Related papers: In-Network Volumetric DDoS Victim Identification U…
Distributed Denial of Service (DDoS) attack has become one of the most destructive network attacks which can pose a mortal threat to Internet security. Existing detection methods can not effectively detect early attacks. In this paper, we…
The performance of control systems with packet loss as a result of an attack over the actuation communication channel is analysed. The operator is assumed to monitor the state of the channel by measuring the average number of packet losses…
Networks today rely on expensive and proprietary hard- ware appliances, which are deployed at fixed locations, for DDoS defense. This introduces key limitations with respect to flexibility (e.g., complex routing to get traffic to these…
Increasing interest in the adoption of cloud computing has exposed it to cyber-attacks. One of such is distributed denial of service (DDoS) attack that targets cloud bandwidth, services and resources to make it unavailable to both the cloud…
Modern multi-domain networks now span over datacenter networks, enterprise networks, customer sites and mobile entities. Such networks are critical and, thus, must be resilient, scalable and easily extensible. The emergence of…
Denial of service attacks are especially pertinent to the internet of things as devices have less computing power, memory and security mechanisms to defend against them. The task of mitigating these attacks must therefore be redirected from…
In this paper, we apply a fusion machine learning method to construct an automatic intrusion detection system. Concretely, we employ the orthogonal variance decomposition technique to identify the relevant features in network traffic data.…
The rise of programmable data plane (PDP) and in-network computing (INC) paradigms paves the way for the development of network devices (switches, network interface cards, etc.) capable of performing advanced processing tasks. This allows…
This paper forecasts future Distributed Denial of Service (DDoS) attacks using deep learning models. Although several studies address forecasting DDoS attacks, they remain relatively limited compared to detection-focused research. By…
Distributed Denial of Service (DDoS) attacks have become increasingly prevalent and dangerous in the context of Internet of Things (IoT) networks, primarily due to the low-security configurations of many connected devices. This paper…
In this paper we introduce an intrusion detection system for Denial of Service (DoS) attacks against Domain Name System (DNS). Our system architecture consists of two most important parts: a statistical preprocessor and a neural network…
Data poisoning is one of the most relevant security threats against machine learning and data-driven technologies. Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into…
Network intrusion detection is the process of identifying malicious behaviors that target a network and its resources. Current systems implementing intrusion detection processes observe traffic at several data collecting points in the…
Since it is impossible to predict and identify all the vulnerabilities of a network beforehand, and penetration into a system by malicious intruders cannot always be prevented, intrusion detection systems (IDSs) are essential entities to…
Since it is impossible to predict and identify all the vulnerabilities of a network, and penetration into a system by malicious intruders cannot always be prevented, intrusion detection systems (IDSs) are essential entities for ensuring the…
The Supervisory control and data acquisition (SCADA) systems have been continuously leveraging the evolution of network architecture, communication protocols, next-generation communication techniques (5G, 6G, Wi-Fi 6), and the internet of…
Defending against distributed denial of service (DDoS) attacks in the Internet is a fundamental problem. However, recent industrial interviews with over 100 security experts from more than ten industry segments indicate that DDoS problems…
The detection of a volumetric attack involves collecting statistics on the network traffic, and identifying suspicious activities. We assume that available statistical information includes the number of packets and the number of bytes…
The progress and integration of intelligent transport systems (ITS) have therefore been central to creating safer and more efficient transport networks. The Internet of Vehicles (IoV) has the potential to improve road safety and provide…
The ability to detect, in real-time, heavy hitters is beneficial to many network applications, such as DoS and anomaly detection. Through programmable languages as P4, heavy hitter detection can be implemented directly in the data-plane,…