This document summarizes the results of a study analyzing the implementation of Modsecurity and reverse proxy methods for preventing DDoS attacks on web servers. The study found that Modsecurity was 100% effective at blocking all DDoS attacks in testing, while the reverse proxy alone could not block attacks but increased the time required to reach the target server. Integrating both Modsecurity and the reverse proxy provided two layers of protection and was able to block all three types of DDoS attacks tested.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Appraisal of the Most Prominent Attacks due to Vulnerabilities in Cloud Compu...Salam Shah
Cloud computing has attracted users due to high speed and bandwidth of the internet. The e-commerce systems are best utilizing the cloud computing. The cloud can be accessed by a password and username and is completely dependent upon the internet. The threats to confidentiality, integrity, authentication and other vulnerabilities that are associated with the internet are also associated with cloud. The internet and cloud can be secured from threats by ensuring proper security and authorization. The channel between user and cloud server must be secured with a proper authorization mechanism. The research has been carried out and different models have been proposed by the authors to ensure the security of clouds. In this paper, we have critically analyzed the already published literature on the security and authorization of the internet and cloud.
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
Implementation of user authentication as a service for cloud networkSalam Shah
There are so many security risks for the users of cloud computing, but still the organizations are switching towards the cloud. The cloud provides data protection and a huge amount of memory usage remotely or virtually. The organization has not adopted the cloud computing completely due to some security issues. The research in cloud computing has more focus on privacy and security in the new categorization attack surface. User authentication is the additional overhead for the companies besides the management of availability of cloud services. This paper is based on the proposed model to provide central authentication technique so that secured access of resources can be provided to users instead of adopting some unordered user authentication techniques. The model is also implemented as a prototype.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...IJECEIAES
Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.
New Framework to Detect and Prevent Denial of Service Attack in Cloud Computi...CSCJournals
Cloud computing paradigm as one of new concept in world of computing in general and especially in computer network, give a new facilities such as IaaS (infrastructure as service), PaaS (platform as stricter) and SaaS (software as service). All this services offered by utilization of new and old techniques such as resources sharing distributed networking, virtualization. But it still suffering from some shortages and one of the most important one is security threats. and one of the most dangers is Distributed denial-of-service (DDoS), and for overcome this threat many techniques has been proposed and most of them give more attention to one aspect either detecting or preventing or tracing the sources of attack and a few which address the attack in all its aspect. here we propose new framework to counter this attack by detect the attack using covariance matrix statistical method and determine the sources of attack using TTl Distance average and Finlay we apply a technique to eliminate attack by get benefit from the Honeypot method to block all attacks sources and transfer the legitimate traffic to another virtual machine not affected by attack.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Appraisal of the Most Prominent Attacks due to Vulnerabilities in Cloud Compu...Salam Shah
Cloud computing has attracted users due to high speed and bandwidth of the internet. The e-commerce systems are best utilizing the cloud computing. The cloud can be accessed by a password and username and is completely dependent upon the internet. The threats to confidentiality, integrity, authentication and other vulnerabilities that are associated with the internet are also associated with cloud. The internet and cloud can be secured from threats by ensuring proper security and authorization. The channel between user and cloud server must be secured with a proper authorization mechanism. The research has been carried out and different models have been proposed by the authors to ensure the security of clouds. In this paper, we have critically analyzed the already published literature on the security and authorization of the internet and cloud.
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
Implementation of user authentication as a service for cloud networkSalam Shah
There are so many security risks for the users of cloud computing, but still the organizations are switching towards the cloud. The cloud provides data protection and a huge amount of memory usage remotely or virtually. The organization has not adopted the cloud computing completely due to some security issues. The research in cloud computing has more focus on privacy and security in the new categorization attack surface. User authentication is the additional overhead for the companies besides the management of availability of cloud services. This paper is based on the proposed model to provide central authentication technique so that secured access of resources can be provided to users instead of adopting some unordered user authentication techniques. The model is also implemented as a prototype.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...IJECEIAES
Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.
New Framework to Detect and Prevent Denial of Service Attack in Cloud Computi...CSCJournals
Cloud computing paradigm as one of new concept in world of computing in general and especially in computer network, give a new facilities such as IaaS (infrastructure as service), PaaS (platform as stricter) and SaaS (software as service). All this services offered by utilization of new and old techniques such as resources sharing distributed networking, virtualization. But it still suffering from some shortages and one of the most important one is security threats. and one of the most dangers is Distributed denial-of-service (DDoS), and for overcome this threat many techniques has been proposed and most of them give more attention to one aspect either detecting or preventing or tracing the sources of attack and a few which address the attack in all its aspect. here we propose new framework to counter this attack by detect the attack using covariance matrix statistical method and determine the sources of attack using TTl Distance average and Finlay we apply a technique to eliminate attack by get benefit from the Honeypot method to block all attacks sources and transfer the legitimate traffic to another virtual machine not affected by attack.
The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost-effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented. This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION MODEL FOR IOTBA...IJNSA Journal
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
A data center is an infrastructure that supports Internet service. Cloud computing is rapidly changing the face of the Internet service infrastructure, enabling even small organizations to quickly build Web and mobile applications for millions of users by taking advantage of the scale and flexibility of shared physical infrastructures provided by cloud computing. In this scenario, multiple tenants save their data and applications in shared data centers, blurring the network boundaries between each tenant in the cloud. In addition, different tenants have different security requirements, while different security policies are necessary for different tenants. Network virtualization is used to meet a diverse set of tenant-specific requirements with the underlying physical network, enabling multi-tenant data centers to automatically address a large and diverse set of tenants’ requirements. In this paper, we propose the system implementation of vCNSMS, a collaborative network security prototype system used in a multi-tenant data center. We demonstrate vCNSMS with a centralized collaborative scheme and deep packet inspection with an open source UTM system. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security levels have different packet inspection schemes and are enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to protect from possible network attacks inside a data center network.
An intelligent system to detect slow denial of service attacks in software-de...IJECEIAES
Slow denial of service attack (DoS) is a tricky issue in software-defined network (SDN) as it uses less bandwidth to attack a server. In this paper, a slow-rate DoS attack called Slowloris is detected and mitigated on Apache2 and Nginx servers using a methodology called an intelligent system for slow DoS detection using machine learning (ISSDM) in SDN. Data generation module of ISSDM generates dataset with response time, the number of connections, timeout, and pattern match as features. Data are generated in a real environment using Apache2, Nginx server, Zodiac FX OpenFlow switch and Ryu controller. Monte Carlo simulation is used to estimate threshold values for attack classification. Further, ISSDM performs header inspection using regular expressions to mark flows as legitimate or attacked during data generation. The proposed feature selection module of ISSDM, called blended statistical and information gain (BSIG), selects those features that contribute best to classification. These features are used for classification by various machine learning and deep learning models. Results are compared with feature selection methods like Chi-square, T-test, and information gain.
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
In recent years, the concept of cloud computing and the software-defined network (SDN) have spread
widely. The services provided by many sectors such as medicine, education, banking, and transportation
are being replaced gradually with cloud-based applications. Consequently, the availability of these
services is critical. However, the cloud infrastructure and services are vulnerable to attackers who aim to
breach its availability. One of the major threats to any system availability is a Denial-of-Service (DoS)
attack, which is intended to deny the legitimate user from accessing cloud resources. The Distributed
Denial-of-Service attack (DDoS) is a type of DoS attack which is considerably more effective and
dangerous. A lot of efforts have been made by the research community to detect DDoS attacks, however,
there is still a need for further efforts in this germane field. In this paper, machine learning techniques are
utilized to build a model that can detect DDoS attacks in Software-Defined Networks (SDN). The used ML
algorithms have shown high performance in the earliest studies; hence they have been used in this study
along with feature selection technique. Therefore, our model utilized these algorithms to detect DDoS
attacks in network traffic. The outcome of this experiment shows the impact of feature selection in
improving the model performance. Eventually, The Random Forest classifier has achieved the highest
accuracy of 0.99 in detecting DDoS attack.
EFFECTIVE MALWARE DETECTION APPROACH BASED ON DEEP LEARNING IN CYBER-PHYSICAL...ijcsit
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyberphysical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyber-
physical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
An Investigation of Using Privilege Level System to Restrict Employers for Us...CSCJournals
This paper provides the security level for employees in the organization that prevents them to use or to browse some website that are not allowed to be seen during work time. However, there are many ready software tools have available which do the same task, but we will try finding a new algorithm to investigate the better solution for this research question. The main reason of our research is to provide an open source software that can be easily manipulated by providers rather than ready software. For example, tools that cannot be updated by the organization administrator (none open source software).
Encountering distributed denial of service attack utilizing federated softwar...IJECEIAES
This research defines the distributed denial of service (DDoS) problem in software-defined-networks (SDN) environments. The proposes solution uses Software defined networks capabilities to reduce risk, introduces a collaborative, distributed defense mechanism rather than server-side filtration. Our proposed network detection and prevention agent (NDPA) algorithm negotiates the maximum amount of traffic allowed to be passed to server by reconfiguring network switches and routers to reduce the ports' throughput of the network devices by the specified limit ratio. When the passed traffic is back to normal, NDPA starts network recovery to normal throughput levels, increasing ports' throughput by adding back the limit ratio gradually each time cycle. The simulation results showed that the proposed algorithms successfully detected and prevented a DDoS attack from overwhelming the targeted server. The server was able to coordinate its operations with the SDN controllers through a communication mechanism created specifically for this purpose. The system was also able to determine when the attack was over and utilize traffic engineering to improve the quality of service (QoS). The solution was designed with a sophisticated way and high level of separation of duties between components so it would not be affected by the design aspect of the network architecture.
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
nable applications provide as a services for the users
with low computational cost through internet. As we store data
and it also provide services in distributed environment. Cloud
ease its users by providing virtualization technology of resources
through internet. Cloud computing is the emerging field, due to
this reason the various new techniques are still developing. At
current scenario new security challenges were increases for cloud
professionals. Due to lack of security in cloud computing
environment user of cloud lost it trust in cloud. Multi-tenancy,
elasticity, Security Performance and Optimization, etc are
various security issues in cloud computing. In this paper we will
discuss some of the issue in cloud. This paper also discuss some of
the existing security technique for securing a cloud and help
researchers and professionals to know about various security
threats.
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...IJNSA Journal
Technology has developed so fast that we feel both safe as well as unsafe in both ways. Systems used today are always prone to attack by malicious users. In most cases, services are hindered because these systems cannot handle the amount of over loads the attacker provides. So, proper service load measurement is necessary. The tool that is being described in this paper for developments is based on the Denial of Service methodologies. This tool, XDoser will put a synthetic load on the servers for testing purpose. The HTTP Flood method is used which includes an HTTP POST method as it forces the website to gather the maximum resources possible in response to every single request. The tool developed in this paper will focus on overloading the backend with multiple requests. So, the tool can be implemented for servers new or old for synthetic test endurance testing.
The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost-effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented. This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION MODEL FOR IOTBA...IJNSA Journal
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
A data center is an infrastructure that supports Internet service. Cloud computing is rapidly changing the face of the Internet service infrastructure, enabling even small organizations to quickly build Web and mobile applications for millions of users by taking advantage of the scale and flexibility of shared physical infrastructures provided by cloud computing. In this scenario, multiple tenants save their data and applications in shared data centers, blurring the network boundaries between each tenant in the cloud. In addition, different tenants have different security requirements, while different security policies are necessary for different tenants. Network virtualization is used to meet a diverse set of tenant-specific requirements with the underlying physical network, enabling multi-tenant data centers to automatically address a large and diverse set of tenants’ requirements. In this paper, we propose the system implementation of vCNSMS, a collaborative network security prototype system used in a multi-tenant data center. We demonstrate vCNSMS with a centralized collaborative scheme and deep packet inspection with an open source UTM system. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security levels have different packet inspection schemes and are enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to protect from possible network attacks inside a data center network.
An intelligent system to detect slow denial of service attacks in software-de...IJECEIAES
Slow denial of service attack (DoS) is a tricky issue in software-defined network (SDN) as it uses less bandwidth to attack a server. In this paper, a slow-rate DoS attack called Slowloris is detected and mitigated on Apache2 and Nginx servers using a methodology called an intelligent system for slow DoS detection using machine learning (ISSDM) in SDN. Data generation module of ISSDM generates dataset with response time, the number of connections, timeout, and pattern match as features. Data are generated in a real environment using Apache2, Nginx server, Zodiac FX OpenFlow switch and Ryu controller. Monte Carlo simulation is used to estimate threshold values for attack classification. Further, ISSDM performs header inspection using regular expressions to mark flows as legitimate or attacked during data generation. The proposed feature selection module of ISSDM, called blended statistical and information gain (BSIG), selects those features that contribute best to classification. These features are used for classification by various machine learning and deep learning models. Results are compared with feature selection methods like Chi-square, T-test, and information gain.
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
In recent years, the concept of cloud computing and the software-defined network (SDN) have spread
widely. The services provided by many sectors such as medicine, education, banking, and transportation
are being replaced gradually with cloud-based applications. Consequently, the availability of these
services is critical. However, the cloud infrastructure and services are vulnerable to attackers who aim to
breach its availability. One of the major threats to any system availability is a Denial-of-Service (DoS)
attack, which is intended to deny the legitimate user from accessing cloud resources. The Distributed
Denial-of-Service attack (DDoS) is a type of DoS attack which is considerably more effective and
dangerous. A lot of efforts have been made by the research community to detect DDoS attacks, however,
there is still a need for further efforts in this germane field. In this paper, machine learning techniques are
utilized to build a model that can detect DDoS attacks in Software-Defined Networks (SDN). The used ML
algorithms have shown high performance in the earliest studies; hence they have been used in this study
along with feature selection technique. Therefore, our model utilized these algorithms to detect DDoS
attacks in network traffic. The outcome of this experiment shows the impact of feature selection in
improving the model performance. Eventually, The Random Forest classifier has achieved the highest
accuracy of 0.99 in detecting DDoS attack.
EFFECTIVE MALWARE DETECTION APPROACH BASED ON DEEP LEARNING IN CYBER-PHYSICAL...ijcsit
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyberphysical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyber-
physical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
An Investigation of Using Privilege Level System to Restrict Employers for Us...CSCJournals
This paper provides the security level for employees in the organization that prevents them to use or to browse some website that are not allowed to be seen during work time. However, there are many ready software tools have available which do the same task, but we will try finding a new algorithm to investigate the better solution for this research question. The main reason of our research is to provide an open source software that can be easily manipulated by providers rather than ready software. For example, tools that cannot be updated by the organization administrator (none open source software).
Encountering distributed denial of service attack utilizing federated softwar...IJECEIAES
This research defines the distributed denial of service (DDoS) problem in software-defined-networks (SDN) environments. The proposes solution uses Software defined networks capabilities to reduce risk, introduces a collaborative, distributed defense mechanism rather than server-side filtration. Our proposed network detection and prevention agent (NDPA) algorithm negotiates the maximum amount of traffic allowed to be passed to server by reconfiguring network switches and routers to reduce the ports' throughput of the network devices by the specified limit ratio. When the passed traffic is back to normal, NDPA starts network recovery to normal throughput levels, increasing ports' throughput by adding back the limit ratio gradually each time cycle. The simulation results showed that the proposed algorithms successfully detected and prevented a DDoS attack from overwhelming the targeted server. The server was able to coordinate its operations with the SDN controllers through a communication mechanism created specifically for this purpose. The system was also able to determine when the attack was over and utilize traffic engineering to improve the quality of service (QoS). The solution was designed with a sophisticated way and high level of separation of duties between components so it would not be affected by the design aspect of the network architecture.
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
nable applications provide as a services for the users
with low computational cost through internet. As we store data
and it also provide services in distributed environment. Cloud
ease its users by providing virtualization technology of resources
through internet. Cloud computing is the emerging field, due to
this reason the various new techniques are still developing. At
current scenario new security challenges were increases for cloud
professionals. Due to lack of security in cloud computing
environment user of cloud lost it trust in cloud. Multi-tenancy,
elasticity, Security Performance and Optimization, etc are
various security issues in cloud computing. In this paper we will
discuss some of the issue in cloud. This paper also discuss some of
the existing security technique for securing a cloud and help
researchers and professionals to know about various security
threats.
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...IJNSA Journal
Technology has developed so fast that we feel both safe as well as unsafe in both ways. Systems used today are always prone to attack by malicious users. In most cases, services are hindered because these systems cannot handle the amount of over loads the attacker provides. So, proper service load measurement is necessary. The tool that is being described in this paper for developments is based on the Denial of Service methodologies. This tool, XDoser will put a synthetic load on the servers for testing purpose. The HTTP Flood method is used which includes an HTTP POST method as it forces the website to gather the maximum resources possible in response to every single request. The tool developed in this paper will focus on overloading the backend with multiple requests. So, the tool can be implemented for servers new or old for synthetic test endurance testing.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
This presentation provides an introduction to quantitative trait loci (QTL) analysis and marker-assisted selection (MAS) in plant breeding. The presentation begins by explaining the type of quantitative traits. The process of QTL analysis, including the use of molecular genetic markers and statistical methods, is discussed. Practical examples demonstrating the power of MAS are provided, such as its use in improving crop traits in plant breeding programs. Overall, this presentation offers a comprehensive overview of these important genomics-based approaches that are transforming modern agriculture.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
This is a presentation by Dada Robert in a Your Skill Boost masterclass organised by the Excellence Foundation for South Sudan (EFSS) on Saturday, the 25th and Sunday, the 26th of May 2024.
He discussed the concept of quality improvement, emphasizing its applicability to various aspects of life, including personal, project, and program improvements. He defined quality as doing the right thing at the right time in the right way to achieve the best possible results and discussed the concept of the "gap" between what we know and what we do, and how this gap represents the areas we need to improve. He explained the scientific approach to quality improvement, which involves systematic performance analysis, testing and learning, and implementing change ideas. He also highlighted the importance of client focus and a team approach to quality improvement.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Power-sharing Class 10 is a vital aspect of democratic governance. It refers to the distribution of power among different organs of government, levels of government, and social groups. This ensures that no single entity can control all aspects of governance, promoting stability and unity in a diverse society.
For more information, visit-www.vavaclasses.com
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
1. Analisis Implementasi Modsecurity dan
Reverse Proxy
Untuk Pencegahan Serangan Keamanan
DDoS pada Web Server
Ayu Rosyida Zain1, Iik Muhamad Malik Matin 2 dan Kevin Kautsar 3
Teknik Informatika dan Komputer, Teknik Multimedia dan Jaringan,
Politeknik Negeri Jakarta
SNIV, 7 Juni 2023
2. Latar Belakang
01 02 03
04 05
TABLE OF CONTENTS
Metode Rancangan Sistem
Pembahasan Hasil Kesimpulan
4. ● Indonesia menempati peringkat ke-6 terbesar di dunia dalam hal
jumlah pengguna internet di mana pada tahun 2017 diperkirakan
netter Indonesia mencapai 112 juta orang (Pranoto, et al., 2018).
● peningkatan pengguna website dapat meningkatkan pula ancaman
keamanan bagi penyedia dan pengguna layanan website.
● serangan DDoS naik tiga kali lipat selama pandemi Covid-19.
(Yulianso, 2021)
● ModSecurity dapat diimplementasikan dengan berbagai aturan
sesuai kebutuhan sehingga serangan dapat dikenali dan dicegah
sesuai rule yang telah ditetapkan, termauk didalamnya rule dalam
pencegahan serangan keamanan DDoS.
● Reverse proxy mengatur agar sebuah server dapat berperan
menjadi perantara antara klien dengan server utama. Sehingga
dengan menerapkan metode ini pada server maka komunikasi
antara klien dan server utama tidak perlu terjadi dan dapat
meningkatkan keamanan klien dari serangan termasuk DDoS
attack.
Latar Belakang
6. Model yang digunakan pada penelitian ini
berupa rancang bangun sistem yang
mengintegrasikan dua metode
pengamanan yaitu ModSecurity dan
Reverse Proxy pada web server dan
melihat hasil kinerjanya terhadap serangan
DDoS. Data Pengujian yang didapatkan
dalam penelitian ini berupa data kuantitatif
beberapa scenario uji yang dapat
merepresentasikan kemampuan
Modsecurity dan reverse proxy dalam
menangkal serangan DDoS.
8. Pada penelitian ini digunakan alat:
1. Laptop Aspire E5-475G (Intel(R) CoreTM i5-
7200U) RAM: 8 GB,
2. Oracle VM VirtualBox Version 6.1.18
r142142 (Qt5.6.2),
3. Ubuntu 18.04.02,
4. NGINX 1.20.0 yang berperan sebagai
reverse proxy,
5. ModSecurity v2.x,
6. Apache2 yang berperan sebagai web
server utama,
7. Attacker (Linux).
Apache2 berperan sebagai Web Server
NGINX berperan sebagai reversed proxy
NGINX telah terpasang rule ModSecurity
Serangan akan dilakukan oleh komputer “Attacker”
Serangan akan dilakukan menggunakan tiga tools,
yaitu file bash script, GoldenEye, dan HULK
Semua perangkat dalam keadaan aktif ketika
dilakukan penyerangan
Semua perangkat terhubung dalam jaringan LAN
yang sama
10. Pengujian
Skenario Tools
Pengujian ini dilakukan untuk
mengetahui efektivitas kinerja
layanan ModSecurity dan reverse
proxy untuk pencegahan DDoS attack
pada server web. Pengujian ini
menghitung dan memiliki hasil akhir
berupa perbandingan antara
serangan yang dilakukan sebelum
WAF dan reverse proxy diaktifkan dan
dimatikan.
penelitian kali ini akan dilakukan
serangan DDoS berupa serangan
berbasis bandwith dengan
menggunakan tiga tools berbeda,
yaitu file bash script, GoldenEye, dan
HULK. Serangan ini dilakukan dengan
cara mengirim pesan data sampah
secara masal ke url target bertujuan
untuk menyebabkan overload yang
juga mengakibatkan berkurangnya
bandwidth jaringan yang tersedia
atau berkurangnya sumber daya
perangkat jaringan.
11. Hasil Uji
Data Efektivitas Kinerja ModSecurity terhadap
Serangan DDoS File Bash Script, GoldenEye, dan HULK
File Bash Script Serangan DDoS
12. Hasil Uji
Data Efektivitas Kinerja ModSecurity terhadap
Serangan DDoS File Bash Script
ModSecurity
Mati
ModSecurity
Menyala
13. Hasil Uji
Data Efektivitas Kinerja ModSecurity terhadap
Serangan DDoS GoldenEye
ModSecurity
Mati
ModSecurity
Menyala
14. Hasil Uji
Data Efektivitas Kinerja ModSecurity terhadap
Serangan DDoS HULK
ModSecurity
Mati
ModSecurity
Menyala
15. Hasil Uji
Data Efektivitas Kinerja ModSecurity terhadap
Serangan DDoS File Bash Script
Serangan
Keadaan WAF
ModSecurity
Mati
ModSecurity
Menyala
File Bash
Script
Berhasil Ditolak
GoldenEye Berhasil Ditolak
HULK Berhasil Ditolak
16. Hasil Uji
Data Efektivitas Kinerja Reverse Proxy terhadap
Serangan DDoS File Bash Script, GoldenEye, dan HULK
Sebelum
menggunakan
reverse proxy
(ex: Bash
script)
Setelah
menggunakan
reverse proxy (ex:
Bash Script)
17. Hasil Uji
Data Efektivitas Kinerja Reverse Proxy terhadap
Serangan DDoS File Bash Script, GoldenEye, dan HULK
Serangan
Keadaan
Waktu Yang Dibutuhkan
Reverse Proxy
Mati Menyala Mati Menyala
File Bash
Script
Berhasil Berhasil 47,987654ms 100,114344ms
GoldenEye Berhasil Berhasil 70,255061ms 93,292487ms
HULK Berhasil Berhasil 111,971944ms 196,183226ms
Rata-rata waktu 76,73821ms 129,8633ms
18. 1 2 3
KESIMPULAN
Ketiga serangan tidak dapat
ditolak hanya dengan
pengimplementasian reverse
proxy. Namun, dengan jarak
tempuh yang lebih jauh dari
komputer penyerang ke server
utama waktu yang dibutuhkan
untuk sebuah serangan
mencapai tujuan menjadi lebih
lama 53,12509 ms sehingga
dapat menghambat laju kerja
serangan,
100% keberhasilan WAF
ModSecurity dalam menagkal
serangan DDoS di Web Server
Dalam pengujian 3 serangan
semua dapat ditolak dengan
integrasi reverse proxy dan
ModSecurity Sehingga dapat
dikatakan dengan
pengimplementasian keduanya
sebuah server memiliki dua
perlindungan sekaligus.
19. DAFTAR PUSTAKA
● Fitri, C. N., (2017). Implementasi Squid Sebagai Reverse Proxy Untuk Keperluan
Backup Server. Jurnal Manajemen Informasi, 8(BACKUP SERVER), p. 30.
● Hamzah, A., Ismail, S. J. I. & Meisaroh, L., (2019). Implementasi Sistem Monitoring
Jaringan Menggunakan Zabbix dan Web Web Application Firewall di PT PLN (Persero)
Transmisi Jawa Bagian Tengah. e-Proceeding of Applied Science, 5(Vol.5, No.3
Desember 2019), p. 3.
● Josi, A., (2017). Penerapan Metode Prototiping Dalam Pembangunan Website Desa
(Studi Kasus Desa Sugihan Kecamatan Rambang), Prabumulih: Komputerisasi
Akuntansi, Stmik Prabumulih, Prabumulih.
● Maumela, T., Nelwamondo, F. & Marwala, T., (2020). Introducing Ulimisana
Optimization Algorithm Based on Ubuntu Philosophy. IEEE Access School of Electrical
and Electronic Engineering, University of Johannesburg, Johannesburg, South Africa, p.
179245.
● Muzaki, R. A., Briliyant, O. C. & Hasditama, M. A., (2020). Improving Security of Web-
Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall.
IEEE, Issue Web Security, p. 90.
● Nurkamiden, M. R., Najoan, M. E. I. & Putro, M. D., (2017). Rancang Bangun Sistem
Pengendalian Perangkat Listrik Berbasis Web Server Menggunakan Mini PC Raspberry
Pi Studi Kasus Gedung Fakultas Teknik Universitas Sam Ratulangi. E-Journal Teknik
Informatika, 11(Sistem Pengendalian Perangkat Listrik Berbasis Web), p. 3.
● Siregar, M. R., (2018). Membangun Web Application Firewall Dengan Filter
Modsecurity Sebagai Upaya Pengamanan Website. [Online] Available at:
https://eprints.akakom.ac.id/8085/1/1_175410054_HALAMAN_DEPAN.pdf [Accessed
5 March 2023].
● Sitohang, H. T., (2018). Sistem Informasi Pengagendaan Surat Berbasis Web Pada
Pengadilan Tinggi Medan. Journal Of Informatic Pelita Nusantara, 3(Vol. 3 No. 1 (2018):
Journal Of Informatic Pelita Nusantara), p. 8.
● Somani, G. et al., (2017). DDoS Attacks in Cloud Computing: Issues, Taxonomy, and
Future Directions. p. 1.
● Tao, Y. & Chen, G., (2016). An Extensible Universal Reverse Proxy Architecture.
International Conference on Network and Information Systems for Komputers, Issue
Reverse Proxy, p. 8.
● Warman, I. & Hidayat, R., (2016). Perancangan Transparent Proxy Server Clearos.
Rahmat Hidayat, p. 90.
● Widianto, S. R. & Azzam, I. A., (2018). Analisis Upaya Peretasan Web Application
Firewall Dan Notifikasi Serangan Menggunakan Bot Telegram Pada Layanan Web
Server. Elektra, 3(Upaya Peretasan Web Application Firewall), p. 19.
● Yari, I. A., Abdullahi, B. & Adeshina, S. A., (2019). Towards a Framework of
Configuring and Evaluating ModSecurity WAF on Tomcat and Apache Web
Servers. 15th International Conference on Electronics Komputer and Computation,
Issue Web Server Security, p. 1.
● Yasin, A. & Mohidin, I., (2018). Dampak Serangan Ddos Pada Software Based
Openfow Switch Di Perangkat Hg553. Jtech, 6(Dampak Serangan Ddos), pp. 72-
73.
● Yuslianson, (2021). LIPUTAN 6. [Online] Available at:
https://www.liputan6.com/tekno/read/4252904/serangan-ddos-naik-tiga-kali-lipat-
selama-pandemi-covid-19 [Accessed 13 May 2023].
● Muzaki, Rizki Agung Muzaki. Briliyant, Obrina Candra., (2020). Security of Web-
Based Application Using ModSecurity and Reverse Proxy in Web Application
Firewall. International Workshop on Big Data and Information Security (IWBIS).
IEEE
● Sobola, Timilehin David. Zavarsky, Pavol. Butakov, Sergey. 2020. Experimental
Study of ModSecurity Web Application Firewalls. IEEE 6th Intl Conference on Big
Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High
Performance and Smart Computing, (HPSC) and IEEE Intl Conference on
Intelligent Data and Security (IDS). IEEE.
● Mukhtar, Basem Ibrahim. Azer, Marianne A. 2020. Evaluating the Modsecurity
Web Application Firewall Against SQL Injection Attacks. 15th International
Conference on Computer Engineering and Systems (ICCES). IEEE.
● D. Arnaldy and T. S. Hati. 2020. Performance Analysis of Reverse Proxy and Web
Application Firewall with Telegram Bot as Attack Notification On Web Server. 3rd
International Conference on Computer and Informatics Engineering (IC2IE),
Yogyakarta, Indonesia, 2020, pp. 455-459, doi:
10.1109/IC2IE50715.2020.9274592.
20. CREDITS: This presentation template was created by
Slidesgo, including icons by Flaticon and infographics &
images by Freepik
THANKS!
Does anyone have any questions?
Ayu.rosyidazain@tik.pnj.ac.id
This Research Sponsored by P3M
Politeknik Negeri Jakarta
21.
22. Mars
Despite being red, Mars is actually a
cold place. It's full of iron oxide dust,
which gives the planet its reddish
cast, and it’s made of basalt
Venus has a beautiful name and is the
second planet from the Sun. It’s
terribly hot, even hotter than
Mercury. It has a toxic atmosphere
FOUR IDEAS
Jupiter
Jupiter is a gas giant and the biggest
planet in the Solar System. It's the
fourth-brightest object in the night
sky. It was named after a Roman god
Saturn is a gas giant and has several
rings. It's composed mostly of
hydrogen and helium. It’s the sixth
planet from the Sun
Venus
Saturn
23. Venus
Despite being red, Mars is
actually a cold place. It's full of
iron oxide dust, which gives the
planet its reddish cast
Earth is the third planet from
the Sun and the only one that
harbors life in the Solar System.
We all live on this planet
Venus has a beautiful name
and is the second planet from
the Sun. It’s terribly hot, even
hotter than Mercury
Mars
SIX IDEAS
Neptune Saturn
Neptune is the farthest planet
from the Sun. It's also the
fourth-largest planet by
diameter in the Solar System
Saturn is a gas giant and has
several rings. It's composed of
hydrogen and helium. It’s the
sixth planet from the Sun
Jupiter is a gas giant and the
biggest planet in the Solar
System. It's the fourth-
brightest object in the night sky
Earth Jupiter
24. The Sun’s mass compared to Earth’s
Distance between Earth and the Moon
123
Jupiter's rotation period
123
123
26. THIS IS A CHART
This is the planet
Venus
Venus has a beautiful name and is the
second planet from the Sun. It’s
terribly hot, even hotter than
Mercury, and its atmosphere is
extremely poisonous. It’s the second-
brightest natural object in the night
sky after the Moon
60% 30% 90%
Follow the link in the graph to modify its data and then paste the new one here. For more info, click here
27. TABLE
Team Team A Team B Team C Team D Team E
Mercury XX XX XX XX XX
Mars XX XX XX XX XX
Saturn XX XX XX XX XX
Venus XX XX XX XX XX
Jupiter XX XX XX XX XX
Earth XX XX XX XX XX
28. THIS IS A
MOCKUP OF
OUR PRODUCT
You can replace the image on the screen with
your own work. Just right-click on it and
select “Replace image”
1. Mercury is very small
2. Mars is a red planet
3. Venus has a nice name
01
02
03
29. BUYER PERSONA INFOGRAPHIC
Bio
Despite being red, Mars is a
cold place, not hot. It’s full of
iron oxide dust, giving the
planet its reddish cast
Name
Age and occupation
“This is a quote, words
full of wisdom that
can make the reader
get inspired.”
Personality
● Mercury is the closest
planet to the Sun and the
smallest one
● Venus has a beautiful
name and is the second
planet from the Sun
● Despite being red, Mars is
actually a cold place. It’s
full of iron oxide dust
Pain points
Despite being red, Mars is a
cold place, not hot. It’s full of
iron oxide dust, giving the
planet its reddish cast
Motivations
Mercury is very small
Mars is a red planet
Venus has a nice name
1
2
3
30. ROADMAP INFOGRAPHIC
Initiative Objective Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Venus is very hot
Venus has a beautiful name and is
the second planet from the Sun
Earth has life
Earth is the beautiful planet on
which humans live
Mars is very cold
Despite being red, Mars is actually
a cold place
Jupiter is a gas giant
Jupiter is the biggest planet in the
Solar System
Saturn has rings
Saturn is a gas giant and has
several rings
Mercury is small
Mercury is the closest planet to the
Sun and the smallest one
31. MARKET SIZE INFOGRAPHIC
Jupiter
Jupiter is a gas giant and the
biggest planet in the Solar
System. It's the fourth-brightest
object in the night sky
Mars
Despite being red, Mars is
actually a cold place. It's full of
iron oxide dust, which gives the
planet its reddish cast
Saturn
Saturn is a gas giant and has
several rings. It's composed
mostly of hydrogen and helium.
It was named after a Roman god
$5M
$20M
$100M
32. SOCIAL MEDIA STATS
Worldwide reach
Country 1
users
Country 2
users
XXX Billion XXX Billion XXX billion
Users
worldwide
Xh xmin
Average time
spent
XX
Number of
platforms used
Platforms with most users
Follow the link in the graph to modify its data and then paste the new one here. For more info, click here
33. CASE STUDIES
Approach
● Mercury is the closest planet to the
sun and the smallest one
● Venus has a beautiful name and is the
second planet from the Sun
● Despite being red, Mars is actually a
cold place. It’s full of iron oxide dust
Results
Increase in
page views
Increase in
sales
Increase in
clicks
23% 80% 10%
Key takeaway 1
Key takeaway 2
Earth is the planet on
which we all live
Earth is the only planet
that harbors life
Campaign objective
Venus is very hot
34. Here’s an assortment of alternative resources whose style fits the one of this template:
Photos
● Medium shot man working on laptop
● High angle man working on laptop I
● High angle man working on laptop II
● Person working on animation project
● Side view of a male technician using digital tablet
● Man's hand typing on laptop over the wooden desk
● Crop man browsing laptop
● Elegant young girl holding a laptop
● Brunette business woman using laptop
● High angle man working on a blank laptop
ALTERNATIVE RESOURCES
35. Instructions for use
If you have a free account, in order to use this template, you must credit Slidesgo by keeping the Thanks slide. Please
refer to the next slide to read the instructions for premium users.
As a Free user, you are allowed to:
● Modify this template.
● Use it for both personal and commercial projects.
You are not allowed to:
● Sublicense, sell or rent any of Slidesgo Content (or a modified version of Slidesgo Content).
● Distribute Slidesgo Content unless it has been expressly authorized by Slidesgo.
● Include Slidesgo Content in an online or offline database or file.
● Offer Slidesgo templates (or modified versions of Slidesgo templates) for download.
● Acquire the copyright of Slidesgo Content.
For more information about editing slides, please read our FAQs or visit our blog:
https://slidesgo.com/faqs and https://slidesgo.com/slidesgo-school
36. As a Premium user, you can use this template without attributing Slidesgo or keeping the "Thanks" slide.
You are allowed to:
● Modify this template.
● Use it for both personal and commercial purposes.
● Hide or delete the “Thanks” slide and the mention to Slidesgo in the credits.
● Share this template in an editable format with people who are not part of your team.
You are not allowed to:
● Sublicense, sell or rent this Slidesgo Template (or a modified version of this Slidesgo Template).
● Distribute this Slidesgo Template (or a modified version of this Slidesgo Template) or include it in a database or in
any other product or service that offers downloadable images, icons or presentations that may be subject to
distribution or resale.
● Use any of the elements that are part of this Slidesgo Template in an isolated and separated way from this
Template.
● Register any of the elements that are part of this template as a trademark or logo, or register it as a work in an
intellectual property registry or similar.
For more information about editing slides, please read our FAQs or visit our blog:
https://slidesgo.com/faqs and https://slidesgo.com/slidesgo-school
Instructions for use (premium users)
37. This presentation has been made using the following fonts:
Noto Sans
(https://fonts.google.com/noto/specimen/Noto+Sans)
Fonts & colors used
#191919 #ebebeb #897970 #5f6057 #9d9d9c
38. Create your Story with our illustrated concepts. Choose the style you like the most, edit its
colors, pick the background and layers you want to show and bring them to life with the
animator panel! It will boost your presentation. Check out how it works.
Storyset
Pana Amico Bro Rafiki Cuate
39. You can easily resize these resources without losing quality. To change the color, just ungroup the resource and click
on the object you want to change. Then, click on the paint bucket and select the color you want. Group the resource again
when you’re done. You can also look for more infographics on Slidesgo.
Use our editable graphic resources...
40.
41.
42. JANUARY FEBRUARY MARCH APRIL
PHASE 1
Task 1
Task 2
JANUARY FEBRUARY MARCH APRIL MAY JUNE
PHASE 1
PHASE 2
Task 1
Task 2
Task 1
Task 2
43.
44.
45. You can resize these icons without losing quality.
You can change the stroke and fill color; just select the icon and click on the paint bucket/pen.
In Google Slides, you can also use Flaticon’s extension, allowing you to customize and add even more icons.
...and our sets of editable icons