Search results

This paper aims to examine whether there are morally defensible reasons for using or operating websites (called ‘booters’) that offer distributed denial-of-service (DDoS) attacks on a specified target to users for a price. Booters have been linked to some of the most powerful DDoS attacks in recent years.

The authors identify the various parties associated with booter websites and the means through which booters operate. Then, the authors present and evaluate the two arguments that they claim may be used to justify operating and using booters: that they are a useful tool for testing the ability of networks and servers to handle heavy traffic, and that they may be used to perform DDoS attacks as a form of civil disobedience on the internet.

The authors argue that the characteristics of existing booters disqualify them from being morally justified as network stress testing tools or as a means of performing civil disobedience. The use of botnets that include systems without the permission of their owners undermines the legitimacy of both justifications. While a booter that does not use any third-party systems without permission might in principle be justified under certain conditions, the authors argue that it is unlikely that any existing booters meet these requirements.

Law enforcement agencies may use the arguments presented here to justify shutting down the operation of booters, and so reduce the number of DDoS attacks on the internet.

The value of this work is in critically examining the potential justifications for using and operating booter websites and in further exploring the ethical aspects of using DDoS attacks as a form of civil disobedience.

In the last a few years a number of highly publicized incidents of Distributed Denial of Service (DDoS) attacks against high‐profile government and commercial websites have made people aware of the importance of providing data and services security to users. A DDoS attack is an availability attack, which is characterized by an explicit attempt from an attacker to prevent legitimate users of a service from using the desired resources. This paper introduces the vulnerability of web applications to DDoS attacks, and presents an active distributed defense system that has a deployment mixture of sub‐systems to protect web applications from DDoS attacks. According to the simulation experiments, this system is effective in that it is able to defend web applications against attacks. It can avoid overall network congestion and provide more resources to legitimate web users.

SCOPE AND DEFINITIONS The provision of any service requires the utilisation of resources. In a digital context these resources might be processor cycles, memory capacity, disk space or communications bandwidth. A Denial of Service (DoS) attack implies either the removal of those resources by some external event or their pre‐emption by a competing process; this should be understood to include rerouting or replacing a service. The sole objective of a DoS attack is thus to prevent the normal operation of a digital system in the manner required by its customers and intended by its designers. As such, DoS attacks on the mission‐critical or business‐critical infrastructure systems of financial, commercial or other enterprises offer the potential for sabotage, blackmail or extortion operations.

The purpose of this study is to extensively explore the vehicular network paradigm, challenges faced by them and provide a reasonable solution for securing these vulnerable networks. Vehicle-to-everything (V2X) communication has brought the long-anticipated goal of safe, convenient and sustainable transportation closer to reality. The connected vehicle (CV) paradigm is critical to the intelligent transportation systems vision. It imagines a society free of a troublesome transportation system burdened by gridlock, fatal accidents and a polluted environment. The authors cannot overstate the importance of CVs in solving long-standing mobility issues and making travel safer and more convenient. It is high time to explore vehicular networks in detail to suggest solutions to the challenges encountered by these highly dynamic networks.

This paper compiles research on various V2X topics, from a comprehensive overview of V2X networks to their unique characteristics and challenges. In doing so, the authors identify multiple issues encountered by V2X communication networks due to their open communication nature and high mobility, especially from a security perspective. Thus, this paper proposes a trust-based model to secure vehicular networks. The proposed approach uses the communicating nodes’ behavior to establish trustworthy relationships. The proposed model only allows trusted nodes to communicate among themselves while isolating malicious nodes to achieve secure communication.

Despite the benefits offered by V2X networks, they have associated challenges. As the number of CVs on the roads increase, so does the attack surface. Connected cars provide numerous safety-critical applications that, if compromised, can result in fatal consequences. While cryptographic mechanisms effectively prevent external attacks, various studies propose trust-based models to complement cryptographic solutions for dealing with internal attacks. While numerous trust-based models have been proposed, there is room for improvement in malicious node detection and complexity. Optimizing the number of nodes considered in trust calculation can reduce the complexity of state-of-the-art solutions. The theoretical analysis of the proposed model exhibits an improvement in trust calculation, better malicious node detection and fewer computations.

The proposed model is the first to add another dimension to trust calculation by incorporating opinions about recommender nodes. The added dimension improves the trust calculation resulting in better performance in thwarting attacks and enhancing security while also reducing the trust calculation complexity.

Denial-of-service (DoS) attacks develop unauthorized entry to various network services and user information by building traffic that creates multiple requests simultaneously making the system unavailable to users. Protection of internet services requires effective DoS attack detection to keep an eye on traffic passing across protected networks, freeing the protected internet servers from surveillance threats and ensuring they can focus on offering high-quality services with the fewest response times possible.

This paper aims to develop a hybrid optimization-based deep learning model to precisely detect DoS attacks.

The designed Aquila deer hunting optimization-enabled deep belief network technique achieved improved performance with an accuracy of 92.8%, a true positive rate of 92.8% and a true negative rate of 93.6.

The introduced detection approach effectively detects DoS attacks available on the internet.

The Denial of Service (DoS) attack is a category of intrusion that devours various services and resources of the organization by the dispersal of unusable traffic, so that reliable users are not capable of getting benefit from the services. In general, the DoS attackers preserve their independence by collaborating several victim machines and following authentic network traffic, which makes it more complex to detect the attack. Thus, these issues and demerits faced by existing DoS attack recognition schemes in cloud are specified as a major challenge to inventing a new attack recognition method.

This paper aims to detect DoS attack detection scheme, termed as sine cosine anti coronavirus optimization (SCACVO)-driven deep maxout network (DMN). The recorded log file is considered in this method for the attack detection process. Significant features are chosen based on Pearson correlation in the feature selection phase. The over sampling scheme is applied in the data augmentation phase, and then the attack detection is done using DMN. The DMN is trained by the SCACVO algorithm, which is formed by combining sine cosine optimization and anti-corona virus optimization techniques.

The SCACVO-based DMN offers maximum testing accuracy, true positive rate and true negative rate of 0.9412, 0.9541 and 0.9178, respectively.

The DoS attack detection using the proposed model is accurate and improves the effectiveness of the detection.

A cyberattack is an attempt by cybercriminals as individuals or organizations with unauthorized access using one or more computers and computer systems to steal, expose, change, disable or eliminate information, or to breach computer information systems, computer networks, and computer infrastructures. Cyberattackers gain a benefit from victims, which may be criminal such as stealing data or money, or political or personal such as revenge. In cyberattacks, various targets are possible. Some potential targets for businesses include business and customer financial data, customer lists, trade secrets, and login credentials.

Cyberattackers use a variety of methods to gain access to data, including malware such as viruses, worms, and spyware and phishing methods, man-in-the-middle attacks, denial-of-service attacks, SQL injection, zero-day exploit, and DNS tunneling.

Related to cyberattack, the term cyberwarfare is gaining popularity nowadays. Cyberwarfare is the use of cyberattacks by a state or an organization to cause harm as in warfare against another state's or organization's computer information systems, networks, and infrastructures.

Military, civil, and ideological motivations, or hacktivism can be used to launch a cyberwarfare. For these reasons, cyberwarfare may be used to conduct espionage, sabotage, propaganda, and economic disruption.

Considering highly digitalized business processes such as e-mails, digital banking, online conference, and digital manufacturing methods, damage of cyberwarfare to businesses and countries are unavoidable. As a result, developing strategies for defending against cyberattacks and cyberwarfare is critical for businesses. The concepts of cyberattack and cyberwarfare, as well as business strategies to be protected against them will be discussed in this chapter.

The impact of cyberattacks all over the world has been increasing at a constant rate every year. Performing exploratory analysis helps organizations to identify, manage and safeguard the information that could be vulnerable to cyber-attacks. It encourages to the creation of a plan for security controls that can help to protect data and keep constant tabs on threats and monitor their organization’s networks for any breaches.

The purpose of this experimental study is to state the use of data science in analyzing data and to provide a more detailed view of the most common cybersecurity attacks, what are the most accessed logical ports, visible patterns, as well as the trends and occurrence of attacks. The data to be processed has been obtained by aggregating data provided by a company’s technology department, which includes network flow data produced by nine different types of attacks within every day user activities. This could be insightful for many companies to measure the damage caused by these breaches but also gives a foundation for future comparisons and serves as a basis for proactive measures within industry and organizations.

The most common cybersecurity attacks, most accessed logical ports and their visible patterns were found in the acquired data set. The strategies, which attackers have used with respect to time, type of attacks, specific ports, IP addresses and their relationships have been determined. The statistical hypothesis was also performed to check whether attackers were confined to perform random attacks or to any specific machines with some pattern.

Policies can be suggested such that if an attack is conducted on a specific machine, which can be prevented by identifying the machine, ports and duration of the attacks on which the attacker is targeting and to formulate such policies that the organization should follow to tackle these targeted attacks in the future.

Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their Internet with small and medium scale enterprises (SMEs) and third-party vendors to improve business growth and increase global market share, including changing organizational requirements and business process collaborations. Benefits include a reduction in the cost of production, online services, online payments, product distribution channels and delivery in a supply chain environment. However, the integration has led to an exponential increase in cybercrimes, with adversaries using various attack methods to penetrate and exploit the organizational network. Thus, identifying the attack vectors in the event of cyberattacks is very important in mitigating cybercrimes effectively and has become inevitable. However, the invincibility nature of cybercrimes makes it challenging to detect and predict the threat probabilities and the cascading impact in an evolving organization landscape leading to malware, ransomware, data theft and denial of service attacks, among others. The paper explores the cybercrime threat landscape, considers the impact of the attacks and identifies mitigating circumstances to improve security controls in an evolving organizational landscape.

The approach follows two main cybercrime framework design principles that focus on existing attack detection phases and proposes a cybercrime mitigation framework (CCMF) that uses detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface. The methods and implementation processes were derived by identifying an organizational goal, attack vectors, threat landscape, identification of attacks and models and validation of framework standards to improve security. The novelty contribution of this paper is threefold: first, the authors explore the existing threat landscapes, various cybercrimes, models and the methods that adversaries are deploying on organizations. Second, the authors propose a threat model required for mitigating the risk factors. Finally, the authors recommend control mechanisms in line with security standards to improve security.

The results show that cybercrimes can be mitigated using a CCMF to detect, assess, analyze, evaluate and respond to cybercrimes to improve security in an evolving organizational threat landscape.

The paper does not consider the organizational size between large organizations and SMEs. The challenges facing the evolving organizational threat landscape include vulnerabilities brought about by the integrations of various network nodes. Factor influencing these vulnerabilities includes inadequate threat intelligence gathering, a lack of third-party auditing and inadequate control mechanisms leading to various manipulations, exploitations, exfiltration and obfuscations.

Attack methods are applied to a case study for the implementation to evaluate the model based on the design principles. Inadequate cyber threat intelligence (CTI) gathering, inadequate attack modeling and security misconfigurations are some of the key factors leading to practical implications in mitigating cybercrimes.

There are no social implications; however, cybercrimes have severe consequences for organizations and third-party vendors that integrate their network systems, leading to legal and reputational damage.

The paper’s originality considers mitigating cybercrimes in an evolving organization landscape that requires strategic, tactical and operational management imperative using the proposed framework phases, including detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface, which is currently inadequate.