Protection Against DDoS and Data Modification Attack in Computational Grid Cluster Environment

Kodada, Basappa B.; Prasad, G. M. V.; Pais, Alwyn Roshan

doi:10.5815/ijcnis.2012.07.02

Cited by 7 publications

(8 citation statements)

References 7 publications

(7 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However the results show that extracting useful data from packet payload results in reasonable performance. Prevention of DDoS attack and Data modification attack is presented in [8]. This paper presents DDoS and Data Modification attack scenario and also provides the solution to prevent it.…”

Section: Related Workmentioning

confidence: 99%

Detection of illegal traffic pattern using Hybrid Improved CART and Multiple Extreme Learning Machine Approach

Lekha¹,

Ganapathi²

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

In the proposed hybrid intrusion detection process, misuse detection and anomaly detection model is integrated to detect the attack in traffic pattern. In misuse detection model, the traffic pattern is classified into known attack and not known attack. Each extracted normal data set does not have known attack and it contains small amount of varied connection patterns than overall normal data set. Anomaly detection model classifies the not known attack as normal data set and unknown attack thus improving the performance of normal traffic behavior. Experiment is carried out using NSL –KDD dataset and performance of proposed approach is compared with traditional learning approaches in terms of training time, testing time, false positive ratio and detection ratio. The proposed method detects the known attacks and unknown attacks with ratio of 99.8 % and 52% respectively.

show abstract

Section: Related Workmentioning

confidence: 99%

Detection of illegal traffic pattern using Hybrid Improved CART and Multiple Extreme Learning Machine Approach

Lekha¹,

Ganapathi²

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

show abstract

“…These vulnerabilities are not the only approach. There are other types of vulnerability such as malwares, zombie bots and rootkits which can cause denial of service (DDoS) attack [11] or etc.…”

Section: Definition Of Problem (Data Modification Attack)mentioning

confidence: 99%

Modification data attack inside computer systems: a critical review

Amiri

Brujeni

et al. 2020

Comput. Sci. Inf. Technol.

View full text Add to dashboard Cite

This paper is a review of types of modification data attack based on computer systems and it explores the vulnerabilities and mitigations. Altering information is a kind of cyber-attack during which intruders interfere, catch, alter, take or erase critical data on the PCs and applications through using network exploit or by running malicious executable codes on victim's system. One of the most difficult and trendy areas in information security is to protect the sensitive information and secure devices from any kind of threats. Latest advancements in information technology in the field of information security reveal huge amount of budget funded for and spent on developing and addressing security threats to mitigate them. This helps in a variety of settings such as military, business, science, and entertainment. Considering all concerns, the security issues almost always come at first as the most critical concerns in the modern time. As a matter of fact, there is no ultimate security solution; although recent developments in security analysis are finding daily vulnerabilities, there are many motivations to spend billions of dollars to ensure there are vulnerabilities waiting for any kind of breach or exploit to penetrate into the systems and networks and achieve particular interests. In terms of modifying data and information, from old-fashioned attacks to recent cyber ones, all of the attacks are using the same signature: either controlling data streams to easily breach system protections or using non-control-data attack approaches. Both methods can damage applications which work on decision-making data, user input data, configuration data, or user identity data to a large extent. In this review paper, we have tried to express trends of vulnerabilities in the network protocols’ applications.

show abstract

“…A startup company can utilize the infrastructure provided by a public cloud, such as a Visual Studio framework, to develop a website consisting of multiple types of databases in the environment of the cloud provider. Utilization of a cloud for a range of services has been shown to be very cost-effective [29], [71]. However, there is a risk for not doing an assessment on security when utilizing a cloud.…”

Section: Figure 1: Principle Layers Of a Cloudmentioning

confidence: 99%

“…To protect from DDoS in grid and cluster environments, similar to SBF [70], a mechanism was proposed by Prasad and Kodada et al [71]. In the modification of their mechanism, rather than maintaining an IP address table, both the IP address and Mac address were stored at the beginning of cluster node booting.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

FAPA: flooding attack protection architecture in a cloud system

Zunnurhain

Vrbsky

Hasan

2014

IJCC

View full text Add to dashboard Cite

The rate of acceptance of clouds each year is making cloud computing the leading IT computational technology. While cloud computing can be productive and economical, it is still vulnerable to different types of external threats, one of which is a Denial of Service (DoS) attack. DoS attacks have long been an open security problem of the internet. Most proposed solutions to address DoS attacks require upgrades in routers, modification in the BGP (Border Gateway Protocol), usage of additional control bits in the IP packets, or adjustments to legacy routers in the routing path. It is extremely difficult to manipulate all these criteria, considering that the internet, and potentially a cloud, consists of a very large number of autonomous systems with routers from different vendors deployed over decades. Authentication protocols are typically implemented by some of the leading companies manufacturing DoS prevention routers.However, authentication protocols and embedded digital signatures are very expensive and vulnerable. This is contrary to the benefits of renting a cloud system, which is to save capital expenditure as well as operational expenditure.Rather than depending on cloud providers, we proposed a model, called FAPA (Flooding Attack Protection Architecture), to detect and filter packets when DoS attacks occur. FAPA can be deployed at different levels of the system, such as at the user's end. FAPA can run locally on top of the client's terminal and is independent of the provider's cloud machine. There is no need to deploy any expensive packet capturing tools nor does it require any embedded digital signature inside the packets. There is no additional charge from the provider's end since the application runs in the customer's end. Moreover, automatic message propagation invokes the cloud server to trace the source or adversary.iii In FAPA, detection of denial of service is handled by the periodic analysis of the traffic behavior from the raw packets. It generates an alarm if any DoS attack is detected and removes flooding by filtering. Because FAPA is employed on the client's side, customers have control over traffic trends, which is absent in other DoS prevention approaches. FAPA is comprised of five individual modules, where each module has an assigned task in detecting DoS attacks and removing threats by filtering the spoof packets. A module fetches the traffic packets and does the unwrapping. Another module records the pertinent parameters of network packets.Implementation of a FAPA prototype and experimental results has demonstrated the feasibility of FAPA. From our initial experiments we observed that in the event of a DoS attack, some of the network parameters change. Hence, in FAPA a separate module is dedicated for storing information about traffic behavior. If FAPA observes any inconsistent traffic behavior, it invokes the filtering modules to remove the compromised network packets. FAPA filtering detects the threat by using previously recorded information. FAPA filtering was implemented for a...

show abstract

Protection Against DDoS and Data Modification Attack in Computational Grid Cluster Environment

Cited by 7 publications

References 7 publications

Detection of illegal traffic pattern using Hybrid Improved CART and Multiple Extreme Learning Machine Approach

Detection of illegal traffic pattern using Hybrid Improved CART and Multiple Extreme Learning Machine Approach

Modification data attack inside computer systems: a critical review

FAPA: flooding attack protection architecture in a cloud system

Contact Info

Product

Resources

About