Related papers: Cumulative Sum Algorithm for Detecting SYN Floodin…
Distributed denial-of-service attacks on public servers have recently become a serious problem. To assure that network services will not be interrupted and more effective defense mechanisms to protect against malicious traffic, especially…
The SYN flood attack is a common attack strategy on the Internet, which tries to overload services with requests leading to a Denial-of-Service (DoS). Highly asymmetric costs for connection setup - putting the main burden on the attackee -…
Denial of Service (DoS) is a security threat which compromises the confidentiality of information stored in Local Area Networks (LANs) due to unauthorized access by spoofed IP addresses. SYN Flooding is a type of DoS which is harmful to…
This paper presents a hybrid method for the detection of distributed denial-of-service (DDoS) attacks that combines feature-based and volume-based detection. Our approach is based on an exponential moving average algorithm for…
This study focuses on a method for detecting and classifying distributed denial of service (DDoS) attacks, such as SYN Flooding, ACK Flooding, HTTP Flooding, and UDP Flooding, using neural networks. Machine learning, particularly neural…
SYN-flooding attack uses the weakness available in TCP's three-way handshake process to keep it from handling legitimate requests. This attack causes the victim host to populate its backlog queue with forged TCP connections. In other words…
The challenging number is used for the detection of Spoofing attack. The IP Spoofing is considered to be one of the potentially brutal attack which acts as a tool for the DDoS attack which is considered to be a major threat among security…
The stability of Internet services is persistently challenged by large volumetric TCP SYN floods, for which conventional defenses such as SYN Cookies preserve server state but still amplify bandwidth pressure. This paper presents SDN-SYN…
In this paper, we present synthetic data generation framework for flood hazard detection system. For high fidelity and quality, we characterize several real-world properties into virtual world and simulate the flood situation by controlling…
Network intrusion detection systems are themselves becoming targets of attackers. Alert flood attacks may be used to conceal malicious activity by hiding it among a deluge of false alerts sent by the attacker. Although these types of…
In this paper, we present first measurements of Internet background radiation originating from the emerging transport protocol QUIC. Our analysis is based on the UCSD network telescope, correlated with active measurements. We find that…
The state of security demands innovative solutions to defend against targeted attacks due to the growing sophistication of cyber threats. This study explores the nefarious tactic known as "watering hole attacks using supervised neural…
Denial of service attacks (DoS) can cause significant financial damages. Flooding and Malicious packets are two kinds of DoS attacks. This paper presents a new security approach which stops malicious packets and prevents flooding in the…
In this paper, we analyze several recent schemes for watermarking network flows that are based on splitting the flow into timing intervals. We show that this approach creates time-dependent correlations that enable an attack that combines…
Stealthy false data injection attacks on cyber-physical systems introduce erroneous measurements onto sensors with the intent to degrade system performance. An intelligent attacker can design stealthy attacks with knowledge of the system…
Due to climate and land-use change, natural disasters such as flooding have been increasing in recent years. Timely and reliable flood detection and mapping can help emergency response and disaster management. In this work, we propose a…
The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring system whose goal is to measure, detect, characterize, and track threats such as distribute denial of service(DDoS) attacks and worms. To block the monitoring…
Distributed link-flooding attacks constitute a new class of attacks with the potential to segment large areas of the Internet. Their distributed nature makes detection and mitigation very hard. This work proposes a novel framework for the…
Efficient algorithms and techniques to detect and identify large flows in a high throughput traffic stream in the SDN match-and-action model are presented. This is in contrast to previous work that either deviated from the match and action…
This paper presents a detection algorithm for sensor attacks and a resilient state estimation scheme for a class of uniformly observable nonlinear systems. An adversary is supposed to corrupt a subset of sensors with the possibly unbounded…