ArticlePDF Available

Abstract and Figures

The present era is completely dependent on Internet which serves as a global information source for all users. Therefore the availability of internet is very important. Distributed denial-of-service is one kind of the most highlighted and most important attacks of today's cyber world. This paper mainly focuses on the DDoS attack which obstruct the network availability by overflowing the victim with high volume of illegal traffic usurping its bandwidth, overburdening it to prevent valid traffic to get through. We have also described the various types of DoS attack techniques that are inflicted upon the ISPs. The study of this research is to find out the various techniques to prevent these attacks along with their mitigation techniques and to find out any possible solution.
Content may be subject to copyright.
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
10
A STUDY ON DDOS ATTACKS, DANGER AND ITS
PREVENTION
1Sushmita Chakraborty, 2Praveen Kumar, 3Dr. Bhawna Sinha
1Assistnat Professor, 2Assistnat Professor, 3Head, Assistant Professor
1Department of MCA,
1Patna Women’s College (Autonomous), Bailey Road, Patna, Bihar, India
Abstract : The present era is completely dependent on Internet which serves as a global information source for all users. Therefore the
availability of internet is very important. Distributed denial-of-service is one kind of the most highlighted and most important attacks of
today’s cyber world. This paper mainly focuses on the DDoS attack which obstruct the network availability by overflowing the victim
with high volume of illegal traffic usurping its bandwidth, overburdening it to prevent valid traffic to get through. We have also described
the various types of DoS attack techniques that are inflicted upon the ISPs. The study of this research is to find out the various techniques to
prevent these attacks along with their mitigation techniques and to find out any possible solution.
IndexTerms - Denial of Service, DDOS attack, overflowing attacks, mitigation techniques
1. INTRODUCTION
The Internet is defined as an interconnected system of computer networks. The scope of internet in day to day life
is very vast. It provides a wide range of information, services, resources which allows all the sectors to be well
linked As the need of internet is growing faster with time, various issues are related to its security. The reason
for internet insecurity is basically concerned with its design because the foremost concern was its functionality
rather than its security. Hence several types of attacks and threats are reason for apprehension towards
security of internet.
The issues related to internet security are authentication, integrity, availability, confidentiality and non-repudiation.
Among all the attacks DDoS (Distributed Denial of service) attacks are those which hinder clients, users to access
all the advantages of services available to them from server side. The number of DoS and DDoS attacks on the
Internet Service Providers has risen sharply in the last several years. Service providers are under tremendous
pressure to prevent, monitor and mitigate DDoS attacks directed toward their customers and their infrastructure.
2. INTERNET SERVICE PROVIDER (ISP)
An Internet Service Provider (ISP) provides services for accessing and using the Internet. ISP providers may be organized in various forms,
such as commercial, community-owned, non-profit, or otherwise privately owned.
The services provided by ISP are as follows:
Internet Access:- Internet access provided by ISP is the process that enables individuals and organizations to
connect to the Internet by using computer terminals, computers, mobile devices, sometimes via computer
networks so that the users can access Internet services, such as email and the World Wide Web.
Internet Transit: - It is the service of allowing network traffic to cross or "transit" a computer network, usually
used to connect a smaller ISP to the larger internet.
Domain Name Registration: A domain name is an identification string that defines a realm of administrative
autonomy, authority or control within the Internet.
Web Hosting: It is a type of Internet hosting service that allows individuals and organizations to make their
website so that it can be accessible via the World Wide Web.
USENET Service: It is a worldwide distributed discussion system which is available on the computers. It
resembles a bulletin board system (BBS) and is the antecedent cursor to Internet forums that are widely used
today.
Co-location: A co-location center is a type of data centre where equipment, space, and bandwidth are
available for rental purpose to the retail customers.
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
11
3. DOS: A MAJOR THREAT TO THE ISPS
The impact of a successful DDoS attack on an ISP is widespread. Site performance is severely compromised, resulting in frustrated
customers and other users. Service-level agreements (SLAs) are violated, resulting in costly service credits. The growing dependence on the
Internet makes the impact of successful DDoS attacks. DDoS on ISPs results in the following:-
Lost revenue
Lost productivity
Increased IT expenses
Mitigation costs
Loss of customers
The figure given shows how DDoS attack is carried over on ISP.
Point A: This is the entry point of ISP
Point B: This is the exit point of ISP
Point C: This is the entry point to your network
Point D & E: This is the area where Anti DDoS or Firewalls or your IPS/IDS systems reside.
From the above diagram it is quite evident that DDoS may attack a single point in your infrastructure but the repercussions are felt from
Point B Onwards and can be thwarted at Point B itself.
4. UNDERSTANDING THE DDOS ATTACK
The interconnectivity among computers on which the World Wide Web relies, renders it an easy target for launch Denial-of-
Service (DoS) attacks against them. A DoS attack is an attempt to make a machine or network resource unavailable to its future users, by
indefinitely interrupting or suspending services of a host connected to the Internet. According to B. B. Gupta et. al (2008) CERT defines
the term “Denial of Service” as “Occupancy of limited resource or difficult to renew such as network bandwidth, data structure or memory
of a system”.
When many hosts coordinate to flood the victim with an abundance of attack packets, and the attack takes place simultaneously from
multiple points it is called a Distributed DoS (DDoS) attack. Another form of DoS attack known as DRDoS (Distributed Reflector DDos).
A DRDoS attack is more damaging than a typical DDoS attack.
Fig: 2 DDoS Attack
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
12
Fig: 3 Source Country for DDoS Attack
https://www.statista.com/statistics/440582/ddos-attack-traffic-by-originating-country/
From the Graph in Figure: 3 shows the percentage of worldwide DoS attack traffic between November 2017 and April 2018, sorted by
originating countries. It is shown that during that period, 30% of DDoS attack traffic originated from the United States.
Countries
US
China
UK
Spain
Russia
Brazil
Korea
Japan
Ecuador
Total (100%)
30%
16%
5%
3%
3%
3%
3%
3%
2%
Table: 1
4.1 Types of DDoS Attack
Flooding: Available bandwidth is one of the "goods" that attackers try to consume by flooding the network with useless packets.
Protocol Violation Attacks: It Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS etce. This type of attack
consumes actual server resources, or intermediate communication equipment, such as firewalls and load balancers, and is measured in
packets per second (Pps).
CPU Power and Service: By generating several thousands of useless processes on the victim's system, attackers managed to fully
occupy memory and process tables. In this way the victim's computer breaks down. Attackers can try to occupy victims’ services so that
no one else can access them.
4.2 Based on Q2 2018 DDoS Trends Report: 52 Percent of Attacks Employed Multiple Attack Types
Following are the DDoS Trends and Observations:
56% of DDoS attacks were UDP floods.
It is seen that TCP-based attacks were the second most common attack vector, making up 26% of attack types in the quarter.
Fig : 4 Types of DDoS Attacks
52 % of DDoS attacks curbed by Verisign in Q2 2018 employed multiple attack types.
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
13
Fig: 5 Multi-Vector DDoS Attacks Remain Contant
43% of mitigation activity of the Financial Services industry, represents the most frequently targeted industry for Q2 2018. The
second highest number of DDoS attacks were acknowledged by the IT Services/Cloud/SaaS industry, representing 37% of
mitigation activity, which is followed by the Media and Entertainment industry, representing 20 % of mitigation activity.
Fig: 6 Top 3 Industries Targeted
4.3 Popular DDoS Attack Trends on ISP Network
The major DDoS attacks on ISP network are the Network Infrastructure attacks. These have a serious impact on the overall operation of the
ISP. These attacks can create regional or global network outages. These includes:-
Control Plane Attacks: Direct DDoS attacks against the routing protocols and lead to regional outages. Attacks are usually directed at
dynamic routing protocols such as BGP, OSPF, and EIGRP
Management Plane Attacks: The management plane allows network operators the ability to configure the network elements. This
includes protocols such as telnet, SSH, HTTP, HTTPS, SNMP, NTP etc.
Network Services Attacks: It aims the basic services provided by and needed by the ISP. DNS is a critical network service for
operation of the ISP as well as a service provided by the ISP. As a public service, DNS in a service provider’s environment is the most
targeted service.
Fig: 7 DDoS Attack >100 Gbps
The following figure shows that there is 50% increase in the DDoS Attack between the year 2015-2016
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
14
5 Defense Challenges
In spite of the tremendous efforts by researchers and experts to address the denial of service, it still remains an unsolved problem.
The various technical and non-technical challenges underlying the inability to mitigate these attacks includes:
5.1. Internet Architecture Related Challenges
On-demand resource sharing: Inter-user dependency is a fundamental factor that enables DoS to occur. The fundamental structure of
the Internet is a packet switched communications facility which allocates link use on demand. The link capacity will be shared among the
users. In such environment, a mischievous user can disrupt service for other users by occupying most of the shared resources.
Decentralized management: Current Internet can be seen as interconnection of many Autonomous Systems (AS). Each AS has its own
set of operating policy and security policy. The implementation of a global security policy or mechanisms is enormously difficult, which
makes solutions that require cross-domain cooperation unattractive.
Accountability: Accountability ensures that the actions of an entity may be uniquely traced back to that entity. The indifference to
accountability issue is now difficult to ignore.
Variation in link capacity: The provisioning of link bandwidth in modern Internet varies significantly from core networks to edge
network (Bush and Meyer 2002). Traffic from the high-bandwidth core link can overwhelm the low-bandwidth edge link.
5.2. Miscellaneous Challenges
Difficulty of distinguishing malicious requests: It is difficult to distinguish between malicious requests and legitimate ones.
Asymmetry of request and response overhead: Asymmetry of request and response overhead refers to the asymmetry in the amount
of consumed resources for generating a request at the client and creating response at the server. In most cases, a client spends trivial
amount of CPU and memory resources to generate a requests, and the operations carried out by the server to produce the corresponding
response incurs significantly more resource overhead in comparison.
Research challenges: Very limited information about DoS incidents are publicly available due to organizations' unwillingness to
disclose the occurrence of an attack, for fear of damaging the business reputation of the victim. It becomes very difficult to compare the
performance of various solutions. Moreover, the testing of DoS solutions in a realistic environment is immensely challenging, due to the
lack of large-scale test beds or detailed and realistic simulation tools.
Lack of core competency: ISP’s are in the business of selling bandwidth and don’t always invest in the required capital and resources
to stay ahead of the latest DDoS threats. According to some ISPs lack of ROI (Return of Investments) is a major discouraging factor.
6. Defence Mechanisms
DDoS attacks have become more sophisticated in the last several years as the level of attack automation has increased. Organizations are
now increasingly targeted by application-layer DDoS attacks. Fully functional attack software and ready to use programs is readily available
on the Internet allowing novice users to launch large scale attacks with little knowledge.
Monitoring: Developed by Cisco monitoring traffic patterns and DoS/DDoS attacks is a very popular tool used by ISPs. A flow is defined
as having some unique attributes like sourceIP, Destination IP, Source port, Destination port etc. To monitor traffic in both directions all
router interfaces must be monitored, including uplinks to the core routers.
Ingress/Egress Filtering: The purpose of ingress/egress filtering is to allow traffic to enter or leave the network only if its source
addresses are within the expected IP address range.
Drawback: It is difficult to deploy ingress /egress filtering universally. If the attacker carefully chooses a network without ingress/egress
filtering to launched spoofed dos attack, the attack can go undetected. Hence ingress/egress filtering are ineffective to stop DDoS attack.
The possibility of multi-path routing diminishes routers’ ability to determine spoofed source, since a router may receive an unexpected
packet due to route changes [Clark 1988].
Black Holing: ISP's use RTBH (remotely triggered blackholing), by which they can ask their upstream networks to discard the traffic,
so it won't even reach the destination network.
Drawback: The biggest the target IP address (and thus the services running on it) is put offline exactly what the attackers want.
Scrubbing: The scrubbing centre has equipment to filter unwanted traffic, leaving a stream of (mostly) clean traffic which gets routed
back to the ISP. Drawback: Most scrubbing centers are commercial, and can cost quite a lot. Also, scrubbing is not always easy.
7. Proposed Solution and Methodology
Based on our findings recommended some measures to local ISPs to strengthen security against DDoS attack in an economical manner.
These include:
Every single user who accesses your router should be given a username and password.
Make sure you have RPF (ingress and egress filtering) on the interface of every static connection.
Disable Telnet on vtys and allow only SSH based connections.
Use Vtys filters to prevent public routers from getting response from your router.
Use TACACS (Terminal Access Controller Access Control System) for password verification.
© 2019 IJRAR May 2019, Volume 6, Issue 2 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)
IJRAR19K1577
International Journal of Research and Analytical Reviews (IJRAR)www.ijrar.org
15
Set up security labs if not possible set aside at least one spare router and server to try a new service instead of implementing it directly on
live network.
Minimizing the number of transit providers possibly one
Team up with other local ISPs for benefits like leasing a scrubbing centre, out of band management and possibly setting up better security
labs.
8. Conclusion
DDoS is becoming a major component of a long term threat campaign and the level of attack automation has escalated. Several efforts are
being taken by ISPs to combat it but they are still not able to overcome the problem completely, instead they are likely to pose a bigger
danger in future. Several weaknesses like the distributed and non-uniform architecture of the Internet infrastructure, business policies,
privacy policies and return on investment has lowered the interest of ISPs in eradicating DDoS completely. Instead DDoS protection is itself
growing as a new market. Under such circumstances it seems impossible to completely eradicate DDoS from society. By following the
recommendations given in paper local ISPs will be able to cope with DDoS attacks more effectively.
9. Future Scope
While all tiers of network providers are taking individual precautions there is a need of unification of the efforts. Distributed nature of the
DDoS attacks can be mitigated by a united effort where the local ISPs provide DDoS protection to Customers while Connection Providers
(Transit Providers) avail DDoS protection to local ISPs. This hierarchical defence structure will cover security loopholes at all levels and will
successfully give DDoSers a hard time.
10. REFERENCES & WEBLINKS
[1] https://journals.sagepub.com/doi/full/10.1177/1550147717741463
[2] International journal of Distributed Sensor Network
[3] https://blog.eccouncil.org/types-of-ddos-attacks-and-their-prevention-and-mitigation-strategy/
[4] http://users.eecs.northwestern.edu/~khh575/pub/pub/Report-DDoS-1.pdf
[5] International Journal of Computer Applications (0975 8887) Volume 67 No.19, April 2013
https://www.researchgate.net/publication/258790077_DDoS_Attack_Prevention_and_Mitigation_Techniques_-_A_Review
Ms. Sushmita Chakraborty, currently working as an Assistant Coordinator & Assistant Professor at Patna
Women’s College, Patna University. She has over 20 years of teaching experience. She is the Course Coordinator of
the Credit Based Add-on Certificate Course in 3D Animation and Design (College Level). She has also worked as
Joint Organizing Secretary for A Two-Day National Workshop on Research Methodology & Application of SPSS
on 7th & 8th March , 2018; as Technical Secretary of the National seminar on “ICT and Women Empowerment”;
Joint Organizing Secretary for UGC Sponsored National Workshop on INFLIBNET: Awareness Workshop for
Colleges of Bihar”; Joint Organizing Secretary for UGC Sponsored National Workshop on “Emerging Trends in
Material Science (ETMS 2011)”and as Technical Secretary of the National Seminar on “ICT and Women
Empowerment”. She has participated in several Conferences/Workshops/Symposia/ Guest Lectures and published papers at various
National & International Journals. Worked as co-author for Computer Literacy Module Published by Dept. of Computer Science in the
year 2007, PWC. Co-Editor of the Book 3D Animation and Design.
Praveen Kumar (M.Tech (CS), MCA), Assistant Professor, Patna Women’s College, Patna. Over 13 years of
experience in Software Development and Teaching (.Net, Java, Web Technology, Web Based Papers). Course
Coordinator of the Credit Based Add-on Certificate Course in Android App. Development (College Level)
Dr. Bhawna Sinha is currently working as Asst. Professor at Patna Women’s College, Patna University. She has
around 21 years of teaching experience and is currently heading the MCA Department. Her area of interest is
Fuzzy Computing, Data mining, Computer Organization and computer networks. She is a life member of CSI and
was also awarded Active Woman Member of CSI in the year 2016. She has published several papers in both
international and national levels and edited three books “Computer Literacy: An Overview”, “3D Animation and
Design” and “Web Designing”. She is involved in various academic and administrative activities
and is a member of Research Committee and IQAC of the College. (E-mail: bhawna.sahay2004@gmail.com)
... The key objectives of Internet security are authentication, integrity, availability, confidentiality, and non-repudiation [2]. Cyber attacks, particularly the Distributed Denial of Service (DDoS) attack, pose a serious threat to the availability aspect of network security by flooding a target network or system with traffic from multiple sources, overloading its capacity in order to deny access for legitimate users [3]. The consequences of DDoS attacks can be devastating, leading to network downtime, loss of revenue, damage to reputation, cost for damage mitigation, etc. ...
... DDoS is a variant of the Denial of Service (DoS) attack, which is a type of cyber attack that seeks to make a machine or network resource unavailable to its intended users by interrupting the device's normal functions [2], typically by overwhelming or flooding a targeted machine with requests until normal traffic is unable to be processed, denying access to additional users (see Fig. 1). DoS attack is characterized by using a single computer to launch the attack, while in DDoS the attack originates from numerous sources [3] (see Fig. 1). ...
... Tab. 3: Parameters of two controllers.From the result in Tab.3, it is evident that all of the algorithms achieved either near-perfect or perfect scores for the accuracy metric. RF has the best score overall with 99.99% accuracy during validation and 100% during training and testing. ...
Article
Full-text available
Cybersecurity is known today as one of the greatest challenges of the modern era. Among the various types of cyber attacks that threaten our security, the Distributed Denial of Service (DDoS) attack is among some of the most common, effective, and well-recognized attack strategies. Since this form of attack is meant to disrupt the availability factor covertly, it can be detrimental to the targeted machines and difficult to be discovered. Because of that, there have been a number of approaches, as well as solutions that have been devised in order to detect it as accurately and efficiently as possible. Impressively, data mining methods have been employed to identify patterns of DDoS attacks from the computer network traffic. Nevertheless, the recent works’ results have not yet mentioned which factors of the computer network traffic play the most vital role in indicating the potential for true positive attacks. Additionally, with the Machine Learning approach, there are still ample opportunities to enhance the attack prediction accuracy of the detection model. As such, in this paper, we attempt to explore factors that would influence the classification result, and leverage a variety of Machine Learning algorithms, i.e. Random Forest, Naive Bayes, Logistic Regression, and Multilayer Perceptron, for the purpose of improving the accuracy of data classification. The experiments were deployed using CICIDS2017 dataset and compared with the other related works on the same dataset. The experimental outcomes of our methodologies and analyses demonstrate some potential and effectiveness enhancement compared to previous works. Moreover, we analysized and concluded the insight of how side factors affect the attack identification result. The collected information from our analysis identifies dominant factors, and opens a new view for their hidden correlationship directly affecting the attack labeling.
... As its demand grows, security issues arise. There are various types of attacks targeting the internet that need to be recognized, classified, and protected against [1]. Among them, one of the most common attacks is DDoS in today's cyber world [2]. ...
Article
Full-text available
Dealing with network security has always been challenging, particularly with regard to the detection and prevention of Distributed Denial of Service (DDoS) attacks. Attacks like DDoS bring threats to the network by violating its availability to the probable people who are in need of using that particular server. It is a type of cyber-attack where a network is flooded with a huge amount of traffic, overwhelming the system, and making it unavailable. This type of attack focuses on making the service unavailable to rightful users, without breaching the security perimeter. In a DDoS attack, a master computer hacks a network of vulnerable computers to send a huge quantity of packets to a server from already captured zombie computers. Researchers have suggested various Machine learning (ML) algorithms to detect such attacks. To study and analyse DDoS attacks, researchers have used the CIC-DDoS2019 dataset. To find out how often a DDoS attack happens to a server along with the possible pattern of the attack and type of the attack. This dataset is utilized to train and evaluate ML models for detecting DDoS attacks. In this paper, the primary objective is to propose a decent version of DDoS dataset for investigation and evaluate the performance of various state-of-the-art classifiers, such as Gaussian Naïve Byes (GNB), Bernoulli Naïve Byes (BNB), Random Forest (RF), ID3 Decision Tree (ID3 DT), Logistic Regression (LR), K-Nearest Neighbors (KNN), AdaBoost, CART, and Bagging Classifier ML algorithms to detect DDoS attacks accurately. Along with that, the experimenter showed that DDoS attacks can be identified even more accurately if the attacks are stored in a binary way rather than categorized into 13 different types of attacks in the dataset.
... As a well-established method for bringing down systems since 1973, DDoS continues to be a popular choice for attackers. Since 2017, extensive research has been conducted on DDoS attack methods and techniques in IoT, as well as methods to detect and prevent them [8] [9]. The three main DDoS attack types are volumetric, protocol, and application attacks. ...
Article
Full-text available
Internet of Things (IoT) systems are beneficial to our daily lives and have become increasingly important. A complete IoT system includes devices, sensors, networks, software, and other essential components necessary for operation and interconnection. However, devices and sensors of this nature often have low resource requirements and multiple security vulnerabilities from manufacturers. Moreover, edge network areas of IoT systems exhibit several security weaknesses. Consequently, unauthorized hijacking of sensors or denial-of-service attacks on edge network areas can have severe consequences for the system’s operation. In this study, we propose a model that combines machine learning algorithms and principal component analysis techniques to train and predict Distributed Denial of Service (DDoS) attacks. Principal component analysis techniques were applied to reduce data dimensionality. We used accuracy, precision, recall, and F1-Score as the evaluation metrics. We explain the True Positive, False Positive, True Negative, and False Negative measures as basic parts of the above evaluation metrics. Unlike previous studies, we used the Training Time to evaluate the training time of each model. We employed two datasets, CICIDS 2017 and CSE-CIC-IDS 2018, to evaluate our proposed model. In general, the proposed models exhibited the best performance and improved training time.
Article
Full-text available
Software-defined networks (SDNs) have been growing rapidly due to their ability to provide an efficient network management approach compared to traditional methods. However, one of the major challenges facing SDNs is the threat of Distributed Denial of Service (DDoS) attacks, which can severely impact network availability. Detecting and mitigating such attacks is challenging, given the constantly evolving range of attack techniques. In this paper, a novel hybrid approach is proposed that combines statistical methods with machine-learning capabilities to address the detection and mitigation of DDoS attacks in SDN environments. The statistical phase of the approach utilizes an entropy-based detection mechanism, while the machine-learning phase employs a clustering mechanism to analyze the impact of active users on the entropy of the system. The k-means algorithm is used for clustering. The proposed approach was experimentally evaluated using three modern datasets, namely, CIC-IDS2017, CSE-CIC-2018, and CICIDS2019. The results demonstrate the effectiveness of the system in detecting and blocking sudden and rapid attacks, highlighting the potential of the proposed approach to significantly enhance security against DDoS attacks in SDN environments.
Chapter
As life becomes more digitally oriented, we need to emphasize cybersecurity and its awareness. Particularly in industries such as medicine and business that contain sensitive information, like social security numbers or payment information, which if stolen can result in identity theft. With the right security measures in place, we can maintain a new standard of data privacy as the response to data breaches becomes more efficient. This paper aims to analyze two datasets to compare and recognize any ongoing data breach trends from 2005 to 2019 and from 2009 to 2022. After identifying these trends, we will determine whether these cybersecurity threats are mostly due to human error or if the organizations targeted most have weaker cybersecurity systems. Through our analysis, we found that the business sector loses thirty-nine times more records than medical, however medical is targeted significantly more. Whereas in business the top type of attack is usually hacking or malware, most medical breaches are either unintended disclosures or physical loss which is why fewer records are compromised. With deliberation, we conclude that human error is an element in the majority of large-scale breaches, as well as pointing out the necessity for stronger cybersecurity systems and teams.
Chapter
Full-text available
Multiprocessor webwork is disciplined to an unrivaled amount and diversity of hacks, the preponderance of which is distributed denial of service. Throughout the time, there have been substantial studies of distributed DoS attacks plus DDoS hack alleviation to ensure network security. These kinds of hacks endure challenges to mitigate as the characteristics plus the processes in these hacks constantly vary. To intercept DDoS hacks, the fundamental characteristics of these hacks require to be strenuously examined since their sequence and ports, including the obligation or function process, are swiftly transposed and operated. This paper puts forward a malleable commutable framework that admits the identification/detection of the attacked intermediate node by enabling the watchdog timer and mitigation of DDoS attack by replacing the attacked node with the assistance of an algorithm similar to the energy harvesting routing algorithm which provides the shortest-distance free node while utilizing hybrid protocol. The upper hand of this approach is that it reduces network traffic congestion and energy consumption, prevents data losses and networks’ DDoS attacks, detects policy violations in WSN, and provides improved productivity. Finally, to observe the productivity of the proposed approach, different webwork variables are taken into consideration, and the results are discussed in respect of fecundity and energy depletion, including the PDR (packet delivery ratio).KeywordsDDoS attacksDistributed denial of serviceNetwork securityHacksEnergy harvesting routing algorithmHybrid protocolNetwork trafficNetwork
She has over 20 years of teaching experience. She is the Course Coordinator of the Credit Based Add-on Certificate Course in 3D Animation and Design (College Level)
  • Sushmita Ms
  • Chakraborty
Ms. Sushmita Chakraborty, currently working as an Assistant Coordinator & Assistant Professor at Patna Women's College, Patna University. She has over 20 years of teaching experience. She is the Course Coordinator of the Credit Based Add-on Certificate Course in 3D Animation and Design (College Level). She has also worked as Joint Organizing Secretary for A Two-Day National Workshop on Research Methodology & Application of SPSS on 7th & 8th March, 2018; as Technical Secretary of the National seminar on "ICT and Women Empowerment";
She is a life member of CSI and was also awarded Active Woman Member of CSI in the year 2016. She has published several papers in both international and national levels and edited three books "Computer Literacy: An Overview
  • Dr
  • Bhawna
Dr. Bhawna Sinha is currently working as Asst. Professor at Patna Women's College, Patna University. She has around 21 years of teaching experience and is currently heading the MCA Department. Her area of interest is Fuzzy Computing, Data mining, Computer Organization and computer networks. She is a life member of CSI and was also awarded Active Woman Member of CSI in the year 2016. She has published several papers in both international and national levels and edited three books "Computer Literacy: An Overview", "3D Animation and Design" and "Web Designing". She is involved in various academic and administrative activities and is a member of Research Committee and IQAC of the College. (E-mail: bhawna.sahay2004@gmail.com)