The Modicon Communication Bus (Modbus) protocol is one of the most commonly used protocols in industrial control systems. Modbus was not designed to provide security. This paper confirms that the Modbus protocol is vulnerable to flooding attacks. These attacks involve injection of commands that result in disrupting the normal operation of the control system. This paper describes a set of experi...

Detecting Distributed Denial of Service (DDoS) flooding attacks as soon as possible before they affect the victims, identifying the sources of the attacks, and finally stopping them by blocking or rate limiting the attack traffic is the ultimate goal of current defense mechanisms. The success in detecting and responding to DDoS flooding attacks is highly dependent on the data monitored by the e...

AODV is a reactive MANET routing protocol that is vulnerable to a dramatic collapse of throughput when malicious intruders flood the network with bogus route requests. We introduce a simple mechanism to resist such attacks that can be incorporated into any reactive routing protocol. It does not require expensive cryptography or authentication mechanisms, but relies on locally applied timers and...

increasing the popularity of sip based services (voip, iptv, ims infrastructure) lead to concerns about its ‎security. the main signaling protocol of next generation networks and voip systems is session initiation protocol ‎‎(sip). inherent vulnerabilities of sip, misconfiguration of its related components and also its implementation ‎deficiencies cause some security concerns in sip based infra...

The lack of any centralized infrastructure in mobile ad hoc networks (MANET) is one of the greatest security concerns in the deployment of wireless networks. Thus communication in MANET functions properly only if the participating nodes cooperate in routing without any malicious intention. However, some of the nodes may be malicious in their behavior, by indulging in flooding attacks on their n...

This paper deals with detection of SYN flooding attacks which are the most common type of attacks in a Mobile Agent World. We propose a new framework for the detection of flooding attacks by integrating Divergence measures over Sketch data structure. We compare three divergence measures (Hellinger Distance, Chi-square and Power divergence) to analyze their detection accuracy. The performance of...

The Denial of Service (DoS) attacks pose a major threat to Internet users and services. Since the network security ecosystem is expanding over the years, new types of DoS attacks emerge. The DoS link-flooding attacks target to severely congest certain network links disrupting Internet accessibility to certain geographical areas and services passing through these links. Since crucial services li...

Network-layer capabilities offer strong protection against link flooding by authorizing individual flows with unforgeable credentials (i.e., capabilities). However, the capabilitysetup channel is vulnerable to flooding attacks that prevent legitimate clients from acquiring capabilities; i.e., in Denial of Capability (DoC) attacks. Based on the observation that the distribution of attack sources...

Network-layer capabilities offer strong protection against link flooding by authorizing individual flows with unforgeable credentials (i.e., capabilities). However, the capabilitysetup channel is vulnerable to flooding attacks that prevent legitimate clients from acquiring capabilities; i.e., in Denial of Capability (DoC) attacks. Based on the observation that the distribution of attack sources...