Generator of Slow Denial-of-Service Cyber Attacks

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F21%3APU141317" target="_blank" >RIV/00216305:26220/21:PU141317 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.mdpi.com/1424-8220/21/16/5473" target="_blank" >https://www.mdpi.com/1424-8220/21/16/5473</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.3390/s21165473" target="_blank" >10.3390/s21165473</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Generator of Slow Denial-of-Service Cyber Attacks

Popis výsledku v původním jazyce

In today’s world, the volume of cyber attacks grows every year. These attacks can cause many people or companies high financial losses or loss of private data. One of the most common types of attack on the Internet is a DoS (denial-of-service) attack, which, despite its simplicity, can cause catastrophic consequences. A slow DoS attack attempts to make the Internet service unavailable to users. Due to the small data flows, these attacks are very similar to legitimate users with a slow Internet connection. Accurate detection of these attacks is one of the biggest challenges in cybersecurity. In this paper, we implemented our proposal of eleven major and most dangerous slow DoS attacks and introduced an advanced attack generator for testing vulnerabilities of protocols, servers, and services. The main motivation for this research was the absence of a similarly comprehensive generator for testing slow DoS vulnerabilities in network systems. We built an experimental environment for testing our generator, and then we performed a security analysis of the five most used web servers. Based on the discovered vulnerabilities, we also discuss preventive and detection techniques to mitigate the attacks. In future research, our generator can be used for testing slow DoS security vulnerabilities and increasing the level of cyber security of various network systems.

Název v anglickém jazyce

Generator of Slow Denial-of-Service Cyber Attacks

Popis výsledku anglicky

In today’s world, the volume of cyber attacks grows every year. These attacks can cause many people or companies high financial losses or loss of private data. One of the most common types of attack on the Internet is a DoS (denial-of-service) attack, which, despite its simplicity, can cause catastrophic consequences. A slow DoS attack attempts to make the Internet service unavailable to users. Due to the small data flows, these attacks are very similar to legitimate users with a slow Internet connection. Accurate detection of these attacks is one of the biggest challenges in cybersecurity. In this paper, we implemented our proposal of eleven major and most dangerous slow DoS attacks and introduced an advanced attack generator for testing vulnerabilities of protocols, servers, and services. The main motivation for this research was the absence of a similarly comprehensive generator for testing slow DoS vulnerabilities in network systems. We built an experimental environment for testing our generator, and then we performed a security analysis of the five most used web servers. Based on the discovered vulnerabilities, we also discuss preventive and detection techniques to mitigate the attacks. In future research, our generator can be used for testing slow DoS security vulnerabilities and increasing the level of cyber security of various network systems.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

<a href="/cs/project/FW01010474" target="_blank" >FW01010474: Analýza, detekce a mitigace hrozeb dostupnosti síťových služeb</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

SENSORS

ISSN

1424-8220

e-ISSN

1424-3210

Svazek periodika

21

Číslo periodika v rámci svazku

16

Stát vydavatele periodika

CH - Švýcarská konfederace

Počet stran výsledku

27

Strana od-do

1-27

Kód UT WoS článku

000690003400001

EID výsledku v databázi Scopus

2-s2.0-85112377489