347 research outputs found
Distributed Denial of Service Attacks on Cloud Computing Environment‎
This paper aimed to identify the various kinds of distributed denial of service attacks (DDoS) attacks, their destructive capabilities, and most of all, how best these issues could be counter attacked and resolved for the benefit of all stakeholders along the cloud continuum, preferably as permanent solutions. A compilation of the various types of DDoS is done, their strike capabilities and most of all, how best cloud computing environment issues could be addressed and resolved for the benefit of all stakeholders along the cloud continuum. The key challenges against effective DDoS defense mechanism are also explored
Packet filter performance monitor (anti-DDOS algorithm for hybrid topologies)
DDoS attacks are increasingly becoming a major problem. According to Arbor Networks, the largest DDoS attack reported by a respondent in 2015 was 500 Gbps. Hacker News stated that the largest DDoS attack as of March 2016 was over 600 Gbps, and the attack targeted the entire BBC website.
With this increasing frequency and threat, and the average DDoS attack duration at about 16 hours, we know for certain that DDoS attacks will not be going away anytime soon. Commercial companies are not effectively providing mitigation techniques against these attacks, considering that major corporations face the same challenges. Current security appliances are not strong enough to handle the overwhelming traffic that accompanies current DDoS attacks. There is also a limited research on solutions to mitigate DDoS attacks. Therefore, there is a need for a means of mitigating DDoS attacks in order to minimize downtime. One possible solution is for organizations to implement their own architectures that are meant to mitigate DDoS attacks.
In this dissertation, we present and implement an architecture that utilizes an activity monitor to change the states of firewalls based on their performance in a hybrid network. Both firewalls are connected inline. The monitor is mirrored to monitor the firewall states. The monitor reroutes traffic when one of the firewalls become overwhelmed due to a HTTP DDoS flooding attack. The monitor connects to the API of both firewalls. The communication between the rewalls and monitor is encrypted using AES, based on PyCrypto Python implementation.
This dissertation is structured in three parts. The first found the weakness of the hardware firewall and determined its threshold based on spike and endurance tests. This was achieved by flooding the hardware firewall with HTTP packets until the firewall became overwhelmed and unresponsive. The second part implements the same test as the first, but targeted towards the virtual firewall. The same parameters, test factors, and determinants were used; however a different load tester was utilized. The final part was the implementation and design of the firewall performance monitor. The main goal of the dissertation is to minimize downtime when network firewalls are overwhelmed as a result of a DDoS attack
A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks
Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks. In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack. © 1998-2012 IEEE
Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era
The Internet of Things (IoT) is rapidly changing our society to a world where
every "thing" is connected to the Internet, making computing pervasive like
never before. This tsunami of connectivity and data collection relies more and
more on the Cloud, where data analytics and intelligence actually reside. Cloud
computing has indeed revolutionized the way computational resources and
services can be used and accessed, implementing the concept of utility
computing whose advantages are undeniable for every business. However, despite
the benefits in terms of flexibility, economic savings, and support of new
services, its widespread adoption is hindered by the security issues arising
with its usage. From a security perspective, the technological revolution
introduced by IoT and Cloud computing can represent a disaster, as each object
might become inherently remotely hackable and, as a consequence, controllable
by malicious actors. While the literature mostly focuses on security of IoT and
Cloud computing as separate entities, in this article we provide an up-to-date
and well-structured survey of the security issues of Cloud computing in the IoT
era. We give a clear picture of where security issues occur and what their
potential impact is. As a result, we claim that it is not enough to secure IoT
devices, as cyber-storms come from Clouds
NaĂŻve Bayes Classifier to Mitigate the DDoS Attacks Severity in Ad-Hoc Networks
Ad-Hoc networks are becoming more popular due to their unique characteristics. As there is no centralized control, these networks are more vulnerable to various attacks, out of which Distributed Denial of Service (DDoS) attacks are considered as more severe attacks. DDoS attack detection and mitigation is still a challenging issue in Ad-Hoc Networks. The existing solutions consider the fixed or dynamic threshold value to detect the DDoS attacks without any trained data, and very few existing solutions use machine learning algorithms to detect these attacks. However, existing solutions are inefficient to handle when DDoS attackers’ perform this attack through bursty traffic, packet size, and fake packets flooding. We have proposed DDoS attack severity mitigation solution. Out DDoS mitigation solution consists of new network node authentication module and naïve bayes classifier module to detect and isolate the DDoS attack traffic patterns. Our simulation results show that naïve bayes DDoS attack traffic classification out performs in the hostile environment and secure the legitimate traffic from DDoS attack
Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques
Cloud Computing holds the potential to eliminate the requirements for setting
up of high-cost computing infrastructure for IT-based solutions and services
that the industry uses. It promises to provide a flexible IT architecture,
accessible through internet for lightweight portable devices. This would allow
multi-fold increase in the capacity or capabilities of the existing and new
software. In a cloud computing environment, the entire data reside over a set
of networked resources, enabling the data to be accessed through virtual
machines. Since these data-centers may lie in any corner of the world beyond
the reach and control of users, there are multifarious security and privacy
challenges that need to be understood and taken care of. Also, one can never
deny the possibility of a server breakdown that has been witnessed, rather
quite often in the recent times. There are various issues that need to be dealt
with respect to security and privacy in a cloud computing scenario. This
extensive survey paper aims to elaborate and analyze the numerous unresolved
issues threatening the cloud computing adoption and diffusion affecting the
various stake-holders linked to it.Comment: 20 pages, 2 Figures, 1 Table. arXiv admin note: substantial text
overlap with arXiv:1109.538
A Study of Very Short Intermittent DDoS Attacks on the Performance of Web Services in Clouds
Distributed Denial-of-Service (DDoS) attacks for web applications such as e-commerce are increasing in size, scale, and frequency. The emerging elastic cloud computing cannot defend against ever-evolving new types of DDoS attacks, since they exploit various newly discovered network or system vulnerabilities even in the cloud platform, bypassing not only the state-of-the-art defense mechanisms but also the elasticity mechanisms of cloud computing.
In this dissertation, we focus on a new type of low-volume DDoS attack, Very Short Intermittent DDoS Attacks, which can hurt the performance of web applications deployed in the cloud via transiently saturating the critical bottleneck resource of the target systems by means of external attack HTTP requests outside the cloud or internal resource contention inside the cloud. We have explored external attacks by modeling the n-tier web applications with queuing network theory and implementing the attacking framework based-on feedback control theory. We have explored internal attacks by investigating and exploiting resource contention and performance interference to locate a target VM (virtual machine) and degrade its performance
Intelligent Detection and Recovery from Cyberattacks for Small and Medium-Sized Enterprises
Cyberattacks threaten continuously computer security in companies. These attacks evolve everyday, being more and more sophisticated and robust. In addition, they take advantage of security breaches in organizations and companies, both public and private. Small and Medium-sized Enterprises (SME), due to their structure and economic characteristics, are particularly damaged when a cyberattack takes place. Although organizations and companies put lots of efforts in implementing security solutions, they are not always effective. This is specially relevant for SMEs, which do not have enough economic resources to introduce such solutions. Thus, there is a need of providing SMEs with affordable, intelligent security systems with the ability of detecting and recovering from the most detrimental attacks. In this paper, we propose an intelligent cybersecurity platform, which has been designed with the objective of helping SMEs to make their systems and network more secure. The aim of this platform is to provide a solution optimizing detection and recovery from attacks. To do this, we propose the application of proactive security techniques in combination with both Machine Learning (ML) and blockchain. Our proposal is enclosed in the IASEC project, which allows providing security in each of the phases of an attack. Like this, we help SMEs in prevention, avoiding systems and network from being attacked; detection, identifying when there is something potentially harmful for the systems; containment, trying to stop the effects of an attack; and response, helping to recover the systems to a normal state
- …