Explore the vast range of titles available.

Distributed Denial of Service (DDoS) attack is a major threat impeding service to legitimate requests on any network. Although the first DDoS attack was reported in 1996, the complexity and sophistication of these attacks has been ever increasing. A 2 TBps attack was reported in mid-August 2020 directed towards critical infrastructure, such as finance, amidst the COVID-19 pandemic. It is estimated that these attacks will double, reaching over 15 million, in the next 2 years. A number of mitigation schemes have been designed and developed since its inception but the increasing complexity demands advanced solutions based on emerging technologies. Blockchain has emerged as a promising and viable technology for DDoS mitigation. The inherent and fundamental characteristics of blockchain such as decentralization, internal and external trustless attitude, immutability, integrity, anonymity and verifiability have proven to be strong candidates, in tackling this deadly cyber threat. This survey discusses different approaches for DDoS mitigation using blockchain in varied domains to date. The paper aims at providing a comprehensive review, highlighting all necessary details, strengths, challenges and limitations of different approaches. It is intended to serve as a single platform to understand the mechanics of current approaches to enhance research and development in the DDoS mitigation domain.

Software Defined Networking (SDN) expands the networking capabilities using abstraction, open-source protocols, energy efficiency, and programmable features for controlling the forwarding devices at the network edges and intensifying the network performance. Despite all the unprecedented features, SDN still might get exploited by an attacker to launch Distributed Denial of Service (DDoS) attacks at SDN planes i.e. Application, Control, and Data planes. Substantially, the DDoS attacks have been implemented by sending volumetric malicious traffic to exhaust the targeted resources. Such attacks can be easily observed and detected due to their high packet rates. Thus, now attackers are fascinated by the Low-Rate DDoS (LR-DDoS) attacks. In recent years, many efforts have been devoted to defending against the DDoS attacks in SDN. As the attackers benefit from the programmable nature of SDN, an in-detail review of various DDoS attacks and their corresponding defense approaches are essential. Initially, this paper presents a conceptual architecture of SDN and discusses the vulnerable locations in each plane that are exploited by the attacker for launching the DDoS attacks. Secondly, the work offers a detailed classification of DDoS attacks (HR-DDoS and LR-DDoS) concerning the SDN planes and the corresponding defense solutions. The convergence point of this research work is to discover the related security issues and stimulate the network researchers to counter these issues by employing the respective SDN DDoS defense solutions efficiently. Finally, the work gets concluded with a focus on the respective future challenges.

Internet of Things (IoT) devices are widely used in many industries including smart cities, smart agriculture, smart medical, smart logistics, etc. However, Distributed Denial of Service (DDoS) attacks pose a serious threat to the security of IoT. Attackers can easily exploit the vulnerabilities of IoT devices and control them as part of botnets to launch DDoS attacks. This is because IoT devices are resource-constrained with limited memory and computing resources. As an emerging technology, Blockchain has the potential to solve the security issues in IoT. Therefore, it is important to analyse various Blockchain-based solutions to mitigate DDoS attacks in IoT. In this survey, a detailed survey of various Blockchain-based solutions to mitigate DDoS attacks in IoT is carried out. First, we discuss how the IoT networks are vulnerable to DDoS attacks, its impact over IoT networks and associated services, the use of Blockchain as a potential technology to address DDoS attacks, in addition to challenges of Blockchain implementation in IoT. We then discuss various existing Blockchain-based solutions to mitigate the DDoS attacks in the IoT environment. Then, we classify existing Blockchain-based solutions into four categories i.e., Distributed Architecture-based solutions, Access Management-based solutions, Traffic Control-based solutions and the Ethereum Platform-based solutions. All the solutions are critically evaluated in terms of their working principles, the DDoS defense mechanism (i.e., prevention, detection, reaction), strengths and weaknesses. Finally, we discuss future research directions that can be explored to design and develop better Blockchain-based solutions to mitigate DDoS attacks in IoT.

Distributed denial of service (DDoS) attacks represent a significant cybersecurity challenge, posing a critical risk to computer networks. Developing an effective defense mechanism against these attacks is crucial but challenging, given their diverse attack types, network and computing platform heterogeneity, and complex communication protocols. Moreover, the emergence of innovative DDoS attack methods presents a formidable threat to existing countermeasures. Various machine learning techniques have shown promise in detecting DDoS attacks with low false‐positive rates and high detection rates. This survey paper offers a comprehensive taxonomy of machine learning‐based methods for detecting DDoS attacks, reviewing supervised, unsupervised, hybrid approaches, and analyzing the related challenges. Further, we explore relevant datasets, highlighting their strengths and limitations, and propose future research directions to address the current gaps in this domain. This paper aims to provide a profound understanding of DDoS attack detection mechanisms, aiding researchers, and practitioners in developing effective cybersecurity approaches against such attacks. This research is essential because DDoS attacks are diverse and pose a formidable threat to computer networks, and various machine learning techniques have shown promise in detecting them. Its implications include providing insights that can inform the development of robust defense mechanisms against DDoS attacks. This review paper discusses the Distributed Denial of Service (DDoS) attacks, the machine learning‐based detection methods of these attacks and the existing challenges. Some of the most commonly used public datasets are also compared, and their strengths and shortcomings are discussed.

The 5G networks aim to realize a massive Internet of Things (IoT) environment with low latency. IoT devices with weak security can cause Tbps-level Distributed Denial of Service (DDoS) attacks on 5G mobile networks. Therefore, interest in automatic network intrusion detection using machine learning (ML) technology in 5G networks is increasing. ML-based DDoS attack detection in a 5G environment should provide ultra-low latency. To this end, utilizing a feature-selection process that reduces computational complexity and improves performance by identifying features important for learning in large datasets is possible. Existing ML-based DDoS detection technology mostly focuses on DDoS detection learning models on the wired Internet. In addition, studies on feature engineering related to 5G traffic are relatively insufficient. Therefore, this study performed feature selection experiments to reduce the time complexity of detecting and analyzing large-capacity DDoS attacks in real time based on ML in a 5G core network environment. The results of the experiment showed that the performance was maintained and improved when the feature selection process was used. In particular, as the size of the dataset increased, the difference in time complexity increased rapidly. The experiments show that the real-time detection of large-scale DDoS attacks in 5G core networks is possible using the feature selection process. This demonstrates the importance of the feature selection process for removing noisy features before training and detection. As this study conducted a feature study to detect network traffic passing through the 5G core with low latency using ML, it is expected to contribute to improving the performance of the 5G network DDoS attack automation detection technology using AI technology.

The distributed denial of service attack poses a significant threat to network security. Despite the availability of various methods for detecting DDoS attacks, the challenge remains in creating real-time detectors with minimal computational overhead. Additionally, the effectiveness of new detection methods depends heavily on well-constructed datasets. This paper addresses the critical DDoS dataset creation and evaluation domain, focusing on the cloud network. After conducting an in-depth analysis of 16 publicly available datasets, this research identifies 15 shortcomings across various dimensions, emphasizing the need for a new approach to dataset creation. Building upon this understanding, this paper introduces a new public DDoS dataset named BCCC-cPacket-Cloud-DDoS-2024. This dataset is meticulously crafted, addressing challenges identified in previous datasets through a cloud infrastructure featuring over eight benign user activities and 17 DDoS attack scenarios. Also, a Benign User Profiler (BUP) tool has been designed and developed to generate benign user network traffic based on a normal user behavior profile. We manually label the dataset and extract over 300 features from the network and transport layers of the traffic flows using NTLFlowLyzer. The experimental phase involves identifying an optimal feature set using three distinct algorithms: ANOVA, information gain, and extra tree. Finally, this paper proposes a multi-layered DDoS detection model and evaluates its performance using the generated dataset to cover the main issues of the traditional approaches.

Nowadays, the Internet of Things (IoT) concept plays a pivotal role in society and brings new capabilities to different industries. The number of IoT solutions in areas such as transportation and healthcare is increasing and new services are under development. In the last decade, society has experienced a drastic increase in IoT connections. In fact, IoT connections will increase in the next few years across different areas. Conversely, several challenges still need to be faced to enable efficient and secure operations (e.g., interoperability, security, and standards). Furthermore, although efforts have been made to produce datasets composed of attacks against IoT devices, several possible attacks are not considered. Most existing efforts do not consider an extensive network topology with real IoT devices. The main goal of this research is to propose a novel and extensive IoT attack dataset to foster the development of security analytics applications in real IoT operations. To accomplish this, 33 attacks are executed in an IoT topology composed of 105 devices. These attacks are classified into seven categories, namely DDoS, DoS, Recon, Web-based, brute force, spoofing, and Mirai. Finally, all attacks are executed by malicious IoT devices targeting other IoT devices. The dataset is available on the CIC Dataset website.

Distributed Denial of Service attack has been a huge threat to the Internet and may carry extreme losses to systems, companies, and national security. The invader can disseminate Distributed denial of service (DDoS) attacks easily, and it ends up being significantly harder to recognize and forestall DDoS attacks. In recent years, many IT-based companies are attacked by DDoS attacks. In this view, the primary concern of this work is to detect and prevent DDoS attacks. To fulfill the objective, various data mining techniques such that Jrip, J48, and k-NN have been employed for DDoS attacks detection. These algorithms are implemented and thoroughly evaluated individually to validate their performance in this domain. The presented work has been evaluated using the latest dataset CICIDS2017. The dataset characterizes different DDoS attacks viz. brute force SSH, brute force FTP, Heartbleed, infiltration, botnet TCP, UDP, and HTTP with port scan attack. Further, the prevention method takes place in progress to block the malicious nodes participates in any of the said attacks. The proposed DDoS prevention works in a proactive mode to defend all these attack types and gets evaluated concerning various parameters such as Throughput, PDR, End-to-End Delay, and NRL. This study claimed that the proposed technique outperforms with respect to the AODV routing algorithm.

Low Earth orbit satellite constellation networks (LSCNs) have attracted significant attention around the world due to their great advantages of low latency and wide coverage, but they also bring new challenges to network security. Distributed denial of service (DDoS) attacks are considered one of the most threatening attack methods in the field of Internet security. In this paper, a space-time graph model is built to identify the key nodes in LSCNs, and a DDoS attack is adopted as the main means to attack the key nodes. The scenarios of two-satellite-key-node and multi-satellite-key-node attacks are considered, and their security performance against DDoS attacks is also analyzed. The simulation results show that the transmission path of key satellite nodes will change rapidly after being attacked, and the average end-to-end delay and packet loss are linearly related to the number of key-node attacks. This work provides a comprehensive analysis of the security performance of LSCNs under a DDoS attack and theoretical support for future research on anti-DDoS attack strategies for LSCNs.

The Internet of things (IoT) has opened new dimensions of novel services and computing power for modern living standards by introducing innovative and smart solutions. Due to the extensive usage of these services, IoT has spanned numerous devices and communication entities, which makes the management of the network a complex challenge. Hence it is urgently needed to redefine the management of the IoT network. Software-defined networking (SDN) intrinsic programmability and centralization features simplify network management, facilitate network abstraction, ease network evolution, has the potential to manage the IoT network. SDN’s centralized control plane promotes efficient network resource management by separating the control and data plane and providing a global picture of the underlying network topology. Apart from the inherent benefits, the centralized SDN architecture also brings serious security threats such as spoofing, sniffing, brute force, API exploitation, and denial of service, and requires significant attention to guarantee a secured network. Among these security threats, Distributed Denial of Service (DDoS) and its variant Low-Rate DDoS (LR-DDoS), is one of the most challenging as the fraudulent user generates malicious traffic at a low rate which is extremely difficult to detect and defend. Machine Learning (ML), especially Federated Learning (FL), has shown remarkable success in detecting and defending against such attacks. In this paper, we adopted Weighted Federated Learning (WFL) to detect Low-Rate DDoS (LR-DDoS) attacks. The extensive MATLAB experimentation and evaluation revealed that the proposed work ignites the LR-DDoS detection accuracy compared with the individual Neural Networks (ANN) training algorithms, existing packet analysis-based, and machine learning approaches.