Related papers: Tracemax: A Novel Single Packet IP Traceback Strat…
Advanced Persistent Threats (APTs) are stealthy customized attacks by intelligent adversaries. This paper deals with the detection of APTs that infiltrate cyber systems and compromise specifically targeted data and/or infrastructures.…
In multi-hop mobile ad hoc networks (MANETs),mobile nodes cooperate with each other without using any infrastructure such as access points or base stations. Security remains a major challenge for these networks due to their features of open…
Traceroute is a networking tool that allows one to discover the path that packets take from a source machine, through the network, to a destination machine. It is widely used as an engineering tool, and also as a scientific tool, such as…
The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers' community to develop new methods and techniques to gain control over networking systems. Hence, the…
Destination IP prefix-based routing protocols are core to Internet routing today. Internet autonomous systems (AS) possess fixed IP prefixes, while packets carry the intended destination AS's prefix in their headers, in clear text. As a…
A crucial issue for a mobile ad hoc network is the handling of a large number of nodes. As more nodes join the mobile ad hoc network, contention and congestion are more likely. The on demand routing protocols which broadcasts control…
DoS and DDoS attacks are widely used and pose a constant threat. Here we explore Probability Packet Marking (PPM), one of the important methods for reconstructing the attack-graph and detect the attackers. We present two algorithms.…
In a multi-hop mobile ad hoc network (MANET) mobile nodes communicate with each other forming a cooperative radio network. Security remains a major challenge for these networks due to their features of open medium, dynamically changing…
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack of centralized management…
A malicious attempt to exhaust a victim's resources to cause it to crash or halt its services is known as a distributed denial-of-service (DDoS) attack. DDOS attacks stop authorized users from accessing specific services available on the…
Distributed Denial-of-Service (DDoS) attacks are usually launched through the $botnet$, an "army" of compromised nodes hidden in the network. Inferential tools for DDoS mitigation should accordingly enable an early and reliable…
Amplification Reflection Distributed Denial-of-Service (AR-DDoS) attacks remain a formidable threat, exploiting stateless protocols to flood victims with illegitimate traffic. Recent advances have enabled data-plane defenses against such…
Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has…
Deciding that two network flows are essentially the same is an important problem in intrusion detection and in tracing anonymous connections. A stepping stone or an anonymity network may try to prevent flow correlation by adding chaff…
Active security is mainly concerned with performing one or more security functions when a host in a communication network is subject to an attack. Such security functions include appropriate actions against attackers. To properly afford…
This paper introduces the concept of incremental traceback for determining changes in the trace of a network as it evolves with time. A distributed algorithm, based on the methodology of algebraic traceback developed by Dean et al, is…
Disruption from service caused by DDoS attacks is an immense threat to Internet today. These attacks can disrupt the availability of Internet services completely, by eating either computational or communication resources through sheer…
A distributed denial-of-service (DDoS) attack is an attempt to produce humongous traffic within a network by overwhelming a targeted server or its neighboring infrastructure with a flood of service requests ceaselessly coming from multiple…
Distributed Denial-of-Service (DDoS) attacks are a major problem in the Internet today. In one form of a DDoS attack, a large number of compromised hosts send unwanted traffic to the victim, thus exhausting the resources of the victim and…
In the last decade, the use of fast flux technique has become established as a common practice to organise botnets in Fast Flux Service Networks (FFSNs), which are platforms able to sustain illegal online services with very high…