Your search keyword '"DENIAL of service attacks"' showing total 11,162 results

1. Security measures and intrusion detection systems for preventing and mitigating SSL renegotiation denial of service attacks.

Author

Nurain, Amalia, Mantoro, Teddy, Gultom, Rudy A. G., and Indrajit, Richardus E.

Subjects

*DENIAL of service attacks, *INTRUSION detection systems (Computer security), *SECURITY systems, *RENEGOTIATION, *COMPUTER network security

Abstract

Inundating a system, network, or application with traffic is the goal of Denial of Service (DoS) attacks, a disruptive form of attack. SSL DoS attacks, particularly those involving renegotiation, are of particular concern. In order to address these types of attacks, the study proposes several security measures, including rate restriction, session caching, SSL acceleration, and integrating Intrusion Detection Systems (IDS) with a systematic technique method to reduce the risks associated with SSL renegotiation DoS attacks. This study investigates the security measures for preventing and mitigating SSL DoS attacks, with a focus on renegotiation attacks. It offers advice and insights for protecting systems to SSL server administrators and network security professionals by doing rate restriction, session caching, and SSL acceleration to avoid SSL DoS attacks. [ABSTRACT FROM AUTHOR]

Published

2024

2. An exploration of dos attack and its mitigation techniques in software-defined networking.

Author

Gunavathie, M. A., Kousalya, S., Rekha, J. Celina, Mahalakshmi, D., and Rasikaranjani, S.

Subjects

*DENIAL of service attacks, *COMPUTER network traffic, *MACHINE learning, *SOFTWARE-defined networking, *COMPUTER network security

Abstract

The fast-revolving world has made a great demand for the increased work speed from the place within their domain without any delay in time, with less work burden and highest security. Due to the introduction and use of current technology the networking traffic has increased tremendously. Even though the SDN architecture proves to be an efficient method to control and manage network traffic the attacks on the network stream seem to be higher, especially when it comes to the DDoS attack it is an imposter to detect the attack as it attacks the server severely. A method is proposed to detect this DDoS attack in the SDN architecture and also to mitigate the attack by blocking the port that streams the attack using the Ryu controller with the implementation of the ML algorithms which provided a promising way to succeed in the mitigation of the attacks in SDN thus by providing higher security for the network structure. [ABSTRACT FROM AUTHOR]

Published

2024

3. Design of intrusion detection system for wireless adhoc network in the detection of DOS attack using one class SVM with random forest feature selection comparison with information gain algorithm.

Author

Kumar, M. Dinesh and Nagalakshmi, T. J.

Subjects

*FEATURE selection, *RANDOM forest algorithms, *INTRUSION detection systems (Computer security), *DENIAL of service attacks, *AD hoc computer networks, *SUPPORT vector machines, *ALGORITHMS

Abstract

An IDS built using the Information Gain Algorithm and an unique One Class Support Vector Machine with Random Forest Feature Selection (Group 1) for detecting denial-of-service attacks in wireless ad hoc networks are compared for accuracy and detection rate (Group 2). Substances and Methods: An IDS model was created using CIC-IDS 2017. The IDSs were modelled using the above methods and analysed using SPSS with 19 samples per group. The innovative One Class SVM with Random Forest Feature Selection IDS had a detection rate of 90% and an accuracy of 99.0%, whereas the Information Gain Algorithm IDS had 82.0 percent and 80.0 percent. The significance threshold was 0.05. (Accuracy - 0.00; Detection rate - 0.00). Finally, this data shows that the innovative One Class SVM with Random Forest Feature Selection IDS beats the Information Gain Algorithm IDS by a large margin. [ABSTRACT FROM AUTHOR]

Published

2024

4. Security threat analysis and countermeasure using ML in cloud.

Author

Kushwaha, Akhilesh, Patel, Warish, Koyuncu, Hakan, Parikh, Swapnil, and Chauhan, Ankit

Subjects

*ARTIFICIAL neural networks, *CONVOLUTIONAL neural networks, *DEEP learning, *RECURRENT neural networks, *DENIAL of service attacks, *SQL

Abstract

The rise of cyber-attacks such as Distributed Denial of Service (DDoS) and SQL injection has become a significant concern for organizations and individuals who rely on the internet. Traditional detection methods have become increasingly ineffective in addressing these challenges, necessitating the development of new and innovative solutions. This paper proposes using Convolutional Neural Networks (CNNs) to detect DDoS and SQL injection attacks. Our paper proposes a Convolutional Neural Network model with a multi-layer neural and relu activation function optimizer that reaches a higher degree of precision than previous Deep Learning models. In this study, we tested the relatively new dataset CIC-IDS-2018, which contains different types of attacks. With this dataset, our model achieves an unprecedented accuracy of>96%, minimizing computational time. [ABSTRACT FROM AUTHOR]

Published

2024

5. Investigating DDOS attacks on metro network.

Author

Jatmika, Muchamad Oktarin, Pratomo, Adji, Gunawan, Wawan, Aljaber, Fahad, and Budiarto, Rahmat

Subjects

*DENIAL of service attacks, *CYBERTERRORISM, *K-nearest neighbor classification, *TRAFFIC monitoring, *CONSUMPTION (Economics), *FEATURE selection

Abstract

A broad increase in data consumption in society and industry trigger network operators looking to upgrade their metro networks with higher bandwidth requirements. Service providers and operators are challenged to find a simple, the most efficient and cost-effective way of meeting the demand with new speeds and standards on the horizon. Distributed Denial of Service (DDoS) attack is a cyber-attack that uses a technique to flood the server, the system, or network of the targeted attack with unwanted traffic. The occurrence of DDoS attack on the metro networks can make the operating system unable to operate properly and even crash. DDoS can be prevented by monitoring traffic regularly, increasing server resource capacity and implementing multiple protection strategies. This paper investigates DDoS attacks by utilizing Information Gain feature Selection method based on metro network expert's opinion. The main aim is to improve the detection accuracy as such may help the metro network optimally provides the necessary bandwidth. Then, Naïve Bayes and K-Nearest Neighbor (KNN) classifiers are considered for evaluating the selected features as basis for the attack detection. Experimental results using CICIDS-2018 dataset show that KNN outperforms Naïve Bayes classifier with the accuracy level of 99%. [ABSTRACT FROM AUTHOR]

Published

2024

6. LDAP DDoS attack detection using SVM with different kernel functions.

Author

Dasari, Kishorebabu, Mekala, Srinivas, Mekhale, Sanyukta, and Bijja, Swetha

Subjects

*DENIAL of service attacks, *SUPPORT vector machines, *RANK correlation (Statistics), *CYBERTERRORISM, *KERNEL functions, *DIGITAL technology

Abstract

Distributed Denial of Service (DDoS) is one of the key cyber-attack nowadays. DDoS attacks disrupt the target systems to unavailable to the legitimate users. Lightweight Directory Access Protocol (LDAP) is a reflection DDoS attack, it makes target server inaccessible to the legitimate users by sending large number of LDAP requests to the target server. Inaccessibility of digital service creates many negative consequences nowadays because everything is digitalized these days. Attack detection is very essential to reduce losses in all aspects. This study proposed detection of LDAP DDoS using Support Vector Machine (SVM) classifier linear, sigmoid, RBF and poly kernels using network flow features. The LDAP_DrDoS dataset was used in this study to conduct experiments on it, which was collected from the CIC-DDoS2019 evolution datasets. This study evaluates the proposed model with four different uncorrelated features subsets. Among these four subsets, three are collected by Pearson, Kendall and Spearman correlation methods and fourth one which is called PSK formed with common features of three uncorrelated features subsets. Classification results are evaluated with accuracy, log-loss value, ROC-AUC score and K-fold cross validation evaluation metrics. Among kernel functions, poly and RBF kernel functions give better results for LDAP DDoS attack detection. Among feature subsets, Pearson produce the better classification results. Overall, The SVM poly kernel is most effective in detecting LDAP DDoS attacks with Pearson features subsets. [ABSTRACT FROM AUTHOR]

Published

2024

7. Deep learning algorithms for IoT security(survey).

Author

Ali, Hiba Hameed, Naif, Jolan Rokan, and Humood, Waleed Rasheed

Subjects

*MACHINE learning, *DEEP learning, *DENIAL of service attacks, *INTERNET of things

Abstract

The Internet of Things and applications of Internet of thing (IoT) are becoming popular among various users nowadays, because it makes their life more easy. Because of its spread, attacks that target these various devices have increased dramatically, that may cause the unavailable of entire system. Some types of these attacks are man in the middle attack, sybil attack, denial of service attack, and replay attack. So, whenever the attacks have increased, solutions of the detection of malware in the internet of thing have also increased. one of the current solutions is a deep learning algorithms, In many research fields, deep learning techniques have demonstrated their capacity to detect anomalies accurately. [ABSTRACT FROM AUTHOR]

Published

2024

8. Towards Hybrid NIDS: Combining Rule-Based SIEM with AI-Based Intrusion Detectors

Author

Uccello, Federica, Pawlicki, Marek, D’Antonio, Salvatore, Kozik, Rafał, Choraś, Michał, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Daimi, Kevin, editor, and Al Sadoon, Abeer, editor

Published

2024

9. Dual‐mode resilient model predictive control for cyber‐physical systems against DoS attacks.

Author

Yang, Huan, Dai, Li, Xie, Huahui, Cai, Pushen, and Xia, Yuanqing

Subjects

*DENIAL of service attacks, *PREDICTIVE control systems, *PREDICTION models, *CYBER physical systems, *INVARIANT sets, *RADAR interference

Abstract

In this article, a resilient model predictive control algorithm incorporating a dual‐mode control strategy is proposed for a class of cyber‐physical systems subject to state and input constraints, additive disturbances and denial‐of‐service (DoS) attacks. An adversary aims to disrupt the controller‐to‐actuator channel by deploying adversarial jamming signals. By exploring the prediction uncertainty between a nominal model and an actual model and utilizing a constraint tightening technique, a novel set of constraints is developed, which guarantees robust constraint satisfaction in open‐loop mode caused by DoS attacks. A robust positive invariant set is designed, which allows the control mode to switch from rolling optimization to a state‐feedback control law when the state enters its interior, thus saving computational resources. We explicitly determine a critical duration for DoS attacks and, through theoretical analysis, establish that when the duration of DoS attacks falls below this critical value, the proposed algorithm ensures guaranteed recursive feasibility and robust asymptotic stability. Finally, some comparisons are provided to illustrate the effectiveness of the proposed approach. [ABSTRACT FROM AUTHOR]

Published

2024

10. Resilient event‐triggered fault‐tolerant optimization for Euler–Lagrange plants with intermittent communication and asynchronous DoS attacks.

Author

Yuan, Xin‐Rui, Yao, Xiang‐Yu, Park, Ju H., and Ge, Ming‐Feng

Subjects

*DENIAL of service attacks, *COST control, *EULER-Lagrange system, *COMPUTER simulation, *ALGORITHMS

Abstract

This paper investigates the distributed optimization problem of networked Euler–Lagrange (EL) systems with actuator faults and unknown model parameters. In order to solve this issue, some event‐triggered fault‐tolerant (ETFT) optimal coordination algorithms with the mechanism of intermittent communication and intermittent controller update are designed for the first time to compensate for the impact of physical faults on the system, and reduce communication costs and control resource consumption. For practical applications, it is difficult for the system to have a secure environment if there exist malicious attacks blocking network channels among agents. Therefore, the resilient ETFT optimal coordination with intermittent communication subject to asynchronous denial‐of‐service (DoS) attacks is considered. Especially, auxiliary systems with adaptive gains are introduced in the algorithms due to the unavailability of the EL model parameters, which also enable virtual data exchange between agents and protect actual state information. Note that the algorithms are fully distributed as the global topology information is not required. Finally, the feasibility of the proposed algorithms is verified through numerical simulation of examples. [ABSTRACT FROM AUTHOR]

Published

2024

11. Secure memory adaptive event‐triggered filter design of nonlinear network system under hybrid network attacks with application to tunnel diode circuit.

Author

Dai, Xinqiang, Lu, Hongqian, and Zhou, Wuneng

Subjects

*TUNNEL diodes, *ADAPTIVE filters, *NONLINEAR systems, *LINEAR matrix inequalities, *DENIAL of service attacks, *DATA transmission systems, *ADAPTIVE control systems

Abstract

This article investigates the problem of secure memory adaptive event‐triggered filter design for nonlinear network systems under hybrid network attacks. First, the introduction of memory adaptive event‐triggered mechanism and numerical quantization is employed to enhance system performance, optimize network channel utilization, and prevent network congestion. Second, we consider the impact of deceptive attacks and DoS attacks occurring in the network channel on data transmission, which form the hybrid network attacks studied in this article. Subsequently, based on the established error model, we derive sufficient conditions for the mean‐square exponential stability of the system under a given H∞$$ H\infty $$ performance index using Lyapunov–Krasovskii function and linear matrix inequality (LMI) techniques. Furthermore, the filter parameters are determined using the LMI method. Finally, we illustrate the feasibility and generality of the conclusions through numerical simulation examples and a tunnel diode circuit system. [ABSTRACT FROM AUTHOR]

Published

2024

12. An Adversarial Machine Learning-Based Fast Detection Method for Denial of Service-Oriented Cyber Attacks in Internet of Vehicles.

Author

Wang, Mingxu and Xu, Mingchen

Subjects

*CYBERTERRORISM, *DENIAL of service attacks, *FEATURE extraction, *INTERNET, *COMPUTER network security

Abstract

Denial of Service (DoS)-Oriented cyber attack has been a major threat for physical security in many kinds of network media, including the Internet of Vehicles (IoV). This paper focuses on the scenario of IoV, and proposes a machine learning-based fast detection method for adversarial neural network-based fast detection method for DoS-oriented cyber attacks. First, by analyzing the implementation principles and attack characteristics of three attack types, three aspects of statistical features are extracted: maximum matching packet growth rate, source address entropy value, and flow table similarity. Then, they are used as the input features to establish an adversarial machine learning-based DoS cyber attack detection method. On this basis, the field features of six stream rules are extracted, and two DoS cyber attack detection methods via machine learning are formulated. The proposals are able to detect the low-rate DoS-based cyber attacks against the data layer. The experimental results show that the proposed DoS attack detection method based on machine learning can effectively detect three DoS attacks under IoV, and these two algorithms have higher detection rates when compared with other algorithms. [ABSTRACT FROM AUTHOR]

Published

2024

13. DDoS attack detection in SDN: Enhancing entropy‐based detection with machine learning.

Author

Santos‐Neto, Marcos J., Bordim, Jacir L., Alchieri, Eduardo A. P., and Ishikawa, Edison

Subjects

DENIAL of service attacks, SOFTWARE-defined networking, SUPPORT vector machines, RANDOM forest algorithms, ENTROPY

Abstract

Summary: Software defined network (SDN) has emerged as a new paradigm in terms of network architecture, providing flexibility, agility, and programmability to network management. These benefits boosted the SDN adoption, bringing new challenges mainly related to security, in particular, those related to Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. The detection, prevention, and mitigation of these attacks are important since they can affect the entire network. Many current security measures use statistical techniques, as entropy, or machine learning (ML) algorithms to detect DoS and DDoS attacks. While the definition of a threshold to determine whether a traffic is an attack is not trivial in statistical techniques, ML solutions may provide better accuracy but require considerable computational resources and time to converge to a model able to detect these attacks. Trying to circumvent these limitations, current hybrid approaches either use the results from entropy as input in ML algorithms (Entropy→$$ \to $$ML) or use entropy as a filter and ML algorithms to identify attacks. This work goes one step ahead and combines these techniques in a three‐step approach (Entropy→$$ \to $$ML→$$ \to $$Entropy), called ML‐Entropy, which inherits the intelligence of ML algorithms to adjust the threshold used by entropy. The proposed solution was implemented and evaluated in two datasets, the well‐known synthetic DARPA dataset and a dataset composed by traffic collected from a real‐corporate environment. Experimental results show that, in general, ML‐Entropy presents an accuracy above 99%, similar to support vector machine (SVC) and random forest (RF) algorithms, being able to converge to a detection model up to 192,771×$$ 192,771\times $$ and 137,924×$$ 137,924\times $$ faster than RF and SVC, respectively. [ABSTRACT FROM AUTHOR]

Published

2024

14. A Novel Architecture for an Intrusion Detection System Utilizing Cross-Check Filters for In-Vehicle Networks.

Author

Im, Hyungchul, Lee, Donghyeon, and Lee, Seongsoo

Subjects

*MACHINE learning, *DENIAL of service attacks, *INTRUSION detection systems (Computer security), *CYBERTERRORISM

Abstract

The Controller Area Network (CAN), widely used for vehicular communication, is vulnerable to multiple types of cyber-threats. Attackers can inject malicious messages into the CAN bus through various channels, including wireless methods, entertainment systems, and on-board diagnostic ports. Therefore, it is crucial to develop a reliable intrusion detection system (IDS) capable of effectively distinguishing between legitimate and malicious CAN messages. In this paper, we propose a novel IDS architecture aimed at enhancing the cybersecurity of CAN bus systems in vehicles. Various machine learning (ML) models have been widely used to address similar problems; however, although existing ML-based IDS are computationally efficient, they suffer from suboptimal detection performance. To mitigate this shortcoming, our architecture incorporates specially designed rule-based filters that cross-check outputs from the traditional ML-based IDS. These filters scrutinize message ID and payload data to precisely capture the unique characteristics of three distinct types of cyberattacks: DoS attacks, spoofing attacks, and fuzzy attacks. Experimental evidence demonstrates that the proposed architecture leads to a significant improvement in detection performance across all utilized ML models. Specifically, all ML-based IDS achieved an accuracy exceeding 99% for every type of attack. This achievement highlights the robustness and effectiveness of our proposed solution in detecting potential threats. [ABSTRACT FROM AUTHOR]

Published

2024

15. Resilient Event-Based Fuzzy Fault Detection for DC Microgrids in Finite-Frequency Domain against DoS Attacks.

Author

Ma, Bowen, Lu, Qing, and Gu, Zhou

Subjects

*DENIAL of service attacks, *MICROGRIDS, *MATRIX inequalities, *EXPONENTIAL stability, *DATA transmission systems, *LINEAR matrix inequalities

Abstract

This paper addresses the problem of fault detection in DC microgrids in the presence of denial-of-service (DoS) attacks. To deal with the nonlinear term in DC microgrids, a Takagi-Sugeno (T-S) model is employed. In contrast to the conventional approach of utilizing current sampling data in the traditional event-triggered mechanism (ETM), a novel integrated ETM employs historical information from measured data. This innovative strategy mitigates the generation of additional triggering packets resulting from random perturbations, thus reducing redundant transmission data. Under the assumption of faults occurring within a finite-frequency domain, a resilient event-based H − / H ∞ fault detection filter (FDF) is designed to withstand DoS attacks. The exponential stability conditions are derived in the form of linear matrix inequalities to ensure the performance of fault detected systems. Finally, the simulation results are presented, demonstrating that the designed FDF effectively detects finite-frequency faults in time even under DoS attacks. Furthermore, the FDF exhibits superior fault detection sensitivity compared to the conventional H ∞ method, thus confirming the efficacy of the proposed approach. Additionally, it is observed that a trade-off exists between fault detection performance and the data releasing rate (DRR). [ABSTRACT FROM AUTHOR]

Published

2024

16. DDoS attack detection in cloud using ensemble model tuned with optimal hyperparameter.

Author

Reddy, K. Balachandra and Meera, S.

Subjects

*DENIAL of service attacks, *FEATURE extraction, *INTRUSION detection systems (Computer security), *OPTIMIZATION algorithms

Abstract

Summary: DDoS attacks are a type of cloud incursion that lessen service degradation. DDoS attacks target the cloud network with invalid requests, rejecting legitimate requests. Such attacks disrupt the entire cloud architecture, thus it needs efficient detection methods to spot their presence. This study proposes a novel ensemble classification model for DDoS incursion detection. Pre‐processing, feature extraction, and attack detection are the three main components of the suggested intrusion detection system. Improved data imbalance processing is processed during pre‐processing. Features including HOS‐based features enhanced entropy‐based features, correlation features, and raw features are extracted from the pre‐processed data. The generated features are trained using an ensemble model, which integrates classifiers like SVM, RF, NN, LSTM, and DRN, during the attack detection phase. A new hybrid approach known as TUDMA optimally trains the model by setting the ideal weight because DRN provides the final detected outcome. By reducing errors, this ideal training will guarantee an improvement in detection results. The suggested hybrid optimization combines the two techniques, TDO and DMO. The accuracy of the methods FS‐WOA‐DNN, RBF‐PSO, SMA, BRO, SLO, and NMRA was 86.73%, 85.69%, 84.58%, 87.43%, 88.91%, and 89.78%, respectively, while the accuracy of the TUDMA was 95.34% in the 80th learning percentage. Finally, for many measurements, the suggested efficiency is superior to the traditional methods. [ABSTRACT FROM AUTHOR]

Published

2024

17. Security bipartite synchronization of MASs resilient to DoS attacks.

Author

Chang, Zhenyu, Liang, Hongjing, and Cao, Liang

Subjects

*DENIAL of service attacks, *SYNCHRONIZATION, *MULTIAGENT systems, *NONLINEAR systems

Abstract

This paper considers the security bipartite synchronization problem of nonlinear multi-agent systems (MASs) under the impact of denial-of-service (DoS) attacks. Notice that malicious attackers may block the neighbor information transmission among agents, which will reduce the efficiency of the distributed control strategy and even paralyze the entire system. In order to eliminate the impact of DoS attacks on the stability of MASs, this paper represents the first attempt to solve the security bipartite synchronization problem with the help of a distributed leader state observer. An observer that can obtain the leader state estimation is established, and the control strategy constructed based on the observer can eliminate the impact of DoS attacks. Theoretical analysis shows that the control strategy proposed in this paper can realize the security bipartite synchronization of the system under the impact of DoS attacks. The validity of the proposed results is verified by several presented simulation results. [ABSTRACT FROM AUTHOR]

Published

2024

18. Iot traffic-based DDoS attacks detection mechanisms: A comprehensive review.

Author

Shukla, Praveen, Krishna, C. Rama, and Patil, Nilesh Vishwasrao

Subjects

*DENIAL of service attacks, *INTERNET of things, *SMART cities, *SMART devices, *AUTOMATIC systems in automobiles, *URBAN agriculture

Abstract

The Internet of Things (IoT) has emerged as an inevitable part of human life, that includes online learning, smart homes, smart cars, smart grids, smart cities, agriculture, and e-healthcare. It allows us to operate them 24/7 from anywhere. These smart IoT devices streamline our daily lives by automating everything around us. Several security issues have arisen with the continuous growth of non-secure IoT devices. Distributed Denial of Service (DDoS) attack is one of the most prominent security threats to Internet-based services and IoT platforms. It has the potential to break down the victim's server or network by transferring an immense amount of irrelevant traffic from the pool of compromised IoT devices. In this article, we present: (i) A comprehensive cyberattacks taxonomy for IoT platforms, (ii) Systematically demonstrate IoT technology: evolution, applications, and challenges, (iv) Systematic review of existing machine learning (ML) and deep learning (DL)-based detection approaches for large-scale IoT traffic-based DDoS attacks, (v) Characterize publicly available IoT-traffic-specific datasets, and (vi) Discuss various open research issues with possible solutions for detecting IoT traffic-based DDoS attacks, including future directions. [ABSTRACT FROM AUTHOR]

Published

2024

19. Mitigating data imbalance to improve the generalizability in IoT DDoS detection tasks.

Author

Qing, Yi, Liu, Xiangyu, and Du, Yanhui

Subjects

*BOTNETS, *DENIAL of service attacks, *INTERNET of things, *COMPUTERS

Abstract

DDoS attacks launched by IoT botnets can be classified into low-rate and high-rate DDoS attacks, which depict two distinct scenarios of data imbalance, namely, the minimal and maximal proportion of attack traffic. Developing a detection model that can effectively address two data imbalance scenarios concurrently is crucial in safeguarding computers against DDoS attacks. This necessitates the development of a model with enhanced generalizability. However, in the examination of cross-evaluation across datasets which is closely associated with the generalizability of models, there is a limited focus on addressing the issue of data imbalance. This oversight has led to a significant decrease in model performance when compared to training and testing on a single dataset. To identify guiding principles within this context, the literature suggests employing an undersampling technique on benign instances during the preprocessing phase to eliminate redundant data. Additionally, the literature conducts simulations of various cross-evaluation scenarios and evaluates the performance of classifiers. This evaluation is done after applying representative oversamplers, undersamplers, and the method proposed in this paper. After analyzing the experiment results, it is advisable to employ oversamplers for low-rate DDoS datasets and undersamplers for high-rate DDoS datasets. Moreover, optimizing SMOTE-based algorithms for specific models will yield optimal performance. [ABSTRACT FROM AUTHOR]

Published

2024

20. TPAAD: Two‐phase authentication system for denial of service attack detection and mitigation using machine learning in software‐defined network.

Author

Nisa, Najmun, Khan, Adnan Shahid, Ahmad, Zeeshan, and Abdullah, Johari

Subjects

DENIAL of service attacks, MACHINE learning, SOFTWARE-defined networking, COMPUTER network traffic, CENTRAL processing units, SUPPORT vector machines

Abstract

Software‐defined networking (SDN) has received considerable attention and adoption owing to its inherent advantages, such as enhanced scalability, increased adaptability, and the ability to exercise centralized control. However, the control plane of the system is vulnerable to denial‐of‐service (DoS) attacks, which are a primary focus for attackers. These attacks have the potential to result in substantial delays and packet loss. In this study, we present a novel system called Two‐Phase Authentication for Attack Detection that aims to enhance the security of SDN by mitigating DoS attacks. The methodology utilized in our study involves the implementation of packet filtration and machine learning classification techniques, which are subsequently followed by the targeted restriction of malevolent network traffic. Instead of completely deactivating the host, the emphasis lies on preventing harmful communication. Support vector machine and K‐nearest neighbours algorithms were utilized for efficient detection on the CICDoS 2017 dataset. The deployed model was utilized within an environment designed for the identification of threats in SDN. Based on the observations of the banned queue, our system allows a host to reconnect when it is no longer contributing to malicious traffic. The experiments were run on a VMware Ubuntu, and an SDN environment was created using Mininet and the RYU controller. The results of the tests demonstrated enhanced performance in various aspects, including the reduction of false positives, the minimization of central processing unit utilization and control channel bandwidth consumption, the improvement of packet delivery ratio, and the decrease in the number of flow requests submitted to the controller. These results confirm that our Two‐Phase Authentication for Attack Detection architecture identifies and mitigates SDN DoS attacks with low overhead. [ABSTRACT FROM AUTHOR]

Published

2024

21. Residual based temporal attention convolutional neural network for detection of distributed denial of service attacks in software defined network integrated vehicular adhoc network.

Author

Karthik, V., Lakshmi, R., Abraham, Salini, and Ramkumar, M.

Subjects

DENIAL of service attacks, CONVOLUTIONAL neural networks, SOFTWARE-defined networking, VEHICULAR ad hoc networks, SOFTWARE as a service

Abstract

Software defined network (SDN) integrated vehicular ad hoc network (VANET) is a magnificent technique for smart transportation as it raises the efficiency, safety, manageability, and comfort of traffic. SDN‐integrated VANET (SDN‐int‐VANET) has numerous benefits, but it is susceptible to threats like distributed denial of service (DDoS). Several methods were suggested for DDoS attack detection (AD), but the existing approaches to optimization have given a base for enhancing the parameters. An incorrect selection of parameters results in a poor performance and poor fit to the data. To overcome these issues, residual‐based temporal attention red fox‐convolutional neural network (RTARF‐CNN) for detecting DDoS attacks in SDN‐int‐VANET is introduced in this manuscript. The input data is taken from the SDN DDoS attack dataset. For restoring redundancy and missing value, developed random forest and local least squares (DRFLLS) are applied. Then the important features are selected from the pre‐processed data with the help of stacked contractive autoencoders (St‐CAE), which reduces the processing time of the introduced method. The selected features are classified by residual‐based temporal attention‐convolutional neural network (RTA‐CNN). The weight parameter of RTA‐CNN is optimized with the help of red fox optimization (RFO) for better classification. The introduced method is implemented in the PYTHON platform. The RTARF‐CNN attains 99.8% accuracy, 99.5% sensitivity, 99.80% precision, and 99.8% specificity. The effectiveness of the introduced technique is compared with the existing approaches. [ABSTRACT FROM AUTHOR]

Published

2024

22. Design of an incremental learning model for shard management in performance-aware blockchains: GA-TLEHO approach.

Author

Kumar, Shipra Ravi and Goyal, Mukta

Subjects

GENETIC algorithms, ENERGY consumption, RESEARCH personnel, DENIAL of service attacks, BLOCKCHAINS

Abstract

Performance-Aware Blockchains (PABs) are the highly optimized version of regular blockchains, capable of mining blocks with low delay and low energy. To incorporate performance awareness, researchers have proposed various lightweight consensus models that depend on single-chained blockchains, which limits their scalability performance after several blocks. To overcome this limitation, sharded blockchains were introduced, but very few of these sharded chains use lightweight consensus models. Hence, in this work, we propose a novel incremental learning model with light-weighted consensus for shard management in performance-aware blockchains. By using incremental learning, the model could continuously learn from the changing characteristics of the blockchain and make informed decisions about shard size adjustments to optimize performance. Further, to optimize shard size and ensure mining operates with lower delay and lower energy consumption, we use a hybrid combination of Genetic Algorithm and the Learner-based Elephant Herd Optimizer (GA-TLEHO) method. The reason for this hybrid combination of optimization methods is to enhance convergence by leveraging both exploration and exploitation. It is evident from the simulation analysis that the proposed method potentially mitigates Masquerading, Distributed Denial-of-Service (DDoS), and Finney attacks with higher efficiency and lower delay when compared with other state-of-the-art blockchain methods. [ABSTRACT FROM AUTHOR]

Published

2024

23. Machine learning for network defense: automated DDoS detection with telegram notification integration.

Author

Tedyyana, Agus, Ghazali, Osman, and Purbo, Onno W.

Subjects

MACHINE learning, DENIAL of service attacks, CYBERTERRORISM, TRAFFIC patterns, COMPUTER network security, INTRUSION detection systems (Computer security), CYBER intelligence (Computer security)

Abstract

As the prevalence and sophistication of distributed denial of service (DDoS) attacks escalate, the imperative for advanced defense mechanisms becomes paramount, especially in rapidly growing digital landscapes like Indonesia. This research presents the development of an innovative intrusion detection system (IDS) that harnesses machine learning (ML) algorithms to automate the detection of DDoS attacks in real time. By monitoring TCP streams, the system utilizes ML-enhanced IDS components to identify malicious traffic patterns indicative of DDoS activities. An automatic alert is dispatched to network administrators via Telegram upon detection, ensuring immediate awareness and facilitating swift countermeasures. Additionally, the system embodies a self-improving architecture by retraining its ML model with newly encountered attack data, thus continuously refining its detection capabilities. The system's efficacy, marked by its adaptive learning and proactive notification system, not only contributes to the fortification of network security but also underscores the potential for ML in cybersecurity within Indonesia's expanding digital domain. The deployment of this system is anticipated to significantly bolster cybersecurity infrastructure by addressing the urgent need for advanced and responsive defense strategies against the evolving landscape of cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

24. BLOCKFOG: A BLOCKCHAIN-BASED FRAMEWORK FOR INTRUSION DEFENSE IN IOT FOG COMPUTING.

Author

PRASUNA, V. G., BABU, B. RAVINDRA, and PYDALA, BHASHA

Subjects

INTRUSION detection systems (Computer security), CYBERTERRORISM, INTERNET of things, DENIAL of service attacks, BLOCKCHAINS, DATA protection

Abstract

In the rapidly evolving domain of the Internet of Things (IoT) and fog computing, maintaining security, scalability, and efficient operation poses significant challenges. Addressing these issues, this study introduces "BlockFog," a novel blockchainbased framework designed to bolster intrusion defense in IoT fog computing environments. The core objective of BlockFog is to counteract the vulnerabilities inherent in decentralized IoT ecosystems by leveraging blockchain technology for enhanced security and transparency. The framework's innovative design integrates crucial components such as Device Onboarding & Identity Management, Data Integrity & Logging, Smart Contract-Driven Intrusion Detection, Automated Blockchain Responses, Secure Peer-to-Peer Communication, and a Lightweight Consensus Mechanism. These elements work collectively to ensure the security and functionality of IoT devices within the fog computing paradigm. BlockFog stands out for its meticulous approach to handling high transaction volumes with off-chain computations and layer-2 solutions, ensuring data integrity and facilitating seamless audit processes. The framework's resilience is further demonstrated through its robust response to evolving cyber threats, incorporating Over-the-Air (OTA) updates and advanced data protection mechanisms like zero-knowledge proofs. A comparative analysis highlights BlockFog's superior performance against existing models. The results reveal BlockFog's lower latency rates in normal, high traffic, and attack scenarios, its higher throughput efficiency, and its more effective resource utilization in terms of CPU, memory, and bandwidth usage. Moreover, BlockFog exhibits an enhanced ability to detect and respond to malicious activities, including DDoS attacks, with significantly higher accuracy than its counterparts. These findings underscore BlockFog's potential in redefining security and operational paradigms in IoT fog computing, making it a robust, agile, and transparent framework suitable for the current digital landscape. [ABSTRACT FROM AUTHOR]

Published

2024

25. Attack-resilient fault detection for interconnected systems under DoS attack.

Author

Liu, Qidong, Long, Yue, Li, Tieshan, and Chen, C.L. Philip

Subjects

DENIAL of service attacks, NONLINEAR systems, CYBERTERRORISM

Abstract

In light of the expanding cyber-space applications, the imperative consideration of cyber-attack ramifications on system security is evident. This paper presents a resilient dynamic event-triggered fault detection scheme for a class of nonlinear interconnected systems subjected to denial of service (DoS) attacks. To counteract multifaceted threats, the co-design challenge involving switched-type fault detection filters and a resilient dynamic event-triggered transmission mechanism is addressed. In the design phase of the filters, the frequency information of the signal is considered comprehensively and linear solvable conditions ensuring desired augment system performance are delineated. Through a series of comparative simulation experiments, the findings support the conclusion that the proposed attack-tolerant fault detection mechanism not only conserves network resources but also demonstrates superior detection capabilities for specific frequency fault signals. • System vulnerability to multiple threats is considered. • Signal frequency information is utilized to enhance detection precision. • RDET strategy is co-designed with finite frequency fault detection filter. [ABSTRACT FROM AUTHOR]

Published

2024

26. Time‐based DDoS attack detection through hybrid LSTM‐CNN model architectures: An investigation of many‐to‐one and many‐to‐many approaches.

Author

Habib, Beenish and Khursheed, Farida

Subjects

ARTIFICIAL neural networks, DENIAL of service attacks, CONVOLUTIONAL neural networks, COMPUTER network traffic, ARTIFICIAL intelligence, DEEP learning

Abstract

Summary: Internet data thefts, intrusions and DDoS attacks are some of the big concerns for the network security today. Detection of these anomalies, is gaining tremendous impetus with the development of machine learning and artificial intelligence. Even now researchers are shifting the base from machine learning to the deep neural architectures with auto‐feature selection capabilities. We in this paper propose multiple deep neural network architectures which can select, co‐learn and teach the gradients of the neural network by itself with no human intervention. This is what we call as meta‐learning. The models are configured in both many to one and many to many design architectures. We combine long short‐term memory (LSTM), bi‐directional long short‐term memory (BiLSTM), convolutional neural network (CNN) layers along with attention mechanism to achieve the higher accuracy values among all the available deep learning model architectures. LSTMs overcomes the vanishing and exploding gradient problem of RNN and attention mechanism mimics the human cognitive attention that screens the network flow to obtain the key features for network traffic classification. In addition, we also add multiple convolutional layers to get the key features for network traffic classification. We get the time series analysis of the traffic done for the possibility of a DDoS attack without using any feature selection techniques and without balancing the dataset. The performance analysis is done based on confusion matrix scores, that is, accuracy, false alarm rate (FAR), sensitivity, specificity, false‐positive rate (FPR), F1 score, area under curve (AUC) analysis and loss functions on well‐known public benchmark KDD Cup'99 data set. The results of our experiments reveal that our models outperform existing techniques, showing their superiority in performance. [ABSTRACT FROM AUTHOR]

Published

2024

27. Secure defense control for memristive recurrent neural networks under denial-of-service attacks with quantized sampled-data signals.

Author

Dong, Di, Zhang, Ruimei, Cheng, Yunjia, Zhang, Lei, Xie, Xiangpeng, and Xiao, Jianying

Subjects

*RECURRENT neural networks, *DENIAL of service attacks, *STABILITY criterion

Abstract

This paper investigates the secure defense control problem for memristive recurrent neural networks (MRNNs) under denial-of-service (DoS) attacks. Based on quantizer and logical processor techniques, a new secure defense control strategy is designed to maintain the performance of MRNNs subject to DoS attacks. The secure defense control strategy can not only effectively capture information about the dwell time of each DoS attack, but also can effectively reduce the amount of data to be transmitted and save communication resources. By constructing a Lyapunov–Krasovskii functional that depends on sampled information at t k and t k + 1 , some new stability criteria are derived for MRNNs under DoS attacks. By solving a set of LMIs, the control gain of the quantized sampled-data controller can be obtained. Thus, the corresponding secure quantized sampled-data controller is designed for MRNNs under DoS attacks. When there is no quantizer, the secure defense control problem for MRNNs under DoS attacks is also studied. Two numerical examples are given to confirm the effectiveness of the main results. [ABSTRACT FROM AUTHOR]

Published

2024

28. Communication network robust routing optimization in an integrated energy cyber-physical system based on a random denial-of-service attack.

Author

Fan, Hong, Huang, Xu, Wang, Diwei, Zhou, Boyang, and Kumar, Nishant

Subjects

CYBER physical systems, DENIAL of service attacks, TELECOMMUNICATION systems, ROBUST optimization, COLUMN generation (Algorithms), ECONOMIC security

Abstract

The integration of power grids and communication networks in smart grids enhances system safety and reliability but also exposes vulnerabilities to network attacks, such as Denial-of-Service (DoS) attacks targeting communication networks. A multi-index evaluation approach is proposed to optimize routing modes in integrated energy cyber-physical systems (IECPS) considering potential failures from attacks. Security and economic service evaluation indexes are incorporated to quantify the significance of information flow routing. An optimization model for electric, heat, and gas routing in worst-case scenarios is formulated and solved using a column and constraint generation algorithm. The optimized routing method effectively circumvents specified attack areas, reducing the correlation degree of communication links within the attack area. Comparison with single-service optimization methods demonstrates the superiority of the proposed approach in mitigating the impact of network attacks on IECPS. The study highlights the importance of considering security and economic factors in optimizing routing modes to enhance the resilience of integrated energy cyber-physical systems against network attacks, particularly DoS attacks on communication networks. The evaluation index approach presented in this study provides a comprehensive method for assessing the importance of communication links in IECPS and optimizing routing modes to improve system robustness and reliability in the face of network attacks. [ABSTRACT FROM AUTHOR]

Published

2024

29. Improved nonlinear model‐free adaptive iterative learning control in DoS attack environment.

Author

Li, Yanni and Li, Xiuying

Subjects

*ITERATIVE learning control, *DENIAL of service attacks, *AUTOREGRESSIVE models, *LINEAR systems, *NONLINEAR systems

Abstract

This paper investigates the design of a model‐free adaptive iterative learning controller(MFAILC) based on sampled‐data under the presence of denial‐of‐service(DoS) attacks in nonlinear networked control systems. First, the MFAILC is presented only using I/O data, where a compensation mechanism for DoS attacks is proposed. With dynamic linearization techniques, the nonlinear system is transformed into a linear system in the iteration domain. Then an improved MFAILC is designed to actively compensate the lost data caused by DoS attacks, where the estimation of pseudo‐partial derivative (PPD) is improved by establishing the AR model. The proposed algorithm can weaken the adverse effects of the DoS attacks and ensure the excellent tracking performance of the system. Finally, the stability of the method is proved, and the effectiveness of the proposed algorithm is demonstrated by a numerical example. [ABSTRACT FROM AUTHOR]

Published

2024

30. Dynamic event‐based consensus of multi‐agent systems with secure mode resilient to DoS attack.

Author

Lin, Yuxin, Hao, Yuqing, Xu, Tao, and Wang, Qingyun

Subjects

*DENIAL of service attacks, *MULTIAGENT systems, *COMPUTER simulation

Abstract

In this article, the resilient leaderless consensus problem for a multi‐agent system (MAS) under denial‐of‐service(DoS) attack is investigated. The DoS attack is carried out with multiple strategies. The sufficient condition for MASs achieving consensus under multi‐mode DoS attack is developed. In order to actively alleviate the influence caused by the DoS attack, the MAS switches between normal and secure modes. Once a DoS attack occurs, the agents will switch into the secure mode with a lower open‐loop divergence rate. A dynamic event‐based consensus protocol is proposed, driving the MAS achieve consensus while saving communication resources effectively. Moreover, rigorous proof analysis demonstrates the Zeno‐free property of the developed dynamic event‐triggered mechanism. Finally, a numerical simulation is provided to illustrate the effectiveness of the proposed theoretical results. [ABSTRACT FROM AUTHOR]

Published

2024

31. Hidden Markov model‐based ℋ∞ control for singular Markov jump systems under denial of service attacks.

Author

Wang, Guanqi, Li, Feng, Xia, Jianwei, Shen, Hao, and Wang, Jing

Subjects

*DENIAL of service attacks, *MARKOVIAN jump linear systems, *HIDDEN Markov models, *MARKOV spectrum, *TUNNEL diodes, *DESIGN techniques

Abstract

This work investigates the ℋ∞$$ {\mathscr{H}}_{\infty } $$ control problem of discrete‐time singular Markov jump systems against denial of service attacks, in which the Markov state information is seen as restricted access. To solve this situation, a hidden Markov model is introduced. The main objective is to construct a controller with the help of hidden Markov model such that the stochastically admissible of the closed‐loop singular Markov jump systems with limited access mode information can be guaranteed under denial of service attacks. To produce the needed hidden Markov model‐based controller, a matrix contract transformation approach is developed. At the end, a numerical example and a tunnel diode circuit are presented to demonstrate the effectiveness and benefit of the design technique described in this research. [ABSTRACT FROM AUTHOR]

Published

2024

32. ℋ∞ secure consensus of hidden Markov jump multi‐agent systems subject to DoS attacks and disturbance.

Author

Ding, Pengcheng, Shen, Hao, Xia, Jianwei, and Li, Feng

Subjects

*MARKOVIAN jump linear systems, *MULTIAGENT systems, *DENIAL of service attacks, *BINOMIAL distribution, *STABILITY theory, *LYAPUNOV stability, *HIDDEN Markov models

Abstract

Summary: This study investigates the ℋ∞$$ {\mathscr{H}}_{\infty } $$ secure consensus issue for Markov jump multi‐agent systems with denial‐of‐service attacks and disturbance. Considering that the mode of the system cannot be directly obtained in the actual situation, a detector is constructed to obtain the mode of the system indirectly with the help of the hidden Markov model. The network communications between agents are undirected, and denial‐of‐service attacks are encountered randomly and represented by a random variate obeying Bernoulli distribution. The reduced‐order decomposed system is obtained by the method of model reduction. On this basis, the Lyapunov stability theory is applied to derive some sufficient conditions to guarantee that the system achieves consensus with a stipulated ℋ∞$$ {\mathscr{H}}_{\infty } $$ performance index. Finally, a numerical example is employed to verify the validity of the proposed protocol. [ABSTRACT FROM AUTHOR]

Published

2024

33. Secure group consensus of nonlinear multi‐agent systems with multiple attacks under periodic event‐triggered control.

Author

Duan, Zhiyu, Wei, Airong, and Zhang, Xianfu

Subjects

*MULTIAGENT systems, *NONLINEAR systems, *DENIAL of service attacks, *SWITCHING theory, *ADAPTIVE fuzzy control

Abstract

Summary: In this paper, the secure group consensus is investigated via periodic event‐triggered output feedback control for nonlinear multi‐agent systems subject to multiple attacks, where replay attacks and denial‐of‐service attacks are considered simultaneously. To avoid uninterrupted communication between agents, a novel fixed/switching continuous‐discrete compensator is first put forward by introducing a discrete‐time triggering mechanism in relative output signals. Then, with the help of the gain control technique, a compensator‐based periodic event‐triggered secure control protocol is established, which includes a triggering mechanism and an output feedback controller that both are discrete‐time. Particularly, Zeno behavior and continuous monitoring of the triggering function are naturally avoided compared with existing event‐triggered control protocols. Further, by combining the Lyapunov‐Krasovskii functional approach with switching topology theory, the secure group consensus is successfully achieved under the designed secure control protocol, meanwhile, the negative effect of multiple attacks on the system is compensated. Finally, two simulation examples are applied to verify the effectiveness of proposed control protocols. [ABSTRACT FROM AUTHOR]

Published

2024

34. Optimal denial‐of‐service attack scheduling for remote state estimation with time‐varying interference power.

Author

Yang, Xinxin, Ni, Yuqing, Wu, Zhe, Yang, Wen, and Liu, Fei

Subjects

*DENIAL of service attacks, *MARKOV processes, *CYBER physical systems, *WIRELESS channels, *INTELLIGENT sensors

Abstract

This article examines resource scheduling optimization for cyber‐physical systems that include a smart sensor, a remote estimator, and an attacker. The attacker's objective is to use denial‐of‐service (DoS) attack to jam the wireless channel, causing packet loss and reducing system performance. We consider a more realistic scenario where other interfering sources exist and conduct research based on the signal‐to‐interference‐plus‐noise ratio (SINR) model. Through this model, we investigate two cases: constant high or low interference power and time‐varying interference power. Different levels of attack power lead to varying packet loss rates, and the same attack power may result in different packet loss rates in different interference environments. Therefore, the attacker needs to consider the impact of other interferences to find the optimal attack strategy that increases the estimation error of the information‐physical system while reducing energy consumption. We describe this optimization problem in a Markov decision process (MDP) framework and demonstrate the existence of an optimal deterministic Markovian strategy. We also establish the monotonicity of the optimal strategy in two different cases and investigate the extreme case. Simulation results support our theoretical results. [ABSTRACT FROM AUTHOR]

Published

2024

35. A Multi-Layered Defence Strategy against DDoS Attacks in SDN/NFV-Based 5G Mobile Networks.

Author

Sheibani, Morteza, Konur, Savas, Awan, Irfan, and Qureshi, Amna

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, DENIAL of service attacks, 5G networks, SOFTWARE-defined networking, MARKOV processes

Abstract

Software-defined networking (SDN) and network functions virtualisation (NFV) are crucial technologies for integration in the fifth generation of cellular networks (5G). However, they also pose new security challenges, and a timely research subject is working on intrusion detection systems (IDSs) for 5G networks. Current IDSs suffer from several limitations, resulting in a waste of resources and some security threats. This work proposes a new three-layered solution that includes forwarding and data transport, management and control, and virtualisation layers, emphasising distributed controllers in the management and control layer. The proposed solution uses entropy detection to classify arriving packets as normal or suspicious and then forwards the suspicious packets to a centralised controller for further processing using a self-organising map (SOM). A dynamic OpenFlow switch relocation method is introduced based on deep reinforcement learning to address the unbalanced burden among controllers and the static allocation of OpenFlow switches. The proposed system is analysed using the Markov decision process, and a Double Deep Q-Network (DDQN) is used to train the system. The experimental results demonstrate the effectiveness of the proposed approach in mitigating DDoS attacks, efficiently balancing controller workloads, and reducing the duration of the balancing process in 5G networks. [ABSTRACT FROM AUTHOR]

Published

2024

36. A secure and highly efficient blockchain PBFT consensus algorithm for microgrid power trading.

Author

Yao, Zhongyuan, Fang, Yonghao, Pan, Heng, Wang, Xiangyang, and Si, Xueming

Subjects

*MICROGRIDS, *BLOCKCHAINS, *DENIAL of service attacks, *CONSENSUS (Social sciences), *ALGORITHMS, *DISTRIBUTED algorithms

Abstract

There are a series of challenges in microgrid transactions, and blockchain technology holds the promise of addressing these challenges. However, with the increasing number of users in microgrid transactions, existing blockchain systems may struggle to meet the growing demands for transactions. Therefore, this paper proposes an efficient and secure blockchain consensus algorithm designed to meet the demands of large-scale microgrid electricity transactions. The algorithm begins by utilizing a Spectral clustering algorithm to partition the blockchain network into different lower-level consensus set based on the transaction characteristics of nodes. Subsequently, a dual-layer consensus process is employed to enhance the efficiency of consensus. Additionally, we have designed a secure consensus set leader election strategy to promptly identify leaders with excellent performance. Finally, we have introduced an authentication method that combines zero-knowledge proofs and key sharing to further mitigate the risk of malicious nodes participating in the consensus. Theoretical analysis indicates that our proposed consensus algorithm, incorporating multiple layers of security measures, effectively withstands blockchain attacks such as denial of service. Simulation experiment results demonstrate that our algorithm outperforms similar blockchain algorithms significantly in terms of communication overhead, consensus latency, and throughput. [ABSTRACT FROM AUTHOR]

Published

2024

37. Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization.

Author

Shafi, MohammadMoein, Lashkari, Arash Habibi, Rodriguez, Vicente, and Nevo, Ron

Subjects

*DENIAL of service attacks, *COMPUTER network traffic, *COMMUNICATION infrastructure

Abstract

The distributed denial of service attack poses a significant threat to network security. Despite the availability of various methods for detecting DDoS attacks, the challenge remains in creating real-time detectors with minimal computational overhead. Additionally, the effectiveness of new detection methods depends heavily on well-constructed datasets. This paper addresses the critical DDoS dataset creation and evaluation domain, focusing on the cloud network. After conducting an in-depth analysis of 16 publicly available datasets, this research identifies 15 shortcomings across various dimensions, emphasizing the need for a new approach to dataset creation. Building upon this understanding, this paper introduces a new public DDoS dataset named BCCC-cPacket-Cloud-DDoS-2024. This dataset is meticulously crafted, addressing challenges identified in previous datasets through a cloud infrastructure featuring over eight benign user activities and 17 DDoS attack scenarios. Also, a Benign User Profiler (BUP) tool has been designed and developed to generate benign user network traffic based on a normal user behavior profile. We manually label the dataset and extract over 300 features from the network and transport layers of the traffic flows using NTLFlowLyzer. The experimental phase involves identifying an optimal feature set using three distinct algorithms: ANOVA, information gain, and extra tree. Finally, this paper proposes a multi-layered DDoS detection model and evaluates its performance using the generated dataset to cover the main issues of the traditional approaches. [ABSTRACT FROM AUTHOR]

Published

2024

38. A Blockchain-Assisted Security Protocol for Group Handover of MTC Devices in 5G Wireless Networks.

Author

Ma, Ronghao, Zhou, Jianhong, and Ma, Maode

Subjects

*DENIAL of service attacks, *BLOCKCHAINS, *5G networks, *ELLIPTIC curves, *INTERNET of things

Abstract

In the realm of the fifth-generation (5G) wireless cellular networks, renowned for their dense connectivity, there lies a substantial facilitation of a myriad of Internet of Things (IoT) applications, which can be supported by the massive machine-type communication (MTC) technique, a fundamental communication framework. In some scenarios, a large number of machine-type communication devices (MTCD) may simultaneously enter the communication coverage of a target base station. However, the current handover mechanism specified by the 3rd Generation Partnership Project (3GPP) Release 16 incurs high signaling overhead within the access and core networks, which may have negative impacts on network efficiency. Additionally, other existing solutions are vulnerable to malicious attacks such as Denial of Service (DoS), Distributed Denial of Service (DDoS) attacks, and the failure of Key Forward Secrecy (KFS). To address this challenge, this paper proposes an efficient and secure handover authentication protocol for a group of MTCDs supported by blockchain technology. This protocol leverages the decentralized nature of blockchain technology and combines it with certificateless aggregate signatures to mutually authenticate the identity of a base station and a group of MTCDs. This approach can reduce signaling overhead and avoid key escrow while significantly lowering the risk associated with single points of failure. Additionally, the protocol protects device anonymity by encrypting device identities with temporary anonymous identity markers with the Elliptic Curve Diffie–Hellman (ECDH) to abandon serial numbers to prevent linkage attacks. The resilience of the proposed protocol against predominant malicious attacks has been rigorously validated through the application of the BAN logic and Scyther tool, underscoring its robust security attributes. Furthermore, compared to the existing solutions, the proposed protocol significantly reduces the authentication cost for a group of MTCDs during handover, while ensuring security, demonstrating commendable efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

39. Dynamic Event-Triggered Control for Delayed Nonlinear Markov Jump Systems under Randomly Occurring DoS Attack and Packet Loss.

Author

Zhang, Haiyang, Chen, Huizhen, Xiong, Lianglin, and Zhang, Yi

Subjects

*MARKOVIAN jump linear systems, *EXPONENTIAL stability, *DENIAL of service attacks, *RELIABILITY in engineering, *STABILITY criterion, *INTEGRAL inequalities

Abstract

This paper aims to address the exponential stability and stabilization problems for a class of delayed nonlinear Markov jump systems under randomly occurring Denial-of-Service (DoS) attacks and packet loss. Firstly, the stochastic characteristics of DoS attacks and packet loss are depicted by the attack success rate and packet loss rate. Secondly, a Period Observation Window (POW) method and a hybrid-input strategy are proposed to compensate for the impact of DoS attack and packet loss on the system. Thirdly, A Dynamic Event-triggered Mechanism (DETM) is introduced to save more network resources and ensure the security and reliability of the systems. Then, by constructing a general common Lyapunov functional and combining it with the DETM and other inequality analysis techniques, the less conservative stability and stabilization criteria for the underlying systems are derived. In the end, the effectiveness of our result is verified through two examples. [ABSTRACT FROM AUTHOR]

Published

2024

40. Intrusion detection in internet of things-based smart farming using hybrid deep learning framework.

Author

Kethineni, Keerthi and Pradeepini, G.

Subjects

*METAHEURISTIC algorithms, *AGRICULTURE, *INTRUSION detection systems (Computer security), *DENIAL of service attacks, *DEEP learning, *WILD horses, *SENSOR placement

Abstract

Smart agriculture is a popular domain due to its intensified growth in recent times. This domain aggregates the advantages of several computing technologies, where the IoT is the most popular and beneficial. In this work, a novel and effective deep learning-based framework is developed to detect intrusions in smart farming systems. The architecture is three-tier, with the first tier being the sensor layer, which involves the placement of sensors in agricultural areas. The second tier is the Fog Computing Layer (FCL), which consists of Fog nodes, and the proposed IDS is implemented in each Fog node. The gathered information is transferred to this fog layer for further data analysis. The third tier is the cloud computing layer, which provides data storage and end-to-end services. The proposed model includes a fused CNN model with the bidirectional gated recurrent unit (Bi-GRU) model to detect and classify intruders. An attention mechanism is included within the BiGRU model to find the key features responsible for identifying the DDoS attack. In addition, the accuracy of the classification model is improved by using a nature-inspired meta-heuristic optimization algorithm called the Wild Horse Optimization (WHO) algorithm. The last layer is the cloud layer, which collects data from fog nodes and offers storage services. The proposed system will be implemented in the Python platform, using ToN-IoT and APA-DDoS attack datasets for assessment. The proposed system outperforms the existing methods in accuracy (99.35%), detection rate (98.99%), precision (99.9%) and F-Score (99.08%) for the APA DDoS attack dataset and the achieved accuracy of the ToN-IoT dataset (99.71%), detection rate (99.02%), precision (99.89%) and F-score (99.05%). [ABSTRACT FROM AUTHOR]

Published

2024

41. EIoT-DDoS: embedded classification approach for IoT traffic-based DDoS attacks.

Author

Shukla, Praveen, Krishna, C. Rama, and Patil, Nilesh Vishwasrao

Subjects

*DENIAL of service attacks, *COMPUTER network traffic, *INTERNET of things, *MACHINE learning, *CLASSIFICATION, *ROBOT programming

Abstract

The Internet of Things (IoT) has shown incredible adaptability in recent years and has become an integral part of human life. The proliferation of IoT technology has made IoT devices more prone to severe security threats, such as Distributed Denial of Service (DDoS) attacks, which are dangerous threats to public systems and networks. Further, the frequency and complexity of IoT traffic-based DDoS attacks are increasing year-by-year. This article proposes an IoT traffic-based DDoS attack detection approach for classifying incoming IoT network traffic into 11 classes using multiclass machine learning techniques. The proposed approach comprises two phases: (i) designing and (ii) detection. In the designing phase, we employ the embedded feature reduction technique to create cost-effective and efficient classification models with a high feature reduction rate. Further, we evaluate these models using the K-fold cross-validation technique. While in the detection phase, we evaluate the performance of an efficient model by executing four different IoT traffic-based scenarios. A publicly available Bot-IoT dataset is employed to design and validate the proposed multiclass classification approach. The results show that the proposed approach provides an 84.4% feature reduction rate and approximately 5.19% higher classification accuracy than the existing approaches. [ABSTRACT FROM AUTHOR]

Published

2024

42. Secure transfer of robust healthcare data using blockchain-based privacy.

Author

Kumar, Maddila Suresh and Nagalakshmi, Vadlamani

Subjects

*RANSOMWARE, *PARTICLE swarm optimization, *MANAGEMENT information systems, *DENIAL of service attacks, *MAXIMUM likelihood statistics, *CLOUD storage, *EMAIL security, *TECHNOLOGY convergence

Abstract

The healthcare sector is continuously evolving, and it is anticipated that the next healthcare model would be information-focused. Cloud computing technology can help the sector handle heterogeneous sources of data and the effective convergence of data. Due to security and privacy considerations, it is challenging to transfer a medical record from multiple hospital databases. Consequently, the article proposed a blockchain-based patient information management system by using the Blockchain-based Privacy-Preserving and Robust Healthcare data (BPPRH). This transfers the medical data to the patient through the cloud more securely. The cloud is modelled with the hypervisor and VMs. During the data transmission or storage in the cloud, there are several attacks like ransomware, malicious insiders, Man-in-the-middle attack, malware injection attacks, and Denial-of-Service attacks (DoS) occur in the network. Modified Fuzzy Particle Swarm Optimization (MFPSO) is presented to detect these threats. After detecting the attacks, Edge-Cloud-based Collaborative Systems (ECCS) prevent the data from attackers with the use of Regularized Maximum Likelihood Estimation, Inverse Network, and Shadow Model Reconstruction models. The results showed that the system provides better security with high accuracy of 99.32% respectively. The proposed Blockchain-based architecture is designed to contribute to the healthcare management systems' robustness and to avoid recorded security limitations in commonly used systems for smart healthcare respectively. [ABSTRACT FROM AUTHOR]

Published

2024

43. A detection and rerouting mechanism for platoon control of non‐linear autonomous vehicles under denial of service attacks.

Author

Zhang, Xiaofei, Du, Haiping, Jia, Zhijuan, He, Yuchu, and Yang, Yanyan

Subjects

*DENIAL of service attacks, *AUTONOMOUS vehicles, *LINEAR matrix inequalities, *DATA packeting, *ADAPTIVE control systems, *UTOPIAS

Abstract

This paper presents a novel detection and rerouting mechanism for distributed adaptive platoon control of non‐linear autonomous connected vehicles under denial of service (DoS) attacks. DoS attacks can cause delays or losses of data packets due to blocked communication channels, leading to reducing platoon performance or even collisions among vehicles. To tackle this issue, the proposed mechanism detects and reroutes communication topology depending on the real‐time topology and the number of link failures. Real‐time detection divides the scenario of DoS attacks into three parts. According to the different scenarios, rerouting mechanisms will be utilized. A controller adapted to real‐time variable communication topology is also designed in this scheme. The adjacency matrix of the real‐time communication topology generated by the rerouting mechanism is used to update the controller so that the platoon can remain in a stable state without being affected by DoS attacks. In addition, the sliding mode controller and the observer are designed by solving linear matrix inequalities, and the platoon stability and internal stability are proven. Numerical simulation studies demonstrate that the proposed mechanism and control design can reduce the vehicle state estimate error and platoon‐tracking error to ideal states under DoS attacks. The proposed method solves the problem that the existing methods have not considered the number of link failures and the inability to restore communication when the communication topology is paralyzed. [ABSTRACT FROM AUTHOR]

Published

2024

44. Fuzzy-model-based ℋ∞ filtering for discrete-time singular Markov jump nonlinear systems against hybrid attacks.

Author

Wang, Guanqi, Li, Feng, Wang, Yan, Wang, Jing, and Shen, Hao

Subjects

MARKOVIAN jump linear systems, HYBRID systems, DISCRETE time filters, DENIAL of service attacks, LINEAR matrix inequalities, BINOMIAL distribution

Abstract

This paper investigates the $ \mathcal {H_{\infty }} $ H ∞ filtering problem for a class of discrete-time singular Markov jump nonlinear systems against hybrid attacks via a fuzzy-model-based method, in which the hybrid attacks contain deception attacks and denial of service attacks. Two random variables subject to the Bernoulli distribution are used to describe whether the hybrid attacks are encountered during the measurement output of the original system being transmitted to the filter. By using linear matrix inequality technology and Lyapunov stability theory, some sufficient conditions are given to guarantee the considered systems are stochastically admissible and meet $ \mathcal {H_{\infty }} $ H ∞ performance index γ. The design approach of the secure filter and a specific form to acquire the expected secure filter gains are obtained, respectively. Finally, to demonstrate the effectiveness of the proposed approach, both a numerical example and a practical example are provided. [ABSTRACT FROM AUTHOR]

Published

2024

45. Fine-tuning a pre-trained ResNet50 model to detect distributed denial of service attack.

Author

Sanmorino, Ahmad and Di Kesuma, Hendra

Subjects

DENIAL of service attacks, DEEP learning

Abstract

Distributed denial-of-service (DDoS) attacks pose a significant risk to the dependability and consistency of network services. The utilization of deep learning (DL) models has displayed encouraging outcomes in the identification of DDoS attacks. Nevertheless, crafting a precise DL model necessitates an extensive volume of labeled data and substantial computational capabilities. Within this piece, we introduce a technique to enhance a pre-trained DL model for the identification of DDoS attacks. Our strategy's efficacy is showcased on an openly accessible dataset, revealing that the fine-tuned model we propose surpasses both the initial pre-trained model and other cutting-edge approaches in performance. The suggested fine-tuned model attained 95.1% accuracy, surpassing the initial pre-trained model as well as other leading-edge techniques. Please note that the specific evaluation metrics and their values may vary depending on the implementation, hyperparameter settings, number of datasets, or dataset characteristics. The proposed approach has several advantages, including reducing the amount of labeled data required and accelerating the training process. Initiating with a pre-existing ResNet50 model can also enhance the eventual model's accuracy, given that the pre-trained model has already acquired the ability to extract significant features from unprocessed data. [ABSTRACT FROM AUTHOR]

Published

2024

46. From Seek-and-Destroy to Split-and-Destroy: Connection Partitioning as an Effective Tool against Low-Rate DoS Attacks.

Author

Kampourakis, Vyron, Makrakis, Georgios Michail, and Kolias, Constantinos

Subjects

DENIAL of service attacks, COMMUNICATION infrastructure, SERVER farms (Computer network management), CONTAINERIZATION

Abstract

Low-rate Denial of Service (LDoS) attacks are today considered one of the biggest threats against modern data centers and industrial infrastructures. Unlike traditional Distributed Denial of Service (DDoS) attacks that are mainly volumetric, LDoS attacks exhibit a very small network footprint, and therefore can easily elude standard detection and defense mechanisms. This work introduces a defense strategy that may prove particularly effective against attacks that are based on long-lived connections, an inherent trait of LDoS attacks. Our approach is based on iteratively partitioning the active connections of a victim server across a number of replica servers, and then re-evaluating the health status of each replica instance. At its core, this approach relies on live migration and containerization technologies. The main advantage of the proposed approach is that it can discover and isolate malicious connections with virtually no information about the type and characteristics of the performed attack. Additionally, while the defense takes place, there is little to no indication of the fact to the attacker. We assess various rudimentary schemes to quantify the scalability of our approach. The results from the simulations indicate that it is possible to save the vast majority of the benign connections (80%) in less than 5 min. [ABSTRACT FROM AUTHOR]

Published

2024

47. Analysing the Performance of a Trust-Based AODV in the Presence of a Flooding Attack.

Author

Alzahrani, Ali and Thomas, Nigel

Subjects

DENIAL of service attacks, AD hoc computer networks, FLOOD routing

Abstract

Mobile ad hoc networks (MANETs) are wireless multi-hop networks that do not rely on any fixed infrastructure, unlike traditional networks. Nodes in MANETs are formed dynamically and are free to move in any direction at variable speeds. The special characteristics of MANETs make them vulnerable to flooding attacks, which can have a negative impact on their performance. Moreover, due to their nature, employing solutions designed for traditional networks is not feasible. One potential solution to enhance the performance of MANETs in the face of network attacks is to implement trust management. This paper evaluates the performance of Ad hoc On-Demand Distance Vector (AODV) Routing in the presence of a flooding attack. We propose a direct trust management scheme to detect and isolate malicious nodes and implement this scheme on AODV. We name the modified protocol Trusted AODV (TAODV) and, finally, compare the performance of AODV and TAODV when both are under a flooding attack to measure the improvement achieved by our suggested scheme. [ABSTRACT FROM AUTHOR]

Published

2024

48. Event-Triggered Control for LPV Systems Under Hybrid Cyberattacks.

Author

Peixoto, Márcia L. C., Pessim, Paulo S. P., Coutinho, Pedro H. S., Bessa, Iury, and Palhares, Reinaldo M.

Subjects

HYBRID systems, DENIAL of service attacks, CYBERTERRORISM, LINEAR matrix inequalities, BINOMIAL distribution, EXPONENTIAL stability

Abstract

This paper presents a novel approach for resilient event-triggered control for linear parameter-varying (LPV) systems under denial-of-service (DoS) attacks and stochastic deception attacks. The proposed networked control system comprises a gain-scheduled controller and an event-triggering mechanism. Besides that, a scenario where DoS attacks restrict the data rate is investigated. This is done by considering a deterministic DoS attack model that limits the frequency and duration of the DoS attack sequence on average. On the other hand, in the absence of DoS attacks the network may be subject to the occurrence of stochastic deception attacks that follow a given Bernoulli distribution. Furthermore, a switching approach provides new co-design conditions based on linear matrix inequalities (LMIs) to guarantee the mean square exponential stability of the closed-loop system even in the presence of hybrid attacks. It is also proposed an LMI-based optimization strategy to enhance resilience against the considered class of DoS attacks while minimizing the number of transmissions. Finally, a numerical example is provided to illustrate the effectiveness of the proposed approach. [ABSTRACT FROM AUTHOR]

Published

2024

49. Consensus of a novel heuristic nonlinear multi-agent system in DOS attack network environment via saturation impulse control mechanism.

Author

Hu, Xiang, Xiong, Yu, Zhang, Zufan, and Li, Chuandong

Subjects

MULTIAGENT systems, DENIAL of service attacks, NONLINEAR systems, MEASURE theory, LYAPUNOV stability, STABILITY theory

Abstract

This paper mainly studies the consensus control strategy for a novel heuristic nonlinear multi-agent system. Compared with most existing related researches, firstly, the novel heuristic nonlinear multi-agent system has the ability to construct its communication network topology heuristically, and can withstand long-term DOS(Denial of Service) attacks, with the advantages of high practicality and security. Secondly, in order to control the multi-agent system, a control protocol based on both saturation effect and impulse control mechanism is studied, which has the advantages of high efficiency, low cost and wide applicability. Thirdly, for the multi-agent system, its dynamic model is constructed and analyzed by Lyapunov stability theory and matrix measure theory, and some sufficient conditions for achieving consensus are obtained. Finally, through two simulation experiments and some corresponding comparative analysis, the correctness, efficiency, and superiority of the theories proposed in this paper were verified. • A "heuristic communication network topology generation rule" is designed. It can scientifically solve the problem of the lack of specific design rules for communication connection among different individuals. • A "saturation impulse control protocol" is designed. It has advantages such as high efficiency and low cost. • This paper constructs a novel nonlinear dynamic model for the multi-agent system, which can withstand long-term DOS attacks. [ABSTRACT FROM AUTHOR]

Published

2024

50. Binary observation‐based FIR system identification under sequence denial of service attacks.

Author

Wei, Jingliang, Jia, Ruizhe, Song, Yong, Jing, Fengwei, and Guo, Jin

Subjects

*DENIAL of service attacks, *SYSTEM identification, *CYBERTERRORISM, *CYBER physical systems, *FIR

Abstract

Due to the close interaction between computing, sensing, communication, and driving of the cyber‐physical system (CPS), which makes it highly vulnerable to cyber attacks, the security of CPS has attracted wide attention. In the article, we discuss the system identification problem of the finite impulse response system under sequence denial of service attacks. The identification algorithm of the unknown parameter is designed under binary observations, and its convergence performance is analyzed. The optimal attack strategy problem is modeled as a optimized problem with constraints based on the covariance matrix of estimation error, the solution method and implementation algorithm are given. From the perspective of the defender, an encryption‐type defense algorithm is designed, and then the optimal defense strategy is presented. The numerical simulation is used to verify the validity of the proposed method. [ABSTRACT FROM AUTHOR]

Published

2024