Denial of Service Attacks Research Papers (original) (raw)

• Top Papers

• Most Cited Papers

• Most Downloaded Papers

• Newest Papers

• People

• • by
  • •
  • DoS Attack, Cryptography, Protocols, Internet

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical... more

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical transport networks related to optical fibers. Many hospitals are acquiring their own metro dark fiber networks for collaborating with other institutes as a way to maximize their capacity to meet patient needs, as sharing scarce and expensive assets, such as scanners, allows them to optimize their efficiency. The primary goal of this article is to develop of an attack detection model suitable for healthcare monitoring systems that uses internet protocol (IP) virtual private networks (VPNs) over optical transport networks. To this end, this article presents the vulnerabilities in healthcare monitoring system networks, which employ VPNs over optical transport layer architecture. Furthermore, a multilayer network architecture for closer integration of the...

• • by Dionysios Tafiadis
  • •
  • Optical Networks, Computation, Healthcare monitoring, vpn Security

Despite a plethora of research in the area, none of the mechanisms proposed so far for Denial-of-Service (DoS) mitigation has been widely deployed. We argue in this paper that these deployment difficulties are primarily due to economic... more

Despite a plethora of research in the area, none of the mechanisms proposed so far for Denial-of-Service (DoS) mitigation has been widely deployed. We argue in this paper that these deployment difficulties are primarily due to economic inefficiency, rather than to technical shortcomings of the proposed DoS-resilient technologies. We identify economic phenomena, negative externality---the benefit derived from adopting a technology depends on the action of others---and economic incentive misalignment---the party who suffers from an economic loss is different from the party who is in the best position to prevent that loss---as the main stumbling blocks of adoption. Our main contribution is a novel DoS mitigation architecture, Burrows, with an economic incentive realignment property. Burrows is obtained by re-factoring existing key DoS mitigation technologies, and can increase the "social welfare," i.e., economic benefit, of the entire Internet community---both infrastructure ...

• • by soon heng khor
  • •
  • Business, Network Security, Social Welfare, Virtual Private Network
• • by Jignasha Makwana
  • •
  • Engineering, Technology, Signal Processing, Network Security
• • by K. Subbalakshmi
  • •
  • Competitive Intelligence, Dynamic Spectrum Access, Cognitive radio, System Design

The 4-way Wi-Fi handshake is used to negotiate fresh pairwise keys, and authenticates both the client and Access Point (AP). We analyze this handshake, and discover several new denial-of-service (DoS) attacks against it. Interestingly,... more

The 4-way Wi-Fi handshake is used to negotiate fresh pairwise keys, and authenticates both the client and Access Point (AP). We analyze this handshake, and discover several new denial-of-service (DoS) attacks against it. Interestingly, our attacks work even if Management Frame Protection (MFP) is enabled. The first attack abuses the observation that messages in the 4-way handshake undergo link-layer encryption once the pairwise key is installed. More precisely, when message 4 of the handshake is dropped, the handshake times out. The second attack is similar to the second one, but induces the AP into sending the first message 4 with link-layer encryption. Again, this causes the handshake to time out. In the third attack, an adversary waits until the victim completes the 4-way handshake. Then she initiates a rekey by injecting a malformed 4-way handshake messages, causing several implementations to disconnect the client from the network. Finally, we propose countermeasures against our discovered attacks.

• • by Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP)
  • •
  • Wi-Fi, Network Protocols, 802.11, Denial of Service Attacks
• • by Aikaterini Mitrokotsa
  • •
  • Network Security, Computer Networks, Neural Network, Intrusion Detection

We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a number of novel... more

We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a number of novel engineering parameters that permit a variety of tradeoffs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service attacks.

• • by Ran Canetti
  • •
  • Information Systems, Computer Science, Distributed Denial of Service Attack, Cryptography

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical... more

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical transport networks related to optical fibers. Many hospitals are acquiring their own metro dark fiber networks for collaborating with other institutes as a way to maximize their capacity to meet patient needs, as sharing scarce and expensive assets, such as scanners, allows them to optimize their efficiency. The primary goal of this article is to develop of an attack detection model suitable for healthcare monitoring systems that uses internet protocol (IP) virtual private networks (VPNs) over optical transport networks. To this end, this article presents the vulnerabilities in healthcare monitoring system networks, which employ VPNs over optical transport layer architecture. Furthermore, a multilayer network architecture for closer integration of the...

• • by Dionysios Tafiadis
  • •
  • Computer Science, Optical Networks, Computation, Comput
• • by O. Krieger and +2
  • •
  • Computer Science, Object Oriented Programming, Protocols, Availability
• • by David Raymond
  • •
  • Distributed Computing, Wireless Sensor Networks, Sensor Network, Wireless Sensor
• • by Michael Hsiao
  • •
  • Computer Architecture, Cancer, Pervasive Computing, Cryptography
• • by Aikaterini Mitrokotsa
  • •
  • Engineering, Technology, Signal Processing, Network Security

ABSTRACT Denial of Service (DoS) attacks evolved and consolidated as severe security threats to network servers, not only for Internet Service Providers but also for governments. Earlier DoS attacks involved high-bandwidth flood-based... more

ABSTRACT Denial of Service (DoS) attacks evolved and consolidated as severe security threats to network servers, not only for Internet Service Providers but also for governments. Earlier DoS attacks involved high-bandwidth flood-based approaches exploiting vulnerabilities of networking and transport protocol layers. Subsequently, Distributed DoS attacks have been introduced amplifying not only the overall attack bandwidth but also the attack source, thus eluding simple counter measures based on source filtering. Current low bit-rate approaches, instead, exploit vulnerabilities of application layer protocols to accomplish DoS or DDoS attacks. Slow DoS Attacks like, e.g., slowloris are particularly dangerous because they can bring down a well equipped server using small attacker’s bandwidth, hence they can effectively run on low performance hosts, such as routers, game consoles, or mobile phones. In this paper, we study Slow DoS Attacks, analyzing in detail the current threats and presenting a proper definition and categorization for such attacks. Hopefully, our work will provide a useful framework for the study of this field, for the analysis of network vulnerabilities, and for the proposal of innovative Intrusion Detection methodologies.

• • by Maurizio Aiello
  • •
  • Computer Science, Taxonomy, Denial of Service Attacks

Countermeasures against denial of service attacks and node misbehaviour are mandatory requirements in MANET. Essential network operations assuring basic connectivity can be heavily jeopardized by nodes that do not properly execute their... more

Countermeasures against denial of service attacks and node misbehaviour are mandatory requirements in MANET. Essential network operations assuring basic connectivity can be heavily jeopardized by nodes that do not properly execute their share of the network operations. We suggest a security mechanism based on a collaborative monitoring technique that prevents active and passive denial of service attacks by enforcing node cooperation. This mechanism can be smoothly extended to basic network functions ...

• • by Pietro Michiardi
  • •
  • Mobile Ad Hoc Networks, Mobile Ad Hoc Network, Rr, Denial of Service Attack

Networks are prone to security attacks, and wireless infrastructure network is more vulnerable. The number of people preferring Wireless networks compared to the wired network has seen an expansion of user base owing to the fast and easy... more

Networks are prone to security attacks, and wireless infrastructure network is more vulnerable. The number of people preferring Wireless networks compared to the wired network has seen an expansion of user base owing to the fast and easy installation of wireless infrastructure. Security issues also increases proportionally as the number of users increases. One of the major security issues witnessed in wireless networks is denial-of service (DoS) attack. A denial-of service (DoS) attack can be defined as an attempt to make the network resource unavailable to its intended users, which may be to temporarily interrupt or suspend services of a host connected to the Internet. Therefore it is imperative to understand the extent of, the effect of denial of service attack on normal network performance. In this paper the effect on network performance due to Denial of Service attack is evaluated by measuring the throughput, number of packets received and the number of packets lost and then comparing it with a network which is not under attack.

• • by IJSTE - International Journal of Science Technology and Engineering
  • •
  • IEEE 802.11 WLAN, Wlan, Access Point, Denial of Service Attacks

Countermeasures against node misbehavior and selfishness are mandatory requirements in mobile ad hoc networks. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifying the... more

Countermeasures against node misbehavior and selfishness are mandatory requirements in mobile ad hoc networks. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifying the correctness and integrity of an operation. In this paper we outline an original security mechanism (CORE) based on reputation that is used to enforce cooperation among the nodes of a MANET. We then investigate on its robustness using an original approach: we use game theory to model ...

• • by Refik Molva
  • •
  • Computer Science, Simulation, Mobile Ad Hoc Network, Theoretical Analysis
• • by Magnus M. Halldorsson
  • •
  • Wireless Sensor Networks, Energy efficiency, Lower Bound, Energy Efficiency
• • by Aikaterini Mitrokotsa
  • •
  • Engineering, Technology, Signal Processing, Network Security
• • by Ling Liu
  • •
  • Distributed Computing, DoS Attack, Distributed System, Distributed Systems
• • by Catalin Leordeanu
  • •
  • History, Cloud Computing, Authentication, IEEE
• • by RItu Bansal
  • •
  • Engineering, Technology, Signal Processing, Network Security
• • by Graphic Mirkovic
  • •
  • DoS Attack, Experimental Research, Sampling methods, Assembly
• • by Tom Martin
  • •
  • Computer Architecture, Cancer, Pervasive Computing, Cryptography
• • by Werner Vogels
  • •
  • Computer Science, Distributed Computing, Information Retrieval, Publishing

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical... more

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical transport networks related to optical fibers. Many hospitals are acquiring their own metro dark fiber networks for collaborating with other institutes as a way to maximize their capacity to meet patient needs, as sharing scarce and expensive assets, such as scanners, allows them to optimize their efficiency. The primary goal of this article is to develop of an attack detection model suitable for healthcare monitoring systems that uses internet protocol (IP) virtual private networks (VPNs) over optical transport networks. To this end, this article presents the vulnerabilities in healthcare monitoring system networks, which employ VPNs over optical transport layer architecture. Furthermore, a multilayer network architecture for closer integration of the...

• • by Dionysios Tafiadis
  • •
  • Computer Science, Optical Networks, Computation, Comput

Countermeasures against node misbehavior and selfishness are mandatory requirements in mobile ad hocnetworks. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifyingthe correctness... more

Countermeasures against node misbehavior and selfishness are mandatory requirements in mobile ad hocnetworks. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifyingthe correctness and integrity of an operation. In this paper we outline an original security mechanism (CORE) based onreputation that is used to enforce cooperation among the nodes of a MANET. We then investigate on its robustnessusing an original approach: we use game theory to model the interactions ...

• • by Refik Molva
  • •
  • Computer Science, Simulation, Mobile Ad Hoc Network, Denial of Service Attacks

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical... more

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical transport networks related to optical fibers. Many hospitals are acquiring their own metro dark fiber networks for collaborating with other institutes as a way to maximize their capacity to meet patient needs, as sharing scarce and expensive assets, such as scanners, allows them to optimize their efficiency. The primary goal of this article is to develop of an attack detection model suitable for healthcare monitoring systems that uses internet protocol (IP) virtual private networks (VPNs) over optical transport networks. To this end, this article presents the vulnerabilities in healthcare monitoring system networks, which employ VPNs over optical transport layer architecture. Furthermore, a multilayer network architecture for closer integration of the...

• • by Kostas Peppas
  • •
  • Computer Science, Optical Networks, Computation, Comput
• • by Srinivas Padmanabhuni
  • •
  • Role Based Access Control, Denial of Service Attacks, Distributed Systems Security

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical... more

Data security plays a crucial role in healthcare monitoring systems, since critical patient information is transacted over the Internet, especially through wireless devices, wireless routes such as optical wireless channels, or optical transport networks related to optical fibers. Many hospitals are acquiring their own metro dark fiber networks for collaborating with other institutes as a way to maximize their capacity to meet patient needs, as sharing scarce and expensive assets, such as scanners, allows them to optimize their efficiency. The primary goal of this article is to develop of an attack detection model suitable for healthcare monitoring systems that uses internet protocol (IP) virtual private networks (VPNs) over optical transport networks. To this end, this article presents the vulnerabilities in healthcare monitoring system networks, which employ VPNs over optical transport layer architecture. Furthermore, a multilayer network architecture for closer integration of the IP and optical layers is proposed, and an application for detecting DoS attacks is introduced. The proposed application is a lightweight implementation that could be applied and installed into various remote healthcare control devices with limited processing and memory resources. Finally, an analytical and focused approach correlated to attack detection is proposed, which can also serve as a tutorial oriented towards even nonprofessionals for practical and learning purposes.

• • by Spyridon K Chronopoulos
  • •
  • Optical Networks, Healthcare monitoring, vpn Security, Denial of Service Attacks
• • by Zeeshan Qaiser
  • •
  • Distributed Computing, Time Series, Statistical Analysis, Anomaly Detection

Recently, several papers have studied the possibility of shrinking buffer sizes in Internet core routers to just a few dozen packets under certain constraints. If proven right, these results can open doors to building all-optical routers,... more

Recently, several papers have studied the possibility of shrinking buffer sizes in Internet core routers to just a few dozen packets under certain constraints. If proven right, these results can open doors to building all-optical routers, since a major bottleneck in building such routers is the lack of large optical memories. However, reducing buffer sizes might pose new security risks: it is much easier to fill up tiny buffers, and thus organizing Denial of Service (DoS) attacks seems easier in a network with tiny buffers. To the best of our knowledge, such risks have not been studied before; all the focus has been on performance issues such as throughput, drop rate, and flow completion times. In this paper, we study DoS attacks in the context of networks with tiny buffers. We show that even though it is easier to fill up tiny buffers, synchronizing flows is more difficult. Therefore to reduce the network throughput, the attacker needs to utilize attacks with high packet injection rates. Since such attacks are easily detected, we conclude that DoS attacks are in fact more difficult in networks with tiny buffers.

• • by Agop Koulakezian
  • •
  • Computer Science, DoS Attack, Degradation, Throughput

Intrusion prevention systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. Essential to every network intrusion prevention system is the ability to search through packets and... more

Intrusion prevention systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. Essential to every network intrusion prevention system is the ability to search through packets and identify patterns that match known attacks. Resource- and time-efficient string matching algorithms are therefore important for identifying these packets at the line rate. Recently these

• • by Piotr Karp
  • •
  • Computer Architecture, Computer Networks, Cryptography, Databases