Recently, Peer-to-Peer (P2P) networks contribute to a large fraction of the Internet backbone traffic. Consequently, misusing such networks for malicious purposes is a potential side effect. In this review article, we investigate different techniques of misusing P2P overlay networks to launch large-scale next-generation Distributed Denial of Service (DDOS) attacks. In particular, we investigate representative systems of the structured (Overnet), unstructured (Gnutella) and hybrid (BitTorrent) P2P overlay networks. Real world experiments indicate the high performance, difficulty in detection and tracking, and the low cost of launching such attacks.

DDOS (Distributed Denial-of-Service) attacks are among the cyberattacks that are increasing day by day and have caused problems for computer network servers. With the advent of SDN networks, they are not immune to these attacks, and due to the software-centric nature of these networks, this type of attack can be much more difficult for them, ignoring effective parameters such as port and Source IP in detecting attacks, providing costly solutions which are effective in increasing CPU load, and low accuracy in detecting attacks are of the problems of previously presented methods in detecting DDOS attacks. Given the importance of this issue, the purpose of this paper is to increase the accuracy of DDOS attack detection using the second order correlation coefficient technique based on ∅-entropy according to source IP and selection of optimal features. To select the best features, by examining the types of feature selection algorithms and search methods, the WrapperSubsetEval feature selection algorithm, the BestFirst search method, and the best effective features were selected. This study was performed on CTU-13 and ISOT datasets and the results were compared with other methods. The accuracy of the detection in this work indicates the high efficiency of the proposed approach compared to other similar methods.

The advent of cloud computing has made it simpler for users to gain access to data regardless of their physical location. It works for as long as they have access to the internet through an approach where the users pay based on how they use these resources in a model referred to as “pay-as-per-usage”. Despite all these advantages, cloud computing has its shortcomings. The biggest concern today is the security risks associated with the cloud. One of the biggest problems that might arise with cloud services availability is Distributed Denial of Service attacks (DDOS). DDOS attacks work by multiple machines attacking the user by sending packets with large data overhead. Therefore, the network is overwhelmed with unwanted traffic. This paper proposes an intrusion detection framework using Ensemble feature selection with RNN (ERNN) to tackle the problem at hand. It combines an Ensemble of multiple Machine Learning (ML) algorithms with a Recurrent Neural Network (RNN).  The framework aims to address the issue by selecting the most relevant features using the ensemble of six ML algorithms. These selected features are then used to classify the network traffic as either normal or attack, employing RNN. The effectiveness of the proposed model is evaluated using the CICDDOS2019 dataset, which contains new types of attacks. To assess the performance of the model, metrics like precision, accuracy, F-1 score, and recall are taken into consideration.

Network communication shows a variety of issues with the fast expansion of computer devices, ranging from network administration to traffic engineering. A well-known method for improving these connections is Software-Defined Networking (SDN). The SDN is a networking architecture that separates the control plane from the data plane to ease network administration. The main advantage of the SDN is the central controller. However, it has security flaws like unreachability in Distributed Denial-of-Service attacks (DDOS). Hence, defending SDN against DDOS attacks is critical. We proposed a framework for detecting DDOS attacks and a fault-tolerant method to replace faulty leader controller in distributed multi-controller SDN. We used multi-controllers architecture and leader election algorithm to present a fault-tolerant framework to select a new leader controller, in the case of a leader controller failure. In addition, an early DDOS attack detection algorithm using the entropy of destination IP addresses and the packet window initiation rate is presented. To evaluate our proposed method in various configurations, we simulated exhaustive experiments in Mininet and Floodlight. The results show that our approach outperforms similar algorithms in various network configurations and multi-victim attacks.