COMPUTER NETWORK ATTACK
PROCEDURES, THEIR MITIGATION
MEASURES AND THE DEVELOPMENT
OF AN IMPROVED DENIAL OF
SERVICE (DoS) ATTACK MODEL
IHEKWEABA OGECHI, INYIAMA H.C, IHEKWEABA CHUKWUGOZIEM
ABSTRACT - This paper presents the major network attack profiles, taxonomies, classification and identification frameworks.
Further, current approaches for intrusion detection on networks were x-rayed though, with emphasis on Denial of Service (DoS) attacks only.
The concept of intelligent agents and subsequently adaptive systems was elucidated, the properties derived were used as a proof of concept, and then applied in the development of a model for an adaptive intelligent multi-agent for network protection, against denial of service attacks. KEYWORDS: Agent, Denial of Service attack, Dynamic Host Configuration Protocol, Transmission Control Protocol, / Internet Protocol
As the world has moved further into information – driven global economy, the value of information, and controlled access to that information, has never been greater . The goal of IT infrastructure therefore is to create systems that can detect and protect against unauthorized access while providing timely access to legitimate users. Today’s network must be able to respond to attacks in ways that maintain network availability and reliability and allow a business to continue to function. In many respects, the goal of security is to make networks more resilient by making them more flexible. Rather than succumb, networks must be able to absorb attacks and remain operational, much in the same way the human immune system allows us to keep functioning in the presence of viruses and related bacterial infections. The future of security technology has changed more in the last three years than it did in the prior ten years . The extent of these changes, as well as the rate of changes, has made it difficult for security IT departments to keep up with these challenges. Before IT departments can regain control, they must better understand the changing technological landscape.
A network can no longer be secured by simply securing the network perimeter , since corporations have consolidated their data centers, converged internal networks, and embraced the internet. Technically, the kinds and nature of security planning adopted have to correlate especially with the attack profiles such as:
Application layer attacks, auto rotes, backdoors, man – in –the – middle attacks, network reconnaissance, packet sniffers, password attacks, brute force attacks, port redirection attacks, trojan horse attacks and viruses, trust exploitation attacks, Denial of Service (DoS) and Distributed Denial of service (DDoS) attacks . Denial of Service attacks is a major cause of incorrect operations in the internet and is arguably one of the most serious threats that the internet community faces today , . From the time it is detected and recovered from, the victim is virtually paralyzed and cannot respond to legitimate requests. For large commercial sites, this translates to losses of billions of dollars in magnitude . Corporate networks, and the attacks used to exploit them, are so complex that no single mechanism can be relied upon to keep them secure. This has led to the concept of “Defense in Depth” . Until recently, this concept had been built on the notion of proactive defense. The network security community, in the spirit of postulations of this work, has begun looking to seemingly unrelated real – world examples such as human` immune system as a model for the self – defending network. Other real – world systems that have also proven to be instructive can be found in the field of epidemiology and in the way Ihekweaba Ogechi et al. / International Journal of Engineering and Technology (IJET) ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1781
communities police themselves. A common theme with all of these systems is that they employ...