期刊文献+
共找到3篇文章
< 1 >
每页显示 20 50 100
A broad learning-based comprehensive defence against SSDP reflection attacks in IoTs
1
作者 Xin Liu Liang Zheng +3 位作者 Sumi Helal Weishan Zhang Chunfu Jia Jiehan Zhou 《Digital Communications and Networks》 SCIE CSCD 2023年第5期1180-1189,共10页
The proliferation of Internet of Things(IoT)rapidly increases the possiblities of Simple Service Discovery Protocol(SSDP)reflection attacks.Most DDoS attack defence strategies deploy only to a certain type of devices ... The proliferation of Internet of Things(IoT)rapidly increases the possiblities of Simple Service Discovery Protocol(SSDP)reflection attacks.Most DDoS attack defence strategies deploy only to a certain type of devices in the attack chain,and need to detect attacks in advance,and the detection of DDoS attacks often uses heavy algorithms consuming lots of computing resources.This paper proposes a comprehensive DDoS attack defence approach which combines broad learning and a set of defence strategies against SSDP attacks,called Broad Learning based Comprehensive Defence(BLCD).The defence strategies work along the attack chain,starting from attack sources to victims.It defends against attacks without detecting attacks or identifying the roles of IoT devices in SSDP reflection attacks.BLCD also detects suspicious traffic at bots,service providers and victims by using broad learning,and the detection results are used as the basis for automatically deploying defence strategies which can significantly reduce DDoS packets.For evaluations,we thoroughly analyze attack traffic when deploying BLCD to different defence locations.Experiments show that BLCD can reduce the number of packets received at the victim to 39 without affecting the standard SSDP service,and detect malicious packets with an accuracy of 99.99%. 展开更多
关键词 Denial-of-service DRDoS SSDP reflection Attack Broad learning Traffic detection
下载PDF
An Improvement ofGNY Logic for the Reflection Attacks
2
作者 丁一强 《Journal of Computer Science & Technology》 SCIE EI CSCD 1999年第6期619-623,共5页
In this paper, the limitation of the GNY logic about its inabilityto detect the reflection attacks against some authentication protocols is given. Animprovement is proposed which takes into account the possible multip... In this paper, the limitation of the GNY logic about its inabilityto detect the reflection attacks against some authentication protocols is given. Animprovement is proposed which takes into account the possible multiple instances(principals) of the same identity in the model. 展开更多
关键词 security protocol protocol analysis formal method reflection Attack
原文传递
Survey of Attacks and Countermeasures for SDN
3
作者 BAI Jiasong ZHANG Menghao BI Jun 《ZTE Communications》 2018年第4期3-8,共6页
Software defined networking(SDN)has attracted significant attention from both academia and industry by its ability to reconfigure network devices with logically centralized applications.However,some critical security ... Software defined networking(SDN)has attracted significant attention from both academia and industry by its ability to reconfigure network devices with logically centralized applications.However,some critical security issues have also been introduced along with the benefits,which put an obstruction to the deployment of SDN.One root cause of these issues lies in the limited resources and capability of devices involved in the SDN architecture,especially the hardware switches lied in the data plane.In this paper,we analyze the vulnerability of SDN and present two kinds of SDN-targeted attacks:1)data-to-control plane saturation attack which exhausts resources of all SDN components,including control plane,data plane,and the in-between downlink channel and 2)control plane reflection attack which only attacks the data plane and gets conducted in a more efficient and hidden way.Finally,we propose the corresponding defense frameworks to mitigate such attacks. 展开更多
关键词 SDN indirect/direct data plane event data-to-control plane saturation attack control plane reflection attack
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部