Utilizing the Enhanced Risk Assessment Equation to Determine the Apparent Risk due to User Datagram Protocol (UDP) Flooding Attack

Authors

  • Athirah Rosli Faculty of Computer and Mathematical Sciences, Universiti Teknologi MARA, 02600 Arau, Perlis, Malaysia
  • Abidah Mat Taib Faculty of Computer and Mathematical Sciences, Universiti Teknologi MARA, 02600 Arau, Perlis, Malaysia
  • Wan Nor Ashiqin Wan Ali School of Human Devemopment and Telecommunication (iKOM), Universiti Malaysia Perlis, 01000 Kangar, Perlis, Malaysa

DOI:

https://doi.org/10.11113/sh.v9n1-4.1119

Keywords:

UDP flooding attack, enhanced risk assessment equation, IPv6, risk assessment, OMNeT

Abstract

Escalation of Internet-of-Thing (IoT) may cause internet users being exposed to IPv6 security issues. End-to-end connection feature in IPv6 can be misused by attackers to flood targeted host. Using User Datagram Protocol (UDP), attackers can certainly congest the network by injecting UDP packets during network communication. This will introduce risk if there is no precaution step taken. Enhanced risk assessment equation can be adopted to mitigate the perils. Thus, this paper presents the use of enhanced risk assessment equation to identify risk value that is caused by UDP flooding attack. The attack was simulated using OMNeT++ simulation software. The inputs that were considered in the enhanced equation are based on the features of the tested network scenarios. The obtained risk value can be used in determining appropriate mitigation techniques that help the organization in maintaining and strengthening their network. It also offers organization to secure their network resources and assets. Furthermore, this paper also reveals that the enhanced risk assessment equation is flexible to be used in any situation. Hereafter, more IPv6 based protocols will be tested to measure the capability of using the enhanced equation. 

References

Bardas, A. G., Zomlot, L., Sundaramurthy, S. C., Ou, X., Rajagopalan, S. R., & Eisenbarth, M. R. (2012). Classiï¬cation of UDP Trafï¬c for DDoS Detection. Presented as part of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats.

Bijalwan, A., Wazid, M., Pilli, E. S., & Joshi, R. C. (2015). Forensics of Random-UDP Flooding Attacks. Journal of Networks, 10(5), 287–293.

Dell Support. (2016). UDP and ICMP Flood Protection (SW10399). Retrieved from https://support.software.dell.com/kb/sw10399

Douligeris, C., & Mitrokotsa, A. (2004). DDoS Attacks and Defense Mechanisms: Classification and State-of-the-art. Computer Networks, 44(5), 643–666.

Garg, A., & Reddy, A. L. N. (2004). Mitigation of DoS Attacks Through Qos Regulation. Microprocessors and Microsystems, 28(10), 521–530.

Geng, X., & A. B., W. (2000). Defeating Distributed Denial of Service Attacks. IT Professional, 2(4), 36-41.

Kizza, J. M. (2013). Guide to Computer Network Security. London: Springer.

Limwiwatkul, L., & Rungsawang, A. (2004). Distributed Denial of Service Detection Using TCP/IP Header and Traffic Measurement Analysis. Communications and Information Technology (ISCIT 2004).

Rosli, A., Ali, W. N. A. W., & Taib, A. H. M. (2012). IPv6 deployment: Security Risk Assessment Using i-SeRP System In Enterprise Network. IEEE Student Conference on Research and Development (SCOReD), 210–213.

Rosli, A., Taib, A. M., Baharin, H., & Wan, W. N. A. (2015). Enhanced Risk Assessment Equation for IPv6 Deployment. 5th International Conference on Computing and Informatics (ICOCI 2015).

Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., & Sommerlad, P. (2006). Security Patterns: Integrating Security and Systems Engineering. Systems Engineering (1st Edition). West Sussex, England: John Wiley & Sons Inc.

Sosinsky, B. (2009). Networking Bible (Volume 567). John Wiley & Sons.

Tanimoto, S., Sato, R., Kato, K., Iwashita, M., Seki, Y., Sato, H., & Kanai, A. (2014). A Study of Risk Assessment Quantification in Cloud Computing. International Conference on Network-Based Information Systems (NBiS)Proceeding, 426–431.

Varga, A. (2010). OMNeT++. Modeling and Tools for Network Simulation, 35–59.

Xiaoming, L., Sejdini, V., & Chowdhury, H. (2010). Denial of Service (dos) Attack With Udp Flood. School of Computer Science, University of Windsor, Canada.

Xu, R., Ma, W., & Zheng, W. (2009). Defending Against UDP Flooding by Negative Selection Algorithm Based on Eigenvalue Sets. Fifth International Conference on Information Assurance and Security (IAS’09), 2, 342–345.

Young, S., & Aitel, D. (2003). The Hacker’s Handbook: The Strategy Behind Breaking Into And Defending Networks. CRC Press.

Zargar, S. T., Joshi, J., & Tipper, D. (2013). A Survey Of Defense Mechanisms Against Distributed Denial Of Service (Ddos) Flooding Attacks. IEEE Communications Surveys & Tutorials, 15(4), 2046–2069.

Downloads

Published

2017-01-31

How to Cite

Rosli, A., Mat Taib, A., & Wan Ali, W. N. A. (2017). Utilizing the Enhanced Risk Assessment Equation to Determine the Apparent Risk due to User Datagram Protocol (UDP) Flooding Attack. Sains Humanika, 9(1-4). https://doi.org/10.11113/sh.v9n1-4.1119