The user authentication is an important part of network security. Several strong-password authentication protocols have been introduced, but a secure scheme, which probably withstands to several known attacks, is not yet available. Recently, a hash-based strong-password authentication scheme was described in [2], which withstands to the several attacks, including replay, passwordfile compromise...

Denial of service attack is an attempt from any authorized or unauthorized entity to allocate resources excessively to prevent normal operation of the system. A method will be presented to specify and enforce a resource allocation policy to prevent denial of service attacks. Resource allocation policy can be formally derived from a waiting time policy where maximum acceptable response times for...

A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...

A recent escalation of application layer Denial of Service attacks (DoS) on the Internet has quickly shifted the focus of the research community from traditional network-based denial of service. As a result, new varieties of attacks were explored: slow-rate and low-rate application layer DoS attacks. In this chapter, after a brief introduction of application layer DoS attacks, we discuss the ch...

In today’s networks one major problem, especially for Service Providers, is related to various attacks either active or passive. Denial of Services (DoS) is one of the most difficult to detect and stop. Denial of Service (DoS) and its derivative, Distributed Denial of Service (DDoS) are some of the most common attacks. There are many types of DoS: Buffer Overflow, SYN attacks, teardrop attack, ...

Today the scale, complexity and intensity of Denial of Service attacks has increased many folds. These attacks have moved from simple flooding based attacks to sophisticated Application based attacks as well as Protocol specific attacks.The challenge is to develop detection algorithms that can distinguish between the attacks like the new pulsating denial of service and legitimate traffic like F...

DoS(Denial of Service) / DDoS(Distributed Denial of Service) attacks threaten Internet security nowadays. However, the current Internet protocol and backbone network do not support traceback to know attacker’s real location. Many methods to defend DoS/DDoS attack have been proposed. However these kinds of methods cause network overhead because they use many packets to reconstruct an attack path...

The problem of identifying Distributed Denial of Service (DDoS) is one of the hardest threats in the internet security. It is important to protect the resource and trace from the Denial of Service (DoS) attack, but it is difficult to distinguish normal traffic and DoS attack traffic because the DoS generally hide their identities/origins. Especially the attackers often use incorrect or spoofed ...

Some of the hardest to mitigate distributed denial of service attacks (DDoS) are ones targeting the application layer. Over the time, researchers proposed many solutions to prevent denial of service attacks (DDoS) from IP and TCP layers instead of the application layer. New application Layer based DDoS attacks utilizing legitimate HTTP requests to overwhelm victim resources are more undetectabl...