Attacks Notification of Differentiated Services Code Point (DSCP) values modifications

The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible f...

Full description

Saved in:
Bibliographic Details
Main Authors: Alarood, Ala Abdulsalam, Abubakar, Adamu, Alsubaei, Faisal S.
Format: Article
Language:English
English
Published: IEEE 2023
Subjects:
Online Access:http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf
http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf
http://irep.iium.edu.my/108238/
https://ieeexplore.ieee.org/document/10314996
https://doi.org/10.1109/ACCESS.2023.3332119
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Islam Antarabangsa Malaysia
Language: English
English
id my.iium.irep.108238
record_format dspace
spelling my.iium.irep.1082382024-01-30T02:29:51Z http://irep.iium.edu.my/108238/ Attacks Notification of Differentiated Services Code Point (DSCP) values modifications Alarood, Ala Abdulsalam Abubakar, Adamu Alsubaei, Faisal S. Q350 Information theory The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible for an adversary to transmit packets with a DSCP value of ‘‘x,’’ which represents a high priority. This action aims to prioritize the specified packet over other network traffic packets without triggering any notifications during the transmission session. It is possible to use identical DSCP values for both offensive and defensive purposes. This study therefore proposed a method for generating attack notifications in response to changes in DSCP values by using binary vectors to represent entries that detect attacks and those that do not. The method returns a list of Boolean values, each of which indicates whether or not the corresponding packet was classified as an attack. The study employed an experimental research methodology to generate transmission scenarios in which an attacker would attempt to transmit packets with a malicious DSCP value so that they would be prioritized over other traffic. A function was developed to detect deviation from normal and modification values involving DSCP value operations of normal traffic and generate alert. The finding of the experimental analysis indicates the vector, represents normal traffic because it does not have a DSCP value associated with an attack. The vectors representing spoofed, Assured Forwarding (AF), Class Selector (CS) and Expedited Forwarding (EF) respectively and generate an alert based on their values. This has contributed in detecting when an attacker tries to send packets with modified DSCP value in order to get them prioritized over the other packet on the normal traffic. IEEE 2023-11-16 Article PeerReviewed application/pdf en http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf application/pdf en http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf Alarood, Ala Abdulsalam and Abubakar, Adamu and Alsubaei, Faisal S. (2023) Attacks Notification of Differentiated Services Code Point (DSCP) values modifications. IEEE Access, 11. pp. 126950-126966. E-ISSN 2169-3536 https://ieeexplore.ieee.org/document/10314996 https://doi.org/10.1109/ACCESS.2023.3332119
institution Universiti Islam Antarabangsa Malaysia
building IIUM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider International Islamic University Malaysia
content_source IIUM Repository (IREP)
url_provider http://irep.iium.edu.my/
language English
English
topic Q350 Information theory
spellingShingle Q350 Information theory
Alarood, Ala Abdulsalam
Abubakar, Adamu
Alsubaei, Faisal S.
Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
description The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible for an adversary to transmit packets with a DSCP value of ‘‘x,’’ which represents a high priority. This action aims to prioritize the specified packet over other network traffic packets without triggering any notifications during the transmission session. It is possible to use identical DSCP values for both offensive and defensive purposes. This study therefore proposed a method for generating attack notifications in response to changes in DSCP values by using binary vectors to represent entries that detect attacks and those that do not. The method returns a list of Boolean values, each of which indicates whether or not the corresponding packet was classified as an attack. The study employed an experimental research methodology to generate transmission scenarios in which an attacker would attempt to transmit packets with a malicious DSCP value so that they would be prioritized over other traffic. A function was developed to detect deviation from normal and modification values involving DSCP value operations of normal traffic and generate alert. The finding of the experimental analysis indicates the vector, represents normal traffic because it does not have a DSCP value associated with an attack. The vectors representing spoofed, Assured Forwarding (AF), Class Selector (CS) and Expedited Forwarding (EF) respectively and generate an alert based on their values. This has contributed in detecting when an attacker tries to send packets with modified DSCP value in order to get them prioritized over the other packet on the normal traffic.
format Article
author Alarood, Ala Abdulsalam
Abubakar, Adamu
Alsubaei, Faisal S.
author_facet Alarood, Ala Abdulsalam
Abubakar, Adamu
Alsubaei, Faisal S.
author_sort Alarood, Ala Abdulsalam
title Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
title_short Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
title_full Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
title_fullStr Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
title_full_unstemmed Attacks Notification of Differentiated Services Code Point (DSCP) values modifications
title_sort attacks notification of differentiated services code point (dscp) values modifications
publisher IEEE
publishDate 2023
url http://irep.iium.edu.my/108238/7/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point.pdf
http://irep.iium.edu.my/108238/13/108238_Attacks%20Notification%20of%20Differentiated%20Services%20Code%20Point_SCOPUS.pdf
http://irep.iium.edu.my/108238/
https://ieeexplore.ieee.org/document/10314996
https://doi.org/10.1109/ACCESS.2023.3332119
_version_ 1789940150209347584