A new detection method for LDoS attacks based on data mining

Tang, Dan; Chen, Jingwen; Wang, Xiyin; Zhang, Siqi; Yan, Yudong

doi:10.1016/j.future.2021.09.039

Cited by 11 publications

(2 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ruchi Vishwakarma et al [10] present a honeypot-based approach that can be taken as a productive outset towards combatting Zero-Day DDoS Attacks to analyze ways to prevent SSH and Telnet Protocol Attacks [11]. Tang [12] proposed a detection method to identify LDOS attacks at the transport layer and used data mining technology to analyze network anomalies under LDOS attacks to complete the detection. Furthermore, because all of the aforementioned solutions target solely the ideal low-rate TCP DoS attack, one alternative strategy for attackers to circumvent the defense could be splitting their traffic into multiple attacking flows to trigger distributed DoS attacks.…”

Section: Introductionmentioning

confidence: 99%

AccFlow: Defending against the Low-Rate TCP DoS Attack in Drones

Cao,

Li,

Han

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

As drones are widely employed in various industries and daily life, concerns regarding their safety have been gradually emerging. Denial of service (DoS) attacks have become one of the most significant threats to the stability of resource-constrained sensor nodes. Traditional brute-force and high-rate distributed denial of service (DDoS) attacks are easily detectable and mitigated. However, low-rate TCP DoS attacks can considerably impair TCP throughput and evade DoS prevention systems by inconspicuously consuming a small portion of network capacity, and whereas the literature offers effective defense mechanisms against DDoS attacks, there is a gap in defending against Low-Rate TCP DoS attacks. In this paper, we introduce AccFlow, an incrementally deployable Software-Defined Networking (SDN)-based protocol designed to counter low-rate TCP DoS attacks. The main idea of AccFlow is to make the attacking flows accountable for the congestion by dropping their packets according to their loss rates. AccFlow drops their packets more aggressively as the loss rates increase. Through extensive simulations, we illustrate that AccFlow can effectively safeguard against low-rate TCP DoS attacks, even when attackers employ varying strategies involving different scales and data rates. Furthermore, whereas AccFlow primarily addresses low-rate TCP DoS attacks, our research reveals its effectiveness in defending against general DoS attacks. These general attacks do not rely on the TCP retransmission timeout mechanism but rather deplete network resources, ultimately resulting in a denial of service for legitimate users. Additionally, we delve into the scalability of AccFlow and its viability for practical deployment in real-world networks. Finally, we demonstrate the effectiveness of AccFlow in safeguarding network resources.

show abstract

Section: Introductionmentioning

confidence: 99%

AccFlow: Defending against the Low-Rate TCP DoS Attack in Drones

Cao,

Li,

Han

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…H. Siadati et al used machine learning-based algorithms to identify anomalous logins within an enterprise network[129]. In[139], D. Tang et al developed data-driven models to detect relatively low-rate DoS attacks that exhibit abnormal patterns in the frequency, variation, and distribution of TCP flows.…”

mentioning

confidence: 99%