate the network performance and attacks. The proposed system consists of three phases: registration, authentication as well as communications and DoS attack detection. These phases improve the system ability to detect the attacks in efficient way. Each phase working is based in a proposed related algorithm under the guidance of lightweight protocol. In order to test the proposed system, a prototype is considered includes six cars and we adopt police cars due to high importance of exchanged information. Different case studies have been considered to evaluate the proposed system and the obtained results show a high efficiency of performance in terms of information exchange and attack detection
SecMon: End-to-End Quality and Security Monitoring System
The Voice over Internet Protocol (VoIP) is becoming a more available and
popular way of communicating for Internet users. This also applies to
Peer-to-Peer (P2P) systems and merging these two have already proven to be
successful (e.g. Skype). Even the existing standards of VoIP provide an
assurance of security and Quality of Service (QoS), however, these features are
usually optional and supported by limited number of implementations. As a
result, the lack of mandatory and widely applicable QoS and security guaranties
makes the contemporary VoIP systems vulnerable to attacks and network
disturbances. In this paper we are facing these issues and propose the SecMon
system, which simultaneously provides a lightweight security mechanism and
improves quality parameters of the call. SecMon is intended specially for VoIP
service over P2P networks and its main advantage is that it provides
authentication, data integrity services, adaptive QoS and (D)DoS attack
detection. Moreover, the SecMon approach represents a low-bandwidth consumption
solution that is transparent to the users and possesses a self-organizing
capability. The above-mentioned features are accomplished mainly by utilizing
two information hiding techniques: digital audio watermarking and network
steganography. These techniques are used to create covert channels that serve
as transport channels for lightweight QoS measurement's results. Furthermore,
these metrics are aggregated in a reputation system that enables best route
path selection in the P2P network. The reputation system helps also to mitigate
(D)DoS attacks, maximize performance and increase transmission efficiency in
the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On
Computer Science - Research And Applications, Poland, Kazimierz Dolny
31.01-2.02 2008; 14 pages, 5 figure
Machine Learning DDoS Detection for Consumer Internet of Things Devices
An increasing number of Internet of Things (IoT) devices are connecting to
the Internet, yet many of these devices are fundamentally insecure, exposing
the Internet to a variety of attacks. Botnets such as Mirai have used insecure
consumer IoT devices to conduct distributed denial of service (DDoS) attacks on
critical Internet infrastructure. This motivates the development of new
techniques to automatically detect consumer IoT attack traffic. In this paper,
we demonstrate that using IoT-specific network behaviors (e.g. limited number
of endpoints and regular time intervals between packets) to inform feature
selection can result in high accuracy DDoS detection in IoT network traffic
with a variety of machine learning algorithms, including neural networks. These
results indicate that home gateway routers or other network middleboxes could
automatically detect local IoT device sources of DDoS attacks using low-cost
machine learning algorithms and traffic data that is flow-based and
protocol-agnostic.Comment: 7 pages, 3 figures, 3 tables, appears in the 2018 Workshop on Deep
Learning and Security (DLS '18
- …