DDoS Attack Analyzer: Using JPCAP and WinCap

Shinde, P. V.; Parvat, Thaksen J.

doi:10.1016/j.procs.2016.03.103

Cited by 4 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Java Agent Development framework (JADE) is a library implemented in Java for the development and execution of intelligent agents [24]. JPCAP is a project that was developed to detect intruder activity in a network based on the existing signatures of intrusion attacks or abnormal behaviors [25]. Aglets (agent applets) are mobile Java agents that can move from one host to another [26].…”

Section: Resultsmentioning

confidence: 99%

A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment

ACHBAROU

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

Cloud computing, like any distributed computing system, is continually exposed to many threats and attacks of various origins. Thus, cloud security is now a very important concern for both providers and users. Intrusion detection systems (IDSs) are used to detect attacks in this environment. The goal of security administrators (for both customers and providers) is to prevent and detect attacks while avoiding disruption of the smooth operation of the cloud. Making IDSs efficient is not an easy task in a distributed environment such as the cloud. This problem remains open, and to our knowledge, there are no satisfactory solutions for the automated evaluation and analysis of cloud security. The features of the multi-agent system paradigm, such as adaptability, collaboration, and distribution, make it possible to handle this evolution of cloud computing in an efficient and controlled manner. As a result, multi-agent systems are well suited to the effective management of cloud security. In this paper, we propose an efficient, reliable and secure distributed IDS (DIDS) based on a multi-agent approach to identify and prevent new and complex malicious attacks in this environment. Moreover, some experiments were conducted to evaluate the performance of our model.

show abstract

Section: Resultsmentioning

confidence: 99%

A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment

ACHBAROU

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

show abstract

“…In [ 51 ], it has been proposed that to overcome the limitations of capturing high volume traffic resulting from DoS cyber-attacks, simulated senors can be adopted in controlled conditions. However, in the end, whether in real or virtual environments, the meeting point will always be a network interface in listening mode that adequately supports a large number of frames and thus a tool that can sense and store them.…”

Section: Proposed Methodologymentioning

confidence: 99%

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

Hernandez-Suarez

Sánchez-Pérez

Olivares-Mercado

et al. 2023

Sensors

View full text Add to dashboard Cite

In recent years, cybersecurity has been strengthened through the adoption of processes, mechanisms and rapid sources of indicators of compromise in critical areas. Among the most latent challenges are the detection, classification and eradication of malware and Denial of Service Cyber-Attacks (DoS). The literature has presented different ways to obtain and evaluate malware- and DoS-cyber-attack-related instances, either from a technical point of view or by offering ready-to-use datasets. However, acquiring fresh, up-to-date samples requires an arduous process of exploration, sandbox configuration and mass storage, which may ultimately result in an unbalanced or under-represented set. Synthetic sample generation has shown that the cost associated with setting up controlled environments and time spent on sample evaluation can be reduced. Nevertheless, the process is performed when the observations already belong to a characterized set, totally detached from a real environment. In order to solve the aforementioned, this work proposes a methodology for the generation of synthetic samples of malicious Portable Executable binaries and DoS cyber-attacks. The task is performed via a Reinforcement Learning engine, which learns from a baseline of different malware families and DoS cyber-attack network properties, resulting in new, mutated and highly functional samples. Experimental results demonstrate the high adaptability of the outputs as new input datasets for different Machine Learning algorithms.

show abstract

“…Some of the tools used in DDoS attack simulation include NS2, LOIC, XOIC, HULK, PyLoris, DAVOSET and DDoS flowgen. • TCP floods done by randomizing all the 32-bits of the source IP address • Flood packets generated via random control flags WinCap and JpCap [18] TCP,UDP,ICMP TCP dump, UDP and ICMP dump…”

Section: Overview Of Ddos Attack Simulation Methods and Toolsmentioning

confidence: 99%

Generation of DDoS Attack Dataset for Effective IDS Development and Evaluation

Alzahrani¹,

Liang²

2018

JIS

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, thereby overloading the resources of the victim. Since it is very complex and expensive to conduct a real DDoS attack, most organizations and researchers result in using simulations to mimic an actual attack. The researchers come up with diverse algorithms and mechanisms for attack detection and prevention. Further, simulation is good practice for determining the efficacy of an intrusive detective measure against DDoS attacks. However, some mechanisms are ineffective and thus not applied in real life attacks. Nowadays, DDoS attack has become more complex and modern for most IDS to detect. Adjustable and configurable traffic generator is becoming more and more important. This paper first details the available datasets that scholars use for DDoS attack detection. The paper further depicts the a few tools that exist freely and commercially for use in the simulation programs of DDoS attacks. In addition, a traffic generator for normal and different types of DDoS attack has been developed. The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types. Generation normal and attack traffic can be useful to evaluate developing IDS for DDoS attacks detection. Moreover, the result traffic can be useful to test an effective algorithm, techniques and procedures of DDoS attacks. eration occurs in two stages, namely the compromise stage and the attack stage.An attacker will compromise available defenseless systems and install attack tools, thereby turning the machines into zombies. The second stage involves sending attack commands into the zombie machines via a secure mechanism so as to target a specific victim [1]. Cyber security experts and other researchers are faced with the challenges of unraveling DDoS attack vectors as well as ways to prevent such attacks. The scholars conduct attack simulation using either real data or simulated data based on previous attack characteristics. Simulation involves tools that have attack agents and defense agents. Attack agents are the daemon which is attack executors and master which is the attack coordinator.Defense agents are the sensors, samplers, detectors, filters and investigators [2]. Journal of Information Security over, the network traces that results from such interaction are also collected to conduct anomaly detection. In particular, this experiment is performed using Amazon web services (AWS) platform. It explores the generation of labeled datasets for quantifying the security threats impact to cloud data centers. Among the researchers, the detection of instruction is an exciting topic. Specifically, the discovery of anomaly is one of the vital factors that help in detecting several novel attacks. Due to the complexity of these systems, however, its application has not been appropriate.

show abstract

DDoS Attack Analyzer: Using JPCAP and WinCap

Cited by 4 publications

References 1 publication

A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment

A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

Generation of DDoS Attack Dataset for Effective IDS Development and Evaluation

Contact Info

Product

Resources

About