Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment

Gupta, Brij B.; Badve, Omkar P.

doi:10.1007/s00521-016-2317-5

Cited by 188 publications

(57 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Our research therefore brings a new model to reduce congestion so that botnet detection systems can be deployed more easily on congested networks. In currently available identification methods for botnets, most of them use deep packet inspection (DPI) to evaluate packets content that is complicated and expensive and ineffective to simulate unidentified payload signatures [30]. It is assumed that the payload of each packet in DPI can be accessed by the system.…”

Section: First Layer: Traffic Reductionmentioning

confidence: 99%

“…In addition, it is a costly task to evaluate all the packets on the congested networks because the amount of the packets transmitted through the networks are increasing day by day. Consequently, the DPI detection system can suffer from efficiency limited to the processing of the traffic from high-speed networks [30]. This study aims to improve the efficiency by reducing the amount of packets without hampering the precision rate.…”

Section: First Layer: Traffic Reductionmentioning

confidence: 99%

See 1 more Smart Citation

An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

et al. 2019

View full text Add to dashboard Cite

In recent years, the botnets have been the most common threats to network security since it exploits multiple malicious codes like a worm, Trojans, Rootkit, etc. The botnets have been used to carry phishing links, to perform attacks and provide malicious services on the internet. It is challenging to identify Peer-to-peer (P2P) botnets as compared to Internet Relay Chat (IRC), Hypertext Transfer Protocol (HTTP) and other types of botnets because P2P traffic has typical features of the centralization and distribution. To resolve the issues of P2P botnet identification, we propose an effective multi-layer traffic classification method by applying machine learning classifiers on features of network traffic. Our work presents a framework based on decision trees which effectively detects P2P botnets. A decision tree algorithm is applied for feature selection to extract the most relevant features and ignore the irrelevant features. At the first layer, we filter non-P2P packets to reduce the amount of network traffic through well-known ports, Domain Name System (DNS). query, and flow counting. The second layer further characterized the captured network traffic into non-P2P and P2P. At the third layer of our model, we reduced the features which may marginally affect the classification. At the final layer, we successfully detected P2P botnets using decision tree Classifier by extracting network communication features. Furthermore, our experimental evaluations show the significance of the proposed method in P2P botnets detection and demonstrate an average accuracy of 98.7%.

show abstract

Section: First Layer: Traffic Reductionmentioning

confidence: 99%

Section: First Layer: Traffic Reductionmentioning

confidence: 99%

An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

et al. 2019

View full text Add to dashboard Cite

show abstract

“…It affects the quality that the network bandwidth can support, of computer network services, through a packet overload, so legitimate requests can not be answered properly [11]. Depending on the strategy used, the DoS can be categorized in Volume Based Attack, Protocol Attack or Application Level Attack [27].…”

Section: Criminal Cyber Attacks Outside the Lawmentioning

confidence: 99%

“…Offenders, also known as crackers, take advantage of failures in services, applications or communications that operate over the internet with the aim of damaging, stealing data, causing unavailability of services or even destroying data. The Denial of Service (DoS) and its variation called the Distributed Denial of Service (DDoS) are examples of attacks that have being growing up [27] and many users or service providers, who are suffering these attacks, do not have any information about them because of the lack of monitoring investment.…”

Section: Introductionmentioning

confidence: 99%

Computer Network Forensics Assistance Methodology Focused on Denial of Service Attacks

Newton¹,

Bliche²

2020

IJCA

View full text Add to dashboard Cite

The problem addressed in this paper is the difficulty in criminalizing denial of service attacks in Brazil. With the advent of Law 12.737 of 2012 in Brazil, known as the Computer Crimes Law, these attacks could be considered crimes. However, no procedures were found to support it. This paper proposes a methodology based on the 2012 Computer Crime Law to assist computer networks forensic analysis, focused on charging offenders who commit denial of service attacks, as well as to present a computational architecture to automate its steps. For this purpose, it was promoted a review of related works and also dedicated sections for the clarification of terms needed to contextualize the research. At the end of the article, the methodology and its steps are presented, and also the proposed architecture and the results of experiments performed to validate the proposal. It is concluded that the availability of the information obtained by the aid of the proposed methodology demonstrates that the investigation authority can proceed with the duly substantiated liability of the offending agents.

show abstract

“…These half-opened connections will be initially stored in a backlog queue but when its maximum size is reached, the server will deny all subsequent connections [6] making its services unavailable for other clients; -UDP flooding attack : in this type of attack the connectionless and unreliable features of UDP are exploited to make the target system unreachable [93]. An example of UDP flooding attack is the UDP storm attack [48]. -ICMP flooding attacks: an example of such attacks is the Ping flooding attack.…”

Section: Availability Issuesmentioning

confidence: 99%

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of Cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds.

show abstract

Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment

Cited by 188 publications

References 38 publications

An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

Computer Network Forensics Assistance Methodology Focused on Denial of Service Attacks

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

Contact Info

Product

Resources

About