Towards Mitigation of Low and Slow Application DDoS Attacks

Shtern, Mark; Sandel, Roni; Litoiu, Marin; Bachalo, Chris; Theodorou, Vasileios

doi:10.1109/ic2e.2014.38

Cited by 38 publications

(16 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A low-and-slow DoS attack [12], also referred to as a low-bandwidth application-layer DoS attack, is predicated on detailed knowledge of the target application. The attacker is able to slowly degrade the performance of the application by exploiting weaknesses they have identified.…”

Section: Example: Resource-consumption Attacksmentioning

confidence: 99%

A runtime cloud efficiency software quality metric

Shtern

Smit

Simmons

et al. 2014

Companion Proceedings of the 36th International Conference on Software Engineering

Self Cite

View full text Add to dashboard Cite

This paper introduces the Cloud Efficiency (CE) metric, a novel runtime metric which assesses how effectively an application uses software-defined infrastructure. The CE metric is computed as the ratio of two functions: i) a benefit function which captures the current set of benefits derived from the application, and ii) a cost function which describes the current charges incurred by the application's resources. We motivate the need for the CE metric, describe in further detail how to compute it, and present experimental results demonstrating its calculation.

show abstract

Section: Example: Resource-consumption Attacksmentioning

confidence: 99%

A runtime cloud efficiency software quality metric

Shtern

Smit

Simmons

et al. 2014

Companion Proceedings of the 36th International Conference on Software Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…For example, [5], [6], [7], [8] built their DDoS mitigation algorithms on SDN networks. [9], [10] used SDN to detect abnormal traffics.…”

Section: Related Workmentioning

confidence: 99%

How to detect a compromised SDN switch

Chi

Kuo

Guo

et al. 2015

Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft)

View full text Add to dashboard Cite

SDN is a concept of programmable networking. A network manager can process each network flow through software programs. There is a hypothesis that all switches are trusted and follow programmed commands to handle packets. That is, once a switch is compromised by an attacker and does not follow the order of the network manager, this will bring a huge network disaster. In this paper, we define some attack models through compromised switches and design a detection mechanism to find these compromised devices. We evaluate our mechanism and discuss some future works.

show abstract

“…If an attacker establishes a large amount of connections simultaneously, repeats the 'validation process' in the same connection continuously or responds to the authentication protocol in a low and slow manner [101], the Fog resources will become exhausted and rendered unavailable for the intended users. However, these security concerns can be reduced by building a performance model that is collecting values of memory, CPU and disk utilization and periodically comparing with estimated values [102]. In case the system identifies an anomaly, the user would be redirected to the Shark Tank cluster, which is essentially a proxy to closely monitor the user but can grant full application capabilities.…”

Section: Policy-driven Secure Management Of Resourcesmentioning

confidence: 99%

Fog computing security: a review of current applications and security solutions

2017

View full text Add to dashboard Cite

Fog computing is a new paradigm that extends the Cloud platform model by providing computing resources on the edges of a network. It can be described as a cloud-like platform having similar data, computation, storage and application services, but is fundamentally different in that it is decentralized. In addition, Fog systems are capable of processing large amounts of data locally, operate on-premise, are fully portable, and can be installed on heterogeneous hardware. These features make the Fog platform highly suitable for time and location-sensitive applications. For example, Internet of Things (IoT) devices are required to quickly process a large amount of data. This wide range of functionality driven applications intensifies many security issues regarding data, virtualization, segregation, network, malware and monitoring. This paper surveys existing literature on Fog computing applications to identify common security gaps. Similar technologies like Edge computing, Cloudlets and Micro-data centres have also been included to provide a holistic review process. The majority of Fog applications are motivated by the desire for functionality and end-user requirements, while the security aspects are often ignored or considered as an afterthought. This paper also determines the impact of those security issues and possible solutions, providing future security-relevant directions to those responsible for designing, developing, and maintaining Fog systems.

show abstract

Towards Mitigation of Low and Slow Application DDoS Attacks

Cited by 38 publications

References 18 publications

A runtime cloud efficiency software quality metric

A runtime cloud efficiency software quality metric

How to detect a compromised SDN switch

Fog computing security: a review of current applications and security solutions

Contact Info

Product

Resources

About