Preventing DNS misuse for Reflection/Amplification attacks with minimal computational overhead on the Internet

Amin, Rebeen Rebwar Hama; Hassan, Dana; Hussin, Masnida

doi:10.24017/science.2020.2.6

Cited by 2 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It works based on a session table to keep stores the state of connections. These firewalls can work to best avoid Denial of Service (DoS) attacks by working with the session tables inside them [4][10].…”

Section: Stateful Packet Inspectionmentioning

confidence: 99%

“…Several techniques to avoid or mitigate spoofing-based attacks, such as firewalls and Virtual Private Networks (VPN), protect computational resources from getting damaged, especially during high-volume flooding attacks [2]. A firewall is a hardware, software, or hybrid-based security mechanism that monitors and controls the flow of traffic between a trusted network and outside of it [3] [4].…”

Section: Introductionmentioning

confidence: 99%

“…Therefore, designing a new type of firewall that can protect networks from spoofed traffic is essential. The most suitable solution is developing a new technique to take advantage of the Internet, Transport, and Application layer is vital to prevent the attackers from mimicking the network traffic, thus attacking their targeted system [4] [5].…”

Section: Introductionmentioning

confidence: 99%

“…They attacked the system with DDoS attacks, SQL injection, and phishing attacks on the company network and the smart house. The results of their experience showed the significance of using a Next Generation firewall in providing better protection performance for the smart house and the company network from different threats from the Internet In[4], the authors presented a distributed-based firewall to counter reflection/amplification attacks, a form of Distributed Denial of Service (DDoS) attacks. Their method showed a 19.9% improvement in CPU load during attacks.…”

mentioning

confidence: 99%

See 3 more Smart Citations

Multi-layered firewall to mitigate the impact of Distributed Denial of Service on a network

Ahmed

HamaAmin²

2022

PJBAS

View full text Add to dashboard Cite

A firewall is one of the key components in securing an organization's network and computational assets against different network and application-based attacks. Most firewall solutions only consider one or two layers of TCP/IP networking architecture to protect against attacks, especially spoofing-based attacks.In contrast, there are some proposed solutions to protect against such attacks. However, these solutions work in areas such as clouds or Software Defined Networks (SDN), and legacy networks cannot utilize such techniques. Therefore, establishing a type of firewall that can be scalable, strong, and easy to implement is a challenge necessary for a new firewall technique to prevail. This paper presents a novel strategy to implement a multi-layered firewall to overcome the current state-of-art firewalls. Our firewall combines a packet-filtering approach (i.e., Internet and Transport layer) with an application layer firewall under the umbrella of Stateful-Packet-Inspection. The experiments were performed in a controlled environment with 1% legitimate packets, and 99% spoofed traffic on average. The Stateful-Packet-Inspection discards any packets based on their traffic flow given to them by the firewall while informing the network administrator about the system breach passively. The results of the experiments are benchmarked with previous works and showed improvement in accuracy by 13.5% and sensitivity by 13.75% while decreasing the false negative rate by 86.5% with minimal computational and network overhead.

show abstract

Section: Stateful Packet Inspectionmentioning

confidence: 99%