Thwarting ICMP Low-Rate Attacks Against Firewalls While Minimizing Legitimate Traffic Loss

Hayawi, Kadhim; Trabelsi, Zouheir; Zeidan, Safaa; Masud, Mohammad Mehedy

doi:10.1109/access.2020.2987479

Cited by 8 publications

(3 citation statements)

References 26 publications

(28 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, this will also lead to corrective actions not only for the breached components, but also for all other similar components to protect them from similar incidents. For example, if we collect detailed information about many DDoS and low-rate DDoS (LDDoS) [74] attacks that occurred in different smart city systems, it will provide a larger sample for analytics and could lead to identifying common preconditions that made these attacks possible and also find more accurate information about the sources and mechanisms used in the attacks. As a result, the response occurs faster and delivers more accurate and adaptive countermeasures.…”

Section: A Security Risk Analysis Enhancementsmentioning

confidence: 99%

Data-Driven Security for Smart City Systems: Carving a Trail

et al. 2020

View full text Add to dashboard Cite

Smart cities rely heavily on collecting and using data. Smart systems are implemented and deployed to provide intelligent features that help improve efficiency and quality of life. This creates a huge repository of data representing many aspects of smart city operations. Many data-driven applications can take advantage of this data to further improve the "smartness" of a smart city. At the same time, smart city systems, being very large-scale distributed systems and highly integrated with the physical infrastructure and residents of the city, pose immense security challenges as well. So why don't we take advantage of this data to improve security measures? In this paper we propose the use of data-driven security approaches to secure smart city systems. To illustrate the significance of this approach we first identify the different challenges for securing smart city systems given the unique characteristics of these systems. Then we discuss the benefits of using data-driven security. Furthermore, we categorize the different types of security applications (features) needed to help capitalize on the data needs and benefits. We also discuss the how these categories of applications can alleviate some of the challenges. In addition, we highlight possible future research directions to incorporate effective data-driven security in smart city systems.

show abstract

Section: A Security Risk Analysis Enhancementsmentioning

confidence: 99%

Data-Driven Security for Smart City Systems: Carving a Trail

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Traditional networks consist of static protocols for network equipment, such as routers and switches, where it is not possible to implement network protocols. Therefore network administrators find it difficult to define custom routing protocols [8]. The SDN controller eliminates routing issues in the SDN network with the use of logical connections.…”

Section: Introductionmentioning

confidence: 99%

A Security Policy Protocol for Detection and Prevention of Internet Control Message Protocol Attacks in Software Defined Networks

et al. 2022

View full text Add to dashboard Cite

Owing to the latest advancements in networking devices and functionalities, there is a need to build future intelligent networks that provide intellectualization, activation, and customization. Software-defined networks (SDN) are one of the latest and most trusted technologies that provide a method of network management that provides network virtualization. Although traditional networks still have a strong presence in the industry, software-defined networks have begun to replace them at faster rates. When network technologies emerge at a steady rate, SDN will be implemented at higher rates in the upcoming years in all fields. Although SDN technology removes the complexity of tying control and data plane together over traditional networks, certain aspects such as security, controllability, and economy of network resources are vulnerable. Among these aspects, security is one of the main concerns that are to be viewed seriously as far as the applications of SDN are concerned. This paper presents the most recent security issues SDN environment followed by preventive mechanisms. This study focuses on Internet control message protocol (ICMP) attacks in SDN networks. This study proposes a security policy protocol (SPP) to detect attacks that target devices such as switches and the SDN controller in the SDN networks. The mechanism is based on ICMP attacks, which are the main source of flooding attacks in the SDN networks. The proposed model focuses on two aspects: security policy process verification and client authentication verification. Experimental results shows that the proposed model can effectively defend against flooding attacks in SDN network environments.

show abstract

“…This integration has undoubtedly improved the efficiency of processes, reduced spatio-temporal investments, and bestowed faster return on investments. While this indus-trial evolution has been extensively reviewed and studied [3], [4], [5], there is a growing concern that the increased connectivity of critical infrastructures such as thermal powerhouses, electricity grids, hospitals, hotels, banking, and defense systems makes them vulnerable to numerous cyber-attacks [6], [7], [8]. Resultantly, a hacker can hack into the end devices and install malware or modify the software components.…”

Section: Introductionmentioning

confidence: 99%

D2Gen: A Decentralized Device Genome Based Integrity Verification Mechanism for Collaborative Intrusion Detection Systems

et al. 2021

Self Cite

View full text Add to dashboard Cite

Collaborative Intrusion Detection Systems are considered an effective defense mechanism for large, intricate, and multilayered Industrial Internet of Things against many cyberattacks. However, while a Collaborative Intrusion Detection System successfully detects and prevents various attacks, it is possible that an inside attacker performs a malicious act and compromises an Intrusion Detection System node. A compromised node can inflict considerable damage on the whole collaborative network. For instance, when a malicious node gives a false alert of an attack, the other nodes will unnecessarily increase their security and close all of their services, thus, degrading the system's performance. On the contrary, if the spurious node approves malicious traffic into the system, the other nodes would also be compromised. Therefore, to detect a compromised node in the network, this article introduces a device integrity check mechanism based on "Digital Genome." In medical science, a genome refers to a set that contains all of the information needed to build and maintain an organism. Based on the same concept, the digital genome is computed over a device's vital hardware, software, and other components. Hence, if an attacker makes any change in a node's hardware and software components, the digital genome will change, and the compromised node will be easily detected. It is envisaged that the proposed integrity attestation protocol can be used in diverse Internet of Things and other information technology applications to ensure the legitimate operation of end devices. This study also proffers a comprehensive security and performance analysis of the proposed framework.INDEX TERMS Insider attacks, integrity check, collaborative intrusion detection system, device genome, device security, blockchain, Internet of Things.

show abstract

Thwarting ICMP Low-Rate Attacks Against Firewalls While Minimizing Legitimate Traffic Loss

Cited by 8 publications

References 26 publications

Data-Driven Security for Smart City Systems: Carving a Trail

Data-Driven Security for Smart City Systems: Carving a Trail

A Security Policy Protocol for Detection and Prevention of Internet Control Message Protocol Attacks in Software Defined Networks

D2Gen: A Decentralized Device Genome Based Integrity Verification Mechanism for Collaborative Intrusion Detection Systems

Contact Info

Product

Resources

About