Related papers: Tracemax: A Novel Single Packet IP Traceback Strat…
A novel class of extreme link-flooding DDoS (Distributed Denial of Service) attacks is designed to cut off entire geographical areas such as cities and even countries from the Internet by simultaneously targeting a selected set of network…
As the current detection solutions of distributed denial of service attacks (DDoS) need additional infrastructures to handle high aggregate data rates, they are not suitable for sensor networks or the Internet of Things. Besides, the…
In this work, we propose online traffic engineering as a novel approach to detect and mitigate an emerging class of stealthy Denial of Service (DoS) link-flooding attacks. Our approach exploits the Software Defined Networking (SDN)…
Data-poisoning attacks can disrupt the efficient operations of transportation systems by misdirecting traffic flows via falsified data. One challenge in countering these attacks is to reduce the uncertainties on the types of attacks, such…
A novel approach to analyze statistically the network traffic raw data is proposed. The huge amount of raw data of actual network traffic from the Intrusion Detection System is analyzed to determine if a traffic is a normal or harmful one.…
Today's routing protocols critically rely on the assumption that the underlying hardware is trusted. Given the increasing number of attacks on network devices, and recent reports on hardware backdoors this assumption has become…
The emerging need for mobile ad hoc networks and secured data transmission phase is of crucial importance depending upon the environments like military. In this paper, a new way to improve the reliability of message transmission is…
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread…
Many mobile ad hoc network protocols use simple flooding, in order to adapt to changes in time varying network topology. Most of the times, a network-wide flood results in redundant packets and increases network congestion, probability of…
One of the most critical components of the Internet that an attacker could exploit is the DNS (Domain Name System) protocol and infrastructure. Researchers have been constantly developing methods to detect and defend against the attacks…
Innovative solutions to cyber security issues are shaped by the ever-changing landscape of cyber threats. Automating the mitigation of these threats can be achieved through a new methodology that addresses the domain of mitigation…
We introduce a method for securely delivering a set of messages to a group of clients over a broadcast erasure channel where each client is interested in a distinct message. Each client is able to obtain its own message but not the others'.…
Multi-access Edge Computing (MEC) is a 5G-enabling solution that aims to bring cloud-computing capabilities closer to the end-users. This paper focuses on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the…
In a DDoS attack (Distributed Denial of Service), an attacker gains control of many network users through a virus. Then the controlled users send many requests to a victim, leading to its resources being depleted. DDoS attacks are hard to…
Website fingerprinting (WF) attacks, which covertly monitor user communications to identify the web pages they visit, pose a serious threat to user privacy. Existing WF defenses attempt to reduce attack accuracy by disrupting traffic…
Internet has played a vital role in this modern world, the possibilities and opportunities offered are limitless. Despite all the hype, Internet services are liable to intrusion attack that could tamper the confidentiality and integrity of…
Denial of Service (DoS) attacks frequently happen on the Internet, paralyzing Internet services and causing millions of dollars of financial loss. This work presents NetFence, a scalable DoS-resistant network architecture. NetFence uses a…
Local Differential Privacy (LDP) enables massive data collection and analysis while protecting end users' privacy against untrusted aggregators. It has been applied to various data types (e.g., categorical, numerical, and graph data) and…
This paper deals with the delay-throughput analysis of a single-hop wireless network with $n$ transmitter/receiver pairs. All channels are assumed to be block Rayleigh fading with shadowing, described by parameters $(\alpha,\varpi)$, where…
Volumetric Distributed Denial of Service (DDoS) attacks have been a recurrent issue on the Internet. These attacks generate a flooding of fake network traffic to interfere with targeted servers or network links. Despite many efforts to…