Cloud computing offers great potential to improve productivity and reduce costs, but at the same time it possesses many new security risks. In this paper we identify the possible security attacks on clouds including: Wrapping attacks, Malware-Injection attacks, Flooding attacks, Browser attacks, and also Accountability checking problems. We identify the root causes of these attacks and propose ...

Increased instances of distributed denial of service (DDoS) attacks on the Internet have raised questions on whether and how ad hoc networks are vulnerable to such attacks. This paper studies the special properties of such attacks in ad hoc networks. We examine two types of area-congestion-based DDoS attacks – remote and local attacks – and present in-depth analysis on various factors and attac...

Internet catastrophes could be caused by large-scale worm outbreaks that lead to DDoS flooding attacks. Internet worms can be exploited to damage infected hosts and launch flooding attacks against high-profile Internet services. We suggest deploying distributed WormShield monitors to automatically detect and disseminate worm signatures. WormShield monitors analyze the global prevalence and addr...

The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring system whose goal is to measure, detect, characterize, and track threats such as distribute denial of service(DDoS) attacks and worms. To block the monitoring system in the internet the attackers are targeted the ITM system. In this paper we address flooding attack against ITM system in which the attacker attempt to e...

Distributed Denial of Service (DDOS) attacks are the major concern for security in the collaborative networks. Although non DDOS attacks are also make the network performances poor, the effect of DDOS attacks is severe. In DDOS attacks, flooding of the particular node as victim and jam it with massive traffic happens and the complete network performance is affected. In this paper, a novel Intru...

Any application or service utilizing the Internet is exposed to both general Internet attacks and other specific ones. Most of the times the latter are exploiting a vulnerability or misconfiguration in the provided service and/or in the utilized protocol itself. Consequently, the employment of critical services, like Voice over IP (VoIP) services, over the Internet is vulnerable to such attacks...

Distributed denial of services (DDoS) attacks post a major threat to Internet security. This paper proposes a distributed system to detect flooding DDoS attacks at the earliest possible time. At the launching stage of a DDoS attack, some changes in traffic fluctuation are detectable at the router or gateway level. We develop a distributed change-point (DCP) detection architecture using change a...

Next Generation Networks (NGN) focuses to improve the telecommunication core and access networks and plan to transport all the services by encapsulating them into packets via a single IP based network. IP Multimedia Subsystem (IMS) serves as a Service Delivery Platform for NGN. Conference, one of the main services provided by the IMS, allows the multiple users to communicate at a time. This ser...

This paper proposes a new method and algorithm to efficiently protect web servers against SYN-flooding denial-of-service attacks and flash crowds. The method proposes use of cache to avoid preemption of legitimate SYN messages from the TCP backlog queue in Random Drop (RD) method during SYN-flooding attacks. A new algorithm, the Cached Guaranteed Timer Random Drop (Cached GT-RD), was designed t...

SYN flooding attacks generate enormous packets by a large number of agents and can easily exhaust the computing and communication resources of a victim within a short period of time. In this paper, we propose a lightweight method for detecting SYN flooding attack by non-parametric cumulative sum algorithm. We experiment with real SYN flooding attack data set in order to evaluate our method. The...