Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions

Bhardwaj, Aanshi; Mangat, Veenu; Vig, Renu; Halder, Subir; Conti, Mauro

doi:10.1016/j.cosrev.2020.100332

Cited by 53 publications

(17 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In general, the traceability of a DoS cyber-attack is summarized in applications that can provide a log based on the responses of signatures or alerts caused by an anomalous event. In [ 50 ], it is concluded that most of the evidences that can be useful to examine such attack are those based on anomalies, since they allow observing those patterns that deviate from a base profile.…”

Section: Proposed Methodologymentioning

confidence: 99%

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

Hernandez-Suarez

Sánchez-Pérez

Olivares-Mercado

et al. 2023

Sensors

View full text Add to dashboard Cite

In recent years, cybersecurity has been strengthened through the adoption of processes, mechanisms and rapid sources of indicators of compromise in critical areas. Among the most latent challenges are the detection, classification and eradication of malware and Denial of Service Cyber-Attacks (DoS). The literature has presented different ways to obtain and evaluate malware- and DoS-cyber-attack-related instances, either from a technical point of view or by offering ready-to-use datasets. However, acquiring fresh, up-to-date samples requires an arduous process of exploration, sandbox configuration and mass storage, which may ultimately result in an unbalanced or under-represented set. Synthetic sample generation has shown that the cost associated with setting up controlled environments and time spent on sample evaluation can be reduced. Nevertheless, the process is performed when the observations already belong to a characterized set, totally detached from a real environment. In order to solve the aforementioned, this work proposes a methodology for the generation of synthetic samples of malicious Portable Executable binaries and DoS cyber-attacks. The task is performed via a Reinforcement Learning engine, which learns from a baseline of different malware families and DoS cyber-attack network properties, resulting in new, mutated and highly functional samples. Experimental results demonstrate the high adaptability of the outputs as new input datasets for different Machine Learning algorithms.

show abstract

Section: Proposed Methodologymentioning

confidence: 99%

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

Hernandez-Suarez

Sánchez-Pérez

Olivares-Mercado

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…As per the last two-decade research work regarding web application attacks and OWASP top 10 attack reports of 2013 and 2016 [26,27], the SQL injection attack is at top of all. is attack is more dangerous for web applications in the form of information stealing, DoS attack [28], system crashing, alteration in database records to insert the fake information, traffic redirection, and getting root rights of system.…”

Section: Crashing Database Servermentioning

confidence: 99%

Poor Coding Leads to DoS Attack and Security Issues in Web Applications for Sensors

Jalbani

Yousaf

Sarfraz

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

As the SQL injection attack is still at the top of the list at Open Web Application Security Project (OWASP) for more than one decade, this type of attack created too many types of issues for a web application, sensors, or any similar type of applications, such as leakage of user private data and organization intellectual property, or may cause Distributed Denial of Service (DDoS) attacks. This paper focused on the poor coding or invalidated input field which is a big cause of services unavailability for web applications. Secondly, it focused on the selection of program created issues for the WebSocket connections between sensors and the webserver. The number of users is growing to use web applications and mobile apps. These web applications or mobile apps are used for different purposes such as tracking vehicles, banking services, online stores for shopping, taxi booking, logistics, education, monitoring user activities, collecting data, or sending any instructions to sensors, and social websites. Web applications are easy to develop with less time and at a low cost. Due to that, business community or individual service provider’s first choice is to have a website and mobile app. So everyone is trying to provide 24/7 services to its users without any downtime. But there are some critical issues of web application design and development. These problems are leading to too many security loopholes for web servers, web applications, and its user’s privacy. Because of poor coding and validation of input fields, these web applications are vulnerable to SQL Injection and other security problems. Instead of using the latest third-party frameworks, language for website development, and version database server, another factor to disturb the services of a web server may be the socket programming for sensors at the production level. These sensors are installed in vehicles to track or use them for booking mobile apps.

show abstract

“…A CDN is certainly a powerful tool and the fact that major CDN operators are mostly US-based could be a key reason for the large adoption of CDNs in the US dataset but not in the other datasets. A broader analysis of the technological solutions available for defending against denial of service attacks in cloud environments and in data can be found in [56], while techniques for discriminating between denial of service attacks and sudden, massive usage of services are analyzed in [57,58].…”

Section: Distribution Across Network and Autonomous Systemsmentioning

confidence: 99%

Robustness analysis of DNS paths and web access paths in public administration websites

Bartoli

2021

Computer Communications

View full text Add to dashboard Cite

Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions

Cited by 53 publications

References 35 publications

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

Poor Coding Leads to DoS Attack and Security Issues in Web Applications for Sensors

Robustness analysis of DNS paths and web access paths in public administration websites

Contact Info

Product

Resources

About