• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 6
  • 1
  • 1
  • Tagged with
  • 10
  • 10
  • 5
  • 4
  • 3
  • 3
  • 3
  • 3
  • 3
  • 3
  • 3
  • 3
  • 3
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Securing SDN Data Plane:Investigating the effects of IP SpoofingAttacks on SDN Switches and its Mitigation : Simulation of IP spoofing using Mininet

JABBU, SHIVAKUMAR YADAV, MADIRAJU, ANIRUDH SAI January 2023 (has links)
Background:Software-Defined Networking (SDN) represents a network architecture that offers a separate control and data layer, facilitating its rapid deployment and utilization for diverse purposes. However, despite its ease of implementation, SDN is susceptible to numerous security attacks, primarily stemming from its centralized nature. Among these threats, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks pose the most substantial risks. In the event of a successful attack on the SDNcontroller, the entire network may suffer significant disruption. Hence, safe guarding the controller becomes crucial to ensure the integrity and availability of the SDN network. Objectives:This thesis focuses on examining the IP spoofing attack and its impact on the Data Plane, particularly concerning the metrics of an SDN switch. The investigation centers around attacks that manipulate flow-rules to amplify the number of rules and deplete the resources of a switch within the Data Plane of an SDN network. To conduct the study, a software-defined network architecture was constructed using Mininet, with a Ryu controller employed for managing network operations. Various experiments were carried out to observe the response of the SDN system when subjected to an IP spoofing attack, aiming to identify potential mitigation strategies against such threats. Method and Results: To simulate the resource exhaustion scenario on the SDN network’s Data Plane,we deliberately triggered an escalation in the number of flow-rules installed in the switch. This was achieved by sending packets with spoofed IP addresses, there by exploiting the switch’s limited resources. Specifically, we focused on monitoring the impact on CPU utilization, storage memory, latency, and throughput within the switch. Detailed findings were presented in the form of tables, accompanied by graphical representations to visually illustrate the effects of increasing flow rules on the switches. Furthermore, we explored potential mitigation measures by developing an application that actively monitors the flow rules on the Ryu controller, aiming to detect and counteract such resource-exhausting effects.
2

A Prevention Technique for DDoS Attacks in SDN using Ryu Controller Application

Adabala, Yashwanth Venkata Sai Kumar, Devanaboina, Lakshmi Venkata Raghava Sudheer January 2024 (has links)
Software Defined Networking (SDN) modernizes network control, offering streamlined management. However, its centralized structure makes it more vulnerable to distributed Denial of Service (DDoS) attacks, posing serious threats to network stability. This thesis explores the development of a DDoS attack prevention technique in SDN environments using the Ryu controller application. The research aims to address the vulnerabilities in SDN, particularly focusing on flooding and Internet Protocol (IP) spoofing attacks, which are a significant threat to network security. The study employs an experimental approach, utilizing tools like Mininet-VM (VirtualMachine), Oracle VM VirtualBox, and hping3 to simulate a virtual SDN environment and conduct DDoS attack scenarios. Key methodologies include packet sniffing and rule-based detection by integrating Snort IDS (Intrusion Detection System), which is critical for identifying and mitigating such attacks. The experiments demonstrate the effectiveness of the proposed prevention technique, highlighting the importance of proper configuration and integration of network security tools in SDN. This work contributes to enhancing the resilience of SDN architectures against DDoS attacks, offering insights into future developments in network security.
3

Design and Analysis of Anomaly Detection and Mitigation Schemes for Distributed Denial of Service Attacks in Software Defined Network. An Investigation into the Security Vulnerabilities of Software Defined Network and the Design of Efficient Detection and Mitigation Techniques for DDoS Attack using Machine Learning Techniques

Sangodoyin, Abimbola O. January 2019 (has links)
Software Defined Networks (SDN) has created great potential and hope to overcome the need for secure, reliable and well managed next generation networks to drive effective service delivery on the go and meet the demand for high data rate and seamless connectivity expected by users. Thus, it is a network technology that is set to enhance our day-to-day activities. As network usage and reliance on computer technology are increasing and popular, users with bad intentions exploit the inherent weakness of this technology to render targeted services unavailable to legitimate users. Among the security weaknesses of SDN is Distributed Denial of Service (DDoS) attacks. Even though DDoS attack strategy is known, the number of successful DDoS attacks launched has seen an increment at an alarming rate over the last decade. Existing detection mechanisms depend on signatures of known attacks which has not been successful in detecting unknown or different shades of DDoS attacks. Therefore, a novel detection mechanism that relies on deviation from confidence interval obtained from the normal distribution of throughput polled without attack from the server. Furthermore, sensitivity analysis to determine which of the network metrics (jitter, throughput and response time) is more sensitive to attack by introducing white Gaussian noise and evaluating the local sensitivity using feed-forward artificial neural network is evaluated. All metrics are sensitive in detecting DDoS attacks. However, jitter appears to be the most sensitive to attack. As a result, the developed framework provides an avenue to make the SDN technology more robust and secure to DDoS attacks.
4

Detection of DDoS Attacks against the SDN Controller using Statistical Approaches

Al-Mafrachi, Basheer Husham Ali January 2017 (has links)
No description available.
5

Anomaly diagnosis based on regression and classification analysis of statistical traffic features

Liu, Lei, Jin, X.L., Min, Geyong, Xu, L. 30 September 2013 (has links)
No / Traffic anomalies caused by Distributed Denial-of-Service (DDoS) attacks are major threats to both network service providers and legitimate customers. The DDoS attacks regularly consume and exhaust the resources of victims and hence result in abnormal bursty traffic through end-user systems. Additionally, malicious traffic aggregated into normal traffic often show dramatic changes in the traffic nature and statistical features. This study focuses on early detection of traffic anomalies caused by DDoS attacks in light of analyzing the network traffic behavior. Key statistical features including variance, autocorrelation, and self-similarity are employed to characterize the network traffic. Further, artificial neural network and support vector machine subject to the performance metrics are employed to predict and classify the abnormal traffic. The proposed diagnosis mechanism is validated through experiments where the datasets consist of two groups. The first group is the Massachusetts Institute of Technology Lincoln Laboratory dataset containing labeled DoS attack. The second group collected from DDoS attack simulation experiments covers three representative traffic shapes resulting from the dynamic attack rate configuration, namely, constant intensity, ramp-up behavior, and pulsing behavior. The experimental results demonstrate that the developed mechanism can effectively and precisely alert the abnormal traffic within short response period.
6

Detection and analysis of low-rate attacks using network traffic analysis

Matta, Nagasai Deepak 13 August 2024 (has links) (PDF)
In this study, I used a dataset that contains low-rate and SYN flood traffic which was generated by a test bed to simulate a Slow DoS attack, stressing a local server by initiating several HTTP POST connections and causing the request payloads to be transmitted slowly. The attack causes problems including interrupted access and noticeably decreased network performance by sending a large number of little packets slowly, which keeps connections open and overloads server resources. I filtered traffic using Wireshark based on factors including tiny payloads, a lot of SYN packets without ACKs, high initial RTTs, small window sizes, and noticeable intervals between packets. Then, using these data, I ran a custom script I had created on the pcap files to identify possible attack sessions
7

Odolnost komunikační jednotky LAN proti útokům z Internetu / LAN communication unit resistivity against Internet origination attacks

Valach, Michal January 2009 (has links)
This thesis is focused on crypto-module RCM 3700, which is used for encrypted data transmission. Following work analyses basic network protocols and some sort of attacks in Ethernet network. The main goal of these attacks is to collect information and services about the device and to analyze transmitted data. Based on these information attacks can be done more precisely than without them. The main target of these attacks is the denial of particulary service or data abuse. Furthermore, in the diploma thesis configuration of router CISCO 2801 is applied in order to improve the LAN security. The deveploment board, which includes reset function, supplied circuit and interface for RS 232, was designed for crypto-module RCM 3700.
8

Αναγνώριση επιθέσεων web σε web-servers

Στυλιανού, Γεώργιος 09 July 2013 (has links)
Οι επιθέσεις στο Διαδίκτυο και ειδικά οι επιθέσεις άρνησης εξυπηρέτησης (Denial of Service, DoS) αποτελούν ένα πολύ σοβαρό πρόβλημα για την ομαλή λειτουργία του Διαδικτύου. Αυτό το είδος επιθέσεων στοχεύει στην διατάραξη της καλής λειτουργίας ενός συστήματος, καταναλώνοντας τους πόρους του ή προκαλώντας υπερφόρτωση στο δίκτυο, καθιστώντας το ανίκανο να παρέχει στους πελάτες του τις υπηρεσίες για τις οποίες προορίζεται. Η αντιμετώπιση των επιθέσεων αυτών έχει απασχολήσει πολλούς ερευνητές τα τελευταία χρόνια και έχουν προταθεί πολλές διαφορετικές μέθοδοι πρόληψης, ανίχνευσης, και απόκρισης. Στα πλαίσια της παρούσας διπλωματικής επιχειρείται αρχικά ο ορισμός και η ταξινόμηση των επιθέσεων DoS και DDoS, με ιδιαίτερη αναφορά στις επιθέσεις DoS στον Παγκόσμιο Ιστό. Στη συνέχεια αναλύονται διάφοροι τρόποι αναγνώρισης επιθέσεων, με κύριους άξονες την αναγνώριση υπογραφής και την ανίχνευση ανωμαλιών. Γίνεται εμβάθυνση στο πεδίο της ανίχνευσης ανωμαλιών και πραγματοποιείται η μελέτη ενός συστήματος που ανιχνεύει ανωμαλίες σε δεδομένα κίνησης δικτύου που περιέχουν επιθέσεις. / Attacks in the Internet, and especially Denial of Service attacks, are a very serious threat to the normal function of the Internet. This kind of attack aims to the disruption of the normal function of a system, by consuming its resources or overloading the network, making it incapable to provide services, that is designed for, to the clients. In recent years many researchers have tried to propose solutions to prevent, detect and respond effectively to attacks. In this thesis, first a definition, and then a classification of DoS and DDoS attacks is proposed, with distinctive reference to attacks in the World Wide Web. Several ways of attack detection are analyzed, with signature detection and anomaly detection being the most significant. Afterwards, the field of anomaly detection is thoroughly analyzed, and a system that detects anomalies to a dataset of network traffic that contains attacks, is examined.
9

An Investigation of People’s Perception of Digital Threats / Formalisering av inneslutningstrategier i ett ramverk för probabilistisk hotmodellering

Rabbani, Wasila January 2024 (has links)
This project examines cyber threats and their impact on individuals and organizations. The thesis focuses on a thorough literature review and uses surveys for primary data collection. The quantitative method was chosen to gather numeric data on these threats. The methodology classifies digital threats and analyzes survey results about these threats. It also gathers data on the perceived difficulty of these threats and compares general beliefs with expert opinions and statistical data from literature. Surveys targeted individuals aged 20-45 with a university degree, obtaining 86 responses. Interviews with five security professionals followed a standardized format, aiding in a comparative analysis with the survey data. The questions addressed several cyber threats, including phishing, ransomware, insecure passwords, malware, traffic sniffing, and denial of service. Notably, many respondents lacked a clear understanding of the significance of insecure passwords and traffic sniffing. By using quantitative methods and integrating survey results with expert opinions and literature findings, this study deepens the understanding of cyber threats. The results spotlight misconceptions and knowledge gaps about cyber threats, underscoring the need for better cybersecurity awareness and education. / Detta projekt undersöker cyberhot och deras påverkan på individer och organisationer. Avhandlingen fokuserar på en grundlig litteraturgranskning och använder enkäter för primär datainsamling. Den kvantitativa metoden valdes för att samla numeriska data om dessa hot. Metodiken klassificerar digitala hot och analyserar enkätresultat om dessa hot. Den samlar också in data om den upplevda svårigheten av dessa hot och jämför allmänna uppfattningar med expertåsikter och statistiska data från litteratur. Enkäter riktade sig till individer i åldern 20-45 med en universitetsexamen, och gav 86 svar. Intervjuer med fem säkerhetsprofessionella följde ett standardiserat format, vilket underlättade en jämförande analys med enkätdata. Frågorna behandlade flera cyberhot, inklusive phishing, ransomware, osäkra lösenord, skadlig programvara, trafikavlyssning och denial of service. Framför allt saknade många svarande en tydlig förståelse för betydelsen av osäkra lösenord och trafikavlyssning. Genom att använda kvantitativa metoder och integrera enkätresultat med expertutlåtanden och litteraturfynd fördjupar denna studie förståelsen för cyberhot. Resultaten belyser missuppfattningar och kunskapsluckor om cyberhot, vilket understryker behovet av bättre medvetenhet och utbildning inom cybersäkerhet.
10

E-crimes and e-authentication - a legal perspective

Njotini, Mzukisi Niven 27 October 2016 (has links)
E-crimes continue to generate grave challenges to the ICT regulatory agenda. Because e-crimes involve a wrongful appropriation of information online, it is enquired whether information is property which is capable of being stolen. This then requires an investigation to be made of the law of property. The basis for this scrutiny is to establish if information is property for purposes of the law. Following a study of the Roman-Dutch law approach to property, it is argued that the emergence of an information society makes real rights in information possible. This is the position because information is one of the indispensable assets of an information society. Given the fact that information can be the object of property, its position in the law of theft is investigated. This study is followed by an examination of the conventional risks that ICTs generate. For example, a risk exists that ICTs may be used as the object of e-crimes. Furthermore, there is a risk that ICTs may become a tool in order to appropriate information unlawfully. Accordingly, the scale and impact of e-crimes is more than those of the offline crimes, for example theft or fraud. The severe challenges that ICTs pose to an information society are likely to continue if clarity is not sought regarding: whether ICTs can be regulated or not, if ICTs can be regulated, how should an ICT regulatory framework be structured? A study of the law and regulation for regulatory purposes reveals that ICTs are spheres where regulations apply or should apply. However, better regulations are appropriate in dealing with the dynamics of these technologies. Smart-regulations, meta-regulations or reflexive regulations, self-regulations and co-regulations are concepts that support better regulations. Better regulations enjoin the regulatory industries, for example the state, businesses and computer users to be involved in establishing ICT regulations. These ICT regulations should specifically be in keeping with the existing e-authentication measures. Furthermore, the codes-based theory, the Danger or Artificial Immune Systems (the AIS) theory, the Systems theory and the Good Regulator Theorem ought to inform ICT regulations. The basis for all this should be to establish a holistic approach to e-authentication. This approach must conform to the Precautionary Approach to E-Authentication or PAEA. PAEA accepts the importance of legal rules in the ICT regulatory agenda. However, it argues that flexible regulations could provide a suitable framework within which ICTs and the ICT risks are controlled. In addition, PAEA submit that a state should not be the single role-player in ICT regulations. Social norms, the market and nature or architecture of the technology to be regulated are also fundamental to the ICT regulatory agenda. / Jurisprudence / LL. D.

Page generated in 0.044 seconds