scholarly journals MSOM: Efficient Mechanism for Defense against DDoS Attacks in VANET

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Mohammed Al-Mehdhara ◽  
Na Ruan
Keyword(s):  
Traffic Management ◽  
Ad Hoc ◽  
Network Reliability ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Self Organizing Maps ◽  
Clustering And Classification ◽  
Network Communications ◽  
And Performance

The wireless nature of the Vehicular Ad Hoc Network (VANET), a technology that offers facilities such as traffic management and safety services, makes it vulnerable to distributed denial-of-service (DDoS) attacks that exploit network communications and reduce network reliability and performance. This paper proposes a design of a secure VANET architecture using a Software-Defined Networking (SDN) controller and Neural Network Self-Organizing Maps (SOMs). In the proposed design, we adopt the SDN architecture by using its separation of the control plane from the data plane and adding intelligent capabilities to the VANET. To resolve the drawbacks of standard SOMs and to enhance the SOM’s efficiency, a Multilayer Distributed SOM (MSOM) model based on two levels of clustering and classification is used. Experimental results show that our solution can efficiently detect malicious traffic, prevent and mitigate DDoS attacks, and increase system security and recovery speed from the attacking traffic. Moreover, the proposed scheme achieves a high accuracy rate (99.67%). Simulation results demonstrate the effectiveness and efficiency of the MSOM regarding detection accuracy and other studied metrics.

scholarly journals A Multivariant Stream Analysis Approach to Detect and Mitigate DDoS Attacks in Vehicular Ad Hoc Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Raenu Kolandaisamy ◽  
Rafidah Md Noor ◽  
Ismail Ahmedy ◽  
Iftikhar Ahmad ◽  
Muhammad Reza Z’aba ◽  
...  
Keyword(s):  
Ad Hoc Networks ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Time Windows ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
Hoc Networks ◽  
The Impact

Vehicular Ad Hoc Networks (VANETs) are rapidly gaining attention due to the diversity of services that they can potentially offer. However, VANET communication is vulnerable to numerous security threats such as Distributed Denial of Service (DDoS) attacks. Dealing with these attacks in VANET is a challenging problem. Most of the existing DDoS detection techniques suffer from poor accuracy and high computational overhead. To cope with these problems, we present a novel Multivariant Stream Analysis (MVSA) approach. The proposed MVSA approach maintains the multiple stages for detection DDoS attack in network. The Multivariant Stream Analysis gives unique result based on the Vehicle-to-Vehicle communication through Road Side Unit. The approach observes the traffic in different situations and time frames and maintains different rules for various traffic classes in various time windows. The performance of the MVSA is evaluated using an NS2 simulator. Simulation results demonstrate the effectiveness and efficiency of the MVSA regarding detection accuracy and reducing the impact on VANET communication.

Prediction, Detection, and Mitigation of DDoS Attacks Using HPCs

2021 ◽  
pp. 523-538
Author(s):  
Pablo Pessoa Do Nascimento ◽  
Isac F. A. F. Colares ◽  
Ronierison Maciel ◽  
Humberto Caetano Da Silva ◽  
Paulo Maciel
Keyword(s):  
Web Service ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Intrusion Prevention ◽  
Detection Systems ◽  
Use Of Data ◽  
Adaptive Architecture

Web service interruptions caused by DDoS (distributed denial of service) attacks have increased considerably over the years, and intrusion detection systems (IDS) are not enough to detect threats on the network, even when used together with intrusion prevention systems (IPS), taking into account the increase of assets in the traffic path, where it creates unique points of failure in the system, and also taking into account the use of data that contains information about normal traffic situations and attacks, where this comparison and analysis can cost a significant amount of host resources, to try to guarantee the prediction, detection, and mitigation of attacks in real-time or in time between detection and mitigation, being crucial in harm reduction. This chapter presents an adaptive architecture that combines techniques, methods, and tools from different segments to improve detection accuracy as well as the prediction and mitigation of these threats and to show that it is capable of implementing a powerful architecture against this type of threat, DDoS attacks.

scholarly journals Proposed statistical-based approach for detecting distribute denial of service against the controller of software defined network (SADDCS)

2018 ◽  
Vol 218 ◽  
pp. 02012 ◽  
Author(s):  
Mohammad A. AL-Adaileh ◽  
Mohammed Anbar ◽  
Yung-Wey Chong ◽  
Ahmed Al-Ani
Keyword(s):  
Statistical Analysis ◽  
Denial Of Service ◽  
Attack Detection ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Large Area ◽  
Network Resources ◽  
Network Resource ◽  
High Bandwidth ◽  
Sdn Controller

Software-defined networkings (SDNs) have grown rapidly in recent years be-cause of SDNs are widely used in managing large area networks and securing networks from Distributed Denial of Services (DDoS) attacks. SDNs allow net-works to be monitored and managed through centralized controller. Therefore, SDN controllers are considered as the brain of networks and are considerably vulnerable to DDoS attacks. Thus, SDN controller suffer from several challenges that exhaust network resources. For SDN controller, the main target of DDoS attacks is to prevent legitimate users from using a network resource or receiving their services. Nevertheless, some approaches have been proposed to detect DDoS attacks through the examination of the traffic behavior of networks. How-ever, these approaches take too long to process all incoming packets, thereby leading to high bandwidth consumption and delays in the detection of DDoS at-tacks. In addition, most existing approaches for the detection of DDoS attacks suffer from high positive/negative false rates and low detection accuracy. This study proposes a new approach to detecting DDoS attacks. The approach is called the statistical-based approach for detecting DDoS against the controllers of software-defined networks. The proposed approach is designed to detect the presence of DDoS attacks accurately, reduce false positive/negative flow rates, and minimize the complexity of targeting SDN controllers according to a statistical analysis of packet features. The proposed approach passively captures net-work traffic, filters traffic, and selects the most significant features that contribute to DDoS attack detection. The general stages of the proposed approach are (i) da-ta preprocessing, (ii) statistical analysis, (iii) correlation identification between two vectors, and (iv) rule-based DDoS detection.

Mitigate DoS and DDoS Attack in Mobile Ad Hoc Networks

2011 ◽  
Vol 3 (1) ◽  
pp. 14-36 ◽  
Author(s):  
Antonis Michalas ◽  
Nikos Komninos ◽  
Neeli R. Prasad
Keyword(s):  
Game Theory ◽  
Ad Hoc Networks ◽  
Ad Hoc Network ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Mobile Ad Hoc ◽  
Hoc Networks ◽  
Cryptographic Puzzles

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

scholarly journals Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks

Sensors ◽  
2020 ◽  
Vol 20 (20) ◽  
pp. 5875
Author(s):  
Waleed Nazih ◽  
Yasser Hifny ◽  
Wail S. Elkilani ◽  
Habib Dhahri ◽  
Tamer Abdelkader
Keyword(s):  
Neural Networks ◽  
Recurrent Neural Networks ◽  
Denial Of Service ◽  
Classification Problem ◽  
High Rate ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Rate Intensity ◽  
Telephone Systems ◽  
Deep Learning Model

Many companies have transformed their telephone systems into Voice over IP (VoIP) systems. Although implementation is simple, VoIP is vulnerable to different types of attacks. The Session Initiation Protocol (SIP) is a widely used protocol for handling VoIP signaling functions. SIP is unprotected against attacks because it is a text-based protocol and lacks defense against the growing security threats. The Distributed Denial of Service (DDoS) attack is a harmful attack, because it drains resources, and prevents legitimate users from using the available services. In this paper, we formulate detection of DDoS attacks as a classification problem and propose an approach using token embedding to enhance extracted features from SIP messages. We discuss a deep learning model based on Recurrent Neural Networks (RNNs) developed to detect DDoS attacks with low and high-rate intensity. For validation, a balanced real traffic dataset was built containing three attack scenarios with different attack durations and intensities. Experiments show that the system has a high detection accuracy and low detection time. The detection accuracy was higher for low-rate attacks than that of traditional machine learning.

scholarly journals Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment

2019 ◽  
Vol 9 (1S3) ◽  
pp. 200-205
Keyword(s):  
Cloud Computing ◽  
Adaptive Learning ◽  
Denial Of Service ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Automatic Filtering

Distributed Denial of Service (DDoS) attacks has become the most powerful cyber weapon to target the businesses that operate on the cloud computing environment. The sophisticated DDoS attack affects the functionalities of the cloud services and affects its core capabilities of cloud such as availability and reliability. The current intrusion detection system (IDS) must cope with the dynamicity and intensity of immense traffic at the cloud hosted applications and the security attack must be inspected based on the attack flow characteristics. Hence, the proposed Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment is designed to adapt with varying kind of protocol attacks using misuse detection. The system is equipped with custom and threshold techniques that satisfies security requirements and can identify the different DDoS security attacks. The proposed system provides promising results in detecting the DDoS attacks in cloud environment with high detection accuracy and good alert reduction. Threshold method provides 98% detection accuracy with 99.91%, 99.92% and 99.94% alert reduction for ICMP, UDP and TCP SYN flood attack. The defense system filters the attack sources at the target virtual instance and protects the cloud applications from DDoS attacks.

scholarly journals Defense mechanisms against Distributed Denial of Service attacks: Comparative Review

2021 ◽  
Vol 4 (1) ◽  
pp. 81-94
Author(s):  
Fahad Alatawi
Keyword(s):  
Defense Mechanisms ◽  
Large Scale ◽  
Defense Mechanism ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Response Mechanism ◽  
Packet Filtering ◽  
Comparative Review

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

scholarly journals Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detection system: A comprehensive review

2021 ◽  
Vol 11 (6) ◽  
pp. 5216
Author(s):  
Adnan Hasan Bdair Alghuraibawi ◽  
Rosni Abdullah ◽  
Selvakumar Manickam ◽  
Zaid Abdi Alkareem Alyasseri
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Positive Impact ◽  
Detection System ◽  
Denial Of Service ◽  
Internet Protocol ◽  
Economic Damage ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Network Systems

Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.

scholarly journals Decision Tree and Neural Network Based Hybrid Algorithm for Detecting and Preventing Ddos Attacks in VANETS

2020 ◽  
Vol 9 (5) ◽  
pp. 669-675
Keyword(s):  
Neural Network ◽  
Decision Tree ◽  
Traffic Management ◽  
Hybrid Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Attack ◽  
Different Types

The demand of Vehicular Adhoc Networks (VANETs) has been increasing in the area of vehicular and infrastructure communications. It has been felt that there is requirement of sharing of critical information related to safety and traffic management among different types of vehicles in a secure way. To ensure the smooth operation of the network, the availability of network resources is needed. The presence of either malicious vehicles or inaccessibility of network services makes VANET easy target for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as Distributed DoS (DDoS) attack. The DDoS attacks are very dangerous and hard to be addressed in real time. The machine learning based DDoS attack detection algorithms have been proposed and presented by the research community in literature. In this paper, a hybrid algorithm of Decision Tree and Neural Network is presented for detecting and preventing different types of DDoS attacks in VANETs with highly efficient results. The simulation based experiments are carried out in order to evaluate and compare the performance of proposed hybrid algorithm with respect to different performance parameters. Based on experiments results, it has been found that the performance of hybrid algorithm has been increased significantly.

Sign in / Sign up

Export Citation Format

Share Document