Denial of Service Research Papers (original) (raw)

Distributed denials of service (DDoS) attacks are recognized as one of the most damaging attacks on the Internet security today. Recently, malicious web crawlers have been used to execute automated DDoS attacks on web sites across the... more

Distributed denials of service (DDoS) attacks are recognized as one of the most damaging attacks on the Internet security today. Recently, malicious web crawlers have been used to execute automated DDoS attacks on web sites across the WWW. In this study, we examine the use of two unsupervised neural network (NN) learning algorithms for the purpose web-log analysis: the Self-Organizing Map (SOM) and Modified Adaptive Resonance Theory 2 (Modified ART2). In particular, through the use of SOM and modified ART2, our work aims to obtain a better insight into the types and distribution of visitors to a public web-site based on their browsing behavior, as well as to investigate the relative differences and/or similarities between malicious web crawlers and other non-malicious visitor groups. The results of our study show that, even though there is a pretty clear separation between malicious web-crawlers and other visitor groups, 52% of malicious crawlers exhibit very 'human-like' browsing behavior and as such pose a particular challenge for future web-site security systems. Also, we show that some of the feature values of malicious crawlers that exhibit very 'human-like' browsing behavior are not significantly different than the features values of human visitors. Additionally, we show that Google, MSN and Yahoo crawlers exhibit distinct crawling behavior.

• • by
  • •
  • Information Systems, Applied Mathematics, Computer Science, Machine Learning

The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed... more

The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed architecture like the Public Switch Telephone Network (PSTN). In this paper we propose a two layer architecture to prevent Denial of Service attacks on VoIP systems based on the Session Initiation Protocol (SIP). The architecture is designed to handle different types of attacks, including request flooding, malformed message sending, and attacks on the underlying DNS system. The effectiveness of the prevention mechanisms have been tested both in the laboratory and on a real live VoIP provider network.

• • by Dimitris Geneiatakis
  • •
  • Distributed Computing, Voice over IP, Computer Communications, Session Initiation Protocol

A denial-of-service (DoS) attack is an attempt by a single person or a group of people to disrupt an online service. In a bandwidth attack, attackers clog links or routers by generating a traffic overload. This can have serious... more

A denial-of-service (DoS) attack is an attempt by a single person or a group of people to disrupt an online service. In a bandwidth attack, attackers clog links or routers by generating a traffic overload. This can have serious consequences to companies that rely on their online availability to do business. The ubiquity of tools to organize DoS attacks and the determination of some people to wreak havoc make for potential future problems. This thesis proposes a MUlti-Level Tree for Online Packet Statistics (MULTOPS): an attackresistant data structure enabling routers to detect ongoing bandwidth attacks by searching for significant asymmetries between packet rates to and from different subnets. Statistics are kept in a tree that dynamically adapts its shape to (1) reflect changes in packet rates, and (2) avoid (maliciously intended) memory exhaustion. A MULTOPS is suitable to detect the type of bandwidth attack that occurred on a large scale in February 2000. To remain undetected, the attacker has to launch the attack from a large number of distinct sites which makes mounting the attack more difficult. This will hopefully discourage many attackers.

• • by Andrew S Tanenbaum
  • •
  • DoS Attack, Data Structure, Denial of Service, Denial of Service Attack

Mobile ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network... more

Mobile ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The military tactical and other securitysensitive operations are still the main applications of ad hoc networks. One main challenge in design of these networks is their vulnerability to Denial-of-Service (DoS) attacks. In this paper, we consider a particular class of DoS attacks called Jamming. The objective of a jammer is to interfere with legitimate wireless communications. A jammer can achieve this goal by either preventing a real traffic source from sending out a packet, or by preventing the reception of legitimate packets. We propose in this study a new method of detection of such attack by the measurement of error distribution.

• • by Ali Hamieh
  • •
  • DoS Attack, Ad Hoc Networks, Vehicular ad hoc network, Denial of Service

This paper describes an attack concept termed Drive-by Pharming where an attacker sets up a web page that, when simply viewed by the victim (on a JavaScript-enabled browser), attempts to change the DNS server settings on the victim’s home... more

This paper describes an attack concept termed Drive-by Pharming where an attacker sets up a web page that, when simply viewed by the victim (on a JavaScript-enabled browser), attempts to change the DNS server settings on the victim’s home broadband router. As a result, future DNS queries are resolved by a DNS server of the attacker’s choice. The attacker can direct the victim’s Internet traffic and point the victim to the attacker’s own web sites regardless of what domain the victim thinks he is actually going to, potentially leading to the compromise of the victim’s credentials. The same attack methodology can be used to make other changes to the router, like replacing its firmware. Routers could then host malicious web pages or engage in click fraud. Since the attack is mounted through viewing a web page, it does not require the attacker to have any physical proximity to the victim nor does it require the explicit download of traditional malicious software. The attack works under the reasonable assumption that the victim has not changed the default management password on their broadband router.

• • by Zulfikar Ramzan
  • •
  • Wireless Network, Information and Communications Technology, Identity Theft, Web Pages

Despite a plethora of research in the area, none of the mechanisms proposed so far for Denial-of-Service (DoS) mitigation has been widely deployed. We argue in this paper that these deployment difficulties are primarily due to economic... more

Despite a plethora of research in the area, none of the mechanisms proposed so far for Denial-of-Service (DoS) mitigation has been widely deployed. We argue in this paper that these deployment difficulties are primarily due to economic inefficiency, rather than to technical shortcomings of the proposed DoS-resilient technologies. We identify economic phenomena, negative externality---the benefit derived from adopting a technology depends on the action of others---and economic incentive misalignment---the party who suffers from an economic loss is different from the party who is in the best position to prevent that loss---as the main stumbling blocks of adoption. Our main contribution is a novel DoS mitigation architecture, Burrows, with an economic incentive realignment property. Burrows is obtained by re-factoring existing key DoS mitigation technologies, and can increase the "social welfare," i.e., economic benefit, of the entire Internet community---both infrastructure ...

• • by soon heng khor
  • •
  • Business, Network Security, Social Welfare, Virtual Private Network

Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past... more

Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past isolated from each other, including fire and life safety, HVAC, lighting, security, etc. Facilities contain commercial-in-confidence material and other valued assets; however, IB are integrated through open and common data communication protocols and hardware, leaving facilities exposed to external and internal threats. The study presents an investigation into IB, based on a defeat evaluation methdology. IB vulnerabilities considered two areas, namely physical and software vulnerabilties. Physical hardware vulnerabilities included physical access to the automation devices or workstations, communication networks, wiretapping, remote connectivity, foreign devices and local field programming. Software vulnerabilities included common connectivity proto...

• • by David Brooks
  • •
  • Engineering, Risk Management, Data Communication, INTELLIGENT BUILDING

This paper investigates the effect of common network attacks on the performance, and security of several biometric readers. Experiments are conducted using Denial of Service attacks (DoSs) and the ARP cache poisoning attack. The... more

This paper investigates the effect of common network attacks on the performance, and security of several biometric readers. Experiments are conducted using Denial of Service attacks (DoSs) and the ARP cache poisoning attack. The experiments show that the tested biometric readers are vulnerable to DoS attacks, and their recognition performance is significantly affected after launching the attacks. However, the experiments show that the tested biometric readers are secure from the ARP cache poisoning attack. This work demonstrates that biometric readers are easy targets for malicious network users, lack basic security mechanisms, and are vulnerable to common attacks. The confidentiality, and integrity of the log files in the biometric readers, could be compromised with such attacks. It then becomes important to study these attacks in order to find flags that could aid in a network forensic investigation of a biometric device.

• • by H M Saad Amin
  • •
  • Computer Science, DoS Attack, Network Forensics, Digital Forensics

Wireless Sensor Network (WSN) is an emerging technology that shows great assure for various futuristic applications both for public and military. Many researchers tried to develop further cost and energy efficient computing devices and... more

Wireless Sensor Network (WSN) is an emerging technology that shows great assure for various futuristic applications both for public and military. Many researchers tried to develop further cost and energy efficient computing devices and algorithms for WSN but the most challenging is to fit the security of WSN into that strained environment. However, security is crucial to the success of applying WSN. So it becomes essential to be familiar with the security aspects of WSN before designing WSN system. When sensor networks are deployed in an aggressive terrain, security becomes extremely important, as they are prone to different types of despite attacks. The intent of this paper is to investigate security problems and various security requirements. We identify the attacks at all the layers of WSN network architecture and also tried to find their possible solution.

• • by Mukesh Kumar
  • •
  • Sensor Network Security, Wireless Sensor Network Security, Smart Home, Resource Limitation

There are currently dozens of freely available tools to help combat phishing and other web-based scams. Many of these tools come in the form of web browser extensions that warn users when they are browsing a suspected phishing site. We... more

There are currently dozens of freely available tools to help combat phishing and other web-based scams. Many of these tools come in the form of web browser extensions that warn users when they are browsing a suspected phishing site. We used verified phishing URLs and legitimate URLs to test the effectiveness of 10 popular antiphishing toolbars. Overall, we found that the anti-phishing toolbars that were examined in this study left a lot to be desired. SpoofGuard did a very good job at identifying fraudulent sites, but it also incorrectly identified a large fraction of legitimate sites as fraudulent. EarthLink, Google, Netcraft, Cloudmark, and Internet Explorer 7 identified most fraudulent sites correctly and had few, if any, false positives, but they still missed more than 15% of fraudulent sites. The TrustWatch, eBay, and Netscape 8 toolbars could correctly identify less than half the fraudulent sites, and McAfee SiteAdvisor did not correctly identify any fraudulent sites. Many of the toolbars we tested were vulnerable to some simple exploits as well. In this paper we describe the anti-phishing toolbar test bed we developed, summarize our findings, and offer observations about the usability and overall effectiveness of these toolbars. Finally, we suggest ways to improve anti-phishing toolbars.

• • by Jason Hong
  • •
  • Machine Learning, Linear Logic, DoS Attack, Intrusion Detection

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes... more

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.

• • by Yeddula ravindra Reddy
  • •
  • Distributed Computing, Physics, Security, Sensor Network Security

To protect computer systems it is important to consider the concept of CIA: confidentiality, integrity and availability. With respect to availability, hackers continue to focus on preventing access to online services and systems by... more

To protect computer systems it is important to consider the concept of CIA: confidentiality, integrity and availability. With respect to availability, hackers continue to focus on preventing access to online services and systems by crashing a service through exploitation or by flooding services to the point that the resource is no longer accessible. These types of denial-of-service or DoS attacks can come directly from one IP address or from a multitude of computers located in disparate locations, known as distributed denial-of-service (DDoS) attacks. A variety of academic viewpoints have been created that focus on the detection, prevention, and mitigation of DoS attacks. Some academic research shows potential for real-world application, while others merely advance theoretical viewpoints that cannot realistically be implemented in the current technological landscape. In this essay, three research papers are reviewed, and each paper focuses on a novel approach to detect, prevent or mitigate availability attacks through DoS. The resulting analysis provides perspective on the feasibility of each approach.

• • by Darin Swan
  • •
  • Information Security, Distributed Denial of Service Attack, Computer Network, DDoS

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications... more

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including E-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.

• • by Charlie Obimbo
  • •
  • Information Security, SYN-flooding, Denial of Service, LDAP

Among various cyber threats, a DDoS attack is one of the major Internet threats that can affect anyone and even cause tremendous financial damage to organization that uses cloud-based services, while the mitigation of this threat can be... more

Among various cyber threats, a DDoS attack is one of the major Internet threats that can affect anyone and even cause tremendous financial damage to organization that uses cloud-based services, while the mitigation of this threat can be highly difficult considering the complex infrastructure that it uses to perform its malicious activities. For that purpose it’s important to think proactively rather than reactively when addressing the protection against this type of attacks. The overview of botnets and some of the countermeasures against this threat were discussed in this paper.

• • by Roman Fekolkin
  • •
  • Information Systems, Computer Security And Reliability, Information Science, Information Technology

Voice over IP (VoIP) is one of the most emerging technologies, with a very relevant market penetration trend. This technology will represent a cost advantage for the business and private networks with greater flexibility, if no new... more

Voice over IP (VoIP) is one of the most emerging technologies, with a very relevant market penetration trend. This technology will represent a cost advantage for the business and private networks with greater flexibility, if no new related vulnerabilities are introduced. The problems of security of the VoIP are mainly related to the weaknesses of the combination of the SIP and RTP protocols. In the VoWiFi case, these weaknesses are enhanced by the intrinsic vulnerabilities of the first generation wireless networks (802.11b), or by a bad administration of wireless security systems. After building a VoIP network over Wi-Fi without enforcing security measures for the authentication and the privacy of the data, we will show in this paper several typologies of attack: Eavesdropping and Sniffing of the VoIP calls, Man in the Middle, Denial of Service, Call interruption and Build false calls. All these threats can represent part of a check list for a plug-andplay penetration test schedule, whenever a company deploys a VoIP network infrastructure based on some untested VoIP softphone and Wireless Lan (as an internal hotspot). 3 Eavesdropping and Sniffing of the VoIP calls The eavesdropping of the telephone calls, and their consequent dispatch to the parts involved in the communication is one of the most impressive attacks to the VoIP. It's possible to mount an MITM attack in a wired network via well known techniques, e.g., using an ARP poisoning attack to force the SIP proxy, and the VoIP telephones to lace a communication with a malicious third party and not with one among them [4]. The high relevance of this attack technique has been stated, e.g., by the US Federal Communications Commission (FCC), which, in August 2005, ruled that broadband VoIP must comply with Communications Assistance for Law Enforcement Act (CALEA) [5].

• • by Gianluigi Me
  • •
  • Voice over IP, Wireless security, Wireless Network, Protocols

We propose using the Stream Control Transmission Protocol (SCTP), a recent IETF transport layer protocol, for reliable web transport. Although TCP has traditionally been used, we argue that SCTP better matches the needs of HTTP-based... more

We propose using the Stream Control Transmission Protocol (SCTP), a recent IETF transport layer protocol, for reliable web transport. Although TCP has traditionally been used, we argue that SCTP better matches the needs of HTTP-based network applications. This position paper discusses SCTP features that address:

• • by Paul Amer
  • •
  • Web Applications, Fault Tolerance, Client Server, Denial of Service

Security MAC Jamming Interference IEEE 802.11 access points deployed in shopping malls, university campuses, crowded streets, airports, and many other locations provide ubiquitous Internet access to millions of stations. However, these... more

Security MAC Jamming Interference IEEE 802.11 access points deployed in shopping malls, university campuses, crowded streets, airports, and many other locations provide ubiquitous Internet access to millions of stations. However, these hot spots are vulnerable to Denial-of-Service (DoS) attacks due to the broadcast nature of wireless communication. It does not require specialized hardware or particularly high level of experience to render 802.11 networks inoperable through DoS attacks. Standard off-the-shelf equipment is sufficient for a malicious station to disrupt the service between access points and stations. In this paper we present a systematic survey of DoS attacks, which exploits MAC and physical layer vulnerabilities of 802.11 networks. Available countermeasures against DoS attacks are discussed and compared. Future research directions and open issues are also discussed.

• • by Bulent Tavli
  • •
  • Engineering, Technology, Computer Networks, Computer Software

In this paper, we define a category of computer security exploits called "cognitive hacks." Loosely speaking, cognitive hacking refers to a computer or information system attack that relies on changing human users' perceptions and... more

In this paper, we define a category of computer security exploits called "cognitive hacks." Loosely speaking, cognitive hacking refers to a computer or information system attack that relies on changing human users' perceptions and corresponding behaviors in order to be successful. This is in contrast to denial of service (DOS) and other kinds of well-known attacks that operate solely within the computer and network infrastructure. In this paper several cognitive hacking techniques are illustrated by example, legal issues related to cognitive hacking are discussed, and technologies for preventing and mitigating the effects of cognitive hacking attacks are proposed.

• • by Paul Thompson
  • •
  • Information Technology, Computer Security, Stock Market, Legal Issues

Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in todayÕs Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally... more

Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in todayÕs Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. Because of the seriousness of the problem many defense mechanisms have been proposed to combat these attacks. This paper presents a structural approach to the DDoS problem by developing a classification of DDoS attacks and DDoS defense mechanisms. Furthermore, important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to place some order into the existing attack and defense mechanisms, so that a better understanding of DDoS attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.

• • by Christos Douligeris
  • •
  • Engineering, Technology, Network Security, Computer Networks
• • by Mathias Klang
  • •
  • Cognitive Science, Library and Information Studies, Denial of Service
• • by Andrew Warfield
  • •
  • Congestion Control, Legislation, Denial of Service, Transport Layer

La methode STRIDE pour identifier les menaces, et réduisant progressivement la complexité de l'analyse des menaces du système d’assurance en ligne. Il est d'une importance capitale pour l'analyse de la sécurité et l'évaluation des risques... more

La methode STRIDE pour identifier les menaces, et réduisant progressivement la complexité de l'analyse des menaces du système d’assurance en ligne. Il est d'une importance capitale pour l'analyse de la sécurité et l'évaluation des risques du système d’assurance en ligne, et pour exploiter en profondeur les vulnérabilités et les risques du système d’assurance en ligne.

• • by Nouadra Mohamed
  • •
  • DDoS, Information disclosure, Denial of Service, Tampering

With the increased dependence of organizations on technological solutions, the cyber threats have become some of the major concerns for the very existence of the businesses. Thus, the security measures to be implemented need to go beyond... more

With the increased dependence of organizations on technological solutions, the cyber threats have become some of the major concerns for the very existence of the businesses. Thus, the security measures to be implemented need to go beyond a simple presence of a firewall and anti-malware. In this work, an overview of two Intrusion Detection and Prevention systems (IDPS) was performed. Namely, the architecture of Snort and Suricata IDPS engines was discussed.

• • by Roman Fekolkin
  • •
  • Information Systems, Computer Science, Computer Security And Reliability, Information Science

Pushback is a mechanism for defending against Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are treated as a congestion-control problem, but because most such congestion is caused by malicious hosts not obeying traditional... more

Pushback is a mechanism for defending against Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are treated as a congestion-control problem, but because most such congestion is caused by malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled by the routers. Functionality is added to each router to detect and preferentially drop packets that probably belong to an attack. Upstream routers are also notified to drop such packets in order that the router's resources be used to route legitimate traffic hence term pushback. Client puzzles have been advocated as a promising countermeasure to DoS attacks in the recent years. In order to identify the attackers, the victim server issues a puzzle to the client that sent the traffic. When the client is able to solve the puzzle, it is assumed to be authentic and the traffic from it is allowed into the server. If the victim suspects that the puzzles are solved by most of the clients, it increases the complexity of the puzzles. This puzzle solving technique allows the traversal of the attack traffic throughout the intermediate routers before reaching the destination. In order to attain the advantages of both pushback and puzzle solving techniques, a hybrid scheme called Router based Pushback technique, which involves both the techniques to solve the problem of DDoS attacks is proposed. In this proposal, the puzzle solving mechanism is pushed back to the core routers rather than having at the victim. The router based client puzzle mechanism checks the host system whether it is legitimate or not by providing a puzzle to be solved by the suspected host.

• • by Premson Singh Samom
  • •
  • Engineering, Computer Science, Technology, Information Security

2007 was the year of online gaming fraud-with malicious programs that specifically target online games and virtual worlds increasing by 145% and the emergence of over 30,000 new programs aimed at stealing online game passwords. Such... more

2007 was the year of online gaming fraud-with malicious programs that specifically target online games and virtual worlds increasing by 145% and the emergence of over 30,000 new programs aimed at stealing online game passwords. Such malware is ...

• • by Richard A Bartle
  • •
  • Access Control, Virtual Worlds, Security and Privacy, Online Game

Wireless sensor networks (WSNs) have attracted a lot of interest over the last decade in wireless and mobile computing research community. Applications of WSNs are numerous and growing, which range from indoor deployment scenarios in the... more

Wireless sensor networks (WSNs) have attracted a lot of interest over the last decade in wireless and mobile computing research community. Applications of WSNs are numerous and growing, which range from indoor deployment scenarios in the home and office to outdoor deployment in adversary’s territory in a tactical battleground. However, due to distributed nature and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their performance. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Design and implementation of secure WSNs is, therefore, a particularly challenging task. This chapter provides a comprehensive discussion on the state of the art in security technologies for WSNs. It identifies various possible attacks at different layers of the communication protocol stack in a typical WSN and presents their possible countermeasures. A brief discussion on the future direction of research in WSN security is also included.

• • by Jaydip Sen
  • •
  • Distributed Computing, Security, Wireless Sensor Networks, Sensor Network Security

Cybersecurity is a global challenge as Cyberspace is never risk free. Cybersecurity ensures the attainment and maintenance of the security properties of the digital infrastructure and services against relevant security risks in the cyber... more

Cybersecurity is a global challenge as Cyberspace is never risk free. Cybersecurity ensures the attainment and maintenance of the security properties of the digital infrastructure and services against relevant security risks in the cyber environment. Currently web applications are highly functional and rely upon two-way flow of information between the server and browser. New technologies in Web applications have brought with them a new range of security vulnerabilities and new possibilities for exploitation. WebGIS is an effective way for disseminating geospatial data and geo-processing tools through internet. WebGIS is similar to the client/server architecture and the server-side geo-processing components will store, process and serve the data to the client/browser, during which Database server, Application server and a web server will be involved. The networking infrastructure in WebGIS environment plays a critical role in the security of the data centres. This paper presents the architecture of WebGIS environment, role of networking components, traits of Cybersecurity and portrays various defence mechanisms that aid in Cybersecurity in WebGIS environment.

• • by Giri Babu
  • •
  • Secure Software Development, Cybersecurity, Malware, WebGIS

Denial-of-Service (DoS) is a network security problem that constitutes a serious challenge to reliability of services deployed on the servers. The aim of DoS attacks is to exhaust a resource in the target system, reducing or completely... more

Denial-of-Service (DoS) is a network security problem that constitutes a serious challenge to reliability of services deployed on the servers. The aim of DoS attacks is to exhaust a resource in the target system, reducing or completely subverting the availability of the service provided. Threat of DoS attacks has become even more severe with DDoS (Distributed Denial-of-Service) attack. It is an attempt by malicious users to carry out DoS attack indirectly with the help of many compromised computers on the Internet. Service providers are under mounting pressure to prevent, monitor and mitigate DoS/DDoS attacks directed toward their customers and their infrastructure. Defending against those types of attacks is not a trivial job, mainly due to the use of IP spoofing and the destination-based routing of the Internet, though there are many proposed methods which aim to alleviate the problem like Firewalls, Intrusion Detection Systems, Ingress filtering, IP Traceback, SYN Proxy etc. This paper discusses the efficient packet filtering technique using firewall to defend against DoS/DDoS attacks. Firewall scripts are written using command-line tool iptables in Linux to deny the suspicious traffic. Packet analyzer tool used to showcase the effectiveness of the scripts in mitigating the various kinds of DoS/DDoS attacks.

• • by Bahaa Al-Musawi
  • •
  • Distributed Denial of Service Attack, Denial of Service, Iptables
• • by Ashfaq H U S S A I N Farooqi
  • •
  • Cognitive Science, Distributed Computing, DoS Attack, Intrusion Detection

SUMMARY The security of modern computer systems heavily depends on security tools, especially on antivirus software solutions. In the anti-malware research community, development of techniques for evading detection by antivirus software... more

SUMMARY The security of modern computer systems heavily depends on security tools, especially on antivirus software solutions. In the anti-malware research community, development of techniques for evading detection by antivirus software is an active research area. This has led to malware that can bypass or subvert antivirus software. The common strategies deployed include the use of obfuscated code and staged malware whose first instance (usually installer such as dropper and downloader) is not detected by the antivirus software. Increasingly, most of the modern malware are staged ones in order for them to be not detected by antivirus solutions at the early stage of intrusion. The installers then determine the method for further intrusion including antivirus bypassing techniques. Some malware target boot and/or shutdown time when antivirus software may be inactive so that they can perform their malicious activities. However, there can be another time frame where antivirus solutions may be inactive, namely, during the time of update. All antivirus software share a unique characteristic that they must be updated at a very high frequency to provide up-to-date protection of their system. In this paper, we suggest a novel attack vector that targets antivirus updates and show practical examples of how a system and antivirus software itself can be compromised during the update of antivirus software. Local privilege escalation using this vulnerability is also described. We have investigated this design vulnerability with several of the major antivirus software products such as Avira, AVG, McAfee, Microsoft, and Symantec and found that they are vulnerable to this new attack vector. The paper also discusses possible solutions that can be used to mitigate the attack in the existing versions of the antivirus software as well as in the future ones.

• • by Udaya Tupakula and +1
  • •
  • Computer Science, Information Security, Computer Security, Vulnerability

In Information Security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Intrusion detection does not, in general, include prevention of... more

In Information Security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Intrusion detection does not, in general, include prevention of intrusions. In this paper, we are mostly focused on data mining techniques that are being used for such purposes. We debate on the advantages and disadvantages of these techniques. Finally we present a new idea on how data mining can aid IDSs.

• • by m najafi
  • •
  • Machine Learning, Network Security, IDS, Denial of Service
• • by Harold Kirkham
  • •
  • Intellectual Property, Control system, Natural Gas, National Security

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at... more

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of performance. Others sacrifice security or functionality for speed. Few offer resource isolation or performance guarantees; most provide only best-effort provisioning, risking denial of service. This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacrificing either performance or functionality. This is achieved by providing an idealized virtual machine abstraction to which operating systems such as Linux, BSD and Windows XP, can be ported with minimal effort.

• • by Jean-Pierre Hombach
  • •
  • Computer Science, Operating Systems, Computer Engineering, Computer Networks

Abstract: The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the solution for avoiding denial of service from WAP applications using WIM features. The first... more

Abstract: The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the solution for avoiding denial of service from WAP applications using WIM features. The first section contains the structure of GSM network from voice and data point of view. The security in GSM network is presented in second section. The third section presents a solution for realizing mobile subscriber non-repudiation. The solution is based on the HTTP protocol over WAP. Key-words: mobile ...

• • by Marius Popa
  • •
  • Mobile Application, Smart Card, Denial of Service, Point of View

Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in todayÕs Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally... more

Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in todayÕs Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. Because of the seriousness of the problem many defense mechanisms have been proposed to combat these attacks. This paper presents a structural approach to the DDoS problem by developing a classification of DDoS attacks and DDoS defense mechanisms. Furthermore, important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to place some order into the existing attack and defense mechanisms, so that a better understanding of DDoS attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.

• • by Jignasha Makwana
  • •
  • Engineering, Technology, Signal Processing, Network Security

Distributed Denial of Service attack is a coordinated attack, generally performed on a massive scale on the availability of services of a target system or network resources. Due to the continuous evolution of new attacks and... more

Distributed Denial of Service attack is a coordinated attack, generally performed on a massive scale on the availability of services of a target system or network resources. Due to the continuous evolution of new attacks and ever-increasing number of vulnerable hosts on the Internet, many DDoS attack detection or prevention mechanisms have been proposed.

• • by neha gupta
  • •
  • Distributed Computing, Information Theory, Internet Security, Distributed Denial of Service Attack

Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the... more

Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defence mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for their execution. While the approximate modules are fast in detection and involve less overhead, they provide lower level of detection accuracy. The accurate modules employ complex detection logic and hence involve more overhead for their execution. However, they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defence mechanism against DDoS attacks.

• • by Ankit Chand
  • •
  • Servers (Computer Science), Network Security, Computer Networks, Distributed Denial of Service Attack

This paper describes an approach to detecting distributed denial of service (DDoS) attacks that is based on fundamentals of Information Theory, specifically Kolmogorov Complexity. A theorem derived using principles of Kolmogorov... more

This paper describes an approach to detecting distributed denial of service (DDoS) attacks that is based on fundamentals of Information Theory, specifically Kolmogorov Complexity. A theorem derived using principles of Kolmogorov Complexity states that the joint complexity measure of random strings is lower than the sum of the complexities of the individual strings when the strings exhibit some correlation. Furthermore, the joint complexity measure varies inversely with the amount of correlation. We propose a distributed active network-based algorithm that exploits this property to correlate arbitrary traffic flows in the network to detect possible denial-of-service attacks. One of the strengths of this algorithm is that it does not require special filtering rules and hence it can be used to detect any type of DDoS attack. We implement and investigate the performance of the algorithm in an active network. Our results show that DDoS attacks can be detected in a manner that is not sensitive to legitimate background traffic.

• • by Stephen F Bush
  • •
  • Distributed Computing, Information Theory, Internet Security, Distributed Denial of Service Attack

Cognitive radio technologies have emerged as a platform to solve the problem of spectrum scarcity for wireless applications since cognitive radios have the potential to utilize the idle licensed spectrum bands in an intelligent way... more

Cognitive radio technologies have emerged as a platform to solve the problem of spectrum scarcity for wireless applications since cognitive radios have the potential to utilize the idle licensed spectrum bands in an intelligent way without interfering with other licensed devices. However, most of the proposed protocols for opportunistic usage of the licensed spectrum bands assume that the participants involved in the protocols are honest and that there are no malicious adversaries that will attack the network. Using two examples, we demonstrate that in the presence of a malicious adversary the systems designed making these assumptions will fail to fulfill their goals of minimal disruption of the primary users and efficient utilization of the unused spectrum. We also briefly discuss some security design goals of the future cognitive DSA networks.

• • by K. Subbalakshmi
  • •
  • Competitive Intelligence, Dynamic Spectrum Access, Cognitive radio, System Design

Hashcash was originally proposed as a mechanism to throttle systematic abuse of un-metered internet resources such as email, and anonymous remailers in May 1997. Five years on, this paper captures in one place the various applications,... more

Hashcash was originally proposed as a mechanism to throttle systematic abuse of un-metered internet resources such as email, and anonymous remailers in May 1997. Five years on, this paper captures in one place the various applications, improvements suggested and related subsequent publications, and describes initial experience from experiments using hashcash.

• • by Adam Back
  • •
  • Computer Science, Denial of Service, USENIX

Pediatricians recognize that social and nonmedical factors influence child health and that there are many government programs and laws designed to provide for children's basic needs. However, gaps in implementation result in denials of... more

Pediatricians recognize that social and nonmedical factors influence child health and that there are many government programs and laws designed to provide for children's basic needs. However, gaps in implementation result in denials of services, leading to preventable poor health outcomes. Physician advocacy in these arenas is often limited by lack of knowledge, experience, and resources to intervene. The incorporation of on-site lawyers into the health care team facilitates the provision of crucial legal services to vulnerable families. Although social workers and case managers play a critical role in assessing family stability and finding appropriate resources for families, lawyers are trained to identify violations of rights and to take the appropriate legal steps to hold agencies, landlords, schools, and others accountable on behalf of families. The incorporation of lawyers in the clinical setting originated at an urban academic medical center and is being replicated at >30 sites across the country. Lawyers can help enhance a culture of advocacy in pediatrics by providing direct legal assistance and case consultation for providers, as well as jointly addressing systemic issues affecting children and families. Until laws to promote health and safety are consistently applied and enforced, pediatricians will need lawyers to effectively care for vulnerable children. Pediatrics 2004;114:224 -228; advocacy, health disparities, prevention.

• • by Barry Zuckerman
  • •
  • Pediatrics, Social Work, Health Care, Child Welfare

Without the need of an infrastructure, low-cost, auto-managed, flexible and low power consumer, wireless communication is becoming emerging technology. It shows great binder for present as well as future hi-tech applications. Increasing... more

Without the need of an infrastructure, low-cost, auto-managed, flexible and low power consumer, wireless communication is becoming emerging technology. It shows great binder for present as well as future hi-tech applications. Increasing reliance on wireless communication also brings great challenges to the security measures and other correlated issues. Although the newly introduced corrected security standard, IEEE 802.11i, offers extensive security for the wireless environment but it is still premature and does not provide effective measures to protect the wireless networks from confidentiality and integrity threats. The main issues for deployment of wireless networks are security attacks, vulnerabilities, battery power and improper security models. This paper provides a study on these problems especially in ad-hoc wireless networks. The study is based on numerous proposed schemes in the endeavor to secure such networks. The goal of this paper is to probe the principal security issues, challenges and fundamental security requirements of wireless communications on the bases of their proposed solutions.

• • by Kashif Laeeq
  • •
  • Information Security, Computer Security, Cryptography, Security Issues

In VoIP, in order to avoid attacks and discover security vulnerabilities, it is necessary to be aware of typical risks and to have a good understanding of how vulnerabilities can be exploited. In a previous paper we presented the concept... more

In VoIP, in order to avoid attacks and discover security vulnerabilities, it is necessary to be aware of typical risks and to have a good understanding of how vulnerabilities can be exploited. In a previous paper we presented the concept of attack patterns. Attack patterns describe from the point of view of the attacker, how a type of attack is performed (what system units it uses and how), analyzes the ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and describes how to trace the attack once it has happened by appropriate collection and observation of forensics data. We present a set of attack patterns for VoIP: Denial of Service (DoS), Call Interception, and Theft of Service on VoIP.

• • by Eduardo Fernandez
  • •
  • Denial of Service, Point of View

Supervisory Control and Data Acquisition (SCADA) systems have become essential to many industries around the world. Nowadays, SCADA systems are controlling many critical infrastructures such as power grids, mega factories, water treatment... more

Supervisory Control and Data Acquisition (SCADA) systems have become essential to many industries around the world. Nowadays, SCADA systems are controlling many critical infrastructures such as power grids, mega factories, water treatment systems, and even nuclear power plants. As a result, SCADA systems have become very attractive targets for malicious attacks. In this paper, we show a test-bed that we have developed to detect vulnerabilities within SCADA protocols against internal attacks in order to find out how easy it is to bypass security measures in such protocols. Furthermore, we have tested SCADA components to assess their vulnerabilities against the following attacks: Denial of Service (DoS) attacks, replay attacks, cryptographic attacks, and fragmentation attacks. Our results indicate that SCADA protocols and components are very vulnerable, and hence it is of paramount importance to find immediate solutions to these vulnerabilities.

• • by Ali Chehab
  • •
  • Cryptography, Protocols, SCADA, Denial of Service

Adolescent parenting remains a serious problem despite the decline in teen pregnancy, largely because this at-risk population lacks health and social services. In this paper, we examine how a broad range of health and social services for... more

Adolescent parenting remains a serious problem despite the decline in teen pregnancy, largely because this at-risk population lacks health and social services. In this paper, we examine how a broad range of health and social services for pregnant and parenting teens meets their needs, access, utilization and satisfaction. We surveyed a sample of at-risk young women in shelters, community-based agencies and alternative schools. Interviews revealed that their lives were chaotic and traumatic, with frequent crises for which they had few resources. A majority reported symptoms consistent with clinical depression, yet very few received mental health services. Similar patterns of unfulfilled needs were evident in other sectors of services. Many were dissatisfied with the services they did receive and angry about frequent denial of services. We include recommendations for policy and programmatic changes as well as for future research. ᮊ

• • by Rosemary Sarri
  • •
  • Social Work, Mental Health, Fertility, Population Dynamics

The Internet has become a universal communication network tool. It has evolved from a platform that supports best-effort traffic to one that now carries different traffic types including those involving continuous media with Quality of... more

The Internet has become a universal communication network tool. It has evolved from a platform that supports best-effort traffic to one that now carries different traffic types including those involving continuous media with Quality of Service (QoS) requirements. As more services are delivered over the Internet, we face increasing risk to their availability given that malicious attacks on those Internet services continue to increase. Several networks have witnessed Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks over the past few years which have disrupted QoS of network services, thereby violating the Service Level Agreement (SLA) between the client and the Internet Service Provider (ISP). Hence DoS or DDoS attacks are major threats to network QoS. In this paper we survey techniques and solutions that have been deployed to thwart DoS and DDoS attacks and we evaluate them in terms of their impact on network QoS for Internet services. We also present vulnerabilities that can be exploited for QoS protocols and also affect QoS if exploited. In addition, we also highlight challenges that still need to be addressed to achieve end-to-end QoS with recently proposed DoS/DDoS solutions.

• • by Scott Fowler
  • •
  • Distributed Computing, Performance, DDoS, QoS

We discuss distributed denial of service attacks in the Internet. We were motivated by the widely known February 2000 distributed attacks on Yahoo!, Amazon.com, CNN.com, and other major Web sites. A denial of service is characterized by... more

We discuss distributed denial of service attacks in the Internet. We were motivated by the widely known February 2000 distributed attacks on Yahoo!, Amazon.com, CNN.com, and other major Web sites. A denial of service is characterized by an explicit attempt by an attacker to prevent legitimate users from using resources. An attacker may attempt to: "flood" a network and thus reduce a legitimate user's bandwidth, prevent access to a service, or disrupt service to a specific system or a user. We describe methods and techniques used in denial of service attacks, and we list possible defenses. In our study, we simulate a distributed denial of service attack using ns-2 network simulator. We examine how various queuing algorithms implemented in a network router perform during an attack, and whether legitimate users can obtain desired bandwidth. We find that under persistent denial of service attacks, class based queuing algorithms can guarantee bandwidth for certain classes ...

• • by Michalis Masikos
  • •
  • Computer Science, Queueing theory, Layout, Denial of Service
• • by Ankit Chand
  • •
  • Social Networking, Network Security, Distributed Denial of Service Attack, DDoS