Distributed denial-of-service is one kind of the most highlighted and most important attacks of today’s cyberworld. With simple but extremely powerful attack mechanisms, it introduces an immense ...threat to current Internet community. In this article, we present a comprehensive survey of distributed denial-of-service attack, prevention, and mitigation techniques. We provide a systematic analysis of this type of attacks including motivations and evolution, analysis of different attacks so far, protection techniques and mitigation techniques, and possible limitations and challenges of existing research. Finally, some important research directions are outlined which require more attentions in near future to ensure successful defense against distributed denial-of-service attacks.
Botnets and Internet of Things Security Bertino, Elisa; Islam, Nayeem
Computer (Long Beach, Calif.),
2017-Feb., 2017-2-00, 20170201, Volume:
50, Issue:
2
Journal Article
Peer reviewed
Recent distributed denial-of-service attacks demonstrate the high vulnerability of Internet of Things (IoT) systems and devices. Addressing this challenge will require scalable security solutions ...optimized for the IoT ecosystem.
This article focuses on the formation control problem of nonlinear multiagent systems under denial-of-service attacks. The formation control can be preserved by the distributed hybrid ...event-triggering strategies (HETSs). As a balance between periodic and continuous event-triggering strategies, HETS arranges a tradeoff between the resource utilization and the communication frequency among agents. Theoretical results are verified using a benchmark problem of six miniature quadrotor prototypes.
This article addresses quantized output feedback stabilization under denial-of-service (DoS) attacks. First, assuming that the duration and frequency of DoS attacks are averagely bounded and that an ...initial bound of the plant state is known, we propose an output encoding scheme that achieves exponential convergence with finite data rates. Next, we show that a suitable state transformation allows us to remove the assumption on the DoS frequency. Finally, we discuss the derivation of state bounds under DoS attacks and obtain sufficient conditions on the bounds of DoS duration and frequency for achieving Lyapunov stability of the closed-loop system.
Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' ...access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks. In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.
Distributed Denial of Service (DDoS) attacks are one of the most harmful threats in today's Internet, disrupting the availability of essential services. The challenge of DDoS detection is the ...combination of attack approaches coupled with the volume of live traffic to be analysed. In this paper, we present a practical, lightweight deep learning DDoS detection system called Lucid, which exploits the properties of Convolutional Neural Networks (CNNs) to classify traffic flows as either malicious or benign. We make four main contributions; (1) an innovative application of a CNN to detect DDoS traffic with low processing overhead, (2) a dataset-agnostic preprocessing mechanism to produce traffic observations for online attack detection, (3) an activation analysis to explain Lucid's DDoS classification, and (4) an empirical validation of the solution on a resource-constrained hardware platform. Using the latest datasets, Lucid matches existing state-of-the-art detection accuracy whilst presenting a 40x reduction in processing time, as compared to the state-of-the-art. With our evaluation results, we prove that the proposed approach is suitable for effective DDoS detection in resource-constrained operational environments.
In this article, we investigate the distributed resilient observer-based fault-tolerant control problem for heterogeneous linear multiagent systems in the presence of actuator faults and ...denial-of-service (DoS) attacks. In order to estimate the system matrix and the state of the exosystem, novel resilient adaptive distributed observers are proposed. By using the dwell time technique and the Lyapunov stability theory, the observer error system is shown to be exponentially stable even under the influence of DoS attacks. Then, an algorithm is proposed to determine observer parameters with the aim of maximizing the ability to resist attacks. Besides, a novel fault-tolerant controller without causing chattering behaviors is designed to compensate for actuator faults. Moreover, it is proved that the developed controller solves the cooperative fault-tolerant output regulation problem by using a newly derived lemma. Finally, an illustrative example is provided to verify the effectiveness of the proposed method.
We consider the problem of resilient control of networked control system (NCS) under denial-of-service (DoS) attack via a unified game approach. The DoS attacks lead to extra constraints in the NCS, ...where the packets may be jammed by a malicious adversary. Considering the attack-induced packet dropout, optimal control strategies with multitasking and central-tasking structures are developed using game theory in the delta domain, respectively. Based on the optimal control structures, we propose optimality criteria and algorithms for both cyber defenders and DoS attackers. Both simulation and experimental results are provided to illustrate the effectiveness of the proposed design procedure.
The fable of the Emperor's New Clothes is a classic example of a conspiracy of silence, a situation where everyone refuses to acknowledge an obvious truth. But the denial of social realities -- ...whether incest, alcoholism, corruption, or even genocide -- is no fairy tale. In this book, the author sheds new light on the social and political underpinnings of silence and denial -- the keeping of "open secrets." The author shows that conspiracies of silence exist at every level of society, ranging from small groups to large corporations, from personal friendships to politics. Drawing on examples from newspapers and comedy shows to novels, children's stories, and film, the book travels back and forth across different levels of social life, and from everyday moments to large-scale historical events. At its core, the book helps us understand why we ignore truths that are known to all of us. The author shows how such conspiracies evolve, illuminating the social pressures that cause people to deny what is right before their eyes. We see how each conspirator's denial is symbiotically complemented by the others, and we learn that silence is usually more intense when there are more people conspiring -- and especially when there are significant power differences among them. He concludes by showing that the longer we ignore "elephants," the larger they loom in our minds, as each avoidance triggers an even greater spiral of denial. Social life in families, organizations, communities and even entire nations is full of situations where the emperor has no clothes. The book illuminates the dynamics behind these situations, revealing why we ignore obvious and alarming realities.
PDF
