A low-rate distributed denial of service (DDoS) attack has the ability to obscure its tra c because it is very similar to legitimate tra c. It can easily evade current detection mechanisms. Rank correlation measures can quantify significant di↵erences between attack tra c and legitimate traffic based on their rank values. In this paper, we use two rank correlation measures, namely, Spearmen Ran...

In today’s networks one major problem, especially for Service Providers, is related to various attacks either active or passive. Denial of Services (DoS) is one of the most difficult to detect and stop. Denial of Service (DoS) and its derivative, Distributed Denial of Service (DDoS) are some of the most common attacks. There are many types of DoS: Buffer Overflow, SYN attacks, teardrop attack, ...

Increased instances of distributed denial of service (DDoS) attacks on the Internet have raised questions on whether and how ad hoc networks are vulnerable to such attacks. This paper studies the special properties of such attacks in ad hoc networks. We examine two types of area-congestion-based DDoS attacks – remote and local attacks – and present in-depth analysis on various factors and attac...

Security issues related to the cloud computing are relevant to various stakeholders for an informed cloud adoption decision. Apart from data breaches, the cyber security research community is revisiting the attack space for cloud-specific solutions as these issues affect budget, resource management, and service quality. Distributed Denial of Service (DDoS) attack is one such serious attack in t...

The main objectives of the EMIST DDoS group is to advance the state of the art in rigorous evaluation of distributed denial of service attack-defense scenarios in the Internet. Over the last three years, we have developed an evaluation methodology using a combination of simulation, emulation, modeling, and analysis techniques that allows independent comparison of different DDoS defense systems....

Recently a number of highly publicized incidents of Distributed Denial of Service (DDoS) attacks against high-profile government and commercial websites have made people aware of the importance of providing data and services security to users. A DDoS attack is an availability attack, which is characterized by an explicit attempt from an attacker to prevent legitimate users of a service from usi...

This paper studies the impact of a mobile botnet on a Long Term Evolution (LTE) network by implementing a mobile botnet architecture that initiates a Distributed Denial of Service (DDoS) attack. To understand the behavior of the mobile botnet, a correlation between the mobile devices’ mobility and the DDoS attack is established. Real traces of taxi cabs are used to simulate the mobile devices’ ...

As an increasing number of businesses and services depend on the Internet, protecting them against DDoS (Distributed Denial of Service) attacks becomes a critical issue. A traceback is used to discover technical information concerning the ingress points, paths, partial paths or sources of a packet or packets causing a problematic network event. The traceback mechanism is a useful tool to identi...

Distributed Denial of Service Attacks imposes a major threat to the availability of Internet services. Most of the applications like banking, trade, and e-commerce are dependent on availability of Internet. Defending Internet from these attacks has become the need of the hour. A typical DDoS defense comprises of three modules namely traffic monitoring, traffic analysis and traffic filtering. Ba...