An Analysis of the Cyber Security Opportunity and Challenges
Keywords:
DDOS , Defense , Denial of services.Abstract
Attempts to overload a system to the point where only a limited number of users are able to access a service are what are referred to as "denial of service" (DoS) or "distributed denial of service" (DDoS) attacks. Both terms refer to the same type of attack (DDoS). Hackers are able to take control of a large number of computers that have already been compromised as a result of the use of distributed denial of service (DDoS) attacks because these attacks can be launched against the standard architecture of the internet. The attacker will first select a target or targets, and then they will use a previously established attack network or botnet to coordinate a massive attack against those targets. The attacker may also select multiple targets at once. In light of the continuing growth in both the number of hosts that are susceptible to attack and the diversity of attack vectors, numerous strategies for detecting, preventing, and tracking distributed denial of service attacks have been proposed. These strategies aim to track down attacks, prevent attacks, and detect attacks. When conducting commercial monitoring of a system that is under attack from a DDoS, it is typical for a large number of packets to be involved in the process. They are to blame for significant delays on the network in addition to an exhaustion of its resources as a result of the fact that they infect thousands of hosts all at once. Attacks conducted via a network that uses distributed denial of service make it more difficult for us to take advantage of the infrastructure as a whole and its many benefits. Because of this, the authorized end users of the system will be shielded from any potential dangers that may arise. This article investigates the nature of distributed denial of service attacks, also known as DDoS attacks, as well as the methods that are used to launch them and the countermeasures that can be put into place to defend against them. In this paper, we investigate a number of different strategies for detecting distributed denial-of-service attacks, defending against them, and mitigating their effects.
References
S.T. Zargar, J. Joshi, D. Tipper, “A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks”, IEEE Communications Surveys & Tutorials, 15 (4) (2013), pp. 2059-2068, 10.1109/SURV.2013.031413.00127
D. Dittrich, “The Tribe Flood Network Distributed Denial of Service attack tool,” University of Washington, October 21, 1999. Available at: http://staff.washington.edu/dittrich/misc/tfn.analysis.txt
A. Furfaro, G. Malena, L. Molina, A. Parise, “A Simulation Model for the Analysis of DDoS Amplification Attacks” Conference on Modeling and Simulation (2015), pp. 266-273
K.S. Bhosale, M. Nenova, G. Iliev, “The Distributed Denial of Service attacks (DDoS) prevention mechanisms on application layer”, Conference on Advanced Technologies, Systems and Services in Telecommunications, IEEE (2017), pp. 136-138
A. Praseed, P.S. Thilagam, “DDoS Attacks at the Application Layer: Challenges and Research Perspectives for Safeguarding Web Applications”, IEEE Communications Surveys & Tutorials, 21 (1) (2019), pp. 668-679, 10.1109/COMST.2018.2870658
P. Ferguson et. al., “Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing”, Technical report, The Internet Society, 1998.
Cheng Jin, Haining Wang, and Kang G. Shin. 2003. Hop-Count Filtering: An Effective Defense against Spoofed DDoS Traffic. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS ’03), 30–41. doi: 10.1145/948109.948116.
Yang Xiang, Ke Li, and Wanlei Zhou, Low-Rate DDoS Attacks Detection and Trace back by Using New Information Metrics, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 6, NO. 2, JUNE 2011
Saman Taghavi Zargar, Joshi, Member, IEEE, and David Tipper,A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks, IEEE COMMUNICATIONS SURVEYS & TUTORIALS, ACCEPTED FOR PUBLICATION (2013)
Ilker Ozcelik, Yu Fu , Richard R. Brooks ,DoS Detection is Easier Now, 2013 Second GENI Research and Educational Experiment Workshop.
Ahmad Sanmorino1, Setiadi Yazid2, DDoS Attack detection method and mitigation using pattern of the flow, 2013 International conference of Information and communication technology ( ICoICT)
Y.-L. Hu and W.-B. Su, "Design of Event-Based Intrusion Detection System on Open Flow Network," in 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013.
R. Skowyra, "Software-Defined IDS for Securing Embedded Mobile Devices," in IEEE High-Performance Extreme Computing Conference (HPEC), 2013.
Giotis A, Ahmed L., “A Source-end Defence against flooding denial of Service Attacks”, In IEEE Transactions on Dependable and Secure Computing”, Vol. 2, pp. 219-228, 2014.
Masdari, M.; Jalali, M. “A survey and taxonomy of DoS attacks in cloud computing. Security. Commun. & Networking”, 2016, 9, 3724–3751; SCN-15-0746.R1.
M. Belyaev and S. Gaivoronski, "Towards Load Balancing in SDN-Networks During," in International Science and Technology Conference (Modern Networking Technologies) (MoNeTeC), Moscow, 2014.
. A Sophos Article 04.12v1.dNA, eight trends changing network security by James Lyne.
Cyber Security: Understanding Cyber Crimes- Sunlit Belapure Nina Godbole
. Computer Security Practices in Non Profit Organisations – A NetAction Report by Audrie Krause.
A Look back on Cyber Security 2012 by Luis corrons – Panda Labs. 5. International Journal of Scientific & Engineering Research, Volume 4, Issue 9, September-2013 Page nos.68 – 71 ISSN 2229-5518, “Study of Cloud Computing in HealthCare Industry “ by G.Nikhita Reddy, G.J.Ugander Reddy
IEEE Security and Privacy Magazine – IEEECS “Safety Critical Systems – Next Generation “July/ Aug 2013.
CIO Asia, September 3rd , H1 2013: Cyber security in malasia by Avanthi Kumar.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.