As growth of internet and computer increase day by day so as the growth of attacks on network is also
tremendously increased day by day. In this paper we introduced a wired network and create two TCP
source node and one attacker node (Distributed denial-of-service) flooding type attack which is the attack
on the bandwidth of TCP node at source side sends data to destination through router and also measure the
impact of Denial-of-service attack (DoS) on that wired network how packets of other source nodes and that
node will drop down due to the impact of flooding type denial-of-service attack and shows the result using
NS-2 NAM & Xgraph windows in simulation.
Network Address Translation (NAT) allows private IP addresses to be used within a local area network (LAN) while providing access to the public internet. NAT maps private IP addresses to public IP addresses, allowing multiple devices to share public IP addresses. The main NAT traversal challenges are that NAT prevents outside systems from initiating connections to inside systems and communication between systems that are both behind NAT routers. Proposed solutions include using third-party servers to reverse connections or techniques like UDP and TCP hole punching that establish connections directly between systems.
The document discusses remote procedure call (RPC), including its definition and purpose, execution steps when making an RPC, how clients connect to servers, issues around transparency, call semantics, data representation, performance, security, and how to write RPC programs. RPC allows programs to execute subroutines remotely by hiding network details in stub procedures, making remote calls similar to local calls. The Sun RPC implementation is described as an example.
Iaetsd an effective approach to eliminate tcp incastIaetsd Iaetsd
This document proposes an Incast Congestion Control for TCP (ICTCP) scheme to eliminate TCP incast collapse in datacenter environments. TCP incast collapse occurs when multiple synchronized servers send data to the same receiver in parallel, overwhelming the switch buffer and causing packet loss. ICTCP is a receiver-side approach that proactively adjusts the TCP receive window size of connections to control their aggregate burstiness and prevent switch buffer overflow before packet loss occurs. It estimates available bandwidth and uses this as a quota to coordinate receive window increases. For each connection, the receive window is adjusted based on the ratio of the difference between measured and expected throughput. This allows adaptive tuning of receive windows to meet sender throughput needs while avoiding congest
DRDoS is the latest in the series of Denial of Service attacks. An explanation of the history of this type of attack is in order to fully understand the ramifications of this new threat.http://servv89pn0aj.sn.sourcedns.com/~gbpprorg/2600/DRDoS-Spyrochaete.html
The document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It describes different types of DoS attacks such as sending malformed packets to exploit protocol or application flaws. It notes that DDoS attacks involve aggregating malicious traffic from many zombie machines to flood the victim with packets. Most defense methods focus on mitigating bandwidth consumption from packet flooding. However, attackers may also directly target applications to exhaust computational resources. The document proposes an acknowledgment-based port hopping protocol for secure communication between a sender and receiver that is resistant to such attacks.
A Denial-of-Service (DoS) attack shuts down a machine or a network to make it inaccessible to its intended users. This PPT sheds light upon this kind of a cyberattack and its types, to increase awareness related to the threat that it poses to web servers and applications.
Network Address Translation (NAT) allows private IP addresses to be used within a local area network (LAN) while providing access to the public internet. NAT maps private IP addresses to public IP addresses, allowing multiple devices to share public IP addresses. The main NAT traversal challenges are that NAT prevents outside systems from initiating connections to inside systems and communication between systems that are both behind NAT routers. Proposed solutions include using third-party servers to reverse connections or techniques like UDP and TCP hole punching that establish connections directly between systems.
The document discusses remote procedure call (RPC), including its definition and purpose, execution steps when making an RPC, how clients connect to servers, issues around transparency, call semantics, data representation, performance, security, and how to write RPC programs. RPC allows programs to execute subroutines remotely by hiding network details in stub procedures, making remote calls similar to local calls. The Sun RPC implementation is described as an example.
Iaetsd an effective approach to eliminate tcp incastIaetsd Iaetsd
This document proposes an Incast Congestion Control for TCP (ICTCP) scheme to eliminate TCP incast collapse in datacenter environments. TCP incast collapse occurs when multiple synchronized servers send data to the same receiver in parallel, overwhelming the switch buffer and causing packet loss. ICTCP is a receiver-side approach that proactively adjusts the TCP receive window size of connections to control their aggregate burstiness and prevent switch buffer overflow before packet loss occurs. It estimates available bandwidth and uses this as a quota to coordinate receive window increases. For each connection, the receive window is adjusted based on the ratio of the difference between measured and expected throughput. This allows adaptive tuning of receive windows to meet sender throughput needs while avoiding congest
DRDoS is the latest in the series of Denial of Service attacks. An explanation of the history of this type of attack is in order to fully understand the ramifications of this new threat.http://servv89pn0aj.sn.sourcedns.com/~gbpprorg/2600/DRDoS-Spyrochaete.html
The document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It describes different types of DoS attacks such as sending malformed packets to exploit protocol or application flaws. It notes that DDoS attacks involve aggregating malicious traffic from many zombie machines to flood the victim with packets. Most defense methods focus on mitigating bandwidth consumption from packet flooding. However, attackers may also directly target applications to exhaust computational resources. The document proposes an acknowledgment-based port hopping protocol for secure communication between a sender and receiver that is resistant to such attacks.
A Denial-of-Service (DoS) attack shuts down a machine or a network to make it inaccessible to its intended users. This PPT sheds light upon this kind of a cyberattack and its types, to increase awareness related to the threat that it poses to web servers and applications.
Monitoring of traffic over the victim under tcp syn flood in a laneSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
This multiple choice quiz covers topics in Chapter 2 of the textbook "Computer Networking: A Top-Down Approach" including the application layer, HTTP, caching, and peer-to-peer file sharing protocols. It contains 12 questions testing knowledge of concepts like application layer protocols, HTTP request and response headers, DNS records, TCP vs UDP, and characteristics of BitTorrent file sharing.
AODV Improvement by Modification at Source Node and Securing It from Black Ho...IJERA Editor
MANETS suffer from constraints in power, storage and computational resources ,as a result, they are more
vulnerable to various communications security related attacks. therefore we attempt to focus on analyzing and
improving the security of routing protocol for MANETS viz. the Ad hoc On Demand Distance Vector
(AODV)routing protocol. We propose modifications to the AODV we propose an algorithm to counter the
Black hole attack on the routing protocols in MANETs. All the routes has unique sequence number and the
malicious node has the highest Destination Sequence number and it is the first RREP to arrive. So the
comparison is made only to the first entry in the table without checking other entries in the table
This document summarizes a survey and analysis of various host-to-host congestion control proposals for TCP data transmission. It discusses the basic principles that underlie current host-to-host algorithms, including probing available network resources, estimating congestion through packet loss or delay, and quickly detecting packet losses. The document then analyzes specific algorithms like slow start, congestion avoidance, and fast recovery. It also examines calculating retransmission timeout and round-trip time, congestion avoidance and packet recovery techniques, and data transmission in TCP. The overall goal of these proposals is to control congestion in a distributed manner without relying on explicit network notifications.
This document discusses network tunneling protocols and tools. It describes how protocols like SSH, GRE, and ICMP can be used to encapsulate other protocols and bypass network restrictions. Examples of network tunneling tools that operate over HTTP, DNS, and ICMP are provided. The document notes both legitimate and malicious uses of tunneling, and outlines challenges in detecting tunneling traffic and payloads.
Lec 2(intoduction of computer networkes)maamir farooq
This document discusses different types of networks:
1. The Internet is the common network used for activities like reading news and social media.
2. The Deep Web is a subset not indexed by search engines so it requires directly visiting sites instead of searching. It exists because the Internet is too large to fully index.
3. The Dark Web requires special software to access and is often associated with illegal activities like drug sales, though it also has legitimate uses. It sits on additional private networks like Tor and I2P.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
The document discusses transport layer protocols and services including:
- TCP provides reliable, in-order delivery through congestion control, flow control, and connection setup. UDP provides unreliable, unordered delivery with no connection.
- Transport protocols multiplex and demultiplex data between applications using port numbers. TCP uses a 4-tuple of IP addresses and port numbers to identify each connection.
- UDP is useful for streaming multimedia since it is loss tolerant but rate sensitive, while TCP provides reliability through congestion control and retransmissions.
The document summarizes key aspects of the transport layer from Chapter 3 of the textbook "Computer Networking: A Top Down Approach". It discusses the goals of the transport layer, including providing multiplexing/demultiplexing, reliable data transfer, congestion control and flow control. It then describes the two main Internet transport protocols - UDP (connectionless) and TCP (connection-oriented), focusing on their differences and how TCP provides reliability.
This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It begins with an overview of transport layer protocols like TCP and concepts like multiplexing and demultiplexing. It then explains how DDoS attacks work by overwhelming resources with bogus traffic. Specific DDoS attack methods covered include simple volume attacks, scaling up attacks, exploiting protocol weaknesses, and targeting application layer resources. The document notes that DDoS attacks are effective because they can exceed finite network and system capacities and resources.
This document contains a 10 question multiple choice quiz on topics related to multimedia networking and differentiated services. The questions cover topics such as the causes of packet jitter, file sizes for MP3 songs, the purpose of protocols like RTSP and RTCP, characteristics of leaky bucket algorithms for policing network flows, and weighted fair queue scheduling policies.
A network behavior analysis method to detect this writes about a method to ...Thang Nguyen
This document proposes a network behavior analysis method to detect reverse remote access trojans (RATs) using machine learning. It extracts 4 network behavior features from TCP sessions: out-in-bytes ratio, PSH flag ratio, early stage packet number, and heartbeat flag. Six machine learning classifiers are tested on a dataset of real RAT and normal traffic. Random forest achieves the best performance with an accuracy of 0.957 and AUC of 0.979, indicating the method can effectively detect encrypted reverse RAT connections by analyzing network behavior features.
The transport layer accepts data from the session layer, breaks it into packets, and delivers the packets to the network layer. It provides end-to-end communication and ensures reliable delivery of data. The network interface layer sends and receives TCP/IP packets on the network medium. It encompasses the data link and physical layers of the OSI model. TCP/IP is independent of the specific network technology.
The document provides an overview of Chapter 3 from the textbook "Computer Networking: A Top Down Approach" by Jim Kurose and Keith Ross. It discusses the goals and outline of the chapter which covers transport layer services, multiplexing and demultiplexing, UDP, principles of reliable data transfer, TCP, and congestion control. Specifically, it describes transport layer services, multiplexing and demultiplexing of data between applications, UDP as a connectionless transport protocol, and outlines the topics to be covered related to reliable data transfer and TCP.
This document contains a multiple choice quiz with questions about transport layer concepts in computer networking. Specifically, it asks about characteristics of TCP and UDP, latency modeling, congestion control, port numbers, retransmission, and throughput calculation. It contains 13 questions testing understanding of topics like round trip time, sequence numbers, window size, throughput rates, and port addressing.
Detection of application layer ddos attack using hidden semi markov model (20...Mumbai Academisc
This document discusses a proposed scheme to detect application layer distributed denial of service (App-DDoS) attacks using hidden semi-Markov models. It begins by describing how current techniques have difficulty distinguishing App-DDoS attacks from normal flash crowds based on traffic characteristics alone. The proposed scheme aims to capture spatial-temporal patterns during normal flash crowds using an Access Matrix, and then uses a hidden semi-Markov model to analyze dynamics of the Access Matrix and detect anomalies indicating potential App-DDoS attacks. It argues this approach can more effectively identify if traffic surges are caused by attackers or normal users compared to existing detection systems.
This document discusses Mobile IP and related concepts. It begins by outlining the motivation for Mobile IP, including issues with changing IP addresses or routing tables when a mobile node changes locations. It then defines key terminology like mobile node, home agent, foreign agent, and care-of address. It explains how registration and encapsulation allow a mobile node to maintain its home IP address as it roams. Finally, it discusses security considerations, problems, and the relationship between Mobile IP and IPv6.
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
This network analysis report examines a packet capture file containing traffic between two internal hosts downloading a file from a remote server. The analysis found that one internal host, with IP ending in 1.119, experienced significant packet loss during the download, as shown by drops in throughput and bursts of TCP errors. This packet loss indicates a potential failure at an infrastructure device, likely causing the observed retransmissions and degradation in performance. Further analysis of ingress traffic is needed to determine if the packet loss is occurring internally or externally to the network.
The document proposes two new autonomous system (AS) traceback techniques to identify the AS of the attacker launching a denial-of-service (DoS) attack. The first technique, called Prevent Overwriting AS Traceback (POAST), marks packets with a dynamic probability and protects marked packets from being overwritten. It encodes the attacking AS number instead of router IP addresses. The second technique, called Efficient AS Traceback (EAST), is also described but not in detail. Both are evaluated to have better performance than existing probabilistic packet marking techniques for traceback by reducing the number of packets and routers required.
Task scheduling methodologies for high speed computing systemsijesajournal
High Speed computing meets ever increasing real-time computational demands through the leveraging of
flexibility and parallelism. The flexibility is achieved when computing platform designed with
heterogeneous resources to support multifarious tasks of an application where as task scheduling brings
parallel processing. The efficient task scheduling is critical to obtain optimized performance in
heterogeneous computing Systems (HCS). In this paper, we brought a review of various application
scheduling models which provide parallelism for homogeneous and heterogeneous computing systems. In
this paper, we made a review of various scheduling methodologies targeted to high speed computing
systems and also prepared summary chart. The comparative study of scheduling methodologies for high
speed computing systems has been carried out based on the attributes of platform & application as well.
The attributes are execution time, nature of task, task handling capability, type of host & computing
platform. Finally a summary chart has been prepared and it demonstrates that the need of developing
scheduling methodologies for Heterogeneous Reconfigurable Computing Systems (HRCS) which is an
emerging high speed computing platform for real time applications.
- The stock market has risen 17% year-to-date but may be overextended in the short-term given lackluster business fundamentals and economic growth.
- After a potential short-term pullback, stocks could see 20-30% upside over the next year, supported by low interest rates and high liquidity.
- However, the author cautions that weak revenue growth, upcoming fiscal tightening, and downward revisions to earnings estimates could trigger a market correction from current levels.
Monitoring of traffic over the victim under tcp syn flood in a laneSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
This multiple choice quiz covers topics in Chapter 2 of the textbook "Computer Networking: A Top-Down Approach" including the application layer, HTTP, caching, and peer-to-peer file sharing protocols. It contains 12 questions testing knowledge of concepts like application layer protocols, HTTP request and response headers, DNS records, TCP vs UDP, and characteristics of BitTorrent file sharing.
AODV Improvement by Modification at Source Node and Securing It from Black Ho...IJERA Editor
MANETS suffer from constraints in power, storage and computational resources ,as a result, they are more
vulnerable to various communications security related attacks. therefore we attempt to focus on analyzing and
improving the security of routing protocol for MANETS viz. the Ad hoc On Demand Distance Vector
(AODV)routing protocol. We propose modifications to the AODV we propose an algorithm to counter the
Black hole attack on the routing protocols in MANETs. All the routes has unique sequence number and the
malicious node has the highest Destination Sequence number and it is the first RREP to arrive. So the
comparison is made only to the first entry in the table without checking other entries in the table
This document summarizes a survey and analysis of various host-to-host congestion control proposals for TCP data transmission. It discusses the basic principles that underlie current host-to-host algorithms, including probing available network resources, estimating congestion through packet loss or delay, and quickly detecting packet losses. The document then analyzes specific algorithms like slow start, congestion avoidance, and fast recovery. It also examines calculating retransmission timeout and round-trip time, congestion avoidance and packet recovery techniques, and data transmission in TCP. The overall goal of these proposals is to control congestion in a distributed manner without relying on explicit network notifications.
This document discusses network tunneling protocols and tools. It describes how protocols like SSH, GRE, and ICMP can be used to encapsulate other protocols and bypass network restrictions. Examples of network tunneling tools that operate over HTTP, DNS, and ICMP are provided. The document notes both legitimate and malicious uses of tunneling, and outlines challenges in detecting tunneling traffic and payloads.
Lec 2(intoduction of computer networkes)maamir farooq
This document discusses different types of networks:
1. The Internet is the common network used for activities like reading news and social media.
2. The Deep Web is a subset not indexed by search engines so it requires directly visiting sites instead of searching. It exists because the Internet is too large to fully index.
3. The Dark Web requires special software to access and is often associated with illegal activities like drug sales, though it also has legitimate uses. It sits on additional private networks like Tor and I2P.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
The document discusses transport layer protocols and services including:
- TCP provides reliable, in-order delivery through congestion control, flow control, and connection setup. UDP provides unreliable, unordered delivery with no connection.
- Transport protocols multiplex and demultiplex data between applications using port numbers. TCP uses a 4-tuple of IP addresses and port numbers to identify each connection.
- UDP is useful for streaming multimedia since it is loss tolerant but rate sensitive, while TCP provides reliability through congestion control and retransmissions.
The document summarizes key aspects of the transport layer from Chapter 3 of the textbook "Computer Networking: A Top Down Approach". It discusses the goals of the transport layer, including providing multiplexing/demultiplexing, reliable data transfer, congestion control and flow control. It then describes the two main Internet transport protocols - UDP (connectionless) and TCP (connection-oriented), focusing on their differences and how TCP provides reliability.
This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It begins with an overview of transport layer protocols like TCP and concepts like multiplexing and demultiplexing. It then explains how DDoS attacks work by overwhelming resources with bogus traffic. Specific DDoS attack methods covered include simple volume attacks, scaling up attacks, exploiting protocol weaknesses, and targeting application layer resources. The document notes that DDoS attacks are effective because they can exceed finite network and system capacities and resources.
This document contains a 10 question multiple choice quiz on topics related to multimedia networking and differentiated services. The questions cover topics such as the causes of packet jitter, file sizes for MP3 songs, the purpose of protocols like RTSP and RTCP, characteristics of leaky bucket algorithms for policing network flows, and weighted fair queue scheduling policies.
A network behavior analysis method to detect this writes about a method to ...Thang Nguyen
This document proposes a network behavior analysis method to detect reverse remote access trojans (RATs) using machine learning. It extracts 4 network behavior features from TCP sessions: out-in-bytes ratio, PSH flag ratio, early stage packet number, and heartbeat flag. Six machine learning classifiers are tested on a dataset of real RAT and normal traffic. Random forest achieves the best performance with an accuracy of 0.957 and AUC of 0.979, indicating the method can effectively detect encrypted reverse RAT connections by analyzing network behavior features.
The transport layer accepts data from the session layer, breaks it into packets, and delivers the packets to the network layer. It provides end-to-end communication and ensures reliable delivery of data. The network interface layer sends and receives TCP/IP packets on the network medium. It encompasses the data link and physical layers of the OSI model. TCP/IP is independent of the specific network technology.
The document provides an overview of Chapter 3 from the textbook "Computer Networking: A Top Down Approach" by Jim Kurose and Keith Ross. It discusses the goals and outline of the chapter which covers transport layer services, multiplexing and demultiplexing, UDP, principles of reliable data transfer, TCP, and congestion control. Specifically, it describes transport layer services, multiplexing and demultiplexing of data between applications, UDP as a connectionless transport protocol, and outlines the topics to be covered related to reliable data transfer and TCP.
This document contains a multiple choice quiz with questions about transport layer concepts in computer networking. Specifically, it asks about characteristics of TCP and UDP, latency modeling, congestion control, port numbers, retransmission, and throughput calculation. It contains 13 questions testing understanding of topics like round trip time, sequence numbers, window size, throughput rates, and port addressing.
Detection of application layer ddos attack using hidden semi markov model (20...Mumbai Academisc
This document discusses a proposed scheme to detect application layer distributed denial of service (App-DDoS) attacks using hidden semi-Markov models. It begins by describing how current techniques have difficulty distinguishing App-DDoS attacks from normal flash crowds based on traffic characteristics alone. The proposed scheme aims to capture spatial-temporal patterns during normal flash crowds using an Access Matrix, and then uses a hidden semi-Markov model to analyze dynamics of the Access Matrix and detect anomalies indicating potential App-DDoS attacks. It argues this approach can more effectively identify if traffic surges are caused by attackers or normal users compared to existing detection systems.
This document discusses Mobile IP and related concepts. It begins by outlining the motivation for Mobile IP, including issues with changing IP addresses or routing tables when a mobile node changes locations. It then defines key terminology like mobile node, home agent, foreign agent, and care-of address. It explains how registration and encapsulation allow a mobile node to maintain its home IP address as it roams. Finally, it discusses security considerations, problems, and the relationship between Mobile IP and IPv6.
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
This network analysis report examines a packet capture file containing traffic between two internal hosts downloading a file from a remote server. The analysis found that one internal host, with IP ending in 1.119, experienced significant packet loss during the download, as shown by drops in throughput and bursts of TCP errors. This packet loss indicates a potential failure at an infrastructure device, likely causing the observed retransmissions and degradation in performance. Further analysis of ingress traffic is needed to determine if the packet loss is occurring internally or externally to the network.
The document proposes two new autonomous system (AS) traceback techniques to identify the AS of the attacker launching a denial-of-service (DoS) attack. The first technique, called Prevent Overwriting AS Traceback (POAST), marks packets with a dynamic probability and protects marked packets from being overwritten. It encodes the attacking AS number instead of router IP addresses. The second technique, called Efficient AS Traceback (EAST), is also described but not in detail. Both are evaluated to have better performance than existing probabilistic packet marking techniques for traceback by reducing the number of packets and routers required.
Task scheduling methodologies for high speed computing systemsijesajournal
High Speed computing meets ever increasing real-time computational demands through the leveraging of
flexibility and parallelism. The flexibility is achieved when computing platform designed with
heterogeneous resources to support multifarious tasks of an application where as task scheduling brings
parallel processing. The efficient task scheduling is critical to obtain optimized performance in
heterogeneous computing Systems (HCS). In this paper, we brought a review of various application
scheduling models which provide parallelism for homogeneous and heterogeneous computing systems. In
this paper, we made a review of various scheduling methodologies targeted to high speed computing
systems and also prepared summary chart. The comparative study of scheduling methodologies for high
speed computing systems has been carried out based on the attributes of platform & application as well.
The attributes are execution time, nature of task, task handling capability, type of host & computing
platform. Finally a summary chart has been prepared and it demonstrates that the need of developing
scheduling methodologies for Heterogeneous Reconfigurable Computing Systems (HRCS) which is an
emerging high speed computing platform for real time applications.
- The stock market has risen 17% year-to-date but may be overextended in the short-term given lackluster business fundamentals and economic growth.
- After a potential short-term pullback, stocks could see 20-30% upside over the next year, supported by low interest rates and high liquidity.
- However, the author cautions that weak revenue growth, upcoming fiscal tightening, and downward revisions to earnings estimates could trigger a market correction from current levels.
Survey of uncertainty handling in cloud service discovery and compositionijngnjournal
With the spread of services related to cloud environment, it is tiresome and time consuming for users to look for the appropriate service that meet with their needs. Therefore, finding a valid and reliable service is essential. However, in case a single cloud service cannot fulfil every user requirements, a composition of cloud services is needed. In addition, the need to treat uncertainty in cloud service discovery and composition induces a lot of concerns in order to minimize the risk. Risk includes some sort of either loss or damage which is possible to be received by a target (i.e., the environment, cloud providers or customers). In this paper, we will focus on the uncertainty application for cloud service discovery and composition. A set of existing approaches in literature are reviewed and categorized according to the risk modeling
This document provides an overview of the South Asian Association for Regional Cooperation (SAARC). It discusses the history and establishment of SAARC in 1985 with its 7 original member countries. It outlines the goals of SAARC to promote economic and social development in South Asia. The document also summarizes the initial concerns that India and Pakistan had in joining the organization and how those concerns were eventually addressed.
Este documento describe las pautas y componentes clave para el registro médico adecuado. Explica que el registro médico es una parte fundamental de la atención médica y constituye un medio legalmente vinculante. Detalla los componentes típicos de un expediente médico como la hoja de ingreso, hoja de historia clínica, hoja de órdenes médicas y notas de enfermería. Además, proporciona pautas sobre la escritura clara, el formato y la organización de los registros médicos.
Project on Marketing Strategy of Maruti Suzuki.Ashish1004
This document provides an overview of the Indian automobile industry and Maruti Suzuki Ltd. In 3 sentences:
The automobile industry in India has grown significantly since the 1940s and liberalization in the 1990s allowed more foreign automakers to enter the market. Maruti Suzuki Ltd was established in 1981 as a joint venture between the Indian government and Suzuki Motor Corporation of Japan, and was very successful with its launch of the Maruti 800. The document discusses the history and development of the automobile industry in India as well as Porter's Five Forces model, and provides details on Maruti Suzuki's history, marketing strategies, and performance.
DFAA- A Dynamic Flow Aggregation Approach Against SDDOS Attacks in CloudIRJET Journal
This document proposes a new method called DFAA (Dynamic Flow Aggregation Approach) to detect periodic shrew distributed denial of service (DDoS) attacks in cloud computing. The method uses frequency-domain characteristics extracted from the autocorrelation of network flows as clustering features. It groups end-user flows using the BIRCH clustering algorithm and then refines the clusters. The evaluation shows the method can categorize abnormal network flows with fast response times and high detection accuracy, while avoiding lower impact groups of abnormal flows.
This document discusses a statistical approach for classifying and identifying different types of Distributed Denial of Service (DDoS) attacks using the UCLA dataset. It first introduces DDoS attacks and their increasing prevalence. It then discusses related work on DDoS attack detection. The document outlines the architecture of DDoS attacks and describes some common types like SYN flooding and ACK flooding attacks. The proposed system is described which involves collecting packets, extracting features, using a packet classification algorithm to initially classify attacks, then using a K-Nearest Neighbors classifier for more accurate results. Finally, the system aims to classify and identify specific types of DDoS attacks from the network traffic analysis.
This document discusses a statistical approach for classifying and identifying DDoS attacks using the UCLA dataset. It proposes extracting features from network traffic such as packet count, average packet size, time interval variance, and packet size variance. A packet classification algorithm first classifies packets as normal or attacks. For uncertain cases, a K-NN classifier is used. Then the types of DDoS attacks, including flooding and scanning attacks, are identified based on the feature values. The proposed approach is evaluated using the UCLA dataset and shows mathematical calculations for feature extraction. In conclusion, the statistical approach and packet classification algorithm are effective for classifying common DDoS flooding and scanning attacks.
USING A DEEP UNDERSTANDING OF NETWORK ACTIVITIES FOR SECURITY EVENT MANAGEMENTIJNSA Journal
With the growing deployment of host-based and network-based intrusion detection systems in increasingly large and complex communication networks, managing low-level alerts from these systems becomes critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or intrusion prevention systems (IPSs) are collected throughout a monitored network such that large series of alerts (alert streams) need to be fused. An alert indicates an abnormal behavior, which could potentially be a sign for an ongoing cyber attack. Unfortunately, in a real data communication network, administrators cannot manage the large number of alerts occurring per second, in particular since most alerts are false positives. Hence, an emerging track of security research has focused on alert correlation to better identify true positive and false positive. To achieve this goal we introduce Mission Oriented Network Analysis (MONA). This method builds on data correlation to derive network dependencies and manage security events by linking incoming alerts to network dependencies.
USING A DEEP UNDERSTANDING OF NETWORK ACTIVITIES FOR SECURITY EVENT MANAGEMENTIJNSA Journal
With the growing deployment of host-based and network-based intrusion detection systems in increasingly
large and complex communication networks, managing low-level alerts from these systems becomes
critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or
intrusion prevention systems (IPSs) are collected throughout a monitored network such that large series of
alerts (alert streams) need to be fused. An alert indicates an abnormal behavior, which could potentially be
a sign for an ongoing cyber attack. Unfortunately, in a real data communication network, administrators
cannot manage the large number of alerts occurring per second, in particular since most alerts are false
positives. Hence, an emerging track of security research has focused on alert correlation to better identify
true positive and false positive. To achieve this goal we introduce Mission Oriented Network Analysis
(MONA). This method builds on data correlation to derive network dependencies and manage security
events by linking incoming alerts to network dependencies.
Resource exhaustion
Detection and Prevention of TCP Flood Attacks
Intrusion Detection Systems (IDS)
Firewalls and access control measures
Rate limiting and traffic shaping
Mitigation Strategies for TCP Flood Attacks
IP blocking and filtering
SYN cookies and TCP sequence number randomization
Load balancing and traffic diversion
Case Studies of TCP Flood Attacks
Notable real-world examples
Protecting Against TCP Flood Attacks: Best Practices
Regular security audits and updates
Network segmentation and isolation
Collaborative threat intelligence sharing
Conclusion
Understanding TCP Flood Attacks
TCP Flood Attacks are a form of cyber attack that aims to overwhelm and disrupt computer networks by exploiting vulnerabilities in the Transmission Control Protocol (TCP). As one of the fundamental protocols of the internet, TCP plays a crucial role in ensuring reliable and ordered data transmission between devices. However, malicious actors can manipulate the protocol to flood target systems with a high volume of TCP connection requests, leading to network congestion, service disruptions, and resource exhaustion.
What is a TCP Flood Attack?
To understand TCP Flood Attacks, it’s essential to grasp the basics of the TCP protocol. TCP operates as a connection-oriented protocol that provides reliable, error-checked data transmission across networks. It guarantees that data packets sent from one device reach the destination device in the correct order.
A TCP Flood Attack occurs when an attacker floods a target system with an overwhelming number of TCP connection requests. The attack is typically launched using botnets, which are networks of compromised devices controlled by the attacker. By initiating a large number of TCP connections simultaneously, the attacker aims to exhaust the target system’s resources and overload its capacity to handle legitimate network traffic.
How TCP Flood Attacks Work
TCP Flood Attacks follow a specific pattern to disrupt network communications.
Step 1: Reconnaissance: The attacker identifies potential target systems by scanning IP addresses or exploiting vulnerabilities in poorly secured devices.
Step 2: TCP Connection Initiation: The attacker uses a botnet to send a flood of TCP connection requests to the target system.
Step 3: Target System Response: The target system receives the TCP connection requests and allocates system resources to establish connections.
Step 4: Resource Exhaustion: As the number of connection requests overwhelms the target system’s capacity, resources such as memory, processing power, and network bandwidth become depleted.
Step 5: Service Disruption: The target system becomes unable to handle legitimate network traffic, resulting in network congestion, slowdowns, and potential service outages.
Types of TCP Flood Attacks
TCP Flood Attacks can manifest in different forms, each targeting specific aspects of the TCP protocol. Some common types of TCP Flood Attacks include:
SYN Flood Attacks
SYN Flood Atta
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...cscpconf
In this paper, we have taken out the concern of security on a Medium Access Control layer
implementing Assured Neighbor based Security Protocol to provide the authentication,
confidentiality and taking in consideration High speed transmission by providing security in
parallel manner in both Routing and Link Layer of Mobile Ad hoc Networks. We basically
divide the protocol into two different segments as the first portion concentrates, based on
Routing layer information; we implement the scheme for the detection and isolation of the
malicious nodes. The trust counter for each node is maintained which actively increased and
decreased considering the trust value for the packet forwarding. The threshold level is defined differencing the malicious and non malicious nodes. If the value of the node in trust counter lacks below the threshold value then the node is considered as malicious. The second part focus on providing the security in the link layer, the security is provided using CTR (Counter) approach for authentication and encryption. Hence simulating the results in NS-2, we come to conclude that the proposed protocol can attain high packet delivery over various intruders while attaining low delays and overheads.
B.Tech. Lab Record for Data Communication & Computer Networksswapnilherage
Computer Network tutorial provides basic and advanced concepts of Data Communication & Networks (DCN). Our Computer Networking Tutorial is designed for beginners and professionals.
Our Computer Network tutorial includes all topics of Computer Network such as introduction, features, types of computer network, architecture, hardware, software, internet, intranet, website, LAN, WAN, etc.
International Refereed Journal of Engineering and Science (IRJES) is a leading international journal for publication of new ideas, the state of the art research results and fundamental advances in all aspects of Engineering and Science. IRJES is a open access, peer reviewed international journal with a primary objective to provide the academic community and industry for the submission of half of original research and applications
This document is a dissertation submitted by Ameya Vashishth in partial fulfillment of a Bachelor of Technology degree. It discusses denial of service (DoS) attacks and mitigation techniques. The dissertation provides an overview of DoS attacks, describes different types of attacks like Smurf, ping flood, TCP SYN flood and UDP flood. It also discusses distributed DoS attacks and recommended tools to perform DDoS attacks. The document concludes with discussing various countermeasures that can be used to mitigate DoS and DDoS attacks.
Advisedly delayed packet attack on tcp based mobile ad-hoc networkseSAT Journals
Abstract Efficient routing in mobile ad-hoc networks (MANETs) is a challenging task due to its varying physical channel characteristics, dynamic topology and un-centralized communication. Furthermore, multihop routing is required when the source-destination pairs are not in each other’s communication range. Due to the above challenges these networks are vulnerable to various types of attacks on various layers of the TCP/IP protocol stack. In this thesis, we implement and analyze an attack called advisedly delay packet attack on ad-hoc on-demand distance vector (AODV) routing protocol. The advisedly delay packet attack is an attack that effects the TCP-based as well as UDP-based data transmissions but in this thesis we will also see how it exploits the TCP congestion control mechanism to decrease the throughput of the network. In this attack, the attacker exploit the period of retransmission time out (RTO) of the sender and attack in such a way so the sender is always transmitting in the slow start phase. Keywords- MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability
This document proposes using a linear prediction model to detect a wide range of flooding distributed denial of service (DDoS) attacks. It models the entropy of incoming network traffic over time using a linear prediction technique commonly applied to financial time series. The model is tested on simulated network data containing normal traffic and introduced attacks of varying rates. Results show the linear prediction model can successfully detect attacks with low rates and delays by identifying anomalies in the modeled entropy time series compared to normal traffic patterns. This approach aims to provide a fast and effective method for detecting different types of flooding DDoS attacks.
As the enormous use of internet increases day by day so as security concern is also raise day by day over
the internet. In this paper we discuss the network security and its related threats and also study the types of
protocols and few issues related to protocols in computer networks. We also simulate the design of 5 node
wired network scenario, its packet drop rate analysis through TCP protocol using NS2 as a simulator.
Analyzed the performance of 5-node network when the packet is drop down by graphical method also
called as Xgraph when rate parameter is in mb and also analyzed the performance of same network by
changing the value of rate parameter at same time so no packets would drop down at same time and also
analyzed the performance by Xgraph method.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Mobile ad hoc network (MANET) is an autonomous system of mobile nodes. Each node operates not only as an end system, but also as a router to forward packets. The nodes are free to move about and organize themselves into a network. These cause extra challenges on security. In this paper, evaluation of prominent on-demand routing protocol i.e. AODV,MAODV,RAODV has been done by varying the network size. An effort has been carried out to do the performance evaluation of these protocols using random way point model. The simulator used is NS 2.34. The performance of either protocol has been studied by using a self created network scenario with respect to pause time.
A computer network plays a major part in the development of any industry. Nowadays, in this fast paced
networking world each and every industry depends on internet for their progress. As said above this is the fast
paced world, the attack to disable the progress are also fast paced. DDoS (Distributed Denial of Service) is one
among them. Though it is one of the many attacks, they temporarily disable a service provided by the company.
This paper proposes a series of steps which not only checks the possible attack but also tries its best to thwart
them. Instead of going for conventional approach of blocking the excess traffic, the proposed approach will
prolong the access to the service. In the mean time checking for the possible attack is done. Thus, not only it
thwarts the attacks but also gives them reliable user their access with a little bit of delay, resulting in high
reliability.
Impact of black hole attack on aodv routing protocolZac Darcy
A
m
obile
a
d
-
hoc
n
etwork (MANET)
is a
collection
of wireless mobile nodes
that dynamically self
-
organize
to form an
arbitrary and temporary network.
The mobile nodes can communicate wit
h each other
without
any fixed infrastructure.
MANET
can be set
up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation.
The various severe security threats are
increasing
on the
MANET
. One of these secur
ity threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On
-
Demand Distance Vector (AODV) protocol. Th
e simulation is carried on
NS
-
2 and t
he simulation
results are analyzed
on
various network performance
metric
s such as packet delivery ratio, normalized
routing overhead
and
average end
-
to
-
end delay
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
A mobile ad-hoc network (MANET) is a collection of wireless mobile nodes that dynamically self-organize
to form an arbitrary and temporary network. The mobile nodes can communicate with each other without
any fixed infrastructure. MANET can be set up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation. The various severe security threats are increasing on the
MANET. One of these security threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On-Demand Distance Vector (AODV) protocol. The simulation is carried on NS-2 and the simulation
results are analyzed on various network performance metrics such as packet delivery ratio, normalized
routing overhead and average end-to-end delay.
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
This document analyzes the impact of black hole attacks on the Ad Hoc On-Demand Distance Vector (AODV) routing protocol in mobile ad hoc networks. Through simulations in NS-2, it evaluates various performance metrics like packet delivery ratio, end-to-end delay, and routing overhead under different network conditions. The results show that the black hole attack significantly reduces packet delivery and increases delay and overhead compared to normal AODV operation. The attack has a more severe impact as the number of malicious nodes, network transactions, or node mobility increases.
IRJET- A Survey on DDOS Attack in ManetIRJET Journal
This document summarizes a survey on distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANETs). It begins by introducing MANETs and some of the key security issues they face, including DDoS attacks. It then discusses different types of DDoS attacks like flooding and amplification/reflection attacks. The document proposes a new defense scheme against amplification attacks, which exploit protocols like DNS and NTP to amplify traffic. It describes using the Network Security Simulator to model and simulate DDoS attacks with master, zombie, and server entities to evaluate defense techniques and compare the impact of protocols like DNS and NTP.
Similar to Quantifying the impact of flood attack on (20)
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Understanding Inductive Bias in Machine LearningSUTEJAS
This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models.
The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees.
By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesChristina Lin
Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
1. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
DOI:10.5121/ijcsa.2014.4607 79
Quantifying the Impact of Flood Attack on
Transport Layer Protocol
KULDEEP TOMAR
1
AND S.S TYAGI
2
1
Research Scholar, Department of CSE, MRIU, Faridabad, Haryana, India
2
Professor & Head, Department of CSE, MRIU, Faridabad, Haryana, India
ABSTRACT
As growth of internet and computer increase day by day so as the growth of attacks on network is also
tremendously increased day by day. In this paper we introduced a wired network and create two TCP
source node and one attacker node (Distributed denial-of-service) flooding type attack which is the attack
on the bandwidth of TCP node at source side sends data to destination through router and also measure the
impact of Denial-of-service attack (DoS) on that wired network how packets of other source nodes and that
node will drop down due to the impact of flooding type denial-of-service attack and shows the result using
NS-2 NAM & Xgraph windows in simulation.
Keywords
CBR, DoS, DDoS, NAM, TCP, Wired Network .
1.INTRODUCTION
In Today’s world, network security is major concern in computer network. There are so many
attackers who spoof the important information and misused that information through these kinds
of attacks on network attackers spoof the information. Denial-of-service is not only the issue in
the internet but rather it changes the mandatory or required information when there would be
slight change in the protocols. The emergence of Distributed denial-of-service exists in the base
of the Internet architecture [1] and there are so many methods through which we will detect the
DDoS attack as in [2][3]. There are following types of attacks that come against the infrastructure
of Internet.
• Attack against TCP/IP
• Attack against DNS
• Attack against Border gateway protocol
And there are some attacks that comes under the wired network
• Denial of Service Attack
• Modify the information
• Escalation
• Destruct the data
• Disclosure
2. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
80
In this paper we introduce the DDoS attack (Distributed denial-of-service) called Flooding type
Attack which is on the bandwidth of the network. Denial of service attack divided in following
three categories:
• Flooding type Attack
• Protocol Attack
• Logical Attack
We consider the attack on bandwidth introduced on the wired network and measure or calculate
the impact of flooding DDoS attack on the TCP protocol. We experimentally show the result of
flooding attack by network simulator NS-2. In which change the bandwidth range and the result is
shown as packets will drop down at the node 3 called router node r1.
In Transport layer TCP and UDP are the two protocols on which impact measured. We consider
the TCP protocol and measure the performance of TCP protocol by Xgraph and NAM output
files. As we know the TCP is connection oriented protocol and every time before packet sends to
destination the connection would established.
2.BACKGROUND AND RELATED WORK
There are following comparative study and experiments implemented on TCP and UDP
protocols, detecting denial-of-service flooding type attack on TCP & UDP. In this we analyse the
quantitative description of flood type on the bandwidth & its results on packets drop other source
nodes at router. In [4] we analyse the study on transport layer as now we study application layer
protocol with the traffic CBR, Expo, ftp etc. as we recognize DDoS is single most important
threats for the recent Internet as of its ability to generate a enormous volume of redundant or not
needed(unwanted) traffic[5].however the number of techniques have been anticipated to conquer
denial–of-service attacks in Distributed Peer-to-peer networks, it is still extremely inflexible to
react to the flood based DDoS attacks due to a huge number of attacking technology and make
use of this type of technology to spoof the source- address. A well-organized structure has been
considered to detect and defend from the Distributed denial-of-service attacks in Peer-to-Peer
networks. It prevent against these type of threats or attacks by allowing to maintain the distance
among source and the dupe end [6].In the following category of threat, an attacker attempt to
avoid the use or release of a valuable resource to their intentional viewers or clients. It may be
implemented by the use of various methods, in reality and on computer device. For example, any
attacker can disallow everyone to access telephone systems by cutting down the main telecom
wire from a building, by repetitively calling each accessible phone line, or by distort their PBX
[7]. Up to now we understand the work of malicious node[8] on wired network and on transport
layer now we study the effect of malicious node that attacker node on wireless network also as in
[9][10][11] attacker node affect the zone or on wireless network area. There is also a protocol
which works as defender in DDoS [12].
3.EXPERIMENTAL ANALYSIS
In this paper our work is on the TCP protocol and we implement the result with 4 type of traffic
(CBR, FTP, Preto and Exponential) as architecture shown in fig. 1 below:
3. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
81
Figure.1 Architecture of Wired Network with Attacker node
In this architecture 2 nodes called as a user node (TCP node) S1, S3 in network and S2 is attacker
node (TCP Node) which will affect the both source node s1, s3 called 0, 2 and s2 is attacker node
1 and r1 is router node called 3 and d1 is destination node called 4 in the fig.2 and results shows
the performance of each traffic on the TCP by the bandwidth. Data sends from node0 is 0.2 MB
so only 20% data is send from node0 to r1 and 55% data sends from node1 attacker node to r1 so
that traffic will affect the node0, node2 so the packets from node0,node2 will be drop down due
to attacker node traffic. Node2 sends 45% traffic to r1, and r1 sends 20% data to d1, as shown in
results.
In TCP/IP the TCP is transport layer protocol in which attaches the traffics to TCP node and
algorithm is shown as:
1. Create a Simulator
set st[new Simulator]
2. Select the colors
$st color 0 red
$st color 1 green
$st color 2 blue
3. Set the shape
$ no Shape”circle”
$ no Color”black”
Same for n1, n2, n3, n4
4. Set the three output files as f_name as f0,f1,f2
5. Create the five nodes as
set n0 [$st node]
set n1 [$s tnode]
set n2 [$st node]
set n3 [$st node]
set n4 [$st node]
6. Create the duplex/simplex link between the nodes as source node n0 to router n3 and
attach the delay and bandwidth in the queue(RED/DropTail) as set the data %
4. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
82
$st duplex-link $n0 $n3 0.2 Mb 100ms
DropTail
# set the Attacker node as means 55% data send from attacker node
$st duplex-link $n1 $n3 0.55Mb 200ms
DropTail
$st duplex-link $n2 $n3 0.45Mb 300ms
DropTail
$st duplex-link $n3 $n4 0.8Mb 100ms
DropTail
#For creating TCP Agent steps are
7. set tcp1 [new Agent/TCP]
8. $st attach-agent $node $tcp1
9. $tcp1 set class_ 2
10. set sink1[newAgent/TCPSink]
11. $st attach-agent $n4 $sink
12. #Connect the traffic ( CBR/ Expo/ Preto/ftp) source with the traffic sink
13. $st connect $tcp $sink1
14. $tcp1 set fid_ 1
15. #Following steps are the parameters of CBR
#Setup a CBR over TCP connection for node n0, n1, n2
Set cbr1as [new Application/Traffic/CBR]
$cbr1 attach-agent $tcp1
15.1 #Parameters of CBR
$cbr1 firstly set type of traffic as set type then
$cbr1 set packet_size
$cbr1 set rate
$cbr1 set random
#And for exponential traffic parameters steps are:
#Setup a Exponential over TCP connection for node n0
set exp0 [ new Application / Traffic/ Exponential ]
15.2 #parameters of expo traffic are
$exp0 attach-agent
$exp0 set packet_size
$exp0 set burst_time
$exp0 set idle_time
$exp0 set rate
#And for FTP traffic parameters steps are:
5. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
83
#Setup a FTP over TCP connection for node n0
set ftp [new Application/FTP]
15.3 #parameters of ftp are
$ftp attach-agent $tcp1
$ftp set type_ FTP
16. Then record the procedure for bandwidth.
Figure.2 Architecture of 5 nodes
Fig. 2 represents the 5 nodes wired scenario in which packets send from s0 i.e. 0 to r1 (router) i.e.
3 and through the router to d1 i.e. 4 at that time packets send by only S0 and no data sends from
S1 i.e. the attacker node so no data will drop at r1. As and in fig. 3 represents the packets will
drop down due to S1 sends packet to r1 so the packets of S0 and S3 are drop down.
Figure.3 Packets Drop of node0 and node2 due to node1
6. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
84
Even also the Effect of this attacker node, S1 will also drop the packets at some time in the
Network as shown in Fig. 4.
Figure.4 Packets of node1 also drop down at r1
Now the results analysis is shown by the graph at which time packets will drop down and how the
peak called bandwidth will be changed as packets rate fig.5 shows the experimental graph result
of exponential traffic in which the packets of node0 will drop down at 1.43 as shown in fig.3 and
in graph of fig. 5 also as we known exponential distribution is on/off traffic distribution at one
time only traffic sends to destination.
Figure.5 Result analysis at Exponential node
7. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
85
In the fig. 6 the experiment shows the result of ftp traffic on the network as every traffic has
different parameters as discussed in above algorithmic steps. Due to their parameters each will
drop down packet on different time period as in fig.6 packets will drop down Between 1.00 to 1.5
as shown by the bandwidth.
Figure.6 Result Analysis at FTP Traffic
As the same in Fig.7 results of bandwidth is shown for Preto type traffic.
Figure.7 Result analysis of preto traffic
Another type of traffic is CBR (constant Bit rate) traffic in which traffic sends at constant bit rate
through the help of its following parameters. The packets drop at 2.0 as shown by bandwidth in
graph of fig.7.
Table1. Traffic Parameters
Parameters Value
Traffic type Distributed Denial-of-service(DDoS)
Traffic generation at attacker TCP
8. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
86
Traffic arrival at TCP CBR, FTP. expo, Preto
Packet_size 1000
Rate 100k
Ideal_time 1ms
Now time 0.1
In this experiment the simulator used for these above results is NS-2 that is a platform on which
source and attacker node sends the packet and due to attacker node packets drop down and
throughput comes in the form of Xgraph shows in above results of traffic shows how packets
sends and how many packets sends to d1 and how packets flow and drop down in a network. In
above results different types of traffic is generated at TCP nodes 0,1,2 and each traffic would
have following parameters to generate that traffics and due to their parameters each will drop out
there packets at different time period in the graphs.
4.CONCLUSION
The experimental analysis shows the flooding of packets by S1 will affect on the bandwidth of
network so the less packets will reach to destination and packet drop rate shows here in results
because of the different traffic generators at attacker node and other nodes.TCP is Connection
established protocol so less packets will drop at r1 as comparison to the UDP node and more no.
of packets will send at d1.
ACKNOWLEDGEMENTS
The authors would like to thank all the researchers and the authors of referred papers for their
contribution in this area.
REFERENCES
[1] Hamza Rahmani, Nabil Sahli, Farouk Kamoun, “DDoS flooding attack detection scheme based on F-
divergence”, Computer Communications 35 (2012) 1380–1391, Elsevier.
[2] Y. Xie, S. Tang, X. Huang, C. Tang, X. Liu, “Detecting latent attack behavior from aggregated Web
traffic”, Computer Communications 36 (2013) 895–907, Elsevier.
[3] Y. Xiang, Y. Lin, W.L. Lei ,S.J. Huang, “Detecting DDOS Attack on network Similarity”, IEE Proc.-
Commun., Vol. 151, No. 3, June 2004.
[4] Ming Li, Jun Li, Wei Zhao, “Experimental study of DDOS Attacking of Flood Type based on NS-2”,
International Journal of Electronics and Computers, 1(2) December 2009, pp. 143-152, International
Science Press, India.
[5] Monika Sachdeva, Gurvinder Singh, Krishan Kumar and Kuldip Singh, “Measuring Impact of DDOS
Attacks on Web services”, Journal of Information Assurance and Security 5 (2010) 392-400, Received
January 01, 2010 1554-1010 $ 03.50 Dynamic Publishers, Inc.
[6] Vooka Pavan Kumar1, Abhinava Sundaram.P, Munnaluri Bharath Kumar, N.Ch.S.N.Iyengar,
“ANALYSIS OF DDoS Attacks in distributed peer to peer networks”, Journal of Global Research in
Computer Science, Volume 2, No. 7, July 2011.
[7] Shiv Kumar, Ritika Singal, Priyadarshni, “ Mitigate the Impact of DoS Attacks by Verifying Packet
Structure”, International Journal of Advanced Research in Computer Science and Software
Engineering Volume 3, Issue 8, August 2013 ISSN: 2277 128X.
9. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.6,December 2014
87
[8] DollyUppal, Vishakha Mehraand Vinod Verma ”Basic survey on Malware Analysis, Tools and
Techniques”, International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1,
February 2014.
[9] Po-wah yau, Shenglan hu and Chris j. mitchell, “Malicious attacks on ad hoc network routing
protocols”, Information Security Group,Royal Holloway, University of LondonEgham, Surrey TW20
0EX, UK P.Yau, S.Hu, C.Mitchell@rhul.ac.uk
[10]Mozmin Ahmed, Dr. Md. Anwar Hussain, “Effect of Malicious Node Attacks under Practical Adhoc
Network”, IRACST – International Journal of Computer Networks and Wireless Communications
(IJCNWC), ISSN: 2250-3501 Vol.2, No5, October 2012.
[11]A.Rajaram, Dr. S. Palaniswami, “Malicious Node Detection System for Mobile Ad hoc
Networks”,(IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 1
(2) , 2010, 77-85.
[12]Bharat Rawal, Harold Ramcharan and Anthony Tsetse, Shaw University “Augmented Split –protocol;
An Ultimate DDoS Defender”, International Journal on Computational Sciences & Applications
(IJCSA) Vol.4, No.1, February 2014.
Authors
Dr. S. S. Tyagi is presently working as a Professor and Head of the Department of Computer Science and
Engineering in Manav Rachna International University, Faridabad, Haryana, India. He is having an
experience of 22 years including 4 years of industrial and 18 years of teaching experience. He has been
holding various academic and administrative positions during his career. He has been consultant to some
software development companies. He has been an examiner and evaluator for M.Tech thesis and PhD
thesis. He has been a reviewer for books and research papers for some renowned and reputed journals. He
is guiding 07 Ph.D. Scholars in the field of Network Security, Ad hoc networks, Cloud Computing,
Wireless Security etc. There are around 40 publications to his credit published in reputed International
Journals, National Journals and in the proceedings of International and National Conferences and
contributing to the research for the benefit of mankind and society at large. His knowledge covers all major
areas of Computer Science and Engineering. Currently his areas of research interest are Network Security,
Wireless Communication, Mobile Ad hoc Networks, and Cloud Computing. Dr. S. S. Tyagi, is a member of
various professional bodies like IEEE, CSI, QCI, ASQ etc.
Kuldeep Tomar is a Research Scholar in the Department of CSE, MRIU, Faridabad,
Haryana, India. He has done M.E/M.Tech in Computer Science and Engineering from
C.I.T.M., Faridabad, India. He has a total work experience of 12 years (including academics and industry)
in different organizations. He is currently working as Associate Professor in NGF College of
Engineering & Technology, Palwal, Haryana, Indaia. He has published more than 17
papers in reputed International Journals, National Journals and in the proceedings of International and
National Conferences etc. Has is also written a book. He also is a member of Computer Society of India,
Membership No: N1039627.