Detecting Target-Area Link-Flooding DDoS Attacks Using Traffic Analysis and Supervised Learning

Rezazad, Mostafa; Brust, Matthias R.; Akbari, Mohammad Kazem; Bouvry, Pascal; Cheung, Ngai-Man

doi:10.1007/978-3-030-03405-4_12

Cited by 10 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Though DDoS attacks have different flavors, they all have a similar objective. A variety of attacks in DDoS include SYN floods [67], in which a hacker dispatches a number of SYN appeals to a remarkable target; attacks in internet control message protocol (ICMP) [68] (in which several ICMP packets are being transmitted via a spoof-IP); crossfire attacks [69] in which an attacker is attacking a complex, massive botnet; and User data logs (User Datagram Protocol). Botnet attacks [70] are a form of DDoS attack occurring in IoT networks.…”

Section: Denial Of Servicementioning

confidence: 99%

Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions

Bharati

Podder

2022

Security and Communication Networks

View full text Add to dashboard Cite

The integration of the Internet of Things (IoT) connects a number of intelligent devices with minimum human interference that can interact with one another. IoT is rapidly emerging in the areas of computer science. However, new security problems are posed by the cross-cutting design of the multidisciplinary elements and IoT systems involved in deploying such schemes. Ineffective is the implementation of security protocols, i.e., authentication, encryption, application security, and access network for IoT systems and their essential weaknesses in security. Current security approaches can also be improved to protect the IoT environment effectively. In recent years, deep learning (DL)/machine learning (ML) has progressed significantly in various critical implementations. Therefore, DL/ML methods are essential to turn IoT system protection from simply enabling safe contact between IoT systems to intelligence systems in security. This review aims to include an extensive analysis of ML systems and state-of-the-art developments in DL methods to improve enhanced IoT device protection methods. On the other hand, various new insights in machine and deep learning for IoT securities illustrate how it could help future research. IoT protection risks relating to emerging or essential threats are identified, as well as future IoT device attacks and possible threats associated with each surface. We then carefully analyze DL and ML IoT protection approaches and present each approach’s benefits, possibilities, and weaknesses. This review discusses a number of potential challenges and limitations. The future works, recommendations, and suggestions of DL/ML in IoT security are also included.

show abstract

Section: Denial Of Servicementioning

confidence: 99%

Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions

Bharati

Podder

2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In the example map on Figure 4, the row labels (to the left of the grid) indicate the type of protocol used in the attack, whereas the column headers at the top represent the attack strategy employed by the attacker. "Direct" in the column header refers to attacks that directly target a victim, whereas "indirect" attacks target the resources upon which a victim depends, such as link-flooding attacks [26], [27]. Reflection attacks are those where the attacking agents recruit unwitting accomplices to attack the target, whereas in unreflected attacks, the attacking agents attack the target without mobilizing assistance from unwitting accomplices.…”

Section: Defence Mapmentioning

confidence: 99%

Towards Comparative Evaluation of DDoS Defences

Otung

Martin

2022

2022 15th International Conference on Security of Information and Networks (SIN)

View full text Add to dashboard Cite

DDoS defence evaluation provides a way to capture the usefulness of defensive solutions to one of the most notorious Internet attacks of our computing generation. An alternative approach to evaluation offers a valuable mechanism by which different DDoS defences can be commensurably and objectively compared. Such a development would not only enable individual organizations to make better informed decisions on which defences to implement but could also aid collaborations to realize global solutions; and reveal insights into aspects requiring further investigation.We present CED3 (pronounced "Seed"), a DDoS defence evaluation framework designed to facilitate the commensurable comparison between DDoS defences in a way that captures their strengths and weaknesses. Firstly, CED3 introduces the notion of true effectiveness, which addresses the problem, identified in the literature, of previously validated defences subsequently being shown to be ineffective when evaluated under different attack conditions. CED3 leverages a structured theoretical analysis process to drive empirical data acquisition in order to enhance consistency, transparency and, ultimately, longevity of evaluation conclusions. Lastly, CED3 introduces the concept of defence maps, which applies the idea of true effectiveness to "scopes" in order to communicate the strengths and weaknesses of defences in a way that allows them to be visually compared.We demonstrate the CED3 framework by applying it to comparatively evaluate three DDoS defences. Using results obtained from extensive simulations in NS-3, we show how the strengths and weaknesses of different defences can be visually compared. We conclude by discussing the merits and limitations of CED3.

show abstract

“…Although there are different types of DDoS attacks, they all have the same objective. Few variants of DDoS attacks are SYN flooding [67] (in which an attacker sends successions of SYN requests to a target), Internet Control Message Protocol (ICMP) attacks [34] (in which large number of ICMP packets are broadcasted using the victim's spoofed IP), crossfire attacks [107] (using a complex and massively large-scale botnet for attack execution) and User Datagram Protocol (UDP) flooding attacks [71] (sending a large number of UDP packets to random ports on a remote victim). Botnet attack [96] is a type of DDoS attack in an IoT network.…”

Section: Security Threatsmentioning

confidence: 99%

Security and Privacy in IoT Using Machine Learning and Blockchain

et al. 2020

View full text Add to dashboard Cite

Security and privacy of users have become significant concerns due to the involvement of the Internet of Things (IoT) devices in numerous applications. Cyber threats are growing at an explosive pace making the existing security and privacy measures inadequate. Hence, everyone on the Internet is a product for hackers. Consequently, Machine Learning (ML) algorithms are used to produce accurate outputs from large complex databases, where the generated outputs can be used to predict and detect vulnerabilities in IoT-based systems. Furthermore, Blockchain (BC) techniques are becoming popular in modern IoT applications to solve security and privacy issues. Several studies have been conducted on either ML algorithms or BC techniques. However, these studies target either security or privacy issues using ML algorithms or BC techniques, thus posing a need for a combined survey on efforts made in recent years addressing both security and privacy issues using ML algorithms and BC techniques. In this article, we provide a summary of research efforts made in the past few years, from 2008 to 2019, addressing security and privacy issues using ML algorithms and BC techniques in the IoT domain. First, we discuss and categorize various security and privacy threats reported in the past 12 years in the IoT domain. We then classify the literature on security and privacy efforts based on ML algorithms and BC techniques in the IoT domain. Finally, we identify and illuminate several challenges and future research directions using ML algorithms and BC techniques to address security and privacy issues in the IoT domain.

show abstract

Detecting Target-Area Link-Flooding DDoS Attacks Using Traffic Analysis and Supervised Learning

Cited by 10 publications

References 10 publications

Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions

Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions

Towards Comparative Evaluation of DDoS Defences

Security and Privacy in IoT Using Machine Learning and Blockchain

Contact Info

Product

Resources

About