Router based detection for low-rate agents of DDoS attack

Nashat, Dalia; Jiang, Xiaohong; Horiguchi, Susumu

doi:10.1109/hspr.2008.4734440

Cited by 11 publications

(8 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SYN flood [4] attack exploits the weakness in TCP protocol (Three way handshaking) [5]. SYN packet is a type of request packet to create a connection.…”

Section: Syn Floodingmentioning

confidence: 99%

Characterization, Detection and Mitigation of Low-Rate DoS attack

Kumawat

Meena

2014

Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive Strategies

View full text Add to dashboard Cite

Now a day's web services become key aspect of life. Unfortunately there are several threats to these services. These threats are phishing, e-mail borne viruses, Trojan horse programs, Denial of Service etc. Among of them Distributed Denial of Service attack is a strong and more energetic attack on the Internet. Launching of DDoS attack is an explicit attempt to exhaust the resources of server to prevent legitimate users to access services. The common flooding DDoS attacks can be detected and mitigated by some mechanisms easily cause of the characteristics as flow rate, size of attack packets, but still it is difficult to detect and identifies the Low-Rate DoS attack because the attacker periodically send short burst packets which behave as legitimate traffic to the server. The attack is only detected when the server goes down. So an efficient detection system is required which effectively Characterize the legitimate and attack traffic to detect the attack and stop it to mitigate the effect of these sort of threats. In this article we proposed a complete framework for "Characterization, Detection and Mitigation of Low-Rate DoS Attacks" which effectively characterize the flows as attack or legitimate, detects the low-rate DoS attack on the basis of characteristics of low rate and mitigate the effect of this by stopping the attack flow near the source. The effectiveness of this approach have validated by simulation in ns-2, with Shell scripting, on a Linux platform.

show abstract

“…SYN flood [4] attack exploits the weakness in TCP protocol (Three way handshaking) [5]. SYN packet is a type of request packet to create a connection.…”

Section: Syn Floodingmentioning

confidence: 99%

Characterization, Detection and Mitigation of Low-Rate DoS attack

Kumawat

Meena

2014

Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive Strategies

View full text Add to dashboard Cite

show abstract

“…It increases 0.2 for each entry. [14] When it reaches 1.2, then automatically access is denied for the user. If the score is between 0 and 1, it is sent to VH arranger.…”

Section: Score Leadmentioning

confidence: 99%

Earnest Access of Divulging and Aversion of DDOS Attack

Sathyabama¹,

Nalayini²,

Priyadharshini³

2015

IJCA

View full text Add to dashboard Cite

In recent days, technology has reached new heights. In the same way malicious programs has also touched the level of sky and the above. Secret information are nowadays stored and managed through high secure sites. However, critical problems like hacking happens due to DDOS(Distributed Denial of Service Attacks) resulting in crashing of website for certain period of time and hacking of sensitive information thereby affecting the services issued. Such problems can be sorted by the scope of MASTDP (Multiple Authenticated Scoring Technique for denial and prevention of DDOS attacks). In this technique, internet protocol address and physical address of the users are entered and stored in the history and scores will be allotted for each and every entry. Similarly, horizontal and vertical communication scoring are given for every entry based on the vulnerability of the user (using scores). At-last, by association rule, users with peak scores are denied entry from the network or site.

show abstract

“…The Agent-based Instruction Detection System uses Chi-Square statistical method [9] for DDoS attack detection. Mobile agents distributed over the network decentralize the task of traffic collection, analysis of data and reduce the workload.…”

Section: References Surveymentioning

confidence: 99%

Rqa based approach to detect and prevent ddos attacks in voip networks

Jeyanthi

Thandeeswaran

Vinithra

2014

Cybernetics and Information Technologies

View full text Add to dashboard Cite

Voice over Internet Protocol (VoIP) is a family of technologies for the transmission of voice over Internet. Voice is converted into digital signals and transmitted as data packets. The Session Initiation Protocol (SIP) is an IETF protocol for VoIP and other multimedia. SIP is an application layer protocol for creating, modifying and terminating sessions in VoIP communications. Since SIP is a more flexible and simple protocol, it is quite easy to add features to it. Distributed Denial of Service Attack (DDoS) floods the server with numerous requests from various hosts. Hence, the legitimate clients will not be able to get their intended services. A major concern in VoIP and almost in all network domains is availability rather than data consistency. Most of the surviving techniques could prevent VoIP network only after collision. This paper proposes a Recurrence Quantification based approach to detect and prevent VoIP from a DDoS attack. This model detects the attack at an earlier stage and also helps to prevent from further attacks. In addition, this techniques enables the efficient utilization of resources. QUALNET has been used to simulate the operation of the proposed technology.

show abstract

Router based detection for low-rate agents of DDoS attack

Cited by 11 publications

References 9 publications

Characterization, Detection and Mitigation of Low-Rate DoS attack

Characterization, Detection and Mitigation of Low-Rate DoS attack

Earnest Access of Divulging and Aversion of DDOS Attack

Rqa based approach to detect and prevent ddos attacks in voip networks

Contact Info

Product

Resources

About