Global ETD Search

51	The Current State of DDoS Defense Nilsson, Sebastian January 2014 (has links) A DDoS attack is an attempt to bring down a machine connected to the Internet. This is done by having multiple computers repeatedly sending requests to tie up a server making it unable to answer legitimate requests. DDoS attacks are currently one of the biggest security threats on the internet according to security experts. We used a qualitative interview with experts in IT security to gather data to our research. We found that most companies are lacking both in knowledge and in their protection against DDoS attacks. The best way to minimize this threat would be to build a system with redundancy, do a risk analysis and revise security policies. Most of the technologies reviewed were found ineffective because of the massive amount of data amplification attacks can generate. Ingress filtering showed promising results in preventing DDoS attacks by blocking packages with spoofed IP addresses thus preventing amplification attacks. Information Security Distributed denial of service attacks Botnet Computer Sciences Datavetenskap (datalogi)
52	An Ontological Approach to SIP DoS Detection Fischer, Anja, Blacher, Zak January 2010 (has links) Traditional public switched telephone networks (PSTN) are replaced more and more by VoIP services these days. Although it is good for saving costs, the disadvantage of this development is that VoIP networks are less secure than the traditional way of transmitting voice. Because VoIP networks are being deployed in open environments and rely on other network services, the VoIP service itself becomes vulnerable to potential attacks against its infrastructure or other services it relies on. This thesis will present a discussion of security issues of the Session Initiation Protocol (SIP), the signalling protocol for VoIP services. The main focus is on active attacks against the protocol that aim to reduce the service's availability -- so called Denial of Service (DoS) attacks. Existing countermeasures and detection schemes do not adequately differentiate between DoS attacks. However, the differentiation is important with respect to performance loss, as various protection schemes involve more computationally intensive processes. Based on that discussion, this thesis attempts to provide an ontological approach to describing, and eventually preventing attacks from having their intended effects. SIP VoIP DoS Denial of Service Ontology Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
53	Mail-Filter-Funktionen Leuschner, Jens 27 February 2002 (has links) Im Rahmen dieser Studienarbeit wird untersucht, welche Lösungen es momentan zur Filterung von Email mit unerwünschten Schadensfunktionen auf Mailservern gibt. Dabei werden sowohl offene als auch proprietäre Lösungen betrachtet und die momentanen Randbedingungen der TU Chemnitz beachtet. info:eu-repo/classification/ddc/004 ddc:004 Netzwerk Email Mailserver EXIM Filterung Antivirus Denial of Service
54	Domain-Driven Security’s take on Denial-of-Service (DoS) Attacks / Domändriven säkerhet som skydd mot Denial-of-Service-attacker Arnör, Johan January 2016 (has links) Many companies and organisations today suffer from Denial-of-Service (DoS) attacks, which can have direct and indirect economical consequences. This thesis tackles this problem with a novel approach by utilising domain specific behaviour and knowledge. The goal is to distinguish malicious attacks from legitimate usage and to alter overall system behaviour at the event of a DoS attack. Distributed DoS attacks (DDoS) are examined as well as a category suggested in this thesis, namely Domain DoS attacks. A simple e-commerce system is developed based on the principles of Domain-Driven Design in order to test the given approach. Five examples of DoS attacks are presented and tested towards the system. The results indicate that utilising domain behaviour is a suitable approach in order to mitigate DoS attacks, but it requires deep integration with the application itself. / Många företag och organisationer lider idag av Denial-of-Service-attacker (DoS-attacker), som kan få direkta och indirekta ekonomiska konsekvenser. Denna avhandling ser nytänkande på detta problem genom att dra nytta av domänspecifikt beteende och kunskap. Målet är att skilja skadliga attacker från legitimt användande och att ändra systemets beteende i händelse av en DoS-attack. Distribuerade DoS-attacker (DDoS) undersöks så väl som en kategori föreslagen i denna avhandling, kallad Domän DoS-attacker. Ett enkelt e-handelssystem utvecklas baserat på principer från domändriven design i syfte att testa den givna tesen. Fem exempel av DoS-attacker är presenterade och testade gentemot systemet. Resultaten indikerar att utnyttjandet av domänbeteende är ett lämpligt tillvägagångssätt för att avvärja DoS-attacker, men att det kräver djup integration med applikationen. Denial-of-Service DoS DDoS Domain DoS Domain-Driven Design Domain-Driven Security Computer Sciences Datavetenskap (datalogi)
55	Speak-up as a Resource Based Defence against Application Layer Distributed Denial-of-Service Attacks Jawad, Dina, Rosell, Felicia January 2015 (has links) Under de senaste åren har antalet DDoS-attacker i Internets applikationsskikt ökat. Detta problem behöver adresseras. Den här rapporten presenterar ett antal existerande metoder för att upptäcka och skydda mot DDoS-attacker i applikationsskiktet. En metod för detta ändamål är att hitta avvikelser av olika typer hos de attackerande klienterna, för att urskilja mellan attackerande och vanliga klienter. Detta är ett brett utforskatförsvarsområde med många positiva resultat, men dessa metoder har ett antal brister, som att de kan resultera i både falska positiva och negativa resultat. En metod som ännu inte har undersökts tillräckligt är resurs-baserat försvar. Det är en metod med mycket potential, eftersom den tydligare kan skilja på goda och onda klienter under en DDoS-attack. Speak-up är en sådan metod och är huvudfokus i denna rapport. För- och nackdelarna med Speak-up har undersökts och resultaten visar på att Speak-up har potential till att bli ett kraftfullt verktyg mot DDoS-attacker. Speak-up har dock sina begränsningar och är därför inte det bästa alternativet under vissa typer av dessa DDoS-attacker. / In recent years, the internet has endured an increase in application layer DDoS attacks. It is a growing problem that needs to be addressed. This paper presents a number of existing detection and protection methods that are used to mitigate application layer DDoS attacks. Anomaly detection is a widely explored area for defence and there have been many findings that show positive results in mitigating attacks. However, anomaly detection possesses a number of flaws, such as causing false positives and negatives. Another method that has yet to become thoroughly examined is resource based defence. This defence method has great potential as it addresses clear differences between legitimate users and attackers during a DDoS attack. One such defence method is called Speak-up and is the center of this paper. The advantages and limitations of Speak-up have been explored and the findings suggest that Speak-up has the potential to become a strong tool in defending against DDoS attacks. However, Speak-up has its limitations and may not be the best alternative during certain types of application layer DDoS attacks. DDoS Application Layer Speak-up Denial-of-Service Cyber Attack Computer Sciences Datavetenskap (datalogi)
56	Security related self-protected networks: Autonomous threat detection and response (ATDR) Havenga, Wessel Johannes Jacobus January 2021 (has links) >Magister Scientiae - MSc / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new-generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human experts. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time. Denial of service attacks Machine learning Neural networking Self-protected networks Anomaly detection Cybersecurity
57	Hardware Security Threat and Mitigation Techniques for Network-on-Chips Boraten, Travis Henry 17 September 2020 (has links) No description available. Computer Engineering Electrical Engineering Network-on-Chip Hardware Security Hardware Trojans Side-Channels Denial-of-Service
58	PERFORMANCE EVALUATION OF A TTL-BASED DYNAMIC MARKING SCHEME IN IP TRACEBACK Devasundaram, Shanmuga Sundaram January 2006 (has links) No description available. Computer Science IP traceback distributed denial-of-service attacks DDoS DoS dynamic packetmarking traceback
59	MACHINE LEARNING ALGORITHMS and THEIR APPLICATIONS in CLASSIFYING CYBER-ATTACKS on a SMART GRID NETWORK Aribisala, Adedayo, Khan, Mohammad S., Husari, Ghaith 01 January 2021 (has links) Smart grid architecture and Software-defined Networking (SDN) have evolved into a centrally controlled infrastructure that captures and extracts data in real-time through sensors, smart-meters, and virtual machines. These advances pose a risk and increase the vulnerabilities of these infrastructures to sophisticated cyberattacks like distributed denial of service (DDoS), false data injection attack (FDIA), and Data replay. Integrating machine learning with a network intrusion detection system (NIDS) can improve the system's accuracy and precision when detecting suspicious signatures and network anomalies. Analyzing data in real-time using trained and tested hyperparameters on a network traffic dataset applies to most network infrastructures. The NSL-KDD dataset implemented holds various classes, attack types, protocol suites like TCP, HTTP, and POP, which are critical to packet transmission on a smart grid network. In this paper, we leveraged existing machine learning (ML) algorithms, Support vector machine (SVM), K-nearest neighbor (KNN), Random Forest (RF), Naïve Bayes (NB), and Bagging; to perform a detailed performance comparison of selected classifiers. We propose a multi-level hybrid model of SVM integrated with RF for improved accuracy and precision during network filtering. The hybrid model SVM-RF returned an average accuracy of 94% in 10-fold cross-validation and 92.75%in an 80-20% split during class classification. denial of service attack detecting Cyberat-tacks FDIA hybrid SVM NSL-KDD data set SVM Computing
60	Methods and tools for network reconnaissance of IoT devices Gvozdenović, Stefan 18 January 2024 (has links) The Internet of Things (IoT) impacts nearly all aspects surrounding our daily life, including housing, transportation, healthcare, and manufacturing. IoT devices communicate through a variety of communication protocols, such as Bluetooth Low Energy (BLE), Zigbee, Z-Wave, and LoRa. These protocols serve essential purposes in both commercial industrial and personal domains, encompassing wearables and intelligent buildings. The organic and decentralized development of IoT protocols under the auspices of different organizations has resulted in a fragmented and heterogeneous IoT ecosystem. In many cases, IoT devices do not have an IP address. Furthermore, some protocols, such as LoRa and Z-Wave, are proprietary in nature and incompatible with standard protocols. This heterogeneity and fragmentation of the IoT introduce challenges in assessing the security posture of IoT devices. To address this problem, this thesis proposes a novel methodology that transcends specific protocols and supports network and security monitoring of IoT devices at scale. This methodology leverages the capabilities of software-defined radio (SDR) technology to implement IoT protocols in software. We first investigate the problem of IoT network reconnaissance, that is the discovery and characterization of all the IoT devices in one’s organization. We focus on four popular protocols, namely Zigbee, BLE, Z-Wave, and LoRa. We introduce and analyze new algorithms to improve the performance and speed-up the discovery of IoT devices. These algorithms leverage the ability of SDRs to transmit and receive signals across multiple channels in parallel. We implement these algorithms in the form of an SDR tool, called IoT-Scan, the first universal IoT scanner middleware. We thoroughly evaluate the delay and energy performance of IoT-Scan. Notably, using multi-channel scanning, we demonstrate a reduction of 70% in the discovery times of Bluetooth and Zigbee devices in the 2.4GHz band and of LoRa and Z-Wave devices in the 900MHz band, versus single-channel scanning. Second, we investigate a new type of denial-of-service attacks on IoT cards, called Truncate-after-Preamble (TaP) attacks. We employ SDRs to assess the security posture of off-the-shelf Zigbee and Wi-Fi cards to TaP attacks. We show that all the Zigbee devices are vulnerable to TaP attacks, while the Wi-Fi devices are vulnerable to the attack to a varying degree. Remarkably, TaP attacks demand energy consumption five orders of magnitude lower than what is required by a continuous jamming mechanism. We propose several countermeasures to mitigate the attacks. Third, we devise an innovative approach for the purpose of identifying and creating unique profiles for IoT devices. This approach leverages SDRs to create malformed packets at the physical layer (e.g., truncated or overlapping packets). Experiments demonstrate the ability of this approach to perform fine-grained timing experiments (at the microsecond level), craft multi-packet transmissions/collisions, and derive device-specific reception curves. In summary, the results of this thesis validate the feasibility of our proposed SDR-based methodology in addressing fundamental security challenges caused by the heterogeneity of the IoT. This methodology is future-proof and can accommodate new protocols and protocol upgrades. Computer engineering Denial of service Device management Naming and addressing Physical layer characterization Service middleware and platform

Search results