SlideShare a Scribd company logo

Anomaly based PoW Defense

G
G Prachi

Anomaly based PoW Defense

Technology
1 of 15
IEEE International ConferenceOn RecentTrendsInElectronicsInformation CommunicationTechnology,May18-19,2018, India Anomaly based Mitigation of Volumetric DDoS Prachi Gulihar B.B. Gupta National Institute of Technology, Kurukshetra,India Prachi Gulihar, B.B. Gupta 1/ 15RTEICT-2018 Attack Using Client Puzzle as Proof-of-Work
Table of Contents 1 Introduction 2 Related Works 3 Proposed Model 4 Description of the Algorithm 5 Simulation Analysis 7 Conclusion and Future Work Prachi Gulihar, B.B. Gupta RTEICT-2018 2/ 15 6 Advantages References8
Introduction Nowadays the Internet plays a vital role in the growth of the economy for any nation. 1DDoS attacks are one of the major threat that hurting this growth as it affects the systems and network which uses the Internet for their business work. In DDoS attacks, victims bandwidth is flooded with the excessive amount of malicious or fake traffic due to which, the victim is unable to serve the legitimate users. 1 J. MirkovicandP. Reiher,“A taxonomyofddosattackandddosdefensemechanisms,”ACMSIGCOMM ComputerCommunication Review,vol.34,no.2, pp.39–53, 2004. Prachi Gulihar, B.B. Gupta RTEICT-2018 3/ 15
Figure 1: DDoS attack vector frequency Prachi Gulihar, B.B. Gupta RTEICT-2018 4/ 19 30 16 8 7 6 12 4 2 10 0 10 20 30 40
Related Works Prachi Gulihar, B.B. Gupta RTEICT-2018 5/ 15 Approach Advantages Limitations Router based Pushback with Client Puzzles [8]  Puzzle work load is transferred to the upstream path routers which decreases work load of processing on the path routers.  It is not effective in performing rate-limiting defense on the malicious traffic inside the aggregate.  Fails to mitigate the attack traffic which is distributed within the inbound links in a uniform manner. Software Puzzle [6]  Attackers cannot inflate their puzzle- solving capabilities using GPU.  Can be easily integrated with the data puzzle schemes existing on the server side because it is made upon a data puzzle.  Easily deployed.  Generation of puzzle at the server side makes it a time consuming process as the victim server only has to put in time for construction of the puzzle.  No provision for construction of the software puzzle at the client-side. Bitcoin Blockchain [4]  Fair client puzzles are computed independent of power of client machine’s computing resources.  Client cannot save the puzzles to respond afterwards at a later stage with an overwhelming count of correct puzzle solutions at a single point of time.  Blocks in a bitcoin blockchain are generated approximately every ten minutes which is makes it impractical for client puzzle applications. Game Theory with Nash equilibrium [9]  Applicable in defending both distributed and single-source attacks.  Does not support larger payoffs to be feasible in the game. Outsourced puzzles [5]  Robust puzzle distribution mechanism.  Offline computation of puzzles  One server is able to compute tokens associated with other servers resulting in diffusion of trust across other participants. Standard Model Client Puzzles [7]  Less number of modular multiplication operations for puzzle generation by defending server.  Faster cumulative verification time.  Slower puzzle generation time.  Slower solution verification time as compared to hash based puzzles.
Work Done Proposed a multi-level defense approach using congestion level control and anomaly based techniques can be explained by the following four steps which are executed in a consecutive manner of execution: Detection of DDOS attack. Challenging the attacking sources. Suppression of malicious packets. Diverting the traffic flood. Prachi Gulihar, B.B. Gupta RTEICT-2018 6/ 15
Proposed Model Figure 2: Framework of Proposed Approach Prachi Gulihar, B.B. Gupta RTEICT-2018 7/ 15
Description of the Algorithm In the incoming traffic, every incoming packet is placed into its respective module, according to the volume of the attack traffic – normal, caution, peak. If this volume is less than the normal level then the defense mechanism is not activated and the traffic is sent to the destination machine. If the volume destined towards the victim rises above the caution level, then the puzzle generation module is activated which checks the packets for PoW as authority to send requests to the server. Only the authorized client requests are forwarded. If the volume of the incoming traffic rises above the peak level, then all of the traffic is diverted to dynamic provisioning module. Prachi Gulihar, B.B. Gupta RTEICT-2018 8/ 15
Description Of Algorithm Time range (tx, ty) is the transition period of ddos attack. Input: Incoming traffic Xin Start Vin = null; //set initial volume metric as null Fetch (Xin[t], Vin[t]); If (Vin[t] < V[tx ]) //no defense {Forward_ISP (Xin[t])} //client puzzle P ElseIf (V[tx] < Vin[t] < V[ty]) {S : Generate(P); S -> C : Send(P); C : S=Solve(P); C->S : Send(S); If (S==Solution[P]) {Forward_ISP (Xin[t]);} Else {Forward_Garbage(Xin[t]);}} Prachi Gulihar, B.B. Gupta RTEICT-2018 9/ 15 //dynamic provisioning Else {Forward_DPM(Xin[t]);} Forward_ISP (Xin[t]) {Handle (Xin[t]);} //diversion Forward_DPM(Xin[t]) {Send(Xin[t]) -> PolicyHandler; Forward(Xin[t]) -> HelpingServers; } //blacklisting Forward_Garbage(Xin[t]) {Discard(Xin[t]); SourceIP(Xin[t]) -> logServer; } End
Simulation Analysis Basic network to test flooding attack is set up with the help of Network Simulator 2. Anticipation of mitigation rate of the proposed framework is done under two conditions. Firstly, when the defense mechanism is in place and secondly, without it. A heterogeneous network comprising of different types of traffic is taken, and defense is done under three attack load condition of the network traffic. Simulation of the model is tested under the two types of DDoS attack: TCP flood and UDP flood. In Dynamic Provisioning Module simulation, minimum charge policy in kept in policy handler. Prachi Gulihar, B.B. Gupta RTEICT-2018 1 0 / 15
Simulation Analysis Figure 3: Packet distribution Between under Normal and DDoS attack Scenario (a) Benign packets , (b) Malicious packets Prachi Gulihar, B.B. Gupta RTEICT-2018 11/ 15
Advantages Lineal Deployment: The PoW ensures easy deployment on the existing infrastructure without any major modifications on server machine. On-Demand DDoS Mitigation: Defense comes under action only when the attack is happening else remains inactive which lowers the maintenance costs. Non-distinguishable DDoS Defense: Proof-of-Work (PoW) scheme prioritises the connection requests reducing the collateral damage done to the legitimate traffic due to non-filteration of malicious traffic. Risk Transfer: The Risk Transfer mechanism is well suited for the securing network layer attacks as even if the internal devices are unsecure, dynamic provisioning is enough to prevent DDoS attacks. Prachi Gulihar, B.B. Gupta RTEICT-2018 12/ 15
Conclusion and Future Work This method authenticates and permits only the authoritative clients to gain access to the services offered by the server using client puzzles as Proof-of-Work (PoW). This volume based activation of defense scheme ensures the design goal of on-demand mitigation. . Our future work will be focus on testing the proposed approach in the real-time environment, as well with more attack scenarios. The research problem of helping servers allowing others to use their machine in DDoS defense for money is an interesting part to investigate. Prachi Gulihar, B.B. Gupta RTEICT-2018 1 3 / 15
References 1. Britton T., Liu-Johnston I., Cugnière I., Gupta S., Rodriguez D., Barbier J., & Tricaud, S. Analysis of 24 Hours Internet Attacks. 2. Khor, S. H.. “Deployable Mechanisms for Distributed Denial-of-Service (DDoS) Attack Mitigation” , 2010. 3. Kumarasamy, Saravanan, and R. Asokan. "Distributed Denial of Service (DDoS) Attacks Detection Mechanism." arXiv preprint arXiv:1201.2007 , 2012. 4. Wu, Yongdong, et al. "Software puzzle: A countermeasure to resource-inflated denial- of-service attacks." IEEE Transactions on Information forensics and security 10.1, 2015: 168-177. 5. Boyd, Colin, and Christopher Carr. "Fair client puzzles from the bitcoin blockchain." Australasian Conference on Information Security and Privacy. Springer, Cham, 2016. 6. Fallah, Mehran. "A puzzle-based defense strategy against flooding attacks using game theory." IEEE transactions on dependable and secure computing 7.1 , 2010: 5-19. 7. Waters, Brent, et al. "New client puzzle outsourcing techniques for DoS resistance." Proceedings of the 11th ACM conference on Computer and communications security. ACM, 2004. 8. Kuppusamy, Lakshmi, et al. "Practical client puzzles in the standard model." Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ACM, 2012. Prachi Gulihar, B.B. Gupta RTEICT-2018 14/ 15
Thank You!! Prachi Gulihar, B.B. Gupta RTEICT-2018 15/ 15

Recommended

Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
 
Optimal software-defined network topology for distributed denial of service a...
Optimal software-defined network topology for distributed denial of service a...Optimal software-defined network topology for distributed denial of service a...
Optimal software-defined network topology for distributed denial of service a...journalBEEI
 
Ix3615551559
Ix3615551559Ix3615551559
Ix3615551559IJERA Editor
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEIJNSA Journal
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
 
Genetic Algorithm based Layered Detection and Defense of HTTP Botnet
Genetic Algorithm based Layered Detection and Defense of HTTP BotnetGenetic Algorithm based Layered Detection and Defense of HTTP Botnet
Genetic Algorithm based Layered Detection and Defense of HTTP BotnetIDES Editor
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 

Recommended

Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
 
Optimal software-defined network topology for distributed denial of service a...
Optimal software-defined network topology for distributed denial of service a...Optimal software-defined network topology for distributed denial of service a...
Optimal software-defined network topology for distributed denial of service a...journalBEEI
 
Ix3615551559
Ix3615551559Ix3615551559
Ix3615551559IJERA Editor
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEIJNSA Journal
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
 
Genetic Algorithm based Layered Detection and Defense of HTTP Botnet
Genetic Algorithm based Layered Detection and Defense of HTTP BotnetGenetic Algorithm based Layered Detection and Defense of HTTP Botnet
Genetic Algorithm based Layered Detection and Defense of HTTP BotnetIDES Editor
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 
Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...TELKOMNIKA JOURNAL
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
A secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisA secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisSwapnil Jagtap
 
Securing cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacksSecuring cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacksSampatkumar Satyamurti
 
CIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.comCIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.comBartholomew19
 
A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...IJCNCJournal
 
D do s
D do sD do s
D do ssunilkumar021
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
 
Ip Guardian customer presentation
Ip Guardian customer presentationIp Guardian customer presentation
Ip Guardian customer presentationacaiani
 
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based ApproachMitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based ApproachIJLT EMAS
 
Ijmet 10 02_045
Ijmet 10 02_045Ijmet 10 02_045
Ijmet 10 02_045IAEME Publication
 
CIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.comCIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.comdonaldzs97
 
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKSFLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKScsandit
 
Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com amaranthbeg146
 
CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   bellflower3
 
IRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart GridIRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart GridIRJET Journal
 
CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   bellflower45
 
Cooperative mitigation DDoS
Cooperative mitigation DDoSCooperative mitigation DDoS
Cooperative mitigation DDoSG Prachi
 
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...IRJET Journal
 
Q-learning based distributed denial of service detection
Q-learning based distributed denial of service detectionQ-learning based distributed denial of service detection
Q-learning based distributed denial of service detectionIJECEIAES
 
IRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET Journal
 
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...IRJET Journal
 

More Related Content

What's hot

Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...TELKOMNIKA JOURNAL
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
A secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisA secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisSwapnil Jagtap
 
Securing cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacksSecuring cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacksSampatkumar Satyamurti
 
CIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.comCIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.comBartholomew19
 
A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...IJCNCJournal
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
 
Ip Guardian customer presentation
Ip Guardian customer presentationIp Guardian customer presentation
Ip Guardian customer presentationacaiani
 
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based ApproachMitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based ApproachIJLT EMAS
 
CIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.comCIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.comdonaldzs97
 
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKSFLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKScsandit
 
Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com amaranthbeg146
 
CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   bellflower3
 
IRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart GridIRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart GridIRJET Journal
 
CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   bellflower45
 

What's hot (17)

Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...Evaluation of network security based on next generation intrusion prevention ...
Evaluation of network security based on next generation intrusion prevention ...
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
 
A secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisA secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysis
 
Securing cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacksSecuring cloud computing environment against d do s attacks
Securing cloud computing environment against d do s attacks
 
CIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.comCIS 333 Effective Communication - tutorialrank.com
CIS 333 Effective Communication - tutorialrank.com
 
A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...A novel signature based traffic classification engine to reduce false alarms ...
A novel signature based traffic classification engine to reduce false alarms ...
 
D do s
D do sD do s
D do s
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
 
Ip Guardian customer presentation
Ip Guardian customer presentationIp Guardian customer presentation
Ip Guardian customer presentation
 
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based ApproachMitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
 
Ijmet 10 02_045
Ijmet 10 02_045Ijmet 10 02_045
Ijmet 10 02_045
 
CIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.comCIS 333 Exceptional Education / snaptutorial.com
CIS 333 Exceptional Education / snaptutorial.com
 
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKSFLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
FLOODING ATTACKS DETECTION OF MOBILE AGENTS IN IP NETWORKS
 
Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com
 
CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   CIS 333 Life of the Mind/newtonhelp.com   
CIS 333 Life of the Mind/newtonhelp.com   
 
IRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart GridIRJET- A Review of the Concept of Smart Grid
IRJET- A Review of the Concept of Smart Grid
 
CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   CIS 333 Imagine Your Future/newtonhelp.com   
CIS 333 Imagine Your Future/newtonhelp.com   
 

Similar to Anomaly based PoW Defense

Cooperative mitigation DDoS
Cooperative mitigation DDoSCooperative mitigation DDoS
Cooperative mitigation DDoSG Prachi
 
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...IRJET Journal
 
Q-learning based distributed denial of service detection
Q-learning based distributed denial of service detectionQ-learning based distributed denial of service detection
Q-learning based distributed denial of service detectionIJECEIAES
 
IRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET Journal
 
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...IRJET Journal
 
IMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICESIMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICESIRJET Journal
 
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...ijccsa
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
 
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...IRJET Journal
 
DDoS Attack Detection and Botnet Prevention using Machine Learning
DDoS Attack Detection and Botnet Prevention using Machine LearningDDoS Attack Detection and Botnet Prevention using Machine Learning
DDoS Attack Detection and Botnet Prevention using Machine LearningIRJET Journal
 
IRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET Journal
 
Jehyuk jang and heung no lee ieee double spend
Jehyuk jang and heung no lee ieee double spendJehyuk jang and heung no lee ieee double spend
Jehyuk jang and heung no lee ieee double spendIT Strategy Group
 
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET Journal
 
IRJET- Software Defined Network: DDOS Attack Detection
IRJET- Software Defined Network: DDOS Attack DetectionIRJET- Software Defined Network: DDOS Attack Detection
IRJET- Software Defined Network: DDOS Attack DetectionIRJET Journal
 
IRJET- HTTP Flooding Attack Detection using Data Mining Techniques
IRJET- HTTP Flooding Attack Detection using Data Mining TechniquesIRJET- HTTP Flooding Attack Detection using Data Mining Techniques
IRJET- HTTP Flooding Attack Detection using Data Mining TechniquesIRJET Journal
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET Journal
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
 
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITYA STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITYIRJET Journal
 
Intrusion Detection for HealthCare Network using Machine Learning
Intrusion Detection for HealthCare Network using Machine LearningIntrusion Detection for HealthCare Network using Machine Learning
Intrusion Detection for HealthCare Network using Machine LearningIRJET Journal
 

Similar to Anomaly based PoW Defense (20)

Cooperative mitigation DDoS
Cooperative mitigation DDoSCooperative mitigation DDoS
Cooperative mitigation DDoS
 
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
 
Q-learning based distributed denial of service detection
Q-learning based distributed denial of service detectionQ-learning based distributed denial of service detection
Q-learning based distributed denial of service detection
 
IRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in Manet
 
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
Cybersecurity Threat Detection of Anomaly Based DDoS Attack Using Machine Lea...
 
IMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICESIMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICES
 
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...
Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier ...
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
 
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...
IRJET- Survey on Mitigation Techniques of Economical Denial of Sustainabi...
 
DDoS Attack Detection and Botnet Prevention using Machine Learning
DDoS Attack Detection and Botnet Prevention using Machine LearningDDoS Attack Detection and Botnet Prevention using Machine Learning
DDoS Attack Detection and Botnet Prevention using Machine Learning
 
IRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash Matching
 
Jehyuk jang and heung no lee ieee double spend
Jehyuk jang and heung no lee ieee double spendJehyuk jang and heung no lee ieee double spend
Jehyuk jang and heung no lee ieee double spend
 
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
 
IRJET- Software Defined Network: DDOS Attack Detection
IRJET- Software Defined Network: DDOS Attack DetectionIRJET- Software Defined Network: DDOS Attack Detection
IRJET- Software Defined Network: DDOS Attack Detection
 
IRJET- HTTP Flooding Attack Detection using Data Mining Techniques
IRJET- HTTP Flooding Attack Detection using Data Mining TechniquesIRJET- HTTP Flooding Attack Detection using Data Mining Techniques
IRJET- HTTP Flooding Attack Detection using Data Mining Techniques
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...
 
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITYA STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
 
Intrusion Detection for HealthCare Network using Machine Learning
Intrusion Detection for HealthCare Network using Machine LearningIntrusion Detection for HealthCare Network using Machine Learning
Intrusion Detection for HealthCare Network using Machine Learning
 

More from G Prachi

The trusted computing architecture
The trusted computing architectureThe trusted computing architecture
The trusted computing architectureG Prachi
 
Security risk management
Security risk managementSecurity risk management
Security risk managementG Prachi
 
Mobile platform security models
Mobile platform security modelsMobile platform security models
Mobile platform security modelsG Prachi
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software securityG Prachi
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilitiesG Prachi
 
Web application security part 02
Web application security part 02Web application security part 02
Web application security part 02G Prachi
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01G Prachi
 
Basic web security model
Basic web security modelBasic web security model
Basic web security modelG Prachi
 
Least privilege, access control, operating system security
Least privilege, access control, operating system securityLeast privilege, access control, operating system security
Least privilege, access control, operating system securityG Prachi
 
Dealing with legacy code
Dealing with legacy codeDealing with legacy code
Dealing with legacy codeG Prachi
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzingG Prachi
 
Control hijacking
Control hijackingControl hijacking
Control hijackingG Prachi
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Administering security
Administering securityAdministering security
Administering securityG Prachi
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Protection in general purpose operating system
Protection in general purpose operating systemProtection in general purpose operating system
Protection in general purpose operating systemG Prachi
 
Program security
Program securityProgram security
Program securityG Prachi
 
Elementary cryptography
Elementary cryptographyElementary cryptography
Elementary cryptographyG Prachi
 
Information security introduction
Information security introductionInformation security introduction
Information security introductionG Prachi
 

More from G Prachi (20)

The trusted computing architecture
The trusted computing architectureThe trusted computing architecture
The trusted computing architecture
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Mobile platform security models
Mobile platform security modelsMobile platform security models
Mobile platform security models
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
 
Web application security part 02
Web application security part 02Web application security part 02
Web application security part 02
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01
 
Basic web security model
Basic web security modelBasic web security model
Basic web security model
 
Least privilege, access control, operating system security
Least privilege, access control, operating system securityLeast privilege, access control, operating system security
Least privilege, access control, operating system security
 
Dealing with legacy code
Dealing with legacy codeDealing with legacy code
Dealing with legacy code
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzing
 
Control hijacking
Control hijackingControl hijacking
Control hijacking
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Administering security
Administering securityAdministering security
Administering security
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networks
 
Protection in general purpose operating system
Protection in general purpose operating systemProtection in general purpose operating system
Protection in general purpose operating system
 
Program security
Program securityProgram security
Program security
 
Elementary cryptography
Elementary cryptographyElementary cryptography
Elementary cryptography
 
Information security introduction
Information security introductionInformation security introduction
Information security introduction
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

Anomaly based PoW Defense

  • 1. IEEE International ConferenceOn RecentTrendsInElectronicsInformation CommunicationTechnology,May18-19,2018, India Anomaly based Mitigation of Volumetric DDoS Prachi Gulihar B.B. Gupta National Institute of Technology, Kurukshetra,India Prachi Gulihar, B.B. Gupta 1/ 15RTEICT-2018 Attack Using Client Puzzle as Proof-of-Work
  • 2. Table of Contents 1 Introduction 2 Related Works 3 Proposed Model 4 Description of the Algorithm 5 Simulation Analysis 7 Conclusion and Future Work Prachi Gulihar, B.B. Gupta RTEICT-2018 2/ 15 6 Advantages References8
  • 3. Introduction Nowadays the Internet plays a vital role in the growth of the economy for any nation. 1DDoS attacks are one of the major threat that hurting this growth as it affects the systems and network which uses the Internet for their business work. In DDoS attacks, victims bandwidth is flooded with the excessive amount of malicious or fake traffic due to which, the victim is unable to serve the legitimate users. 1 J. MirkovicandP. Reiher,“A taxonomyofddosattackandddosdefensemechanisms,”ACMSIGCOMM ComputerCommunication Review,vol.34,no.2, pp.39–53, 2004. Prachi Gulihar, B.B. Gupta RTEICT-2018 3/ 15
  • 4. Figure 1: DDoS attack vector frequency Prachi Gulihar, B.B. Gupta RTEICT-2018 4/ 19 30 16 8 7 6 12 4 2 10 0 10 20 30 40
  • 5. Related Works Prachi Gulihar, B.B. Gupta RTEICT-2018 5/ 15 Approach Advantages Limitations Router based Pushback with Client Puzzles [8]  Puzzle work load is transferred to the upstream path routers which decreases work load of processing on the path routers.  It is not effective in performing rate-limiting defense on the malicious traffic inside the aggregate.  Fails to mitigate the attack traffic which is distributed within the inbound links in a uniform manner. Software Puzzle [6]  Attackers cannot inflate their puzzle- solving capabilities using GPU.  Can be easily integrated with the data puzzle schemes existing on the server side because it is made upon a data puzzle.  Easily deployed.  Generation of puzzle at the server side makes it a time consuming process as the victim server only has to put in time for construction of the puzzle.  No provision for construction of the software puzzle at the client-side. Bitcoin Blockchain [4]  Fair client puzzles are computed independent of power of client machine’s computing resources.  Client cannot save the puzzles to respond afterwards at a later stage with an overwhelming count of correct puzzle solutions at a single point of time.  Blocks in a bitcoin blockchain are generated approximately every ten minutes which is makes it impractical for client puzzle applications. Game Theory with Nash equilibrium [9]  Applicable in defending both distributed and single-source attacks.  Does not support larger payoffs to be feasible in the game. Outsourced puzzles [5]  Robust puzzle distribution mechanism.  Offline computation of puzzles  One server is able to compute tokens associated with other servers resulting in diffusion of trust across other participants. Standard Model Client Puzzles [7]  Less number of modular multiplication operations for puzzle generation by defending server.  Faster cumulative verification time.  Slower puzzle generation time.  Slower solution verification time as compared to hash based puzzles.
  • 6. Work Done Proposed a multi-level defense approach using congestion level control and anomaly based techniques can be explained by the following four steps which are executed in a consecutive manner of execution: Detection of DDOS attack. Challenging the attacking sources. Suppression of malicious packets. Diverting the traffic flood. Prachi Gulihar, B.B. Gupta RTEICT-2018 6/ 15
  • 7. Proposed Model Figure 2: Framework of Proposed Approach Prachi Gulihar, B.B. Gupta RTEICT-2018 7/ 15
  • 8. Description of the Algorithm In the incoming traffic, every incoming packet is placed into its respective module, according to the volume of the attack traffic – normal, caution, peak. If this volume is less than the normal level then the defense mechanism is not activated and the traffic is sent to the destination machine. If the volume destined towards the victim rises above the caution level, then the puzzle generation module is activated which checks the packets for PoW as authority to send requests to the server. Only the authorized client requests are forwarded. If the volume of the incoming traffic rises above the peak level, then all of the traffic is diverted to dynamic provisioning module. Prachi Gulihar, B.B. Gupta RTEICT-2018 8/ 15
  • 9. Description Of Algorithm Time range (tx, ty) is the transition period of ddos attack. Input: Incoming traffic Xin Start Vin = null; //set initial volume metric as null Fetch (Xin[t], Vin[t]); If (Vin[t] < V[tx ]) //no defense {Forward_ISP (Xin[t])} //client puzzle P ElseIf (V[tx] < Vin[t] < V[ty]) {S : Generate(P); S -> C : Send(P); C : S=Solve(P); C->S : Send(S); If (S==Solution[P]) {Forward_ISP (Xin[t]);} Else {Forward_Garbage(Xin[t]);}} Prachi Gulihar, B.B. Gupta RTEICT-2018 9/ 15 //dynamic provisioning Else {Forward_DPM(Xin[t]);} Forward_ISP (Xin[t]) {Handle (Xin[t]);} //diversion Forward_DPM(Xin[t]) {Send(Xin[t]) -> PolicyHandler; Forward(Xin[t]) -> HelpingServers; } //blacklisting Forward_Garbage(Xin[t]) {Discard(Xin[t]); SourceIP(Xin[t]) -> logServer; } End
  • 10. Simulation Analysis Basic network to test flooding attack is set up with the help of Network Simulator 2. Anticipation of mitigation rate of the proposed framework is done under two conditions. Firstly, when the defense mechanism is in place and secondly, without it. A heterogeneous network comprising of different types of traffic is taken, and defense is done under three attack load condition of the network traffic. Simulation of the model is tested under the two types of DDoS attack: TCP flood and UDP flood. In Dynamic Provisioning Module simulation, minimum charge policy in kept in policy handler. Prachi Gulihar, B.B. Gupta RTEICT-2018 1 0 / 15
  • 11. Simulation Analysis Figure 3: Packet distribution Between under Normal and DDoS attack Scenario (a) Benign packets , (b) Malicious packets Prachi Gulihar, B.B. Gupta RTEICT-2018 11/ 15
  • 12. Advantages Lineal Deployment: The PoW ensures easy deployment on the existing infrastructure without any major modifications on server machine. On-Demand DDoS Mitigation: Defense comes under action only when the attack is happening else remains inactive which lowers the maintenance costs. Non-distinguishable DDoS Defense: Proof-of-Work (PoW) scheme prioritises the connection requests reducing the collateral damage done to the legitimate traffic due to non-filteration of malicious traffic. Risk Transfer: The Risk Transfer mechanism is well suited for the securing network layer attacks as even if the internal devices are unsecure, dynamic provisioning is enough to prevent DDoS attacks. Prachi Gulihar, B.B. Gupta RTEICT-2018 12/ 15
  • 13. Conclusion and Future Work This method authenticates and permits only the authoritative clients to gain access to the services offered by the server using client puzzles as Proof-of-Work (PoW). This volume based activation of defense scheme ensures the design goal of on-demand mitigation. . Our future work will be focus on testing the proposed approach in the real-time environment, as well with more attack scenarios. The research problem of helping servers allowing others to use their machine in DDoS defense for money is an interesting part to investigate. Prachi Gulihar, B.B. Gupta RTEICT-2018 1 3 / 15
  • 14. References 1. Britton T., Liu-Johnston I., Cugnière I., Gupta S., Rodriguez D., Barbier J., & Tricaud, S. Analysis of 24 Hours Internet Attacks. 2. Khor, S. H.. “Deployable Mechanisms for Distributed Denial-of-Service (DDoS) Attack Mitigation” , 2010. 3. Kumarasamy, Saravanan, and R. Asokan. "Distributed Denial of Service (DDoS) Attacks Detection Mechanism." arXiv preprint arXiv:1201.2007 , 2012. 4. Wu, Yongdong, et al. "Software puzzle: A countermeasure to resource-inflated denial- of-service attacks." IEEE Transactions on Information forensics and security 10.1, 2015: 168-177. 5. Boyd, Colin, and Christopher Carr. "Fair client puzzles from the bitcoin blockchain." Australasian Conference on Information Security and Privacy. Springer, Cham, 2016. 6. Fallah, Mehran. "A puzzle-based defense strategy against flooding attacks using game theory." IEEE transactions on dependable and secure computing 7.1 , 2010: 5-19. 7. Waters, Brent, et al. "New client puzzle outsourcing techniques for DoS resistance." Proceedings of the 11th ACM conference on Computer and communications security. ACM, 2004. 8. Kuppusamy, Lakshmi, et al. "Practical client puzzles in the standard model." Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ACM, 2012. Prachi Gulihar, B.B. Gupta RTEICT-2018 14/ 15
  • 15. Thank You!! Prachi Gulihar, B.B. Gupta RTEICT-2018 15/ 15