• Title/Summary/Keyword: Static Relay Attack

Search Result 2, Processing Time 0.018 seconds

Emerging Image Cue CAPTCHA Resisting Automated and Human-Solver-Based Attacks (자동화 공격과 릴레이 공격에 저항하는 Emerging Image Cue CAPTCHA 연구)

  • Yang, Wonseok;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.531-539
    • /
    • 2017
  • CAPTCHA is a verification scheme whether or not a human user has made a service request. Most CAPTCHAs that are based on text, image, or simple game suffer from vulnerability that can be compromised by automated attacks and stream relay attacks. To resist such attacks, CAPTCHA that utilizes human recognition as been suggested but it show poor usability for deploying in the Internet. We propose an Emerging Image Cue CAPTCHA that offers improved usability and resists stream relay attacks, as well. We also examine the usability of the proposed CAPTCHA and investigate the attack resistance by conducting user study and experiments on simulated network environment.

An OpenFlow User-Switch Remapping Approach for DDoS Defense

  • Wei, Qiang;Wu, Zehui;Ren, Kalei;Wang, Qingxian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.9
    • /
    • pp.4529-4548
    • /
    • 2016
  • DDoS attacks have had a devastating effect on the Internet, which can cause millions of dollars of damage within hours or even minutes. In this paper we propose a practical dynamic defense approach that overcomes the shortage of static defense mechanisms. Our approach employs a group of SDN-based proxy switches to relay data flow between users and servers. By substituting backup proxy switches for attacked ones and reassigning suspect users onto the new proxy switches, innocent users are isolated and saved from malicious attackers through a sequence of remapping process. In order to improve the speed of attacker segregation, we have designed and implemented an efficient greedy algorithm which has been demonstrated to have little influence on legitimate traffic. Simulations, which were then performed with the open source controller Ryu, show that our approach is effective in alleviating DDoS attacks and quarantining the attackers by numerable remapping process. The simulations also demonstrate that our dynamic defense imposes little effect on legitimate users, and the overhead introduced by remapping procedure is acceptable.