13,631 research outputs found
An Efficient Analytical Solution to Thwart DDoS Attacks in Public Domain
In this paper, an analytical model for DDoS attacks detection is proposed, in
which propagation of abrupt traffic changes inside public domain is monitored
to detect a wide range of DDoS attacks. Although, various statistical measures
can be used to construct profile of the traffic normally seen in the network to
identify anomalies whenever traffic goes out of profile, we have selected
volume and flow measure. Consideration of varying tolerance factors make
proposed detection system scalable to the varying network conditions and attack
loads in real time. NS-2 network simulator on Linux platform is used as
simulation testbed. Simulation results show that our proposed solution gives a
drastic improvement in terms of detection rate and false positive rate.
However, the mammoth volume generated by DDoS attacks pose the biggest
challenge in terms of memory and computational overheads as far as monitoring
and analysis of traffic at single point connecting victim is concerned. To
address this problem, a distributed cooperative technique is proposed that
distributes memory and computational overheads to all edge routers for
detecting a wide range of DDoS attacks at early stage.Comment: arXiv admin note: substantial text overlap with arXiv:1203.240
An Iterative and Toolchain-Based Approach to Automate Scanning and Mapping Computer Networks
As today's organizational computer networks are ever evolving and becoming
more and more complex, finding potential vulnerabilities and conducting
security audits has become a crucial element in securing these networks. The
first step in auditing a network is reconnaissance by mapping it to get a
comprehensive overview over its structure. The growing complexity, however,
makes this task increasingly effortful, even more as mapping (instead of plain
scanning), presently, still involves a lot of manual work. Therefore, the
concept proposed in this paper automates the scanning and mapping of unknown
and non-cooperative computer networks in order to find security weaknesses or
verify access controls. It further helps to conduct audits by allowing
comparing documented with actual networks and finding unauthorized network
devices, as well as evaluating access control methods by conducting delta
scans. It uses a novel approach of augmenting data from iteratively chained
existing scanning tools with context, using genuine analytics modules to allow
assessing a network's topology instead of just generating a list of scanned
devices. It further contains a visualization model that provides a clear, lucid
topology map and a special graph for comparative analysis. The goal is to
provide maximum insight with a minimum of a priori knowledge.Comment: 7 pages, 6 figure
Recommended from our members
A survey of intrusion detection techniques in Cloud
Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks
A Survey of Distributed Intrusion Detection Approaches
Distributed intrustion detection systems detect attacks on computer systems
by analyzing data aggregated from distributed sources. The distributed nature
of the data sources allows patterns in the data to be seen that might not be
detectable if each of the sources were examined individually. This paper
describes the various approaches that have been developed to share and analyze
data in such systems, and discusses some issues that must be addressed before
fully decentralized distributed intrusion detection systems can be made viable
Sensor networks security based on sensitive robots agents. A conceptual model
Multi-agent systems are currently applied to solve complex problems. The
security of networks is an eloquent example of a complex and difficult problem.
A new model-concept Hybrid Sensitive Robot Metaheuristic for Intrusion
Detection is introduced in the current paper. The proposed technique could be
used with machine learning based intrusion detection techniques. The new model
uses the reaction of virtual sensitive robots to different stigmergic variables
in order to keep the tracks of the intruders when securing a sensor network.Comment: 5 page
- …