Characterizing Network Flows for Detecting DNS, NTP, and SNMP Anomalies

Sharma, Rohini; Guleria, Ajay; Singla, R. K.

doi:10.1007/978-981-10-7245-1_33

Cited by 4 publications

(2 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since these anomalies are not very common, they are difficult to analyze and detect. The flow, bytes, packet size, and bits/second do the same [40]. DNS queries Packet spoofing is abnormal behavior in the DNS protocol [41].…”

Section: ) Zero-day Vulnerabilitymentioning

confidence: 97%

A Comprehensive Review of DNS-based Distributed Reflection Denial of Service (DRDoS) Attacks: State-of-the-Art

Nuiaa¹,

Manickam²,

ALsaeedi³

2022

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

Cyberattacks significantly impact the services based on the internet that is used in our daily lives. Any disruption will make it extremely difficult for us to carry out our daily activities. Cyberattacks will disrupt online services, exploit vulnerabilities to breach databases and servers, and so on. Various systems and services contribute to the Internet's seamless functionality. The Domain Name System (DNS) is one of the most important services. DNS is used to resolve domain names into machine-readable IP addresses. DNS, like many other Internet services, is vulnerable to cyber-attacks. While DNS faces a slew of threats, one in particular appears to stand out. DNS is vulnerable to a variety of distributed denial-of-service attacks. The distributed reflection denial of service (DRDoS) attack, a flooding attack against DNS servers that renders them unavailable, disrupting domain name resolution activities, is one of the most common variants. DRDoS attacks have been on the rise in recent years. DNS lookup outages would significantly impact our online activities in the world of ultra-connectivity because they are typically the first step in establishing a connection with a server. The purpose of this paper is to present a state-of-the-art review of DRDoS attack detection and mitigation algorithms as well as the datasets on which these algorithms operate. Finally, we discussed each of these algorithms' relative merits and demerits.

show abstract

Section: ) Zero-day Vulnerabilitymentioning

confidence: 97%

A Comprehensive Review of DNS-based Distributed Reflection Denial of Service (DRDoS) Attacks: State-of-the-Art

Nuiaa¹,

Manickam²,

ALsaeedi³

2022

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

show abstract

“…The proposed model achieved high precision in the identification and detection of Malicious Traffic at a low false-negative rate at a rate of 98.3%. Sharma et al [34]showed that the analysis of the volume could not detect sorts of network abnormalities entirely.…”

Section: Related Workmentioning

confidence: 99%

Application Layer Denial of Services Attack Detection Based on StackNet

Smadi¹

2020

IJATCSE

View full text Add to dashboard Cite

Denial of Services (DoS) Attack is one of the most advanced attacks targeting cybercriminals. The DoS attack is designed to reduce the performance of network devices by performing their intended functions. In addition, the confidentiality, reliability and quality of data can be compromised by DoS attacks. In this paper, a new model is introduced that detects network traffic and varies type of application layer DoS attacks. The proposed model usesStackNet architecture which consists of three-layer that works in the feed-forward method. The results showed that the proposed model had a high accuracy level of 99.3% in the measurement of application-layerDoS attacks.

show abstract