IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET Journal
This document proposes a method to detect HTTP GET flooding DDoS attacks in cloud computing environments using MapReduce processing. It involves integrating abnormal HTTP request detection rules analyzed through statistical analysis and thresholds into MapReduce. Suspected IP addresses are sent challenge values, and IP addresses that provide normal responses are initially allowed while abnormal responses are filtered for a period of time. MapReduce is used to analyze packet data and detect abnormal GET requests based on factors like the IP, port, and URI to identify malicious traffic patterns characteristic of DDoS attacks. The goal is to ensure availability of target systems and reliable detection of HTTP GET flooding attacks in cloud services.
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKSIJNSA Journal
DOS ATTACKS ARE ONE OF THE TOP SECURITY PROBLEMS AFFECTING NETWORKS AND DISRUPTING SERVICES TO
LEGITIMATE USERS. THE VITAL STEP IN DEALING WITH THIS PROBLEM IS THE NETWORK'S ABILITY TO DETECT SUCH
ATTACKS. APPLICATION DDOS ATTACK, WHICH AIMS AT DISRUPTING APPLICATION SERVICE RATHER THAN
DEPLETING THE NETWORK RESOURCE. UP TO NOW ALL THE RESEARCHES MADE ON THIS DDOS ATTACKS ONLY
CONCENTRATES EITHER ON NETWORK RESOURCES OR ON APPLICATION SERVERS BUT NOT ON BOTH. IN THIS PAPER
WE PROPOSED A SOLUTION FOR BOTH THESE PROBLEMS BY AUTHENTICATION METHODS AND GROUP TESTING.
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
This document is a dissertation submitted by Ameya Vashishth in partial fulfillment of a Bachelor of Technology degree. It discusses denial of service (DoS) attacks and mitigation techniques. The dissertation provides an overview of DoS attacks, describes different types of attacks like Smurf, ping flood, TCP SYN flood and UDP flood. It also discusses distributed DoS attacks and recommended tools to perform DDoS attacks. The document concludes with discussing various countermeasures that can be used to mitigate DoS and DDoS attacks.
This document summarizes research analyzing the impact of distributed denial of service (DDoS) attacks on file transfer protocol (FTP) services. The researchers created a test network topology in the DETER cybersecurity testbed to simulate FTP traffic between clients and a server. They launched various DDoS attack types against the FTP server to measure the impact on network performance metrics like throughput, link utilization, and packet survival ratio. The attacks were found to degrade these metrics and disrupt the FTP services. The study provides insights into how DDoS attacks negatively impact network services like FTP.
Augmented split –protocol; an ultimate d do s defenderijcsa
Distributed Denials of Service (DDoS) attacks have become the daunting problem for businesses, state
administrator and computer system users. Prevention and detection of a DDoS attack is a major research
topic for researchers throughout the world. As new remedies are developed to prevent or mitigate DDoS
attacks, invaders are continually evolving new methods to circumvent these new procedures. In this paper,
we describe various DDoS attack mechanisms, categories, scope of DDoS attacks and their existing
countermeasures. In response, we propose to introduce DDoS resistant Augmented Split-protocol (ASp).
The migratory nature and role changeover ability of servers in Split-protocol architecture will avoid
bottleneck at the server side. It also offers the unique ability to avoid server saturation and compromise
from DDoS attacks. The goal of this paper is to present the concept and performance of (ASp) as a
defensive tool against DDoS attacks.
This document summarizes methods for protecting against distributed denial of service (DDoS) attacks. It discusses traditional DDoS attack methods like ICMP floods and SYN floods. It also describes more advanced distributed techniques used by botsnets, including Trinoo, Tribe Flood Network, Stacheldraht, Shaft, and TFN2K. The document recommends ways to safeguard a network, such as using load balancing across multiple servers, increasing bandwidth capacity, and securing the DNS server. Protecting the network requires understanding various DDoS attack types and deployment of appropriate defenses.
Among different online attacks obstructing IT security,
Denial of Service (DoS) and Distributed Denial of Service (DDoS)
are the most devastating attack. It also put the security experts under
enormous pressure recently in finding efficient defiance methods.
DoS attack can be performed variously with diverse codes and tools
and can be launched form different OSI model layers. This paper
describes in details DoS and DDoS attack, and explains how different
types of attacks can be implemented and launched from different OSI
model layers. It provides a better understanding of these increasing
occurrences in order to improve
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET Journal
This document proposes a method to detect HTTP GET flooding DDoS attacks in cloud computing environments using MapReduce processing. It involves integrating abnormal HTTP request detection rules analyzed through statistical analysis and thresholds into MapReduce. Suspected IP addresses are sent challenge values, and IP addresses that provide normal responses are initially allowed while abnormal responses are filtered for a period of time. MapReduce is used to analyze packet data and detect abnormal GET requests based on factors like the IP, port, and URI to identify malicious traffic patterns characteristic of DDoS attacks. The goal is to ensure availability of target systems and reliable detection of HTTP GET flooding attacks in cloud services.
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKSIJNSA Journal
DOS ATTACKS ARE ONE OF THE TOP SECURITY PROBLEMS AFFECTING NETWORKS AND DISRUPTING SERVICES TO
LEGITIMATE USERS. THE VITAL STEP IN DEALING WITH THIS PROBLEM IS THE NETWORK'S ABILITY TO DETECT SUCH
ATTACKS. APPLICATION DDOS ATTACK, WHICH AIMS AT DISRUPTING APPLICATION SERVICE RATHER THAN
DEPLETING THE NETWORK RESOURCE. UP TO NOW ALL THE RESEARCHES MADE ON THIS DDOS ATTACKS ONLY
CONCENTRATES EITHER ON NETWORK RESOURCES OR ON APPLICATION SERVERS BUT NOT ON BOTH. IN THIS PAPER
WE PROPOSED A SOLUTION FOR BOTH THESE PROBLEMS BY AUTHENTICATION METHODS AND GROUP TESTING.
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
This document is a dissertation submitted by Ameya Vashishth in partial fulfillment of a Bachelor of Technology degree. It discusses denial of service (DoS) attacks and mitigation techniques. The dissertation provides an overview of DoS attacks, describes different types of attacks like Smurf, ping flood, TCP SYN flood and UDP flood. It also discusses distributed DoS attacks and recommended tools to perform DDoS attacks. The document concludes with discussing various countermeasures that can be used to mitigate DoS and DDoS attacks.
This document summarizes research analyzing the impact of distributed denial of service (DDoS) attacks on file transfer protocol (FTP) services. The researchers created a test network topology in the DETER cybersecurity testbed to simulate FTP traffic between clients and a server. They launched various DDoS attack types against the FTP server to measure the impact on network performance metrics like throughput, link utilization, and packet survival ratio. The attacks were found to degrade these metrics and disrupt the FTP services. The study provides insights into how DDoS attacks negatively impact network services like FTP.
Augmented split –protocol; an ultimate d do s defenderijcsa
Distributed Denials of Service (DDoS) attacks have become the daunting problem for businesses, state
administrator and computer system users. Prevention and detection of a DDoS attack is a major research
topic for researchers throughout the world. As new remedies are developed to prevent or mitigate DDoS
attacks, invaders are continually evolving new methods to circumvent these new procedures. In this paper,
we describe various DDoS attack mechanisms, categories, scope of DDoS attacks and their existing
countermeasures. In response, we propose to introduce DDoS resistant Augmented Split-protocol (ASp).
The migratory nature and role changeover ability of servers in Split-protocol architecture will avoid
bottleneck at the server side. It also offers the unique ability to avoid server saturation and compromise
from DDoS attacks. The goal of this paper is to present the concept and performance of (ASp) as a
defensive tool against DDoS attacks.
This document summarizes methods for protecting against distributed denial of service (DDoS) attacks. It discusses traditional DDoS attack methods like ICMP floods and SYN floods. It also describes more advanced distributed techniques used by botsnets, including Trinoo, Tribe Flood Network, Stacheldraht, Shaft, and TFN2K. The document recommends ways to safeguard a network, such as using load balancing across multiple servers, increasing bandwidth capacity, and securing the DNS server. Protecting the network requires understanding various DDoS attack types and deployment of appropriate defenses.
Among different online attacks obstructing IT security,
Denial of Service (DoS) and Distributed Denial of Service (DDoS)
are the most devastating attack. It also put the security experts under
enormous pressure recently in finding efficient defiance methods.
DoS attack can be performed variously with diverse codes and tools
and can be launched form different OSI model layers. This paper
describes in details DoS and DDoS attack, and explains how different
types of attacks can be implemented and launched from different OSI
model layers. It provides a better understanding of these increasing
occurrences in order to improve
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defense mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for
their execution. While the approximate modules are fast in detection and involve less overhead, they provide lower level of detection accuracy. The accurate modules employ complex detection logic and hence involve more overhead for their execution. However, they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defense mechanism against DDoS attacks.
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...cscpconf
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. Recently,
there are an increasing number of DDoS attacks against online services and Web applications.
These attacks are targeting the application level. Detecting application layer DDOS attack is
not an easy task. A more sophisticated mechanism is required to distinguish the malicious flow
from the legitimate ones. This paper proposes a detection scheme based on the information
theory based metrics. The proposed scheme has two phases: Behaviour monitoring and
Detection. In the first phase, the Web user browsing behaviour (HTTP request rate, page
viewing time and sequence of the requested objects) is captured from the system log during nonattack
cases. Based on the observation, Entropy of requests per session and the trust score for
each user is calculated. In the detection phase, the suspicious requests are identified based on
the variation in entropy and a rate limiter is introduced to downgrade services to malicious
users. In addition, a scheduler is included to schedule the session based on the trust score of the
user and the system workload.
IRJET- A Study of DDoS Attacks in Software Defined NetworksIRJET Journal
This document discusses DDoS attacks in software defined networks. It begins with an overview of SDN architecture and its vulnerabilities. It then describes different types of DDoS attacks, categorizing them as attacks on the data plane or control plane. Volumetric attacks aim to overwhelm the victim with traffic, while protocol exploitation attacks exhaust system resources. The document reviews approaches for detecting and mitigating DDoS attacks in SDN, such as using thresholds to detect sudden traffic increases or inspecting packets for abnormal values. Machine learning algorithms can also be used to classify packets and detect attacks. Specific studies that implemented detection and mitigation techniques using SDN controllers and tools are also summarized.
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...IJNSA Journal
The document describes a tool called XDoser that was developed to test system load capacity using denial of service features. XDoser uses HTTP flood attacks by continuously sending HTTP POST requests to a server, overloading it with processing-intensive requests. Testing showed XDoser was more effective at overwhelming a test server than other DoS tools, with the server failing over 80% of XDoser requests within a set time frame. However, XDoser's effectiveness decreased with longer testing durations and it had issues maintaining connections.
This document summarizes research on enhancing the DSR routing protocol to prevent distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANETs). It discusses how DDoS attacks work, the challenges they present for MANETs due to their dynamic nature, and existing research on DDoS attack detection and prevention. The document reviews literature on analyzing DDoS attack behaviors and properties, characterizing attack traffic patterns, and using statistical analysis and neural networks to identify attacks. The goal of the research is to develop an enhanced DSR protocol that can detect and mitigate DDoS attacks in MANETs more effectively than previous approaches.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Distributed Approach to Defend Web Service from DDoS AttacksCSCJournals
Most of the business applications on the Internet are dependent on web services for their transactions. Distributed denial of service (DDoS) attacks either degrade or completely disrupt web services by sending flood of packets and requests towards the victim web servers. An array of defense schemes are proposed but still defending web service from DDoS attacks is largely an unsolvable problem so far. In this paper, DDoS defense schemes are classified into centralized and distributed and their relative advantages and disadvantages are explored. An ISP based distributed approach is a pragmatic solution to defend from DDoS attacks due to its autonomous control, more resources, and incremental scope. Traffic cluster entropy is conceptualized from source address entropy and the combination is used to detect various types of DDoS attacks against the web service. A framework is proposed which can detect the attack, characterize attack sources, and filter the attack packets as early as possible so as to minimize the collateral damage
A SYNCHRONIZED DISTRIBUTED DENIAL OF SERVICE PREVENTION SYSTEMcscpconf
DDoS attack is a distributed source but coordinated Internet security threat that attackers either degrade or disrupt a shared service to legitimate users. It uses various methods to inflict damages on limited resources. It can be broadly classified as: flood and semantic (logic) attacks. DDoS attacking mechanisms vary from time to time and simple but powerful attacking tools are freely available on the Internet. There have been many trials on defending victims from DDoS attacks. However, many of the previous attack prevention systems lack effective handling of various attacking mechanisms and protecting legitimate users from collateral damages during detection and protection. In this paper, we proposed a distributed but synchronized DDoS defense architecture by using multiple agents, which are autonomous systems that perform their assigned mission in other networks on behalf of the victim. The major assignments of defense agents are IP spoofing verification, high traffic rate limitation, anomaly packet detection, and attack source detection.These tasks are distributed through four agents that are deployed on different domain networks. The proposed solution was tested through simulation with sample attack scenarios on the model Internet topology. The experiments showed encouraging results. A more comprehensive attack protection and legitimate users prevention from collateral damages makes this system more effective than other previous works.
A survey of trends in massive ddos attacks and cloud based mitigationsIJNSA Journal
Distributed Denial of Service (DDoS) attacks today
have been amplified into gigabits volume with
broadband Internet access; at the same time, the us
e of more powerful botnets and common DDoS
mitigation and protection solutions implemented in
small and large organizations’ networks and servers
are no longer effective. Our survey provides an in-
depth study on the current largest DNS reflection a
ttack
with more than 300 Gbps on Spamhaus.org. We have re
viewed and analysed the current most popular
DDoS attack types that are launched by the hacktivi
sts. Lastly, effective cloud-based DDoS mitigation
and
protection techniques proposed by both academic res
earchers and large commercial cloud-based DDoS
service providers are discussed
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...IJNSA Journal
The latest trend in the field of computing is the migration of organizations and offloading the tasks to
cloud. The security concerns hinder the widespread acceptance of cloud. Of various, the DDoS in cloud is
found to be the most dangerous. Various approaches are there to defend DDoS in cloud, but have lots of
pitfalls. This paper proposes a new reputation-based framework for mitigating the DDoS in cloud by
classifying the users into three categories as well-reputed, reputed and ill-reputed based on credits. The
fact that attack is fired by malicious programs installed by the attackers in the compromised systems and
they exhibit similar characteristics used for discriminating the DDoS traffic from flash crowds. Credits of
clients who show signs of similarity are decremented. This reduces the computational and storage
overhead. This proposed method is expected to take the edge off DDoS in a cloud environment and ensures
full security to cloud resources. CloudSim simulation results also proved that the deployment of this
approach improved the resource utilization with reduced cost.
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS DETECTION MECHANISM ijcseit
Pushback is a mechanism for defending against Distributed Denial-of-Service (DDoS) attacks. DDoS
attacks are treated as a congestion-control problem, but because most such congestion is caused by
malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled by the
routers. Functionality is added to each router to detect and preferentially drop packets that probably
belong to an attack. Upstream routers are also notified to drop such packets in order that the router’s
resources be used to route legitimate traffic hence term pushback. Client puzzles have been advocated as a
promising countermeasure to DoS attacks in the recent years. In order to identify the attackers, the victim
server issues a puzzle to the client that sent the traffic. When the client is able to solve the puzzle, it is
assumed to be authentic and the traffic from it is allowed into the server. If the victim suspects that the
puzzles are solved by most of the clients, it increases the complexity of the puzzles. This puzzle solving
technique allows the traversal of the attack traffic throughout the intermediate routers before reaching the
destination. In order to attain the advantages of both pushback and puzzle solving techniques, a hybrid
scheme called Router based Pushback technique, which involves both the techniques to solve the problem
of DDoS attacks is proposed. In this proposal, the puzzle solving mechanism is pushed back to the core
routers rather than having at the victim. The router based client puzzle mechanism checks the host system
whether it is legitimate or not by providing a puzzle to be solved by the suspected host.
This document discusses using an enhanced support vector machine (ESVM) to detect and classify distributed denial of service (DDoS) attacks. The ESVM is trained on normal user access behavior attributes and then tests samples of application layer attacks like HTTP flooding and network layer attacks like TCP flooding. It aims to classify these attacks with high accuracy, over 99%. An interactive detection and classification system architecture is proposed that takes DDoS attack samples as input for the ESVM and cross-validates them against normal traffic training samples to identify anomalies.
DDOS Attacks-A Stealthy Way of Implementation and DetectionIJRES Journal
Cloud Computing is a new paradigm provides various host service [paas, saas, Iaas over the internet.
According to a self-service,on-demand and pay as you use business model,the customers will obtain the cloud
resources and services.It is a virtual shared service.Cloud Computing has three basic abstraction layers System
layer(Virtual Machine abstraction of a server),Platform layer(A virtualized operating system, database and
webserver of a server and Application layer(It includes Web Applications).Denial of Service attack is an attempt
to make a machine or network resource unavailable to the intended user. In DOS a user or organization is
deprived of the services of a resource they would normally expect to have.A Successful DOS attack is a highly
noticeable event impacting the entire online user base.DOS attack is found by First Mathematical Metrical
Method (Rate Controlling,Timing Window,Worst Case and Pattern Matching)DOS attack not only affect the
Quality of the service and also affect the performance of the server. DDOS attacks are launched from Botnet-A
large Cluster of Connected device(cellphone,pc or router) infected with malware that allow remote control by an
attacker. Intruder using SIPDAS in DDOS to perform attack.SIPDAS attack strategies are detected using Heap
Space Monitoring Algorithm.
Impact of Flash Crowd Attack in Online Retail ApplicationsIJEACS
This document discusses flash crowd attacks on online retail applications. It begins by introducing denial of service (DoS) and distributed denial of service (DDoS) attacks. It then explains that flash crowd attacks are a type of DDoS attack that aims to overwhelm servers with legitimate-looking requests. The document outlines the network model used to simulate flash crowd attacks and presents results analyzing the impact on server energy levels. It finds that as the number of requests increases, servers experience decreased energy and lifetime. The study aims to minimize these attacks by having servers identify real clients to prioritize sending responses.
This document examines a proposed alternative solution to mitigate distributed denial of service (DDoS) attacks using crowd-sourced bandwidth. It discusses how DDoS attacks work and their impacts on organizations. The proposal aimed to leverage unused bandwidth from multiple clients to filter out malicious traffic and redirect valid traffic. However, the document concludes the concept is not currently feasible due to security, performance, and reliability issues from placing too much trust in clients and relying on slow public DNS propagation. Existing centralized DDoS mitigation solutions from companies are still recommended.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
3 d modeling and dynamic charectarization of steam turbine packet blade and c...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Design and implementation of network security using genetic algorithmeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defense mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for
their execution. While the approximate modules are fast in detection and involve less overhead, they provide lower level of detection accuracy. The accurate modules employ complex detection logic and hence involve more overhead for their execution. However, they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defense mechanism against DDoS attacks.
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...cscpconf
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. Recently,
there are an increasing number of DDoS attacks against online services and Web applications.
These attacks are targeting the application level. Detecting application layer DDOS attack is
not an easy task. A more sophisticated mechanism is required to distinguish the malicious flow
from the legitimate ones. This paper proposes a detection scheme based on the information
theory based metrics. The proposed scheme has two phases: Behaviour monitoring and
Detection. In the first phase, the Web user browsing behaviour (HTTP request rate, page
viewing time and sequence of the requested objects) is captured from the system log during nonattack
cases. Based on the observation, Entropy of requests per session and the trust score for
each user is calculated. In the detection phase, the suspicious requests are identified based on
the variation in entropy and a rate limiter is introduced to downgrade services to malicious
users. In addition, a scheduler is included to schedule the session based on the trust score of the
user and the system workload.
IRJET- A Study of DDoS Attacks in Software Defined NetworksIRJET Journal
This document discusses DDoS attacks in software defined networks. It begins with an overview of SDN architecture and its vulnerabilities. It then describes different types of DDoS attacks, categorizing them as attacks on the data plane or control plane. Volumetric attacks aim to overwhelm the victim with traffic, while protocol exploitation attacks exhaust system resources. The document reviews approaches for detecting and mitigating DDoS attacks in SDN, such as using thresholds to detect sudden traffic increases or inspecting packets for abnormal values. Machine learning algorithms can also be used to classify packets and detect attacks. Specific studies that implemented detection and mitigation techniques using SDN controllers and tools are also summarized.
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...IJNSA Journal
The document describes a tool called XDoser that was developed to test system load capacity using denial of service features. XDoser uses HTTP flood attacks by continuously sending HTTP POST requests to a server, overloading it with processing-intensive requests. Testing showed XDoser was more effective at overwhelming a test server than other DoS tools, with the server failing over 80% of XDoser requests within a set time frame. However, XDoser's effectiveness decreased with longer testing durations and it had issues maintaining connections.
This document summarizes research on enhancing the DSR routing protocol to prevent distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANETs). It discusses how DDoS attacks work, the challenges they present for MANETs due to their dynamic nature, and existing research on DDoS attack detection and prevention. The document reviews literature on analyzing DDoS attack behaviors and properties, characterizing attack traffic patterns, and using statistical analysis and neural networks to identify attacks. The goal of the research is to develop an enhanced DSR protocol that can detect and mitigate DDoS attacks in MANETs more effectively than previous approaches.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Distributed Approach to Defend Web Service from DDoS AttacksCSCJournals
Most of the business applications on the Internet are dependent on web services for their transactions. Distributed denial of service (DDoS) attacks either degrade or completely disrupt web services by sending flood of packets and requests towards the victim web servers. An array of defense schemes are proposed but still defending web service from DDoS attacks is largely an unsolvable problem so far. In this paper, DDoS defense schemes are classified into centralized and distributed and their relative advantages and disadvantages are explored. An ISP based distributed approach is a pragmatic solution to defend from DDoS attacks due to its autonomous control, more resources, and incremental scope. Traffic cluster entropy is conceptualized from source address entropy and the combination is used to detect various types of DDoS attacks against the web service. A framework is proposed which can detect the attack, characterize attack sources, and filter the attack packets as early as possible so as to minimize the collateral damage
A SYNCHRONIZED DISTRIBUTED DENIAL OF SERVICE PREVENTION SYSTEMcscpconf
DDoS attack is a distributed source but coordinated Internet security threat that attackers either degrade or disrupt a shared service to legitimate users. It uses various methods to inflict damages on limited resources. It can be broadly classified as: flood and semantic (logic) attacks. DDoS attacking mechanisms vary from time to time and simple but powerful attacking tools are freely available on the Internet. There have been many trials on defending victims from DDoS attacks. However, many of the previous attack prevention systems lack effective handling of various attacking mechanisms and protecting legitimate users from collateral damages during detection and protection. In this paper, we proposed a distributed but synchronized DDoS defense architecture by using multiple agents, which are autonomous systems that perform their assigned mission in other networks on behalf of the victim. The major assignments of defense agents are IP spoofing verification, high traffic rate limitation, anomaly packet detection, and attack source detection.These tasks are distributed through four agents that are deployed on different domain networks. The proposed solution was tested through simulation with sample attack scenarios on the model Internet topology. The experiments showed encouraging results. A more comprehensive attack protection and legitimate users prevention from collateral damages makes this system more effective than other previous works.
A survey of trends in massive ddos attacks and cloud based mitigationsIJNSA Journal
Distributed Denial of Service (DDoS) attacks today
have been amplified into gigabits volume with
broadband Internet access; at the same time, the us
e of more powerful botnets and common DDoS
mitigation and protection solutions implemented in
small and large organizations’ networks and servers
are no longer effective. Our survey provides an in-
depth study on the current largest DNS reflection a
ttack
with more than 300 Gbps on Spamhaus.org. We have re
viewed and analysed the current most popular
DDoS attack types that are launched by the hacktivi
sts. Lastly, effective cloud-based DDoS mitigation
and
protection techniques proposed by both academic res
earchers and large commercial cloud-based DDoS
service providers are discussed
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...IJNSA Journal
The latest trend in the field of computing is the migration of organizations and offloading the tasks to
cloud. The security concerns hinder the widespread acceptance of cloud. Of various, the DDoS in cloud is
found to be the most dangerous. Various approaches are there to defend DDoS in cloud, but have lots of
pitfalls. This paper proposes a new reputation-based framework for mitigating the DDoS in cloud by
classifying the users into three categories as well-reputed, reputed and ill-reputed based on credits. The
fact that attack is fired by malicious programs installed by the attackers in the compromised systems and
they exhibit similar characteristics used for discriminating the DDoS traffic from flash crowds. Credits of
clients who show signs of similarity are decremented. This reduces the computational and storage
overhead. This proposed method is expected to take the edge off DDoS in a cloud environment and ensures
full security to cloud resources. CloudSim simulation results also proved that the deployment of this
approach improved the resource utilization with reduced cost.
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS DETECTION MECHANISM ijcseit
Pushback is a mechanism for defending against Distributed Denial-of-Service (DDoS) attacks. DDoS
attacks are treated as a congestion-control problem, but because most such congestion is caused by
malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled by the
routers. Functionality is added to each router to detect and preferentially drop packets that probably
belong to an attack. Upstream routers are also notified to drop such packets in order that the router’s
resources be used to route legitimate traffic hence term pushback. Client puzzles have been advocated as a
promising countermeasure to DoS attacks in the recent years. In order to identify the attackers, the victim
server issues a puzzle to the client that sent the traffic. When the client is able to solve the puzzle, it is
assumed to be authentic and the traffic from it is allowed into the server. If the victim suspects that the
puzzles are solved by most of the clients, it increases the complexity of the puzzles. This puzzle solving
technique allows the traversal of the attack traffic throughout the intermediate routers before reaching the
destination. In order to attain the advantages of both pushback and puzzle solving techniques, a hybrid
scheme called Router based Pushback technique, which involves both the techniques to solve the problem
of DDoS attacks is proposed. In this proposal, the puzzle solving mechanism is pushed back to the core
routers rather than having at the victim. The router based client puzzle mechanism checks the host system
whether it is legitimate or not by providing a puzzle to be solved by the suspected host.
This document discusses using an enhanced support vector machine (ESVM) to detect and classify distributed denial of service (DDoS) attacks. The ESVM is trained on normal user access behavior attributes and then tests samples of application layer attacks like HTTP flooding and network layer attacks like TCP flooding. It aims to classify these attacks with high accuracy, over 99%. An interactive detection and classification system architecture is proposed that takes DDoS attack samples as input for the ESVM and cross-validates them against normal traffic training samples to identify anomalies.
DDOS Attacks-A Stealthy Way of Implementation and DetectionIJRES Journal
Cloud Computing is a new paradigm provides various host service [paas, saas, Iaas over the internet.
According to a self-service,on-demand and pay as you use business model,the customers will obtain the cloud
resources and services.It is a virtual shared service.Cloud Computing has three basic abstraction layers System
layer(Virtual Machine abstraction of a server),Platform layer(A virtualized operating system, database and
webserver of a server and Application layer(It includes Web Applications).Denial of Service attack is an attempt
to make a machine or network resource unavailable to the intended user. In DOS a user or organization is
deprived of the services of a resource they would normally expect to have.A Successful DOS attack is a highly
noticeable event impacting the entire online user base.DOS attack is found by First Mathematical Metrical
Method (Rate Controlling,Timing Window,Worst Case and Pattern Matching)DOS attack not only affect the
Quality of the service and also affect the performance of the server. DDOS attacks are launched from Botnet-A
large Cluster of Connected device(cellphone,pc or router) infected with malware that allow remote control by an
attacker. Intruder using SIPDAS in DDOS to perform attack.SIPDAS attack strategies are detected using Heap
Space Monitoring Algorithm.
Impact of Flash Crowd Attack in Online Retail ApplicationsIJEACS
This document discusses flash crowd attacks on online retail applications. It begins by introducing denial of service (DoS) and distributed denial of service (DDoS) attacks. It then explains that flash crowd attacks are a type of DDoS attack that aims to overwhelm servers with legitimate-looking requests. The document outlines the network model used to simulate flash crowd attacks and presents results analyzing the impact on server energy levels. It finds that as the number of requests increases, servers experience decreased energy and lifetime. The study aims to minimize these attacks by having servers identify real clients to prioritize sending responses.
This document examines a proposed alternative solution to mitigate distributed denial of service (DDoS) attacks using crowd-sourced bandwidth. It discusses how DDoS attacks work and their impacts on organizations. The proposal aimed to leverage unused bandwidth from multiple clients to filter out malicious traffic and redirect valid traffic. However, the document concludes the concept is not currently feasible due to security, performance, and reliability issues from placing too much trust in clients and relying on slow public DNS propagation. Existing centralized DDoS mitigation solutions from companies are still recommended.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
3 d modeling and dynamic charectarization of steam turbine packet blade and c...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Design and implementation of network security using genetic algorithmeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Study of cigarette butts extract as corrosiveinhibiting agent in j55 steel ma...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
1) The study investigated the effect of short coir fiber reinforcement on the flexural properties of polymer composites at varying fiber weight percentages (5-25%) and thicknesses (3-5mm).
2) Testing found that flexural strength and elongation increased with fiber content up to 20% reinforcement, but then decreased at 25%. The 20% reinforced 4mm thick composite exhibited the highest flexural strength and elongation.
3) Increasing fiber content improved bonding between the coir and polymer matrix, while higher contents led to more porosity and weaker properties. Coir was shown to be an effective and lightweight reinforcement for polymer composites.
Stress resistance of owa stick reinforced grano periwinkle concrete slab subj...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Fpga based 128 bit customised vliw processor for executing dual scalarvector ...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKSIJNSA Journal
DOS ATTACKS ARE ONE OF THE TOP SECURITY PROBLEMS AFFECTING NETWORKS AND DISRUPTING SERVICES TO LEGITIMATE USERS. THE VITAL STEP IN DEALING WITH THIS PROBLEM IS THE NETWORK'S ABILITY TO DETECT SUCH ATTACKS. APPLICATION DDOS ATTACK, WHICH AIMS AT DISRUPTING APPLICATION SERVICE RATHER THAN DEPLETING THE NETWORK RESOURCE. UP TO NOW ALL THE RESEARCHES MADE ON THIS DDOS ATTACKS ONLY CONCENTRATES EITHER ON NETWORK RESOURCES OR ON APPLICATION SERVERS BUT NOT ON BOTH. IN THIS PAPER WE PROPOSED A SOLUTION FOR BOTH THESE PROBLEMS BY AUTHENTICATION METHODS AND GROUP TESTING.
Study of flooding based ddos attacks and their effect using deter testbedeSAT Journals
Abstract Today, Internet is the primary medium for communication which is used by number of users across the Network. At the same time, its commercial nature is causing increase vulnerability to enhance cyber crimes and there has been an enormous increase in the number of DDOS (distributed denial of service attack) attacks on the internet over the past decade. Whose impact can be proportionally severe. With little or no advance warning, a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. Network resources such as network bandwidth, web servers and network switches are mostly the victims of DDoS attacks. In this paper different types of DDoS attacks has been studied, a dumb-bell topology have been created and effect of UDP flooding attacks has been analyzed on web service by using attack tools available in DETER testbed. Throughput of web server is analyzed with and without DDoS attacks.
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS IJITCA Journal
Distributed-Denial of Service (DDoS) is a key intimidation to network security. Network is a group of nodes that interrelate with each other for switch over the information. This information is necessary for that node is reserved confidentially. Attacker in the system may capture this private information and distorted. So security is the major issue. There are several security attacks in network. One of the major intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to
its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two different behaviors they may happen obviously or it may due to some attackers .Various schemes are developed defense against to this attack. The Main focus of paper is present basis of DDoS attack, DDoS
attack types, and DDoS attack components, intrusion prevention system for DDoS.
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
Distributed-Denial of Service (DDoS) is a key intimidation to network security. Network is a group of
nodes that interrelate with each other for switch over the information. This information is necessary for
that node is reserved confidentially. Attacker in the system may capture this private information and
distorted. So security is the major issue. There are several security attacks in network. One of the major
intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends
services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to
its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two
different behaviors they may happen obviously or it may due to some attackers .Various schemes are
developed defense against to this attack. The Main focus of paper is present basis of DDoS attack, DDoS
attack types, and DDoS attack components, intrusion prevention system for DDoS.
This document presents a case study on the impact of denial of service (DoS) attacks on cloud applications. It begins with an introduction to cloud computing and discusses how DoS and distributed DoS (DDoS) attacks are major security threats. The paper then reviews DoS and DDoS attacks, including their objectives to overwhelm resources or exploit vulnerabilities. Next, it discusses defense strategies against such attacks. Finally, the document describes how the case study will measure the stability of a questionnaire using Cronbach's alpha and determine the impact of related variables on the results using stepwise multiple linear regression analysis and Spearman correlation.
Encountering distributed denial of service attack utilizing federated softwar...IJECEIAES
This research defines the distributed denial of service (DDoS) problem in software-defined-networks (SDN) environments. The proposes solution uses Software defined networks capabilities to reduce risk, introduces a collaborative, distributed defense mechanism rather than server-side filtration. Our proposed network detection and prevention agent (NDPA) algorithm negotiates the maximum amount of traffic allowed to be passed to server by reconfiguring network switches and routers to reduce the ports' throughput of the network devices by the specified limit ratio. When the passed traffic is back to normal, NDPA starts network recovery to normal throughput levels, increasing ports' throughput by adding back the limit ratio gradually each time cycle. The simulation results showed that the proposed algorithms successfully detected and prevented a DDoS attack from overwhelming the targeted server. The server was able to coordinate its operations with the SDN controllers through a communication mechanism created specifically for this purpose. The system was also able to determine when the attack was over and utilize traffic engineering to improve the quality of service (QoS). The solution was designed with a sophisticated way and high level of separation of duties between components so it would not be affected by the design aspect of the network architecture.
IRJET- A Survey on DDOS Attack in ManetIRJET Journal
This document summarizes a survey on distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANETs). It begins by introducing MANETs and some of the key security issues they face, including DDoS attacks. It then discusses different types of DDoS attacks like flooding and amplification/reflection attacks. The document proposes a new defense scheme against amplification attacks, which exploit protocols like DNS and NTP to amplify traffic. It describes using the Network Security Simulator to model and simulate DDoS attacks with master, zombie, and server entities to evaluate defense techniques and compare the impact of protocols like DNS and NTP.
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYijasa
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.
Network is collection of nodes that interconnect with each other for exchange the Information. This
information is required for that node is kept confidentially. Attacker in network computer captures this
information that is confidential and misuse the network. Hence security is one of the major issues. There
are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed
denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to
target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its
intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.
Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,
survey on different mechanism to prevent DDoS
Deep learning approach to DDoS attack with imbalanced data at the application...TELKOMNIKA JOURNAL
A distributed denial of service (DDoS) attack is where one or more computers attack or target a server computer, by flooding internet traffic to the server. As a result, the server cannot be accessed by legitimate users. A result of this attack causes enormous losses for a company because it can reduce the level of user trust, and reduce the company’s reputation to lose customers due to downtime. One of the services at the application layer that can be accessed by users is a web-based lightweight directory access protocol (LDAP) service that can provide safe and easy services to access directory applications. We used a deep learning approach to detect DDoS attacks on the CICDDoS 2019 dataset on a complex computer network at the application layer to get fast and accurate results for dealing with unbalanced data. Based on the results obtained, it is observed that DDoS attack detection using a deep learning approach on imbalanced data performs better when implemented using synthetic minority oversampling technique (SMOTE) method for binary classes. On the other hand, the proposed deep learning approach performs better for detecting DDoS attacks in multiclass when implemented using the adaptive synthetic (ADASYN) method.
Distributed reflection denial of service attack: A critical review IJECEIAES
As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.
Unlimited Attempts AllowedDetailsVirtual Labs Perpetrators of D.docxjolleybendicty
Unlimited Attempts AllowedDetails
Virtual Labs: Perpetrators of DoS
Consider what you have learned so far about Denial of Service as you review the objectives and scenario below. Complete the lab that follows on EC-Council's website using the link below.
Objective
Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its resources. In a DoS attack, attackers flood a victim’s system with illegitimate service requests or traffic to overload its resources and prevent it from performing intended tasks.
The objective of this lab is to help students learn to perform Denial of Service attacks and test a network for DoS flaws. In this lab, you will:
Perform a DoS attack by sending a large number of SYN packets continuously
Perform an HTTP flooding attack
Perform a DDoS attack
Detect and analyze DoS attack traffic
Scenario
In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Although the means, motives, and targets of a DoS attack may vary, it generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.
Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
One common method of attack involves saturating the target machine with external communications requests so that it cannot respond to legitimate traffic, or it responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. DoS attacks can essentially disable your computer or your network. DoS attacks can be lucrative for criminals; recent attacks have shown that DoS attacks are a way for cybercriminals to profit.
As an expert Ethical Hacker or Pen Tester, you should have sound knowledge of Denial of Service and Distributed Denial of Service attacks in order to detect and neutralize attack handlers and mitigate such attacks. The labs in this module will give you a hands-on experience in auditing a network against DoD and DDoS attacks.
Week 8 Lab Assignment 1: Auditing a Network against DoD and DDoS attacks.
Lab Task:
The objective of this lab is to help students learn how to perform a DDoS attack—in this case, HTTP Flooding.
Lab Description:
A distributed denial of service (DDoS) attack is a more sophisticated form of DoS attack in which, in some cases, it is difficult to trace the attackers. A DDoS attack is a large-scale, coordinated attack on the availability of services on a victim’s system or network, launched indirectly through many compromised computers on the Internet.
A DDoS attack uses many computers to launch a coordinated DoS attack against one or more targets. Using client/server technology, the perpetrator is able to multiply the effectiveness of the DoS significantly by harnessing the resour.
WEB-BASED APPLICATION LAYER DISTRIBUTED DENIAL-OF-SERVICE ATTACKS: A DATA-DRI...indexPub
DDoS attacks, which aim to overwhelm a system with requests, are commonplace in the cyber world. In this type of assault, bandwidth and processing resources are deliberately clogged in order to disrupt the interactions of legitimate users. These attacks operate by inundating the victim's system with a deluge of packets, rendering it inaccessible. Diverging from the singular source of Denial of Service (DoS) attacks, DDoS attacks emanate from a multitude of servers, magnifying their impact. Over the last decade, a concentrated effort has been invested in comprehending the orchestration and authentication of DDoS attacks, resulting in valuable insights into discerning attack patterns and suspicious activities. Currently, the focus has shifted towards real-time detection within the stream of network transactions, constituting a critical research domain. Yet, this focus often sidelines the importance of benchmarking DDoS attack assertions within the streaming data framework. As a remedy, the Anomaly-based Real-Time Prevention (ARTP) framework has been formulated, designed specifically to combat application layer DDoS attacks, particularly targeting web applications. Employing advanced machine learning techniques, ARTP offers adaptable methodologies to swiftly and accurately pinpoint application-layer DDoS attacks. Rigorous testing on a representative LLDoS (Low Level DoS) benchmark dataset has affirmed the resilience and efficiency of the proposed ARTP model, underscoring its capacity to achieve the research objectives set forth.
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...IJNSA Journal
Technology has developed so fast that we feel both safe as well as unsafe in both ways. Systems used today are always prone to attack by malicious users. In most cases, services are hindered because these systems cannot handle the amount of over loads the attacker provides. So, proper service load measurement is necessary. The tool that is being described in this paper for developments is based on the Denial of Service methodologies. This tool, XDoser will put a synthetic load on the servers for testing purpose. The HTTP Flood method is used which includes an HTTP POST method as it forces the website to gather the maximum resources possible in response to every single request. The tool developed in this paper will focus on overloading the backend with multiple requests. So, the tool can be implemented for servers new or old for synthetic test endurance testing.
The document discusses distributed denial of service (DDoS) attacks and methods to detect them. It describes DDoS attacks as attempts to make network resources unavailable by flooding them with traffic. The document then reviews literature on detection methods like packet marking and cumulative sum algorithms. It presents a methodology using packet sniffing and analysis to identify attack levels based on packet counts. Specifically, it generates DDoS attacks using LOIC and analyzes TCP SYN flood and UDP flood attacks to detect the length of attacks with over 99% accuracy. In conclusion, it emphasizes the challenge of identifying DDoS attacks and discusses using packet headers and contents to identify malicious traffic based on their behaviors.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Efficient ddos attacks security scheme using asvseSAT Journals
Abstract A distributed Denial of Service (DDoS) attack enables higher threats to the internet. There are so many scheme designed to identify the node which is to be attacker node. The real process is such as we want to trace the source of the attacker and enable security to our network. The protocol introduced here, called Adaptive Selective Verification with Stub (ASVS) is shown to use bandwidth efficiently and uses stub creation. The Stub procedure to reduce the server load at the time of emergency and congestion. Using this stub idea we can store the ASVS protocol procedure in the server and we can have the stub in the every client so that we can detect the hacker system by the client itself. We use omniscient protocol which enables to send information about the attacker to all the clients. Keywordss: Adaptive Selective Verification With Stub (ASVS), Distributive Denial Of Service Attacks (DDoS) Flooding, Performance Analysis.
This document discusses distributed denial of service (DDoS) attacks. It begins by defining DDoS attacks as using numerous compromised systems, or "zombie machines", to launch a coordinated attack against a target system to overwhelm its bandwidth and resources. The document then discusses how early DDoS attacks worked and how routers have evolved defenses. It describes how modern DDoS attacks are more sophisticated, using botnets of infected systems controlled remotely by attackers to amplify the scale and impact of the attacks.
International Journal of Computational Science and Information Technology (I...ijcsity
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.Network is collection of nodes that interconnect with each other for exchange the Information. This information is required for that node is kept confidentially. Attacker in network computer captures this information that is confidential and misuse the network. Hence security is one of the major issues. There are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,survey on different mechanism to prevent DDoS.
Our world today relies heavily on informatics and the internet, as computers and communications networks have increased day by day. In fact, the increase is not limited to portable devices such as smartphones and tablets, but also to home appliances such as: televisions, refrigerators, and controllers. It has made them more vulnerable to electronic attacks. The denial of service (DoS) attack is one of the most common attacks that affect the provision of services and commercial sites over the internet. As a result, we decided in this paper to create a smart model that depends on the swarm algorithms to detect the attack of denial of service in internet networks, because the intelligence algorithms have flexibility, elegance and adaptation to different situations. The particle swarm algorithm and the bee colony algorithm were used to detect the packets that had been exposed to the DoS attack, and a comparison was made between the two algorithms to see which of them can accurately characterize the DoS attack.
Similar to A vivacious approach to detect and prevent d do s attack (20)
Hudhud cyclone caused extensive damage in Visakhapatnam, India in October 2014, especially to tree cover. This will likely impact the local environment in several ways: increased air pollution as trees absorb less; higher temperatures without tree canopy; increased erosion and landslides. It also created large amounts of waste from destroyed trees. Proper management of solid waste is needed to prevent disease spread. Suggested measures include restoring damaged plants, building fountains to reduce heat, mandating light-colored buildings, improving waste management, and educating public on health risks. Overall, changes are needed to water, land, and waste practices to rebuild the environment after the cyclone removed green cover.
Impact of flood disaster in a drought prone area – case study of alampur vill...eSAT Publishing House
1) In September-October 2009, unprecedented heavy rainfall and dam releases caused widespread flooding in Alampur village in Mahabub Nagar district, a historically drought-prone area.
2) The flood damaged or destroyed homes, buildings, infrastructure, crops, and documents. It displaced many residents and cut off the village.
3) The socioeconomic conditions and mud-based construction of homes in the village exacerbated the flood's impacts, making damage more severe and recovery more difficult.
The document summarizes the Hudhud cyclone that struck Visakhapatnam, India in October 2014. It describes the cyclone's formation, rapid intensification to winds of 175 km/h, and landfall near Visakhapatnam. The cyclone caused extensive damage estimated at over $1 billion and at least 109 deaths in India and Nepal. Infrastructure like buildings, bridges, and power lines were destroyed. Crops and fishing boats were also damaged. The document then discusses coping strategies and improvements needed to disaster management plans to better prepare for future cyclones.
Groundwater investigation using geophysical methods a case study of pydibhim...eSAT Publishing House
This document summarizes the results of a geophysical investigation using vertical electrical sounding (VES) methods at 13 locations around an industrial area in India. The VES data was interpreted to generate geo-electric sections and pseudo-sections showing subsurface resistivity variations. Three main layers were typically identified - a high resistivity topsoil, a weathered middle layer, and a basement rock. Pseudo-sections revealed relatively more weathered areas in the northwest and southwest. Resistivity sections helped identify zones of possible high groundwater potential based on low resistivity anomalies sandwiched between more resistive layers. The study concluded the electrical resistivity method was useful for understanding subsurface geology and identifying areas prospective for groundwater exploration.
Flood related disasters concerned to urban flooding in bangalore, indiaeSAT Publishing House
1. The document discusses urban flooding in Bangalore, India. It describes how factors like heavy rainfall, population growth, and improper land use have contributed to increased flooding in the city.
2. Flooding events in 2013 are analyzed in detail. A November rainfall caused runoff six times higher than the drainage capacity, inundating low-lying residential areas.
3. Impacts of urban flooding include disrupted daily life, damaged infrastructure, and decreased economic activity in affected areas. The document calls for improved flood management strategies to better mitigate urban flooding risks in Bangalore.
Enhancing post disaster recovery by optimal infrastructure capacity buildingeSAT Publishing House
This document discusses enhancing post-disaster recovery through optimal infrastructure capacity building. It presents a model to minimize the cost of meeting demand using auxiliary capacities when disaster damages infrastructure. The model uses genetic algorithms to select optimal capacity combinations. The document reviews how infrastructure provides vital services supporting recovery activities and discusses classifying infrastructure into six types. When disaster reduces infrastructure services, a gap forms between community demands and available support, hindering recovery. The proposed research aims to identify this gap and optimize capacity selection to fill it cost-effectively.
Effect of lintel and lintel band on the global performance of reinforced conc...eSAT Publishing House
This document analyzes the effect of lintels and lintel bands on the seismic performance of reinforced concrete masonry infilled frames through non-linear static pushover analysis. Four frame models are considered: a frame with a full masonry infill wall; a frame with a central opening but no lintel/band; a frame with a lintel above the opening; and a frame with a lintel band above the opening. The results show that the full infill wall model has 27% higher stiffness and 32% higher strength than the model with just an opening. Models with lintels or lintel bands have slightly higher strength and stiffness than the model with just an opening. The document concludes lintels and lintel
Wind damage to trees in the gitam university campus at visakhapatnam by cyclo...eSAT Publishing House
1) A cyclone with wind speeds of 175-200 kph caused massive damage to the green cover of Gitam University campus in Visakhapatnam, India. Thousands of trees were uprooted or damaged.
2) A study assessed different types of damage to trees from the cyclone, including defoliation, salt spray damage, damage to stems/branches, and uprooting. Certain tree species were more vulnerable than others.
3) The results of the study can help in selecting more wind-resistant tree species for future planting and reducing damage from future storms.
Wind damage to buildings, infrastrucuture and landscape elements along the be...eSAT Publishing House
1) A visual study was conducted to assess wind damage from Cyclone Hudhud along the 27km Visakha-Bheemli Beach road in Visakhapatnam, India.
2) Residential and commercial buildings suffered extensive roof damage, while glass facades on hotels and restaurants were shattered. Infrastructure like electricity poles and bus shelters were destroyed.
3) Landscape elements faced damage, including collapsed trees that damaged pavements, and debris in parks. The cyclone wiped out over half the city's green cover and caused beach erosion around protected areas.
1) The document reviews factors that influence the shear strength of reinforced concrete deep beams, including compressive strength of concrete, percentage of tension reinforcement, vertical and horizontal web reinforcement, aggregate interlock, shear span-to-depth ratio, loading distribution, side cover, and beam depth.
2) It finds that compressive strength of concrete, tension reinforcement percentage, and web reinforcement all increase shear strength, while shear strength decreases as shear span-to-depth ratio increases.
3) The distribution and amount of vertical and horizontal web reinforcement also affects shear strength, but closely spaced stirrups do not necessarily enhance capacity or performance.
Role of voluntary teams of professional engineers in dissater management – ex...eSAT Publishing House
1) A team of 17 professional engineers from various disciplines called the "Griha Seva" team volunteered after the 2001 Gujarat earthquake to provide technical assistance.
2) The team conducted site visits, assessments, testing and recommended retrofitting strategies for damaged structures in Bhuj and Ahmedabad. They were able to fully assess and retrofit 20 buildings in Ahmedabad.
3) Factors observed that exacerbated the earthquake's impacts included unplanned construction, non-engineered buildings, improper prior retrofitting, and defective materials and workmanship. The professional engineers' technical expertise was crucial for effective post-disaster management.
This document discusses risk analysis and environmental hazard management. It begins by defining risk, hazard, and toxicity. It then outlines the steps involved in hazard identification, including HAZID, HAZOP, and HAZAN. The document presents a case study of a hypothetical gas collecting station, identifying potential accidents and hazards. It discusses quantitative and qualitative approaches to risk analysis, including calculating a fire and explosion index. The document concludes by discussing hazard management strategies like preventative measures, control measures, fire protection, relief operations, and the importance of training personnel on safety.
Review study on performance of seismically tested repaired shear wallseSAT Publishing House
This document summarizes research on the performance of reinforced concrete shear walls that have been repaired after damage. It begins with an introduction to shear walls and their failure modes. The literature review then discusses the behavior of original shear walls as well as different repair techniques tested by other researchers, including conventional repair with new concrete, jacketing with steel plates or concrete, and use of fiber reinforced polymers. The document focuses on evaluating the strength retention of shear walls after being repaired with various methods.
Monitoring and assessment of air quality with reference to dust particles (pm...eSAT Publishing House
This document summarizes a study on monitoring and assessing air quality with respect to dust particles (PM10 and PM2.5) in the urban environment of Visakhapatnam, India. Sampling was conducted in residential, commercial, and industrial areas from October 2013 to August 2014. The average PM2.5 and PM10 concentrations were within limits in residential areas but moderate to high in commercial and industrial areas. Exceedance factor levels indicated moderate pollution for residential areas and moderate to high pollution for commercial and industrial areas. There is a need for management measures like improved public transport and green spaces to combat particulate air pollution in the study areas.
Low cost wireless sensor networks and smartphone applications for disaster ma...eSAT Publishing House
This document describes a low-cost wireless sensor network and smartphone application system for disaster management. The system uses an Arduino-based wireless sensor network comprising nodes with various sensors to monitor the environment. The sensor data is transmitted to a central gateway and then to the cloud for analysis. A smartphone app connected to the cloud can detect disasters from the sensor data and send real-time alerts to users to help with early evacuation. The system aims to provide low-cost localized disaster detection and warnings to improve safety.
Coastal zones – seismic vulnerability an analysis from east coast of indiaeSAT Publishing House
This document summarizes an analysis of seismic vulnerability along the east coast of India. It discusses the geotectonic setting of the region as a passive continental margin and reports some moderate seismic activity from offshore in recent decades. While seismic stability cannot be assumed given events like the 2004 tsunami, no major earthquakes have been recorded along this coast historically. The document calls for further study of active faults, neotectonics, and implementation of improved seismic building codes to mitigate vulnerability.
Can fracture mechanics predict damage due disaster of structureseSAT Publishing House
This document discusses how fracture mechanics can be used to better predict damage and failure of structures. It notes that current design codes are based on small-scale laboratory tests and do not account for size effects, which can lead to more brittle failures in larger structures. The document outlines how fracture mechanics considers factors like size effect, ductility, and minimum reinforcement that influence the strength and failure behavior of structures. It provides examples of how fracture mechanics has been applied to problems like evaluating shear strength in deep beams and investigating a failure of an oil platform structure. The document argues that fracture mechanics provides a more scientific basis for structural design compared to existing empirical code provisions.
This document discusses the assessment of seismic susceptibility of reinforced concrete (RC) buildings. It begins with an introduction to earthquakes and the importance of vulnerability assessment in mitigating earthquake risks and losses. It then describes modeling the nonlinear behavior of RC building elements and performing pushover analysis to evaluate building performance. The document outlines modeling RC frames and developing moment-curvature relationships. It also summarizes the results of pushover analyses on sample 2D and 3D RC frames with and without shear walls. The conclusions emphasize that pushover analysis effectively assesses building properties but has limitations, and that capacity spectrum method provides appropriate results for evaluating building response and retrofitting impact.
A geophysical insight of earthquake occurred on 21 st may 2014 off paradip, b...eSAT Publishing House
1) A 6.0 magnitude earthquake occurred off the coast of Paradip, Odisha in the Bay of Bengal on May 21, 2014 at a depth of around 40 km.
2) Analysis of magnetic and bathymetric data from the area revealed the presence of major lineaments in NW-SE and NE-SW directions that may be responsible for seismic activity through stress release.
3) Movements along growth faults at the margins of large Bengal channels, due to large sediment loads, could also contribute to seismic events by triggering movements along the faults.
Effect of hudhud cyclone on the development of visakhapatnam as smart and gre...eSAT Publishing House
This document discusses the effects of Cyclone Hudhud on the development of Visakhapatnam as a smart and green city through a case study and preliminary surveys. The surveys found that 31% of participants had experienced cyclones, 9% floods, and 59% landslides previously in Visakhapatnam. Awareness of disaster alarming systems increased from 14% before the 2004 tsunami to 85% during Cyclone Hudhud, while awareness of disaster management systems increased from 50% before the tsunami to 94% during Hudhud. The surveys indicate that initiatives after the tsunami improved awareness and preparedness. Developing Visakhapatnam as a smart, green city should consider governance
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
Rainfall intensity duration frequency curve statistical analysis and modeling...bijceesjournal
Using data from 41 years in Patna’ India’ the study’s goal is to analyze the trends of how often it rains on a weekly, seasonal, and annual basis (1981−2020). First, utilizing the intensity-duration-frequency (IDF) curve and the relationship by statistically analyzing rainfall’ the historical rainfall data set for Patna’ India’ during a 41 year period (1981−2020), was evaluated for its quality. Changes in the hydrologic cycle as a result of increased greenhouse gas emissions are expected to induce variations in the intensity, length, and frequency of precipitation events. One strategy to lessen vulnerability is to quantify probable changes and adapt to them. Techniques such as log-normal, normal, and Gumbel are used (EV-I). Distributions were created with durations of 1, 2, 3, 6, and 24 h and return times of 2, 5, 10, 25, and 100 years. There were also mathematical correlations discovered between rainfall and recurrence interval.
Findings: Based on findings, the Gumbel approach produced the highest intensity values, whereas the other approaches produced values that were close to each other. The data indicates that 461.9 mm of rain fell during the monsoon season’s 301st week. However, it was found that the 29th week had the greatest average rainfall, 92.6 mm. With 952.6 mm on average, the monsoon season saw the highest rainfall. Calculations revealed that the yearly rainfall averaged 1171.1 mm. Using Weibull’s method, the study was subsequently expanded to examine rainfall distribution at different recurrence intervals of 2, 5, 10, and 25 years. Rainfall and recurrence interval mathematical correlations were also developed. Further regression analysis revealed that short wave irrigation, wind direction, wind speed, pressure, relative humidity, and temperature all had a substantial influence on rainfall.
Originality and value: The results of the rainfall IDF curves can provide useful information to policymakers in making appropriate decisions in managing and minimizing floods in the study area.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
Batteries -Introduction – Types of Batteries – discharging and charging of battery - characteristics of battery –battery rating- various tests on battery- – Primary battery: silver button cell- Secondary battery :Ni-Cd battery-modern battery: lithium ion battery-maintenance of batteries-choices of batteries for electric vehicle applications.
Fuel Cells: Introduction- importance and classification of fuel cells - description, principle, components, applications of fuel cells: H2-O2 fuel cell, alkaline fuel cell, molten carbonate fuel cell and direct methanol fuel cells.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
A vivacious approach to detect and prevent d do s attack
1. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 434
A VIVACIOUS APPROACH TO DETECT AND PREVENT DDoS ATTACK
Kharat J.S.1
, Radhakrishna Naik2
1
Student ME (CSE), 2
Head, Computer Science and Engineering, MIT (E) Aurangabad, Maharashtra, India,
kharat.jyo@gmail.com, naikradhakrishna@gmail.com
Abstract
A serious problem on the Internet nowadays is Distributed Denial of Service (DDoS) attacks and this is coordinated attack performed
by hackers to immobilize a particular Computer service through manipulation of techniques those are used to provide the Services. In
this attack, normally attackers generate a huge amount of requests to victims through compromised computers. DDoS attacks are a
critical threat to the internet. Packet flooding DDoS attack is a very common way to attack a victim machine by sending large amount
of unwanted traffic. This paper proposes a threshold based approach to detect and prevent the DDoS attack before reaching the
victim end with high detection rate and low false positive rate to achieve high performance. The result obtained from various
experiments on UDP Flood attack and HTTP GET attack show the effectiveness and the efficiency of our approach.
Keywords: Denial of Service (DoS), Distributed Denial of Service (DDoS), Entropy, flooding attack.
---------------------------------------------------------------------***-------------------------------------------------------------------------
1. INTRODUCTION
Internet Operators have been observed that DDoS attacks are
increasing noticeably and individual attacks are more strong
and complicated. Furthermore, the Arbor Worldwide
Infrastructure Security Report highlighted important trends in
distributed denial of service (DDoS) attacks. Several findings
stand out, including the overall expansion of attack surface
and the escalation of attack size and frequency [1].Distributed
denial-of-service (DDoS) attacks consist of an overwhelming
quantity of packets being sent from multiple attack sites to a
victim site. These packets get there in such a high quantity that
some key resource at the victim (bandwidth, buffers, CPU
time to compute responses) is quickly exhausted. The victim
cannot attend its real work due to spending so much time in
handling the attack traffic. Thus legitimate clients are deprived
of the victim’s service for as long as the attack lasts.
The first large-scale appearance of distributed denial-of-
service (DDoS) attacks occurred in mid-1999 and still
researchers are struggling to devise an effective solution to the
DDoS problem. There are many commercial and research
defenses has been appeared, but none of them provide
complete security from the threat. Rather, they detect a small
range of attacks that either use malformed packets or create
severe disturbances in the network; and they handle those
attacks by non-selectively dropping a portion of the traffic
destined for the victim[1]. This strategy relieves the victim
from the high-volume attack, but also inflicts damage to
legitimate traffic that is speciously dropped.
2. OVERVIEW OF DoS AND DDoS ATTACK
2.1 Denial of Service (Dos) Attacks
The DoS attack generally consists of efforts to temporarily or
indefinitely interrupt or suspend services of a host connected
to the internet. The goal of a Denial of Service (DoS) attack is
to interrupt some legitimate activity, such as browsing Web
pages, email functionality or net banking. It could even
shutdown the whole Web server. To obstruct legitimate
operations is to exploit vulnerabilities on the target machine or
application, by sending specially crafted requests targeting the
given vulnerabilities. Denial-of-service effect is achieved by
sending messages to the target machine such that the
“message” hampers with its operation and makes it hang,
crash, reboot, or do useless work. Also some key resources of
the target machine such as bandwidth, CPU time, memory, etc
can be consumed by sending a vast number of packets. One
cannot attend to legitimate clients because the target
application, machine, or network spends all of its critical
resources on handling the attack traffic [2].
2.2 Distributed Denial-Of-Service (DDoS) Attacks
It is simply an extension of DoS attack. DoS and DDoS attack
scenario is shown in Fig-2.Making a machine or network
resources unavailable to its intended user-s is the DDoS
attempt. It generally consist of the efforts of one or more
people to temporarily or indefinitely interrupt or suspend
services of a host connected to the internet. DDoS attacks are
able to take out an entire server in a matter of minutes. To
overwhelm a service to the point where it no longer works is
the goal of any DDoS attack.
2. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 435
In a DDoS attack, the incoming traffic flooding the victim
originates from many different sources potentially hundreds of
thousands or more. To saturate a target computer or device
with external communications requests, such that it cannot
respond to other legitimate traffic, or responds so slowly[3] is
the most common method of DDoS attack. In general terms,
DDoS attacks are implemented by either forcing the targeted
computers to reset, or to consume their resources so that they
can no longer provide services, or obstructing the
communication media between communicators so that they
can no longer communicate.
DoS Attack DDoS Attack
Fig-1: DoS and DDoS Attack Scenario
There are many types of DDoS attacks targeting both the
network and the application layers. They could be classified
upon their impact on the targeted computing resources
(saturating bandwidth, consuming server’s resources,
shattering an application) or upon the targeted resources as
well:
• Attacks targeting Network Resources: UDP Floods,
ICMP Floods, IGMP Floods.
• Attacks targeting Server Resources: the TCP/IP
weaknesses –TCP SYN Floods, TCP RST attacks, TCP
PSH+ACK attacks – but also Low and Slow attacks as
Sock stress for example and SSL-based attacks, which
detection is particularly challenging.
• Attacks targeting the Application Resources: HTTP
Floods, DNS Floods and other Low and Slow attacks as
Slow HTTP GET requests (Slowloris) and Slow HTTP
POST requests (R-U-Dead-Yet).
• A DDoS attack usually comprises more than three attack
vectors thus increasing the attacker’s chances to hit its
target and escape basic DoS mitigation solutions[4].
In general there are two types of denial of service attacks:
those that target the network layer and those that target the
application layer. The server cannot simultaneously process
other requests from other legitimate users, if an attacker
overloads the server with many requests. Examples of DDoS
attacks are discussed as follows:
A. UDP Flood Attack
UDP Flood attack is a network layer DDoS attack. UDP is a
connectionless protocol and it does not require any connection
setup procedure to transformation. To consume the bandwidth
is the main purpose of UDP Flood type attack. In this attack,
Attacker send IP packets containing UDP datagrams with the
purpose of slowing down the victim to the point that the
victim can no longer handle valid connections.
B. HTTP GET Flood Attack
HTTP GET flood attack is an Application layer DDoS Attack.
In this, a large amount of legitimate requests(to an
application)use to send by HTTP attacker. The feature of
HTTP GET Flood attack is that it will establish a normal TCP
Connection to Servers, and constantly submit a lot of calling
requests which dramatically consume database resources. For
sample, an Http Flood attack can make hundreds of thousands
of page requests to a web server, which can wear out all of the
servers processing capability. So that the server cannot handle
the legitimate request [5]
An HTTP GET flood is as exactly as it sounds: it’s a massive
influx of legitimate HTTP GET requests that come from large
numbers of users. These requests mimic legitimate users are
nearly impossible for applications and even harder for
traditional security to detect. This result of this attack is
similar to the effect: server errors increasingly degraded the
performance, and resource exhaustion.
3. RELATED WORK
Distributed Denial-of-Service (DDoS) and Denial-of-Service
(DoS) are the most dreadful network threats in recent years.
Different techniques and challenges involved in anomaly
detection system [6].
Yonghua You and Zulkernine[7]introduce two distance-based
DDoS detection techniques: average distance estimation and
distance-based traffic separation. They detect attacks by
analyzing distance values and traffic rates. The distance
information of a packet can be inferred from the Time-to-Live
(TTL) value of the IP header. In the average distance
estimation DDoS detection technique, the prediction of mean
distance value is used to define normality. The prediction of
traffic arrival rates from different distances is used in the
distance-based traffic separation DDoS detection technique.
The mean absolute deviation (MAD)-based deviation model
provides the legal scope to separate the normality from the
abnormality for both the techniques. The results of the
proposed techniques show that the techniques can detect
attacks effectively.
Muhai and MingLi [8] propose a model for detecting DDoS
attacks automatically. In order to reduce the error to identify
attacks, we use discrete wavelet transform (DWT) technique.
Attacking
machine
Target/Victim
Machine
Attack control Mechanism
Zombie Zombie Zombie
Target/Victim
Network
3. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 436
Author use actual data to validate proposed model and obtain
good results in terms of tradeoff between correct detections
and false alarms. The test results shows the approach not only
can be different the sudden increasing normal traffic from
anomaly traffic, but also has a well detect ratio.
Sumit Kar and Bibhudatta Sahoo[9]proposed method is based
upon attack detection and recovery, and uses an entropy based
anomaly detection system to detect DDoS attack. Author
design an anomaly detection system based on entropy and
entropy rate to detect DDoS attack. They uses normalized
entropy which calculates the over all probability distribution
in the captured flow in algorithm to get more accurate result.
Detection System is based on by analyzing the change in
entropy of distribution flow header feature and behavioral
features traffic distributions. The Result shows that the attack
must be detected and blocked before reaching the victim with
high detection rate and low false alarm rate.
Suratose Tritilanunt et al. [10] provide a detection mechanism
based on a technique of entropy-based input-output traffic
mode detection scheme. The experimental results demonstrate
that our approach is able to detect several kinds of denial-of-
service attacks, even small spike of such attacks. To minimize
this false positive, we introduce a technique called entropy-
based input-output traffic mode detection scheme. By
combining packet content observation for identifying DoS and
DDoS attacks in the system, this will help approach not only
to increase the accuracy for detecting DoS attacks, but also to
effectively discriminate legitimate users from suspicious
traffic.
Yi Zhang and Qiang Liu[11] present a real-time DDoS attack
detection and prevention system which can be deployed at the
leaf router to monitor and detect DDoS attacks. The
advantages of this system lie in its statelessness and low
computation overhead, which makes the system itself immune
to flooding attacks. A number of articles suggested entropy as
a metrics to summarizing trafficdistribution for anomaly
detection[12][13].
The authors of [9] use entropy rate to discriminate the DDoS
attack from legitimate traffic. The use of entropy for analyze
changes in traffic distribution has two benefit. i) Using
entropy for anomaly detection increases the detection
capability than volume based methods. ii) It provides
additional information to classify among different types
anomaly (worms, DoS attack. Port scanning) .We considers
two classes of distribution i) flow header features (IP address,
ports, and flow sizes) ii) behavioral features (the number of
distinct destination / source address that a host communicates
with) [14]. The anomaly detection system discussed in this
paper is based on by analyzing the change in entropy of above
two traffic distributions.
Our objective in this paper is to design an attack detection
system based on entropy and packet rate to detect DDoS
attack. We use normalized entropy which calculates the over
all probability distribution in the captured flow in our
algorithm to get more accurate result.
4. PROPOSED ENTROPY BASED DETECTION
TECHNIQUE
Shannon’s Entropy [15] based approach is used for DDoS
attack detection. entropy is a measure of the uncertainty in a
random variable or in this case data coming over the
network. The Shannon’s function is a useful tool for
inspecting a similarity and distribution of traffic in the
inspection time frame. When denial-of-service attacks occur in
the observation window, the entropy of that traffic will drop
noticeably and wecan identify that situation as DoS/DDoS
attacks. The value of sample entropy lies in range [0, logn].
The entropy shows its minimum value 0 when all the items (IP
address or port) are same and its maximum value logn when
all the items are different. The entropy of a random variable X
with possible values {x , x … … . . x } can be calculated as
H x = − ∑ P x logP x (1)
In our proposed DDoS detection algorithm we use entropy as
a principal matrix. We use change of entropy of traffic
distributions (IP address, port) for DDoS detection. If we are
interested in measuring the entropy of packets over unique
source or destination address then maximum value of n is 2
for ipv4address [9]. If we want to calculate entropy over
various applications port then n is the maximum number of
ports. Here p x where x ∈ X is the probability that X takes
the value x . Suppose we randomly observe X for a fixed time
window w, thenP x = m m⁄ , where m is the frequency or
number of times we observe X taking the value x i.e. m =
∑ m
H X = − ∑ m /m log m /m (2)
If we want calculate probability of any source MAC address
then,
mi = number of packets with xi as source MAC address and
m = total number of packets
P x =
Number of Packets with x as source
Total number of packets
Here total number of packets is the number of packets seen for
a time window T.
Normalized entropy calculates the over all probability
distribution in the captured flow for the time window T.
Normalized entropy = H log n5⁄ (3)
4. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 437
Where n5 is the number of distinct x values in the given time
window.
In a DDoS attack from the captured traffic in time window T,
the attack flow dominates the whole traffic, as a result the
normalized entropy of the traffic decreased in a detectable
manner. But it is also possible in a case of massive legitimate
network accessing. To confirm the attack we have to again
calculate the packet rate P67 of suspected flow. Here flow is
packages which share the same destination address/port. In
this mechanism we have taken one assumption that the
attacker uses same function to generate attack packets at
“zombies”.
P67 x
Total No. of packets coming from
same MAC address T;
Total number of packets T
4
The steps in our proposed DDoS detection algorithm are
described below.
Algorithm 1 : DDoS Detection Algorithm
1: Collect sample flows for a time window T on the
edge routers.
2:Calculate router entropy H X ∑ P x log P x
3: Calculate NE H log n5⁄ where, NE = normalized
router entropy.
4: If NE > ?@ABC@DEF δ , identify the suspected attack
flow.
5: Calculate the packet rate P67 x
HI
H
of the suspected
flow inthat router
6:If P67 x J threshold δ , it is a DDoS attack.
Else legitimate traffics.
7: Generate alarm and Discard the attack flow.
5. EXPERIMENT AND RESULT
Section 5 provides the experiment and results of our approach
to detect distributed denial-of-service attacks. The system can
detect the attack by using an entropy detection method
because the value drops significantly from the stored profile
once the DoS/DDoS attacks occur in the system. We observe
that most DoS attacks immediately decrease the entropy of the
overall system. A prototype of the proposed system has been
implemented and evaluated on an real base system.
Experimental Setup: Fig-2 shows the experimental setup.
experiment includes 3 source, 1 intermediate routers and 1
destination node. Out of which 3 source nodes 2 nodes are
legitimate users and 1 node is attacker. The bandwidth of
legitimate traffic is set constant.
Fig-2: Experimental setup
The goal of our experiments is to assess the scalability of our
approach and the performance of the protection system.
5.1 UDP Attack:
UDP is a bandwidth depletion attack. Attacker consumes the
network bandwidth with unwanted UDP traffic so that
legitimate user cannot send packets to destination.We traced
no of packets received in every 1 second interval. Performance
metrics used is Network Utilization.
Experiment 1: UDP attack with 2 legitimate user and 1
attacker: Suppose node A3 is the attack source and node A1
and A2 are legitimate users and node D is the victim. All the
three users sending packets to specified destination
Experiment lasts at 6 second. We traced number of packets
received in a fixed time window T.Table-1 shows the traced
data in 6 seconds. The router entropy is calculated according
to Eq. (2), and the normalized router entropy is being
calculated using Eq. (3). Table-2 shows the normalized
entropy calculation for experiments.
Table 1: Traced data
Times in
Second
Number of attack
packets received
Number of
legitimate packets
received
0-1 80 63
1-2 80 65
2-3 699 150
3-4 766 125
4-5 700 100
5-6 615 80
Table-2: Normalized entropy calculations
Time in Second Normalized Router Entropy
0-1 0.98
1-2 0.99
2-3 0.535
3-4 0.45
4-5 0.51
5-6 0.76
5. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 438
Captured flow for every source is shown in Table-3 when
NE=0.535.
Table-3: Traced Data when NE=0.535(UDP attack)
Source Node
with MAC
address
Destination IP No.
of
pac
kets
entropy
38-60-77-50-
b0-92
192.168.0.45 70 0.29
00-1c-c0-83-b7-
f8
192.168.0.45 80 0.32
70-71-BC-BE-
11-9B
192.168.0.45 699 0.23
Here router entropy = 0.29+0.32+0.23= 0.84
n5 3
Normalized router entropy NE = 0.84/ log2 3 = 0.535
The above data are taken practically for Edge Router. In the
above case one flow dominates the whole traffic as a result the
normalized entropy decreases. If the threshold δ is perfect,
suppose 0.94 for the above example, it will treat flow coming
from node A with MAC (70-71-BC-BE-11-9B) as suspected
flow. After which the packet rate is being calculated for every
suspected flow. While the packet rates of different flows
exceed the thresholdδ i.e.150 packets/second, the attack is
confirmed and attack flow is discarded. All the above
calculations are based on log .
We consider 2 situations in our experiment to evaluate the
performance of our proposed algorithm. In the first situation,
we start with 2 legitimate users and 1 attacker and study how
the system performance is being degraded. In the second
situation we examine the system for 2 legitimate users and two
attackers.
The graph in Fig-3 depicts the effect of DDoS attack with 2
legitimate users and 1 attacker. It shows numbers of attack
packets as well as legitimate packets with respect totime. The
graph in Figure 4 shows the network utilization of 3senders
with 1 attacker. It shows number of packets/second with
respect to network utilization.
Fig-3: Effect of UDP attack
Fig-4: Threesenders with 1 attacker
The graph in Fig-4 shows the Network utilization of 4 senders
with 2 attackers. It shows the packet rate with respect to
network utilization.
Fig-5: Foursenders with 2 attackers
0
100
200
300
400
500
600
700
800
900
1 2 3 4 5 6
Legitimate
traffic
Attack traffic
Time in Seconds
PacketCount
0
10
20
30
40
50
60
50 100 150 200 250
Network
Utilization
Packet rate
NetworkUtilizationin%
0
10
20
30
40
50
60
50 100 150 200 250
Network
Utilization
Packet rate
N/WUtilizationin%
6. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 439
5.2 HTTP GET Flood Attack
We traced no of HTTP GET request received in every 1
second interval.We have taken two examples using Fig. 2 how
the detection scheme works. Suppose node A1 is the attack
source and node A2and A3 are legitimate users and node D1 is
the victim. Based on the DDoS detection algorithm flows
coming from all the client nodes will first captured by router 1
Suppose at router 1, we have captured flows as given in Fig-6
which shows the legitimate traffic as well as attack traffic with
respect to time in a fixed time window T. The router entropy is
calculated according to Eq. (2) and the normalized router
entropy is being calculated using Eq. (3).Table-4 shows the
Normalized entropy calculations and Table-5 shows the traced
data when NE=0.81
Table-4: Normalized entropy calculation
Times in Second Normalized Router Entropy
0-1 0.71
1-2 0.86
2-3 0.63
3-4 0.67
4-5 0.81
Table-5 Traced Data when NE=0.81
Source Node
with MAC
address
Destination
IP
No.of
request
entropy
38-60-77-50-
b0-92
192.168.0.45 217 0.41
00-1c-c0-83-
b7-f8
192.168.0.45 74 0.47
70-71-BC-
BE-11-9B
192.168.0.45 49 0.40
Here router entropy = 0.41+0.47+0.40= 1.28 and n5 3
Normalized router entropy NE 0.84 log 3⁄ 0.811
The above data are taken practically for Router1. In the above
case one flow dominates the whole traffic as a result the
normalized entropy decreases. If the threshold is perfect,
suppose 0.94 for the above example, it will treat flow coming
from node A3 with MAC(70-71-BC-BE-11-9B) as suspected
flow. After which the packet rate is being calculated for every
suspected flow. While the packet rates of different flows
exceed the threshold δ i.e. 150 p/s, the attack is confirmed
and attack flow is discarded.
Fig-6: Traced data
The graph in Fig-7 shows the Heap utilization of 3 senders
with 1 attacker. It shows packet rate with respect to Heap
Memory utilization in %.The graph in Fig-8 shows the Heap
utilization of 4 senders with 2attacker. It shows packet rate
with respect to Heap Memory utilization.
Fig-7: three senders with 1 attacker
Fig-8: four senders with 2 attackers
0
50
100
150
200
250
1 2 3 4 5
Legitimate
packets
Attack
packets
Time in Seconds
PacketCount
0
10
20
30
40
50
60
50 100 150 200 250
Heap
Memory
Utilization
Packet rate
HeapMemoryin%
0
10
20
30
40
50
60
70
80
50 100 150 200 250
Heap
Memory
Utilization
Packet rate
HeapMemoryin
7. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
__________________________________________________________________________________________
Volume: 02 Issue: 10 | Oct-2013, Available @ http://www.ijret.org 440
CONCLUSIONS
In this paper we discussed different types of DDoS attacks that
could exploit network and related detection strategies and
introduces an alternative technique to detect denial-of-service
and distributed denial-of-service attacks by using packet rates
and packet address entropy-based technique. As we will take
the detection threshold δ as0.94 then, the proposed anomaly
detection system can detect DDoS attack traffics with high
detection rate and without any false positive before reaching
the victim and taking threshold δ as 150 p/s then, proposed
system can achieve the efficient use of Network utilization in
case of UDP attack and Heap Memory utilization in case of
HTTP Get flood attack. we plan to test our approach with
other kinds of DoS/DDoS attacks in the future work.
REFERENCES
[1]. http://blogs.ixiacom.com/ixia-blog/application-layer-
ddos-attacks-growing.
[2]. http://www.linuxforu.com/2011/04/securing-apache-
part-8-dos-ddos-attacks.
[3]. http://en.wikipedia.org/wiki/Denial-of-service_attack.
[4]. http://security.radware.com/knowledge-
center/DDoSPedia/ddos-attack/
[5]. Saman Taghavi Zargar, James Joshi, David Tipper,”
Survey of Defense Mechanisms Against Distributed
Denial of Service (DDoS) Flooding Attacks”,ieee
communications surveys & tutorials 2009.
[6]. P. G. Teodoro, J. D.Verdejo, G. M.Fernandez,
E.Vazquez, “Anomaly-based network intrusion
detection: Techniques, systems and challenges”,
computer & security, Volume 28, Issues 1-2, pp.18-28,
2008.
[7]. Yonghua You and Zulkernine,”A Distributed Defense
Framework for Flooding-Based DDoS Attacks”, ICC
Proceeding, 2007
[8]. Muhai Li and Ming Li,” A New Approach for
Detecting DDoS Attacks Based on Wavelet
Analysis”,ieeeconference, 2009.
[9]. Sumit Kar and Bibhudatta Sahoo,” An Anomaly
Detection System for DDoS Attack”,ijca-se 2009.
[10]. Suratose Tritilanunt et al,” Entropy-based Input-Output
Traffic Mode Detection Scheme for DoS/DDoS
Attacks”,2010 .
[11]. Yi Zhang and Qiang Liu,” A Real-Time DDoS Attack
Detection and Prevention System Based on per-ITraffic
Behavioral Analysis”,2010.
[12]. Suratose Tritilanunt, SuphanneeSivakorn,
ChoochernJuengjincharoen, AusaneeSiripornpisan,”
Entropy-based Input-Output Traffic Mode Detection
Scheme for DoS/DDoS Attacks”, ISCIT 2010
[13]. Wonjun Lee and Squicciarini,”Detection and Protection
against Distributed Denial of Service Attacks in
Accountable Grid Computing Systems”,IEEEJournel
2011.
[14]. G. Nychis, V. Sekar, D. G Andersen, H. Kim and
H.Zhang, “An Empirical Evaluation of Entropy-Based
Traffic Anomaly Detection”. Tech. Rep. CMU-CS-08-
145, Computer Science Department, Carnegie Mellon
University, 2008
[15]. Thomas M. Cover and Joy A. Thomas, “Elements of
Information Theory”, second edition, 2007
BIOGRAPHIES
Ms. Kharat J.S. obtained her Bachelor’s
Degree in Computer Science from BAMU
University during 2008 and currently pursuing
Masters Degree from the same university. She
is working in Computer Dept. of Shreeyash
Polytechnic Aurangabad as Lecturer from last 5 years. Her
research area includes Network Security.
Dr. Radhakrishna Naik is working as
professor and Head in CSE Department of MIT
(E) Aurangabad. He did his PhD in Real Time
Systems and his subjects of interest are Real
Time systems, Real Time database
management and Network security.