The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A major cyber-security concern to date for webservers are Distributed Denial of Service (DDoS) attacks. Previously we proposed a novel overlay-based method consisting of distributed network of public servers (PS) for preparation, and access nodes (AN) for actual communication. The AN's performance is evaluated under difficult to detect HTTP(S)-DDoS attacks. Yet, attackers may attempt service denial...
To address increasing problems caused by cyber attacks, we leverage Software Defined networks and Network Function Virtualisation governed by a SARNET-agent to enable autonomous response and attack mitigation. A Secure Autonomous Response Network (SARNET) uses a control loop to constantly assess the security state of the network by means of observables. Using a prototype we introduce the metrics impact...
This paper addresses the problem of detection of “Slow” Denial of Service attacks. The problem is particularly challenging in virtue of the reduced amount of bandwidth generated by the attacks. A novel detection method is presented, which analyzes specific spectral features of traffic over small time horizons. No packet inspection is required. Extrapolated data refer to real traffic traces, elaborated...
Network intrusion detection systems are considered as one of the basic entities widely utilized and studied in the field of network security that aim to detect any hostile intrusion within a given network. Among many network intrusion detection systems (NIDS), open source systems have gained substantial preference due to their flexibility, support and cost effectiveness. Snort, an open source system...
In recent years, we have experienced a wave of DDoS attacks threatening the welfare of the internet. These are launched by malicious users whose only incentive is to degrade the performance of other, innocent, users. The traditional systems turn out to be quite vulnerable to these attacks. The objective of this work is to take a first step to close this fundamental gap, aiming at laying a foundation...
Researchers in the network security field lack quantitative methods to analysis anti-denial of service (DoS)attacks ability. In this paper, we describe an anti-denial of service testing method based on mobile agent taking on the attacker. The goal of the testing was to evaluate the system and its defense mechanism's anti-denial of service attack ability. The process of testing anti-denial of service...
The DNS Bandwidth Amplification Attack (BAA) is a distributed denial-of-service attack in which a network of computers floods a DNS server with responses to requests that have never been made. Amplification enters into the attack by virtue of the fact that a small 60-byte request can be answered by a substantially larger response of 4,000 bytes or more in size. We use the PRISM probabilistic model...
With increasing denial of service attacks on network infrastructure, there is an urgent need to develop technique to assess the threat of attacks on network security online. A novel model of security threat assessment relying on several predefined metrics of network performance is proposed to measure the impact of denial of service attacks on service availability in real time. This model applies the...
DDoS attacks to servers cause the dysfunctional condition and finally bring the server to be stopped. Previous researches to detect and defense for DDoS attacks have shown that the entropy for the source IP address or destination port number is the effective metric to detect these DoS/DDoS attacks. In the organization incoming the small amount of packets, the window width to calculate an entropy value...
Distributed Denial of Service (DDoS) attack is one of main threats to Internet security. Due to the spatio-temporal properties of the attack, it is possible to detect the attack at its early stage. In this paper, we propose a novel method of DDoS threat assessment based on network vulnerability analysis. Both the multi-phase character in the temporal dimension and the impacts in the spatial dimension...
The multimedia communication is rapidly converging towards Voice over Internet - commonly known as Voice over Internet Protocol (VoIP). Session Initiation Protocol (SIP) is the standard used for session signaling in VoIP. Crafty attackers can launch a number of Denial of Service (DoS) attacks on a SIP based VoIP infrastructure that can severely compromise its reliability. In contrast, little work...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.