Extracting Low-Rate DDoS Attack Characteristics: The Case of Multipath TCP-Based Communication Networks

Wireless Communications and Mobile Computing ◽

10.1155/2021/2264187 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Gang Lei ◽

Lejun Ji ◽

Ruiwen Ji ◽

Yuanlong Cao ◽

Xun Shao ◽

...

Keyword(s):

Data Flow ◽

Rapid Development ◽

Denial Of Service ◽

Transmission System ◽

Simulation Software ◽

Occupancy Rate ◽

Destructive Effect ◽

Delay Performance ◽

Multipath Tcp ◽

Low Rate

The multipath TCP (MPTCP) enables multihomed mobile devices to realize multipath parallel transmission, which greatly improves the transmission performance of the mobile communication network. With the rapid development of all kinds of emerging technologies, network attacks have shown a trend of development with many types and rapid updates. Among them, low-rate distributed denial of service (LDDoS) attacks are considered to be one of the most threatening issues in the field of network security. In view of the current research status, by using the network simulation software NS2, this paper first compares and analyzes the throughput and delay performance of the MPTCP transmission system under LDDoS attacks and, further, conducts simulation experiments and analysis on the queue occupancy rate of the LDDoS attack flow to extract the basic attack characteristics of the LDDoS attacks. The experimental results show that the LDDoS attacks will have a major destructive effect on the throughput performance and delay performance of the MPTCP transmission system, resulting in a decrease in the robustness of the transmission system. By analyzing and comparing the occupancy rate of the LDDoS attack flow in the MPTCP transmission system, it can be concluded that (1) the occupancy rate of the LDDoS scattered pulse traffic sent by each puppet machine changes slightly, and (2) the occupancy rate of LDDoS attack data flow is much greater than that of ordinary TCP data flow.

Download Full-text

Can Wavelet Transform Detect LDDoS Abnormal Traffic in Multipath TCP Transmission System?

Security and Communication Networks ◽

10.1155/2021/8066200 ◽

2021 ◽

Vol 2021 ◽

pp. 1-8

Author(s):

Gang Lei ◽

Lejun Ji ◽

Ruiwen Ji ◽

Yuanlong Cao ◽

Wei Yang ◽

...

Keyword(s):

Wavelet Transform ◽

Detection Method ◽

Rapid Development ◽

Denial Of Service ◽

Transmission System ◽

Mobile Internet ◽

Internet Technology ◽

Transmission Protocol ◽

Transmission Performance ◽

Multipath Tcp

With the rapid development of mobile Internet technology and multihost terminal devices, multipath transmission protocol has been widely concerned. Among them, multipath TCP (MPTCP) has become a hot research protocol in recent years because of its good transmission performance and Internet compatibility. Due to the increasing power of Low-Rate Distributed Denial of Service (LDDoS) attack, the network security situation is becoming increasingly serious. The robustness of MPTCP network has become an urgent performance index to improve. Therefore, it is very necessary to detect LDDoS abnormal traffic timely and effectively in the transmission system based on MPTCP. This paper tries to use wavelet transform technology to decompose and reconstruct network traffic and find a detection method of LDDoS abnormal traffic in the MPTCP transmission system. The experimental results show that in the MPTCP transmission system, the signal processing technology based on wavelet transform can realize the identification of LDDoS abnormal traffic. It indicates a direction worth further exploration for the detection and defense of the LDDoS attack.

Download Full-text

Solid-State DC Circuit Breakers and their Comparison in Modular Multilevel Converter Based-HVDC Transmission System

Electronics ◽

10.3390/electronics10101204 ◽

2021 ◽

Vol 10 (10) ◽

pp. 1204

Author(s):

Gul Ahmad Ludin ◽

Mohammad Amin Amin ◽

Hidehito Matayoshi ◽

Shriram S. Rangarajan ◽

Ashraf M. Hemeida ◽

...

Keyword(s):

Solid State ◽

High Voltage ◽

Direct Current ◽

Circuit Breaker ◽

Transmission System ◽

Simulation Software ◽

Fault Current ◽

Circuit Breakers ◽

Hvdc Transmission ◽

Dc Circuit Breakers

This paper proposes a new and surge-less solid-state direct current (DC) circuit breaker in a high-voltage direct current (HVDC) transmission system to clear the short-circuit fault. The main purpose is the fast interruption and surge-voltage and over-current suppression capability analysis of the breaker during the fault. The breaker is equipped with series insulated-gate bipolar transistor (IGBT) switches to mitigate the stress of high voltage on the switches. Instead of conventional metal oxide varistor (MOV), the resistance–capacitance freewheeling diodes branch is used to bypass the high fault current and repress the over-voltage across the circuit breaker. The topology and different operation modes of the proposed breaker are discussed. In addition, to verify the effectiveness of the proposed circuit breaker, it is compared with two other types of surge-less solid-state DC circuit breakers in terms of surge-voltage and over-current suppression. For this purpose, MATLAB Simulink simulation software is used. The system is designed for the transmission of 20 MW power over a 120 km distance where the voltage of the transmission line is 220 kV. The results show that the fault current is interrupted in a very short time and the surge-voltage and over-current across the proposed breaker are considerably reduced compared to other topologies.

Download Full-text

Low rate TCP denial-of-service attack detection at edge routers

IEEE Communications Letters ◽

10.1109/lcomm.2005.1413635 ◽

2005 ◽

Vol 9 (4) ◽

pp. 363-365 ◽

Cited By ~ 56

Author(s):

A. Shevtekar ◽

K. Anantharam ◽

N. Ansari

Keyword(s):

Denial Of Service ◽

Attack Detection ◽

Denial Of Service Attack ◽

Service Attack ◽

Low Rate

Download Full-text

Detecting Malicious Switches for a Secure Software-defined Tactile Internet

ACM Transactions on Internet Technology ◽

10.1145/3415146 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1-23

Author(s):

Bin Yuan ◽

Chen Lin ◽

Deqing Zou ◽

Laurence Tianruo Yang ◽

Hai Jin

Keyword(s):

High Speed ◽

Data Transfer ◽

Low Cost ◽

Rapid Development ◽

Denial Of Service ◽

Linear Structure ◽

Network Layers ◽

High Speed Data ◽

Network Status ◽

Sdn Controller

The rapid development of the Internet of Things has led to demand for high-speed data transformation. Serving this purpose is the Tactile Internet, which facilitates data transfer in extra-low latency. In particular, a Tactile Internet based on software-defined networking (SDN) has been broadly deployed because of the proven benefits of SDN in flexible and programmable network management. However, the vulnerabilities of SDN also threaten the security of the Tactile Internet. Specifically, an SDN controller relies on the network status (provided by the underlying switches) to make network decisions, e.g., calculating a routing path to deliver data in the Tactile Internet. Hence, the attackers can compromise the switches to jeopardize the SDN and further attack Tactile Internet systems. For example, an attacker can compromise switches to launch distributed denial-of-service attacks to overwhelm the SDN controller, which will disrupt all the applications in the Tactile Internet. In pursuit of a more secure Tactile Internet, the problem of abnormal SDN switches in the Tactile Internet is analyzed in this article, including the cause of abnormal switches and their influences on different network layers. Then we propose an approach that leverages the messages sent by all switches to identify abnormal switches, which adopts a linear structure to store historical messages at a relatively low cost. By mapping each flow message to the flow establishment model, our method can effectively identify malicious SDN switches in the Tactile Internet and thus enhance its security.

Download Full-text

Relative train length and the infrastructure required to mitigate delays from operating combinations of normal and over-length freight trains on single-track railway lines in North America

Proceedings of the Institution of Mechanical Engineers Part F Journal of Rail and Rapid Transit ◽

10.1177/0954409718809204 ◽

2018 ◽

Vol 233 (7) ◽

pp. 731-742 ◽

Cited By ~ 2

Author(s):

C Tyler Dick ◽

Ivan Atanassov ◽

F Bradford Kippen ◽

Darkhan Mussanov

Keyword(s):

North America ◽

Simulation Software ◽

Single Track ◽

Delay Performance ◽

Expansion Strategy ◽

Train Operation ◽

Heavy Haul ◽

Directional Preference ◽

Directional Distributions ◽

Train Length

Distributed power locomotives have facilitated longer heavy-haul freight trains that improve the efficiency of railway operations. In North America, where the majority of mainlines are single track, the potential operational and economic advantages of long trains are limited by the inadequate length of many existing passing sidings (passing loops). To alleviate the challenge of operating trains that exceed the length of passing sidings, railways preserve the mainline capacity by extending passing sidings. However, industry practitioners rarely optimize the extent of infrastructure investment for the volume of over-length train traffic on a particular route. This paper investigates how different combinations of normal and over-length trains, and their relative lengths, relate to the number of siding extensions necessary to mitigate the delay performance of over-length train operation on a single-track rail corridor. The experiments used Rail Traffic Controller simulation software to determine train delay for various combinations of short and long train lengths under different directional distributions of a given daily railcar throughput volume. Simulation results suggest a relationship between the ratio of train lengths and the infrastructure expansion required to eliminate the delay introduced by operating over-length trains on the initial route. Over-length trains exhibit delay benefits from siding extensions while short trains are relatively insensitive to the expanded infrastructure. Assigning directional preference to over-length trains improves the overall average long-train delay at the expense of delay to short trains. These results will allow railway practitioners to make more informed decisions on the optimal incremental capital expansion strategy for the operation of over-length trains.

Download Full-text

Development of Interactive PLC Learning Media Based on Virtual Learning

KnE Social Sciences ◽

10.18502/kss.v4i14.7910 ◽

2020 ◽

Author(s):

Syufrijal .

Keyword(s):

Interactive Learning ◽

Rapid Development ◽

Virtual Learning ◽

Experimental Methods ◽

Simulation Software ◽

Internet Technology ◽

The Internet ◽

Virtual Plant ◽

Simulator Design ◽

Ethernet Network

This research aims to develop interactive PLC learning media based on virtual learning. The interactive PLC learning media uses a 3D simulator design to simulate the application of PLC in the industry, so it looks like real and makes students more interested in learning PLC This study uses experimental methods. The 3D simulation software is Factory I/O developed by Real Games. It enables us to build a conveyor virtual plant and to bring it into the classroom. The automatic controller used to control the virtual plant is the PLC Siemens S7-1200 with Tia Portal software. The PLC is connected to the computer server through an ethernet network via TCP/IP protocol. With the rapid development of current internet technology, PLC learning can be done in virtual learning. This PLC learning media can be run remotely through the internet with team viewer program so that PLC learning is not only done on campus but can be done anywhere. From the results of research that has been done, the user can create PLC programs remotely to control conveyor virtual plant on a computer server through an internet network without having to install the program on their computers. Keywords: PLC, interactive learning media, virtual learning, remote desktop

Download Full-text

Research and Analysis of Digital Baseband Transmission System Based on MATLAB

Journal of Secure Communication and System ◽

10.18063/jscs.v1i1.516 ◽

2018 ◽

Vol 1 (1) ◽

Author(s):

Chai Jianwen

Keyword(s):

Signal Transmission ◽

Digital Signal ◽

Transmission System ◽

Simulation Software ◽

Line Pattern ◽

Matlab Simulation ◽

Simulation Process ◽

Transmission Process ◽

Baseband Signal ◽

Digital Baseband

This paper mainly studies the basic concept of baseband transmission of digital signal and the transmission processof digital signal baseband transmission and how to design digital baseband transmission system with MATLABsoftware simulation. This paper fi rst introduces the theoretical basis of this subject, including digital communication,the composition of digital baseband transmission system and digital baseband signal transmission process. Then thepaper introduced the characteristics of digital baseband transmission system, including digital PAM signal powerdensity and common line pattern, and by comparing choosing the fi nal bipolar zero return code. Then we introducedthe MATLAB simulation software. The conditions of the best reception of the digital baseband signal are describedand how the waveform of the baseband signal is observed by an oscilloscope. Finally, according to the basic stepsof simulation process, the simulation process of digital baseband transmission system is realized by MATLABsimulation tool, and the system is analyzed.

Download Full-text

Vulnerability and risk assessment for operating system (OS) with framework STRIDE: comparison between VulnOS and Vulnix

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v23.i3.pp1643-1653 ◽

2021 ◽

Vol 23 (3) ◽

pp. 1643

Author(s):

Adityas Widjajarto ◽

Muharman Lubis ◽

Vreseliana Ayuningtyas

Keyword(s):

Information Disclosure ◽

Risk Estimation ◽

Rapid Development ◽

Denial Of Service ◽

Cyber Attacks ◽

Easy Access ◽

Case Scenario ◽

Worst Case ◽

Network Function ◽

The World

The rapid development of information technology has made security become extremely. Apart from easy access, there are also threats to vulnerabilities, with the number of cyber-attacks in 2019 showed a total of 1,494,281 around the world issued by the national cyber and crypto agency (BSSN) honeynet project. Thus, vulnerability analysis should be conducted to prepare worst case scenario by anticipating with proper strategy for responding the attacks. Actually, vulnerability is a system or design weakness that is used when an intruder executes commands, accesses unauthorized data, and carries out denial of service attacks. The study was performed using the AlienVault software as the vulnerability assessment. The results were analysed by the formula of risk estimation equal to the number of vulnerability found related to the threat. Meanwhile, threat is obtained from analysis of sample walkthroughs, as a reference for frequent exploitation. The risk estimation result indicate the 73 (seventy three) for the highest score of 5 (five) type risks identified while later on, it is used for re-analyzing based on the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of prvilege (STRIDE) framework that indicated the network function does not accommodate the existing types of risk namely spoofing.

Download Full-text

SOFT COMPUTING BASED AUTONOMOUS LOW RATE DDOS ATTACK DETECTION AND SECURITY FOR CLOUD COMPUTING

Journal of Soft Computing Paradigm - September 2019 ◽

10.36548/jscp.2019.2.003 ◽

2019 ◽

Vol 2019 (2) ◽

pp. 80-90 ◽

Cited By ~ 4

Author(s):

Mugunthan S. R.

Keyword(s):

Cloud Computing ◽

Soft Computing ◽

High Speed ◽

Denial Of Service ◽

Attack Detection ◽

Ddos Attacks ◽

Counter Measures ◽

Cloud Architecture ◽

Ddos Attack Detection ◽

Low Rate

The fundamental advantage of the cloud environment is its instant scalability in rendering the service according to the various demands. The recent technological growth in the cloud computing makes it accessible to people from everywhere at any time. Multitudes of user utilizes the cloud platform for their various needs and store their complete details that are personnel as well as confidential in the cloud architecture. The storage of the confidential information makes the cloud architecture attractive to its hackers, who aim in misusing the confidential/secret information’s. The misuse of the services and the resources of the cloud architecture has become a common issue in the day to day usage due to the DDOS (distributed denial of service) attacks. The DDOS attacks are highly mature and continue to grow at a high speed making the detecting and the counter measures a challenging task. So the paper uses the soft computing based autonomous detection for the Low rate-DDOS attacks in the cloud architecture. The proposed method utilizes the hidden Markov Model for observing the flow in the network and the Random forest in classifying the detected attacks from the normal flow. The proffered method is evaluated to measure the performance improvement attained in terms of the Recall, Precision, specificity, accuracy and F-measure.

Download Full-text

Enhanced detection and restoration of low-rate denial-of-service in wireless multi-hop networks

2013 International Conference on Computing, Networking and Communications (ICNC) ◽

10.1109/iccnc.2013.6504079 ◽

2013 ◽

Author(s):

Qiang Liu ◽

Jianping Yin ◽

P. Jokar ◽

Xiping Hu

Keyword(s):

Denial Of Service ◽

Low Rate

Download Full-text