• Title/Summary/Keyword: Internet Attack

Search Result 837, Processing Time 0.035 seconds

Traffic Seasonality aware Threshold Adjustment for Effective Source-side DoS Attack Detection

  • Nguyen, Giang-Truong;Nguyen, Van-Quyet;Nguyen, Sinh-Ngoc;Kim, Kyungbaek
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.5
    • /
    • pp.2651-2673
    • /
    • 2019
  • In order to detect Denial of Service (DoS) attacks, victim-side detection methods are used popularly such as static threshold-based method and machine learning-based method. However, as DoS attacking methods become more sophisticated, these methods reveal some natural disadvantages such as the late detection and the difficulty of tracing back attackers. Recently, in order to mitigate these drawbacks, source-side DoS detection methods have been researched. But, the source-side DoS detection methods have limitations if the volume of attack traffic is relatively very small and it is blended into legitimate traffic. Especially, with the subtle attack traffic, DoS detection methods may suffer from high false positive, considering legitimate traffic as attack traffic. In this paper, we propose an effective source-side DoS detection method with traffic seasonality aware adaptive threshold. The threshold of detecting DoS attack is adjusted adaptively to the fluctuated legitimate traffic in order to detect subtle attack traffic. Moreover, by understanding the seasonality of legitimate traffic, the threshold can be updated more carefully even though subtle attack happens and it helps to achieve low false positive. The extensive evaluation with the real traffic logs presents that the proposed method achieves very high detection rate over 90% with low false positive rate down to 5%.

A Profiling Case Study to Phishing Mail Attack Group (피싱 메일 공격조직에 대한 프로파일링 사례 연구)

  • Lee, Jae-il;Lee, Yong-joon;Kwon, Hyuk-jin
    • Journal of Internet Computing and Services
    • /
    • v.21 no.2
    • /
    • pp.91-97
    • /
    • 2020
  • Recently, phishing attacks targeting those involved in defense, security and unification have been on the rise. In particular, hacking attack organization Kimsuky has been engaged in activities to collect important information from public organizations through phishing attacks since 2013. In this paper, profiling analysis of phishing mail attack organization was performed. Through this process, we estimated the purpose of the attack group and suggested countermeasures.

Improved Meet-in-the-Middle Attacks on Crypton and mCrypton

  • Cui, Jingyi;Guo, Jiansheng;Huang, Yanyan;Liu, Yipeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.5
    • /
    • pp.2660-2679
    • /
    • 2017
  • Crypton is a SP-network block cipher that attracts much attention because of its excellent performance on hardware. Based on Crypton, mCrypton is designed as a lightweight block cipher suitable for Internet of Things (IoT) and Radio Frequency Identification (RFID). The security of Crypton and mCrypton under meet-in-the-middle attack is analyzed in this paper. By analyzing the differential properties of cell permutation, several differential characteristics are introduced to construct generalized ${\delta}-sets$. With the usage of a generalized ${\delta}-set$ and differential enumeration technique, a 6-round meet-in-the-middle distinguisher is proposed to give the first meet-in-the-middle attack on 9-round Crypton-192 and some improvements on the cryptanalysis of 10-round Crypton-256 are given. Combined with the properties of nibble permutation and substitution, an improved meet-in-the-middle attack on 8-round mCrypton is proposed and the first complete attack on 9-round mCrypton-96 is proposed.

A Cooperative Smart Jamming Attack in Internet of Things Networks

  • Al Sharah, Ashraf;Owida, Hamza Abu;Edwan, Talal A.;Alnaimat, Feras
    • Journal of information and communication convergence engineering
    • /
    • v.20 no.4
    • /
    • pp.250-258
    • /
    • 2022
  • The emerging scope of the Internet-of-Things (IoT) has piqued the interest of industry and academia in recent times. Therefore, security becomes the main issue to prevent the possibility of cyberattacks. Jamming attacks are threads that can affect performance and cause significant problems for IoT device. This study explores a smart jamming attack (coalition attack) in which the attackers were previously a part of the legitimate network and are now back to attack it based on the gained knowledge. These attackers regroup into a coalition and begin exchanging information about the legitimate network to launch attacks based on the gained knowledge. Our system enables jammer nodes to select the optimal transmission rates for attacks based on the attack probability table, which contains the most probable link transmission rate between nodes in the legitimate network. The table is updated constantly throughout the life cycle of the coalition. The simulation results show that a coalition of jammers can cause highly successful attacks.

An Improved Smart Card-based User Authentication Scheme with Session Key Agreement for Telecare Medicine Information System

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.9 no.3
    • /
    • pp.35-43
    • /
    • 2017
  • In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

Fault/Attack Management Framework for Network Survivability in Next Generation Optical Internet Backbone (차세대 광 인터넷 백본망에서 망생존성을 위한 Fault/Attack Management 프레임워크)

  • 신주동;김성운;황진호;한종욱;손승원
    • Proceedings of the IEEK Conference
    • /
    • 2003.11c
    • /
    • pp.101-104
    • /
    • 2003
  • As optical network technology advances, the Dense-Wavelength Division Multiplexing(DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks. Especially. a fault/attack management scheme in NGOI backbone networks is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI backbone networks and propose a fault/attack recovery procedure in IP/GMPLS over DWDM.

  • PDF

AS-PATH Authentication algorithm for BGP Security (BGP 보안을 위한 AS-PATH 식별 방법)

  • Kim, Jeom Goo
    • Convergence Security Journal
    • /
    • v.19 no.3
    • /
    • pp.3-12
    • /
    • 2019
  • BGP is the most important protocol among routing protocols that exchange routing information to create routing tables and update changed information so that users on the Internet can send information to destination systems. This paper analyzes how to prevent malicious attacks and problems caused by network administrator's mistakes by using vulnerabilities in BGPv4 that are currently used. We analyzed the attack methods by performing the actual attack experiment on the AS-PATH attack, which is the attack method for BGP's representative security vulnerability, and proposed the algorithm to identify the AS-PATH attack.

A Study of Registration Hijacking Attack Analysis for Wi-Fi AP and FMC (Wi-Fi AP와 FMC에 대한 무선 호 가로채기 공격 분석 연구)

  • Chun, Woo-Sung;Park, Dea-Woo;Chang, Young-Hyun
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2011.10a
    • /
    • pp.261-264
    • /
    • 2011
  • Corded telephone to the phone using a wireless phone as the trend to switch, free Wi-Fi-enabled mobile phones, netbooks, and mobile devices, are spreading rapidly. But wireless Internet phone calls using your existing Internet network to deliver Internet services because it has a vulnerability that will occur. Government agencies are using Voice over Internet Protocol(VoIP) calls from the current wired and wireless connection and usage is increasing. In this paper, we have discovered that the vulnerability of wireless internet Wi-Fi AP and the FMC administrative agencies, such as VoIP on your wireless device to study the vulnerability. Wi-Fi AP and the FMC is to analyze the vulnerability. VoIP call interception, attack, attack on the base of the experiment is the analysis. Security-enhanced VoIP call for a Wi-Fi AP and the FMC's defense against man-in-the-middle attacks and is the study of security measures.

  • PDF

Securing Cooperative Spectrum Sensing against Rational SSDF Attack in Cognitive Radio Networks

  • Feng, Jingyu;Zhang, Yuqing;Lu, Guangyue;Zhang, Liang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.1
    • /
    • pp.1-17
    • /
    • 2014
  • Cooperative spectrum sensing (CSS) is considered as a powerful approach to improve the utilization of scarce radio spectrum resources. However, most of CSS schemes assume all secondary users (SU) are honest, and thus offering opportunities for malicious SUs to launch the spectrum sensing data falsification attack (SSDF attack). To combat such misbehaved behaviors, recent efforts have been made to trust schemes. In this paper, we argue that powering CSS with traditional trust schemes is not enough. The rational SSDF attack is found in this paper. Unlike the simple SSDF attack, rational SSDF attackers send out false sensing data on a small number of interested primary users (PUs) rather than all PUs. In this case, rational SSDF attackers can keep up high trustworthiness, resulting in difficultly detecting malicious SUs in the traditional trust schemes. Meanwhile, a defense scheme using a novel trust approach is proposed to counter rational SSDF attack. Simulation results show that this scheme can successfully reduce the power of rational SSDF, and thus ensure the performance of CSS.

An Approach for Applying Network-based Moving Target Defense into Internet of Things Networks

  • Park, Tae-Keun;Park, Kyung-Min;Moon, Dae-Sung
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.9
    • /
    • pp.35-42
    • /
    • 2019
  • In this paper, we propose an approach to apply network-based moving target defense into Internet of Things (IoT) networks. The IoT is a technology that provides the high interconnectivity of things like electronic devices. However, cyber security risks are expected to increase as the interconnectivity of such devices increases. One recent study demonstrated a man-in-the-middle attack in the statically configured IoT network. In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. The approach continuously changes system's attack surface to prevent attacks. After analyzing IPv4 / IPv6-based moving target defense schemes and IoT network-related technologies, we present our approach in terms of addressing systems, address mutation techniques, communication models, network configuration, and node mobility. In addition, we summarize the direction of future research in relation to the proposed approach.