Osanaiye et al., 2015 - Google Patents
TCP/IP header classification for detecting spoofed DDoS attack in Cloud environmentOsanaiye et al., 2015
View PDF- Document ID
- 11783331764120113182
- Author
- Osanaiye O
- Dlodlo M
- Publication year
- Publication venue
- IEEE EUROCON 2015-International Conference on Computer as a Tool (EUROCON)
External Links
Snippet
Spoofing of IP is a key attribute of Distributed Denial of Service (DDoS) attack that consumes Cloud resources and network bandwidth within a short period of time. This is costly to both the providers and users of Cloud. Cloud computing offers a metered service, which uses pay …
- 235000010384 tocopherol 0 title abstract description 37
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/16—Transmission control protocol/internet protocol [TCP/IP] or user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Osanaiye et al. | TCP/IP header classification for detecting spoofed DDoS attack in Cloud environment | |
| US10721243B2 (en) | Apparatus, system and method for identifying and mitigating malicious network threats | |
| Nawrocki et al. | A survey on honeypot software and data analysis | |
| Masdari et al. | A survey and taxonomy of DoS attacks in cloud computing | |
| Provos | A Virtual Honeypot Framework. | |
| Osanaiye | Short Paper: IP spoofing detection for preventing DDoS attack in Cloud Computing | |
| US7409714B2 (en) | Virtual intrusion detection system and method of using same | |
| US8042182B2 (en) | Method and system for network intrusion detection, related network and computer program product | |
| Aldabbas et al. | A novel mechanism to handle address spoofing attacks in SDN based IoT | |
| Albanese et al. | A deception based approach for defeating OS and service fingerprinting | |
| Zang et al. | Botnet detection through fine flow classification | |
| Aslam et al. | ONOS flood defender: An intelligent approach to mitigate DDoS attack in SDN | |
| Ádám et al. | Artificial neural network based IDS | |
| Yuvaraj et al. | Some investigation on DDOS attack models in mobile networks | |
| Abushwereb et al. | Attack based DoS attack detection using multiple classifier | |
| Agoni et al. | Ip spoofing detection for preventing ddos attack in fog computing | |
| Syed et al. | Machine Learning Approach for Classification of DHCP DoS Attacks in NIDS | |
| Sanz et al. | A cooperation-aware virtual network function for proactive detection of distributed port scanning | |
| Mantoo et al. | A machine learning model for detection of man in the middle attack over unsecured devices | |
| Nigam et al. | Man-in-the-middle-attack and proposed algorithm for detection | |
| Bharti et al. | A Review on Detection of Session Hijacking and Ip Spoofing. | |
| Blaise et al. | Learning Model Generalisation for Bot Detection | |
| Divakar et al. | Detecting IP based attack on cloud server using passive IP traceback | |
| Singhal et al. | Design and Development of Anti-DoS/DDoS Attacks Framework Using IPtables | |
| Amir et al. | DDoS attacks detection and prevention techniques in cloud computing: A systematic review |