Wyniki wyszukiwania - BazTech

1

Detection of distributed denial of service attacks for IoT-based healthcare systems

Kaur Gaganjot, Gupta Prinima

Computer Assisted Methods in Engineering and Science

|

2023

|

Vol. 30, no. 2

167--186

EN

One of the major common assaults in the current Internet of things (IoT) network-based healthcare infrastructures is distributed denial of service (DDoS). The most challenging task in the current environment is to manage the creation of vast multimedia data from the IoT devices, which is difficult to be handled solely through the cloud. As the software defined networking (SDN) is still in its early stages, sampling-oriented measurement techniques used today in the IoT network produce low accuracy, increased memory usage, low attack detection, higher processing and network overheads. The aim of this research is to improve attack detection accuracy by using the DPTCM-KNN approach. The DPTCMKNN technique outperforms support vector machine (SVM), yet it still has to be improved. For healthcare systems, this work develops a unique approach for detecting DDoS assaults on SDN using DPTCM-KNN.

2

An Efficient Hybrid Protocol Framework for DDoS Attack Detection and Mitigation Using Evolutionary Technique

Yerriswamy T., Gururaj Murtugudde

Journal of Telecommunications and Information Technology

|

2022

|

nr 4

77--82

EN

The ever-increasing use of the Internet has created massive amounts network traffic, causing problems related to its scalability, controllability, and manageability. Sophisticated network-based denial of service (DoS) and distributed denial of service (DDoS) attacks increasingly pose a future threat. The literature proposes various methods that may help stop all HTTP DoS/DDoS assaults, but no optimal solution has been identified so far. Therefore, this paper attempts to fill the gap by proposing an alternative solution known as an efficient hybrid protocol framework for distributed DoS attack detection and mitigation (E-HPFDDM). Such an architecture addresses all aspects of these assaults by relaying on a three-layer mechanism. Layer 1 uses the outer advanced blocking (OAB) scheme which blocks unauthorized IP sources using an advanced backlisted table. Layer 2 is a validation layer that relies on the inner service trackback (IST) scheme to help determine whether the inbound request has been initiated by a legitimate or an illegitimate user. Layer 3 (inner layer) uses the deep entropy based (DEB) scheme to identify, classify and mitigate high-rate DDoS (HR-DDoS) and flash crowd (FC) attacks. The research shows that in contrast to earlier studies, the structure of the proposed system offers effective defense against DoS/DDoS assaults for web applications.

3

Design of a distributed HIDS for IoT backbone components

de O. Kfouri Guilherme, Gonçalves Daniel G. V., Dutra Bruno V., de Alencastro João F., de Caldas Filho Francisco L., e Martins Lucas M. C., Praciano Bruno J. G., de O. Albuquerque Robson, de Sousa Jr Rafael T.

Annals of Computer Science and Information Systems

|

2019

|

Vol. 20

81--88

EN

Nowadays DDoS attacks using IoT devices are frequent and extensive. Given that IoT network instances are distributed and deployed over conventional Internet gear, DDoS countermeasures in IoT need to be fully distributed and coordinated all over the components that form each IoT instance. This paper presents a designed and prototyped distributed host-based intrusion detection systems (HIDS) that aims to protect the components of IoT network backbones, comprising conventional switches and routers. In our design, a set of the proposed HIDS executes conventional security verifications, like default username and password, known attacks signatures, monitoring the usage of resources, processes, ports and open connections, while also interacting with a Controller of the HIDS set to allow the coordination of intrusion detection actions relative to DDoS attacks all over the IoT instance. The designed distributed HIDS is evaluated in a controlled environment that, although being a local and isolated network, realistically represents IoT network instances.

4

Calculating distributed denial of service attack probability in bloom-filter based information-centric networks

Vassilakis V. G., Wang L., Moscholios I. D., Logothetis M. D.

Image Processing & Communications

|

2016

|

Vol. 21, no. 1

7--22

EN

Information-Centric Networking (ICN) is an emerging networking technology that has been designed to directly operate on named content/information objects, rather than relying on the knowledge of the content location. According to the ICN principles, a user requests the information object by its name or some other form of object identiﬁer. After that, the ICN system is responsible for ﬁnding the particular object and send In git back to theuser. Despite a large number of works on ICN in recent years, ICN systems still face security challenges. This is especially true when considering different types of alternative networks, such as the wireless community networks (WCNs). In this work, we explore the applicability of ICN principles in the challenging and unpredictable environments of WCNs. We consider stateless contentdisseminationusingBloomﬁlters(BFs) and analyze two BF based approaches: the traditional single-stage BF and its generalization, the multi-stageBF. We fokus on the security aspects of BF based approaches and in particular on distributed denial of service (DDoS) attacks. Finally, we investigate the attaca probabilisty for various system and net work parameters, such as the number of hash functions, the BFmaximum ﬁll factor, and the number of hops toward the victim node.