A Selective Defense for Application Layer DDoS Attacks

Dantas, Yuri Gil; Nigam, Vivek; Fonseca, Iguatemi E.

doi:10.1109/jisic.2014.21

Cited by 53 publications

(56 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…What distinguishes this type of attacks from from other types of DoS (such as flooding attacks) is that they can usually be easily solved with the installation of patches solving the identified vulnerabilities [16]. Examples of this type of issues are: -HTTP PRAGMA and HTTP POST attacks: in both of them, the adversary, takes advantage of specific HTTP requests in order to keep consuming and maintaining control of much more resources than actually needed [30]; -Coercive parsing: once received, SOAP messages have to be parsed by web services. However, in some cases such operation might become highly time-consuming and complex due to XML [58].…”

Section: Confidentiality Issuesmentioning

confidence: 99%

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of Cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds.

show abstract

Section: Confidentiality Issuesmentioning

confidence: 99%

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Such amplification attacks are not, however, the main topic of this paper. 4 Or alternatively two honest users that have been infected to be zombies by some attacker.…”

Section: Voip Protocols and The Coordinated Call Attackmentioning

confidence: 99%

“…According to the FBI, 200 TDoS attacks have been identified only in 2013 [2]. This paper investigates the use of selective defenses [4] for mitigating one type of TDoS attack called Coordinated Call [5] attack. The Coordinated Call attack [5] exploits the fact that pairs of attackers, Alice and Bob, can collude to exhaust the resources of the VoIP server.…”

Section: Introductionmentioning

confidence: 99%

On the accuracy of formal verification of selective defenses for TDoS attacks

Lemos

Dantas

Fonseca

et al. 2018

Journal of Logical and Algebraic Methods in Programming

Self Cite

View full text Add to dashboard Cite

Telephony Denial of Service (TDoS) attacks target telephony services, such as Voice over IP (VoIP), not allowing legitimate users to make calls. There are few defenses that attempt to mitigate TDoS attacks, most of them using IP filtering, with limited applicability. In our previous work, we proposed to use selective strategies for mitigating HTTP Application-Layer DDoS Attacks demonstrating their effectiveness in mitigating different types of attacks. Developing such types of defenses is challenging as there are many design options, e.g., which dropping functions and selection algorithms to use. Our first contribution is to demonstrate both experimentally and by using formal verification that selective strategies are suitable for mitigating TDoS attacks. We used our formal model to help decide which selective strategies to use with much less effort than carrying out experiments. Our second contribution is a detailed comparison of the results obtained from our formal models and the results obtained by carrying out experiments. We demonstrate that formal methods is a powerful tool for specifying defenses for mitigating Distributed Denial of Service attacks allowing to increase our confidence on the proposed defense before actual implementation.

show abstract

“…Several other recent works dealt with the applicationlayer DDoS attacks, such as [18][19][20]. The work in [18] presents a solution for DDoS in the application layer wherein the authors proposed a solution based on Adaptive Selective Verification to defend an attack that targets a particular application of a server.…”

Section: Related Workmentioning

confidence: 99%

“…The work in [18] presents a solution for DDoS in the application layer wherein the authors proposed a solution based on Adaptive Selective Verification to defend an attack that targets a particular application of a server. The work in [19] copes with a set of algorithms to block attacks while allowing legitimate user traffic, including flash traffic which can only be differentiated by applicationlayer methods.…”

Section: Related Workmentioning

confidence: 99%

A Multi-Criteria based Software Defined Networking System Architecture for DDoS-Attack Mitigation

Dang-Van

2017

REV J. Electron. Commun.

View full text Add to dashboard Cite

Abstract-Nowadays, Software-Defined Networking (SDN) has become a promising network architecture in which network devices are controlled in a separate Control Plane (i.e., SDN controller). In a specific aspect, employing SDN in a network offers an attractive network security solution due to its flexibility in building and adding more new software security rules. From another perspective, attack prediction and mitigation, especially for Distributed Denial of Service (DDoS) attacks, are still challenges in SDN environments since a SDN control system works probably slower than a non-SDN one and the SDN controller can become a target of attacks. In this article, at first, we analyze a real traffic use case in order to derive DDoS indicators and thresholds. Secondly, we design an Openflow/SDN-based Attack Mitigation Architecture that is able to quickly mitigate DDoS attacks on the fly. The design solves the existing problems of the Openflow protocol, reducing the traffic volume traversing over the interface between the data plane (switch) and the control plane (SDN controller) and decreasing the buffer size at the Openflow switch. Applying our proposed Fuzzy Logic-based DDoS Mitigation algorithm that deploys multiple criteria for DDoS detection -FDDoM, the system demonstrates the ability to detect and filter 97% of attack flows and reach a False Positive Rate of 5% that are acceptable figures in real system management. The results also show that the network resource which is required to cope and maintain flow entries is 50% reduced during attack time.

show abstract

A Selective Defense for Application Layer DDoS Attacks

Cited by 53 publications

References 13 publications

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

On the accuracy of formal verification of selective defenses for TDoS attacks

A Multi-Criteria based Software Defined Networking System Architecture for DDoS-Attack Mitigation

Contact Info

Product

Resources

About