Yi Shen,Chunming Wu,Dezhang Kong,Mingliang Yang

DOI: https://doi.org/10.1109/icc40277.2020.9149276

2020-01-01

Abstract:Distributed Denial of Service (DDoS) attack is one of the most severe threats to the current network security. As a new network architecture, Software-Defined Networking (SDN) draws notable attention from both industry and academia. The characteristics of SDN such as centralized management and flow-based traffic monitoring make it an ideal platform to defend against DDoS attacks. When designing a network intrusion detection system (NIDS) in SDN, how to obtain fine-grained flow information with minimal overhead to the SDN architecture is a problem to be solved. In this paper, we propose TPDD, a two-phase DDoS detection system to detect DDoS attacks in SDN. In the first phase, we utilize the characteristics of SDN to collect coarse-grained flow information from the core switches and locate the potential victim. Then we monitor the edge switches located close to the potential victim to obtain finer-grained traffic information in the second phase. The collection method of each phase fully considers the impact on the bandwidth between the controller and switches. Without modifying the existing flow rules, the collection module can obtain sufficient information about traffic. By using entropy-based and machine learning-based methods, the detection module can effectively detect anomalies and identify whether the potential victim marked in the first phase is the target of attacks. Experimental results show that TPDD can effectively detect DDoS attacks with little overhead.

Yong-mei GAO,Ji-yi WU,Ling-di PING

DOI: https://doi.org/10.3969/j.issn.1673-629X.2009.08.039

2009-01-01

Abstract:Owing to many new characteristics such as central-less control and multi-hop communication,the security situation is more rigorous than that in the traditional Ad hoc network.Especially,when the number of nodes increase,the difficulty of building network,network availability and network security will be influenced badly.After the particular analysis of Sergio Marti's Watchdog and Pathrater arithmetic,intrusion detection system called SuperWatchdog,as the improved solution,was introduced to overcome the weakness of Watchdog.The main feature of the proposed system is its ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and then proceeds to protect the network.Simulation results show that our system decrease the overhead greatly,though it does not increase the throughput obviously.

Fei Yu,XiaoPing Dai,Yue Shen,Huang Huang,Miaoliang Zhu

DOI: https://doi.org/10.1109/ICSSSM.2005.1500110

2005-01-01

Abstract:The problem in network security presently is how to get real-time intrusion detection and alert. In the paper, we design Intrusion Detection System architecture and arithmetic again, meanwhile put forward an improved pattern matching arithmetic based on protocol analysis and theorization machine on Frete. New architecture can use network processor to collect and analyze data in network bottom, which enhance the speed and efficiency in Detection System.

Junchi Xing,Mingliang Yang,Haifeng Zhou,Chunming Wu,Wei Ruan

DOI: https://doi.org/10.1109/IPCCC47392.2019.8958776

2019-01-01

Abstract:Network reconnaissance aims at gathering as much information as possible before an attack is launched. Meanwhile, static host address configuration facilitates network reconnaissance. Currently, more sophisticated network reconnaissance has been emerged with the adaptive and cooperative features. To address this, in this paper, we present Hiding and Trapping (HaT), which is a deceptive approach to disrupt adversarial network reconnaissance with the help of the software-defined networking (SDN) paradigm. HaT is able to hide valuable hosts from attackers and to trap them into decoy nodes through strategic and holistic host address mutation according to characteristic of adversaries. We implement a prototype of HaT, and evaluate its performance by experiments. The experimental results show that HaT is capable to effectively disrupt adversarial network reconnaissance with better deceptive performance than the existing address randomization approach.

Wade Trappe,Wenyuan Xu

DOI: https://doi.org/10.7282/t3rj4jw7

2007-01-01

Abstract:Wireless networks are built upon a shared medium that makes it easy for adversaries to conduct radio interference, or jamming attacks, which effectively cause a denial of service (DoS) of either transmission or reception functionalities. These attacks can be easily accomplished by an adversary by either bypassing MAC-layer protocols, or emitting a radio signal targeted at jamming a particular channel. In this thesis, we examine the issue of jamming wireless networks, and sensor networks in particular, by studying both the attack and defense side of the problem. On the attack side, we present four different jamming attack models that can be used by an adversary to disable the operation of a wireless network, and evaluate their effectiveness in terms of how each method affects the ability of a wireless node to send and receive packets. In order to cope with the problem of jamming, we discuss a two-phase strategy involving the diagnosis of the attack, followed by a suitable defense strategy. For detection, we show that single measurement statistics are not enough to reliably classify the presence of a jamming attack, and propose multimodal detection methods. To cope with jamming, we propose a technique, channel surfing, which involves evading the interferer in the spectral domain. Several different channel surfing models are presented, and we evaluate their effectiveness using a testbed of MICA2 motes. Beyond channel surfing, we overview a second defense strategy whereby it is possible to establish a low data rate jamming resistant communication channel by modulating the interarrival times between jammed packets.

. C. Ioannou,V. Vassiliou,S. M. Kasongo,Y. Sun,Y. Xiao,C. Xing,T. Zhang,Aman deep Kaur,Prakash Rao Ragiri,H. Alipour,Y. B. Al-Nashif,P. Satam

2020-01-01

Abstract:The threat of cyber intrusion is progressively high and harmful. Intrusion Detection Systems (IDS) provides the ability to identify security breaches in a system. A security breach will be taking any action based on the owner of the system believes unauthorized. Attacks in Wireless Networks (WNs) aim in limiting or even eliminating the ability of the network to perform its expected function. WNs are networks with limited resources and often deployed in uncontrollable environments that an intruder can easily access. WN attacks target specific network layer’s vulnerabilities but normally affect other layers as well. Network layer should be monitored and evaluated in order to detect possible malicious intervention. In this research, a general methodology of an anomaly-based Intrusion Detection System is proposed and evaluated the proposed system using routing layer attacks in Ad-hoc Distance Vector Routing (AODV) protocol and IDS is able to detect malicious activity and our solution delivered the packets to the receiver in a new route without discarding.

Nashat, D.,Xiaohong Jiang,Horiguchi, S.

DOI: https://doi.org/10.1109/HSPR.2008.4734440

2008-01-01

Abstract:The TCP SYN flooding attack is the most prevalent type of DDoS attacks that exhaust network resources. The current detection schemes only work well for the detection of high-rate flooding sources. It is notable, however, that in the current DDoS attacks, the flooding rate is usually distributed among many low-rate flooding agents to make the detection more difficult. Therefore, a more sensitive and fast detection scheme is highly desirable for the efficient detection of these low-rate flooding sources. In this paper, we focus on the low-rate agent and propose a router-based detection scheme for it. The proposed scheme is based on the TCP SYN-SYN/ACK protocol pair with the consideration of packet header information (both sequence and Ack. numbers). To make our scheme more sensitive and generally applicable, the counting bloom filter is used to avoid the effect of SYN/ACK retransmission and the change point detection method is applied to avoid the dependence of detection on sites and access patterns. Extensive trace-driven simulation has been conducted to demonstrate the efficiency of the proposed scheme in terms of its detection probability and also average detection time.

Zhong Su,Chuang Lin,FengYuan Ren,XiaoSu Zhan

DOI: https://doi.org/10.1109/spca.2006.297488

2006-01-01

Abstract:Secure Routing is a challenging task because ad-hoc and resource constrained nature of Wireless Sensor Networks. In this paper, we discuss several specific routing attacks, such as wormhole attack, sinkhole attack, Sybil attack, False Data Insert Attack etc. Some security mechanisms, which are used to defend against these attacks, are analyzed. This paper also points out the open research challenges in this field.

Yan Chen,Zhichun Li

2009-01-01

Abstract:In this thesis, I propose and develop a network-based attack defense system, RAIDM. I focus on network based defense because of the following reasons: (i) network gateways/routers are the vantage points for detecting large scale attacks; (ii) only host based detection/prevention is not enough for modern networks. RAIDM has four components: sketch-based monitoring and detection, polymorphic worm signature generation, signature matching engines and network situational awareness.The first module is sketch-based monitoring and detection. In this thesis, leveraging data streaming techniques such as reversible sketch, we design HiFIND [1], a High-speed Flow-level Intrusion Detection system. We also propose a two-dimensional sketch for attack differentiation. HiFIND (i) is scalable to flow-level detection on high-speed networks; (ii) is DoS resilient; (iii) can distinguish SYN flooding and various port scans (mostly for worm propagation) for effective mitigation; (iv) enables aggregate detection over multiple routers/gateways; and (v) separates anomalies to limit false positives in detection. Both theoretical analysis and evaluation with several router traces show that HiFIND achieves these properties. To the best of our knowledge, HiFIND is the first online DoS resilient flow-level intrusion detection system for high-speed networks (e.g. OC192), even for the worst case traffic of 40-byte-packet streams with each packet forming a flow.The second module is polymorphic worm signature generation. Recently, worms and remote exploits sent by botnets have become the major tools for launching Internet attacks. It is critical to quickly generate signatures in response to those fast propagating threats. To this end, I have developed two types of automated worm signature generation approaches (token-based signature generator and length based signature generator) with different information availability requirement and underlying assumptions. Beside token based signature generator, we design a network-based Length-based Signature Generator (LESG) for worms exploiting buffer overflow vulnerabilities. We further prove the attack resilience bounds even under the worst case attacks with deliberate noise injection. Moreover, LESG is fast and noise-tolerant and has efficient signature matching.The third module is signature matching engines. In this thesis, we design NetShield, a vulnerability signature based NIDS/NIPS which achieves high throughput comparable to that of the state-of-the-art regex-based systems while offering much better accuracy. This is accomplished because of the following contributions: (i) we propose a candidate selection algorithm that efficiently matches thousands of vulnerability signatures simultaneously using a small amount of memory; (ii) we propose a parsing transition state machine that achieves fast protocol parsing; (iii) we implement the NetShield prototype, including rewriting the ruleset of Snort to vulnerability signatures. Experimental results show that the core engine of NetShield achieves 1.9Gbps signature matching throughput for 794 HTTP vulnerability signatures on a 3.8GHz PC.Finally, the fourth module is network situational awareness for botnet probings. Botnets dominate today's attack landscape. In this thesis, we investigate ways to analyze collections of malicious probing traffic in order to understand the significance of large-scale "botnet probes". In such events, an entire collection of remote hosts together probes the address space monitored by a sensor in some sort of coordinated fashion. Our goal is to develop methodologies by which sites receiving such probes can infer—using purely local observation—information about the probing activity: What scanning strategies does the probing employ? Is this an attack that specifically targets the site, or is the site only incidentally probed as part of a larger, indiscriminant attack? Our analysis draws upon extensive honeynet data to explore the prevalence of different types of scanning, including properties such as trend, uniformity, coordination and darknet avoidance. In addition, we design schemes to extrapolate the global properties of scanning events (e.g., total population and target scope) as inferred from the limited local view of a honeynet. (Abstract shortened by UMI.)

Kai Bu,Zhixin Sun

DOI: https://doi.org/10.1109/ICYCS.2008.324

2008-01-01

Abstract:The emergence of Distributed Denial of Service (DDoS) attack increases the destructive force of Denial of Service (DoS) attack drastically. Besides bringing more terrible threats, the attack from far and near and the employment of internet protocol (IP) spoofing make the abnormal traffic detection harder and harder. This paper proposes a mechanism defined as AMHI (Address Matching and Hash Inspection) and a method based on it for DDoS attacks detection and defense. Through the simulation experiment, the Address Matching and backup Hash Inspection operations to the suspicious traffic implemented on router interface for local subnet can detect and defend DDoS attacks effectively even when using IP Spoofing. In addition, this method can also decrease a mass of statistical work for the routers, and to some extent ease the pressure of heavy traffic caused by attacks.

S.M. Udhaya Sankar,D. Dhinakaran,C. Cathrin Deboral,M. Ramakrishnan

DOI: https://doi.org/10.14445/22315381/IJETT-V70I11P224

2023-04-21

Abstract:Wireless networks that are decentralized and communicate without using existing infrastructure are known as mobile ad-hoc networks. The most common sorts of threats and attacks can affect MANETs. Therefore, it is advised to utilize intrusion detection, which controls the system to detect additional security issues. Monitoring is essential to avoid attacks and provide extra protection against unauthorized access. Although the current solutions have been designed to defeat the attack nodes, they still require additional hardware, have considerable delivery delays, do not offer high throughput or packet delivery ratios, or do not do so without using more energy. The capability of a mobile node to forward packets, which is dependent on the platform's life quality, may be impacted by the absence of the network node power source. We developed the Safe Routing Approach (SRA), which uses behaviour analysis to track and monitor attackers who discard packets during the route discovery process. The attacking node recognition system is made for irregular routing node detection to protect the controller network's usual properties from becoming recognized as an attack node. The suggested method examines the nearby attack nodes and conceals the trusted node in the routing pathway. The path is instantly assigned after the initial discovery of trust nodes based on each node's strength value. It extends the network's life span and reduces packet loss. In terms of Packet Delivery Ratio (PDR), energy consumption, network performance, and detection of attack nodes, the suggested approach is contrasted with AIS, ZIDS, and Improved AODV. The findings demonstrate that the recommended strategy performs superior in terms of PDR, residual energy, and network throughput.

Networking and Internet Architecture,Cryptography and Security

Shahram Behzad,Reza Fotohi,Jaber Hosseini Balov,Mohammad Javad Rabipour

DOI: https://doi.org/10.48550/arXiv.2003.00870

2020-02-24

Networking and Internet Architecture

Abstract:MANETs (Mobile Ad-hoc Networks) is a temporal network, which is managed by autonomous nodes, which have the ability to communicate with each other without having fixed network infrastructure or any central base station. Due to some reasons such as dynamic changes of the network topology, trusting the nodes to each other, lack of fixed substructure for the analysis of nodes behaviors and loss of specific offensive lines, this type of networks is not supportive against malicious nodes attacks. One of these attacks is black hole attack. In this attack, the malicious nodes absorb data packets and destroy them. Thus, it is essential to present an algorithm against the black hole attacks. This paper proposed a new approach, which improvement the security of DSR routing protocol to encounter the black hole attacks. This schema tries to identify malicious nodes according to nodes behaviors in a MANETs and isolate them from routing. The proposed protocol, called AIS-DSR (Artificial Immune System DSR) employ AIS (Artificial Immune System) to defend against black hole attacks. AIS-DSR is evaluated through extensive simulations in the ns-2 environment. The results show that AIS-DSR outperforms other existing solutions in terms of throughput, end-to-end delay, packets loss ratio and packets drop ratio.

Chris Karlof,David Wagner

DOI: https://doi.org/10.1016/s1570-8705(03)00008-8

IF: 4.816

2003-09-01

Ad Hoc Networks

Abstract:We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks––sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.

computer science, information systems,telecommunications

Zhichun Li,Yan Gao,Yan Chen

2005-01-01

Abstract:Traffic anomalies and attacks are commonplace in to- day's networks, and identifying them rapidly and ac- curately is critical for large networks. With the rapid growth of network bandwidth and fast emergence of new attacks/worms, existing network intrusion detection sys- tems (IDS) are insufficient for the following two reasons. First, they are mostly host-based or located on low-end routers, and not scalable to high-speed networks. How- ever, it is crucial to identify fast propagation of worms in their early phases, which can only possibly be achieved by detection at high speed edge/backbone routers instead of at end hosts. Unfortunately, the existing schemes are not scalable to the link speeds and number of flows for high-speed networks. According to a recent research agenda (7) by DARPA, detection on edge networks is par- ticularly critical, powerful and efficient (without deploy- ing IDSs on all the edge hosts). Second, most of the existing approaches are signature based, which cannot detect unknown attacks. Statistical IDSs are therefore proposed to detect anomalies. Cur- rent systems are mostly designed to detect based on the overall traffic, thus they tend to be inaccurate or can- not find real attack flows for mitigation even when spot- ting anomalies. For instance, the state-of-the-art stateless router-based SYN flooding detection techniques, Change Point Monitoring (CPM), use the statistical behavior of SYN-FIN, or SYN-SYN/ACK packet pairs based on over- all traffic for detection (5). It detects well with pure SYN

Hung-Min Sun,Chiung-Hsun Chen,Chih-Wen Yeh,Yao-Hsin Chen

DOI: https://doi.org/10.1007/s00779-012-0537-y

2013-01-01

Personal and Ubiquitous Computing

Abstract:Mobile ad hoc networks (MANETs) are vulnerable to active attacks, such as dropping attacks, replay attacks, collusion attacks, and tampering attacks. Many researches have been proposed to provide security transmission. However, they cannot effectively and efficiently resist colluding attacks. Therefore, we propose a collaborative routing protocol (CRP) to detect and isolate colluding attackers via monitor mechanism. Monitor nodes observe and record the behavior of intermediate nodes. Based on the records of intermediate nodes, source node can distinguish malicious nodes and isolate them. Finally, security analyses and simulation verify that CRP can effectively and efficiently resist black hole attacks, gray hole attacks, modify and fake packet attacks, rushing attacks, and collusion attacks.

Parmod Kumar,Anupam Baliyan,K. Ramalingeswara Prasad,N. Sreekanth,Parag Jawarkar,Vandana Roy,Enoch Tetteh Amoatey

DOI: https://doi.org/10.1155/2022/5713092

2022-04-13

Wireless Communications and Mobile Computing

Abstract:A number of disadvantages of traditional networks may be attributed to the close relationship that exists between the control plane and the data plane inside proprietary hardware designs, as described above. The problem of security is one of the most difficult to deal with. There are a plethora of network hazards and attacks that might be encountered these days. DDoS attacks are one of the most popular and disruptive attacks on the internet today, and they affect a wide range of organisations. Despite a large number of traditional mitigation solutions now available, the frequency, volume, and intensity of distributed denial-of-service (DDoS) attacks continue to rise. According to the findings of this paper, a new network paradigm is necessary to satisfy the requirements of today’s complex security concerns. It was necessary to develop a software-defined network (SDN) in order to meet the real-time needs of the massive network that was expanding at an exponential rate. Many advantages of SDN exist, including simplicity of administration, scalability, and agility, but one of the most critical is security, which is one of the most important considerations when implementing SDN. SDS may be seen as a paradigm in which the implementation of new security regulations in the computer environment is performed via the use of protected software, which is described further below. The goal is to provide a flexible and extensible architecture for DDoS detection and prevention that is both flexible and extendable; the suggested clustering approach, which is based on the Open Day Light (ODL) Controller, is employed to carry out the experimental findings. In this section, we emphasise DDoS penetration techniques from a range of tools, and we evaluate the vulnerability against various tactics. It is necessary to use a Mininet emulation tool to construct a detection and prevention system against distributed denial of service (DDoS) attacks in order to achieve success. There is a range of other simulation tools that are utilised in conjunction with this research in order to bring it to a conclusion. Integration of industry standards such as SNORT and Flow has been accomplished in a variety of situations and parameter settings. During the creation of a framework capable of detecting and mitigating DDoS attacks at an early stage in both the control and application levels, the implementation of this framework has been shown to be crucial in the development of a framework.

computer science, information systems,telecommunications,engineering, electrical & electronic

Shafiullah Khan,Muhammad Altaf Khan,Noha Alnazzawi

DOI: https://doi.org/10.3390/s24051641

IF: 3.9

2024-03-03

Sensors

Abstract:Wireless sensor networks (WSNs) are essential in many areas, from healthcare to environmental monitoring. However, WSNs are vulnerable to routing attacks that might jeopardize network performance and data integrity due to their inherent vulnerabilities. This work suggests a unique method for enhancing WSN security through the detection of routing threats using feed-forward artificial neural networks (ANNs). The proposed solution makes use of ANNs' learning capabilities to model the network's dynamic behavior and recognize routing attacks like black-hole, gray-hole, and wormhole attacks. CICIDS2017 is a heterogeneous dataset that was used to train and test the proposed system in order to guarantee its robustness and adaptability. The system's ability to recognize both known and novel attack patterns enhances its efficacy in real-world deployment. Experimental assessments using an NS2 simulator show how well the proposed method works to improve routing protocol security. The proposed system's performance was assessed using a confusion matrix. The simulation and analysis demonstrated how much better the proposed system performs compared to the existing methods for routing attack detection. With an average detection rate of 99.21% and a high accuracy of 99.49%, the proposed system minimizes the rate of false positives. The study advances secure communication in WSNs and provides a reliable means of protecting sensitive data in resource-constrained settings.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Rui Zhang,Jing Zhang,Qiqi Wang,Hehe Zhang

DOI: https://doi.org/10.3390/s23042096

IF: 3.9

2023-02-13

Sensors

Abstract:In Underwater Wireless Sensor Networks (UWSNs), data should be transmitted to data centers reliably and efficiently. However, due to the harsh channel conditions, reliable data transmission is a challenge for large-scale UWSNs. Thus, opportunistic routing (OR) protocols with high reliability, strong robustness, low end-to-end delay, and high energy efficiency are widely applied. However, OR in UWSNs is vulnerable to routing attacks. For example, sinkhole attack nodes can attract traffic from surrounding nodes by forging information such as the distance to the sink node. In order to reduce the negative impact of malicious nodes on data transmission, we propose an intrusion detection scheme (IDS) based on the Density-Based Spatial Clustering of Applications with Noise (DBSCAN) clustering algorithm for OR (DOIDS) in this paper. DOIDS is based on small-sample IDS and is suitable for UWSNs with sparse node deployment. In DOIDS, the local monitoring mechanism is adopted. Every node in the network running DOIDS can select the trusted next hop. Firstly, according to the behavior characteristics of common routing attack nodes and unreliable underwater acoustic channel characteristics, DOIDS selected the energy consumption, forwarding, and link quality information of candidate nodes as the detection feature values. Then, the collected feature information is used to detect potential abnormal nodes through the DBSCAN clustering algorithm. Finally, a decision function is defined according to the time decay function to reduce the false detection rate of DOIDS. It makes a final judgment on whether the potential abnormal node is malicious. The simulation results show that the algorithm can effectively improve the detection accuracy rate (3% to 15% for different scenarios) and reduce the false positive rate, respectively.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Ke XU,Yu-Dong ZHAO,Wen-Long CHEN,Meng SHEN,Lei XU

DOI: https://doi.org/10.11897/SP.J.1016.2017.01649

2017-01-01

Abstract:In recent years, the network attacks that adversaries take advantage of router/switch vulnerabilities to perform data interception continue to be exposed, which highlights the importance of secure communication within core networks.As the most affected victims, users and Internet Service Providers have little control on router vulnerabilities, which results in such attacks always being performed in low cost, unidirectional, concealed mechanisms, and being difficult to be recognized let alone restrained.Researchers have proposed many solutions, and most of them are able to prevent or mitigate data interception attacks, however, it is our humble opinion that these solutions are either only fit for specific core networks and specific types of DIAs, or are difficult to implement.To the best of our knowledge, there are still no security complete, universal and easily implementable mechanisms for defending data interception attacks.Based on analyzing all possible abnormal behaviors that vulnerability routers and switches perform, this paper designs and implements a static routing and switching paradigm, a paradigm-based detection algorithm and detector model to recognize the paradigm-violation output-packets.It proves that the routing and switching paradigm is security complete to data interception attacks.Also all rules of the paradigm are universal applicable to TCP/IP networks, the detector is designable, and the paradigm violations are detectable.The detection algorithm is optimized to gain high performance.Based on simulations, we show that not only 100% of normal packets can pass through the optimized paradigm-based detector, but also about 99.92% of intercepting ones would be caught.In addition, the throughout put of the detected routers/switches can reach Gbps level.

Deepali Virmani,Ankita Soni,Shringarica Chandel,Manas Hemrajani

DOI: https://doi.org/10.48550/arXiv.1407.3987

2014-05-29

Abstract:Wireless Sensor Networks (WSN) is an emerging technology now-a-days and has a wide range of applications such as battlefield surveillance, traffic surveillance, forest fire detection, flood detection etc. But wireless sensor networks are susceptible to a variety of potential attacks which obstructs the normal operation of the network. The security of a wireless sensor network is compromised because of the random deployment of sensor nodes in open environment, memory limitations, power limitations and unattended nature. This paper focuses on various attacks that manifest in the network and provides a tabular representation of the attacks, their effects and severity. The paper depicts a comparison of attacks basis packet loss and packet corruption. Also, the paper discusses the known defence mechanisms and countermeasures against the attacks.

Cryptography and Security,Networking and Internet Architecture