Impact of denial of service solutions on network quality of service

Fowler, Scott; Zeadally, Sherali; Chilamkurti, Naveen

doi:10.1002/sec.219

Cited by 11 publications

(5 citation statements)

References 68 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If this vulnerability is triggered remotely, it will lead to a denial of service (DoS) attack. As described in , DoS attacks are major threats to network quality of service. In fact, the manufacturer has not fixed these vulnerabilities, so we do not publish the manufacturer and model of the router, while the vulnerabilities have been confirmed by the manufacturer.…”

Section: Methodsmentioning

confidence: 99%

IKE vulnerability discovery based on fuzzing

Yang

Zhang

et al. 2012

Security Comm Networks

View full text Add to dashboard Cite

Internet Key Exchange (IKE) protocol is widely applied on the Internet to protect confidentiality of the Internet communication. However, there are many high-risk security vulnerabilities in various IKE implementations. Traditional fuzzing approaches with the aim of discovering vulnerabilities have some blind spots, such as time-consuming, low efficiency, and low degree of automation. This paper introduces a new vulnerability discovering approach based on fuzzing and applies the approach to the IKE protocol. Through summarizing the most comprehensive vulnerable points of IKE protocol and proposing a two-stage test cases library, an IKE protocol vulnerability discovering tool called IKEProFuzzer is designed and implemented. It is a network protocol fuzzing framework with extensibility and automated Monitor/Debugger designed by ourselves. In the experiments, IKEProFuzzer has discovered 14 vulnerabilities, including nine released vulnerabilities and five unreleased ones, which affect many kinds of routers and applications. The evaluation results prove the feasibility, efficiency, and extensibility of the approach compared with the existing approaches.

show abstract

Section: Methodsmentioning

confidence: 99%

IKE vulnerability discovery based on fuzzing

Yang

Zhang

et al. 2012

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…When we use regular cryptographic methods, an intruder can intentionally provide delay or DoS (Denial of Service) attack in order to degrade the QoS (Quality of Service) [38]. In our case, it is not the problem because the encrypted message and key goes separate and one never knows that there is a hidden key there.…”

Section: Resistance Against Dos Attackmentioning

confidence: 99%

Authentication Aspects of Dynamic Routing Protocols: Associated Problem & Proposed Solution

Shukla¹,

Chaturvedi²,

Srivastava³

2019

IJRTE

View full text Add to dashboard Cite

Cryptography as a stream is very important for communication security. Cryptography provides many goals for communication security and authentication is one of them. Routing is an integral part of computer networks and router security is extremely important because routing provides suitable path to the traffic generated in the network. Authentication is very important for routing protocols. In this paper we discuss security flaws in routing authentication and provide a unique solution which is never presented to overcome this problem. We also discuss the security analysis of the proposed method which proves that the proposed method is robust in various aspects. The proposed method provides many advantages and the method is so simple that anybody can use it

show abstract

“…However, all these events are sometimes hard to be detected in real time from observed traffic. This affair will become harder if the observed network carries a large amount of traffic, which drowns malicious ones . Therefore, how to expose and accurately detect malicious traffic is a pending problem.…”

Section: Introductionmentioning

confidence: 99%

Distributed denial‐of‐service attack detection scheme‐based joint‐entropy

Rahmani

Sahli

Kamoun

2011

Security Comm Networks

View full text Add to dashboard Cite

Distributed denial-of-service (DDoS) attacks present an increasing threat to the global inter-networking infrastructure. While entropy schemes are highly robust to diverse network conditions, they remain vulnerable to distribute attacks that are similar to legitimate traffic. With the knowledge that the objective of a DDoS attack is to saturate as soon as possible the resources of the target, this would engender an unexpected disproportion between the number of received packets and the number of connections. However, in the case of flash crowds, an increase in the number of packets is always accompanied by an increase in the number of connections. In this work, we used joint-entropy that quantifies the degree of disproportion to detect traffic anomalies. We investigate a class of intelligent attacks, which, unlike high-rate attacks, are difficult for entropy schemes to detect. The experimental results indicate that our joint-entropy scheme can detect this type of attacks accurately. Compared with an entropy-based scheme, the improvement is 40% for the distributed attacks.

show abstract

Impact of denial of service solutions on network quality of service

Cited by 11 publications

References 68 publications

IKE vulnerability discovery based on fuzzing

IKE vulnerability discovery based on fuzzing

Authentication Aspects of Dynamic Routing Protocols: Associated Problem & Proposed Solution

Distributed denial‐of‐service attack detection scheme‐based joint‐entropy

Contact Info

Product

Resources

About