Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Special section: Recent trends, Challenges and Applications in Cognitive Computing for Intelligent Systems
Guest editors: Vijayakumar Varadarajan, Piet Kommers, Vincenzo Piuri and V. Subramaniyaswamy
Article type: Research Article
Authors: Quadir, Md Abdula; * | Christy Jackson, J.a | Prassanna, J.a | Sathyarajasekaran, K.a | Kumar, K.b | Sabireen, H.a | Ubarhande, Shivama | Vijaya Kumar, V.c
Affiliations: [a] School of Computer Science and Engineering, Vellore Institute of Technology, Chennai, India | [b] Center for Industry and International Studies, Vellore Institute of Technology, Vellore, India | [c] School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Correspondence: [*] Corresponding author. Md Abdul Quadir, School of Computer Science and Engineering, Vellore Institute of Technology, Chennai, India. Tel.: +91 9884004139; E-mail: [email protected].
Abstract: Domain name system (DNS) plays a critical part in the functioning of the Internet. But since DNS queries are sent using UDP, it is vulnerable to Distributed Denial of Service (DDoS) attacks. The attacker can take advantage of this and spoof the source IP address and direct the response towards the victim network. And since the network does not keep track of the number of requests going out and responses coming in, the attacker can flood the network with these unwanted DNS responses. Along with DNS, other protocols are also exploited to perform DDoS. Usage of Network Time Protocol (NTP) is to synchronize clocks on systems. Its monlist command replies with 600 entries of previous traffic records. This response is enormous compared to the request. This functionality is used by the attacker in DDoS. Since these attacks can cause colossal congestion, it is crucial to prevent or mitigate these types of attacks. It is obligatory to discover a way to drop the spoofed packets while entering the network to mitigate this type of attack. Intelligent cybersecurity systems are designed for the detection of these attacks. An Intelligent system has AI and ML algorithms to achieve its function. This paper discusses such intelligent method to detect the attack server from legitimate traffic. This method uses an algorithm that gets activated by excess traffic in the network. The excess traffic is determined by the speed or rate of the requests and responses and their ratio. The algorithm extracts the IP addresses of servers and detects which server is sending more packets than requested or which are not requested. This server can be later blocked using a firewall or Access Control List (ACL).
Keywords: Amplification attacks, DRDoS, domain name system, network time protocol
DOI: 10.3233/JIFS-189173
Journal: Journal of Intelligent & Fuzzy Systems, vol. 39, no. 6, pp. 8565-8572, 2020
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]