Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible f...
Saved in:
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English English |
Published: |
IEEE
2023
|
Subjects: | |
Online Access: | http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf http://irep.iium.edu.my/108238/ https://ieeexplore.ieee.org/document/10314996 https://doi.org/10.1109/ACCESS.2023.3332119 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Islam Antarabangsa Malaysia |
Language: | English English |
id |
my.iium.irep.108238 |
---|---|
record_format |
dspace |
spelling |
my.iium.irep.1082382024-01-30T02:29:51Z http://irep.iium.edu.my/108238/ Attacks Notification of Differentiated Services Code Point (DSCP) values modifications Alarood, Ala Abdulsalam Abubakar, Adamu Alsubaei, Faisal S. Q350 Information theory The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible for an adversary to transmit packets with a DSCP value of ‘‘x,’’ which represents a high priority. This action aims to prioritize the specified packet over other network traffic packets without triggering any notifications during the transmission session. It is possible to use identical DSCP values for both offensive and defensive purposes. This study therefore proposed a method for generating attack notifications in response to changes in DSCP values by using binary vectors to represent entries that detect attacks and those that do not. The method returns a list of Boolean values, each of which indicates whether or not the corresponding packet was classified as an attack. The study employed an experimental research methodology to generate transmission scenarios in which an attacker would attempt to transmit packets with a malicious DSCP value so that they would be prioritized over other traffic. A function was developed to detect deviation from normal and modification values involving DSCP value operations of normal traffic and generate alert. The finding of the experimental analysis indicates the vector, represents normal traffic because it does not have a DSCP value associated with an attack. The vectors representing spoofed, Assured Forwarding (AF), Class Selector (CS) and Expedited Forwarding (EF) respectively and generate an alert based on their values. This has contributed in detecting when an attacker tries to send packets with modified DSCP value in order to get them prioritized over the other packet on the normal traffic. IEEE 2023-11-16 Article PeerReviewed application/pdf en http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf application/pdf en http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf Alarood, Ala Abdulsalam and Abubakar, Adamu and Alsubaei, Faisal S. (2023) Attacks Notification of Differentiated Services Code Point (DSCP) values modifications. IEEE Access, 11. pp. 126950-126966. E-ISSN 2169-3536 https://ieeexplore.ieee.org/document/10314996 https://doi.org/10.1109/ACCESS.2023.3332119 |
institution |
Universiti Islam Antarabangsa Malaysia |
building |
IIUM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
International Islamic University Malaysia |
content_source |
IIUM Repository (IREP) |
url_provider |
http://irep.iium.edu.my/ |
language |
English English |
topic |
Q350 Information theory |
spellingShingle |
Q350 Information theory Alarood, Ala Abdulsalam Abubakar, Adamu Alsubaei, Faisal S. Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
description |
The DSCP is an integral component within the Internet Protocol (IP) header of a packet,
serving the purpose of categorizing and administering network traffic, as well as facilitating the provision
of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible for
an adversary to transmit packets with a DSCP value of ‘‘x,’’ which represents a high priority. This action
aims to prioritize the specified packet over other network traffic packets without triggering any notifications
during the transmission session. It is possible to use identical DSCP values for both offensive and defensive
purposes. This study therefore proposed a method for generating attack notifications in response to changes
in DSCP values by using binary vectors to represent entries that detect attacks and those that do not. The
method returns a list of Boolean values, each of which indicates whether or not the corresponding packet was
classified as an attack. The study employed an experimental research methodology to generate transmission
scenarios in which an attacker would attempt to transmit packets with a malicious DSCP value so that
they would be prioritized over other traffic. A function was developed to detect deviation from normal and
modification values involving DSCP value operations of normal traffic and generate alert. The finding of the
experimental analysis indicates the vector, represents normal traffic because it does not have a DSCP value
associated with an attack. The vectors representing spoofed, Assured Forwarding (AF), Class Selector (CS)
and Expedited Forwarding (EF) respectively and generate an alert based on their values. This has contributed
in detecting when an attacker tries to send packets with modified DSCP value in order to get them prioritized
over the other packet on the normal traffic. |
format |
Article |
author |
Alarood, Ala Abdulsalam Abubakar, Adamu Alsubaei, Faisal S. |
author_facet |
Alarood, Ala Abdulsalam Abubakar, Adamu Alsubaei, Faisal S. |
author_sort |
Alarood, Ala Abdulsalam |
title |
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
title_short |
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
title_full |
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
title_fullStr |
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
title_full_unstemmed |
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications |
title_sort |
attacks notification of differentiated services code point (dscp) values modifications |
publisher |
IEEE |
publishDate |
2023 |
url |
http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf http://irep.iium.edu.my/108238/ https://ieeexplore.ieee.org/document/10314996 https://doi.org/10.1109/ACCESS.2023.3332119 |
_version_ |
1789940150209347584 |