AĞ ORTAMINDAKİ SALDIRI TÜRLERİ: SALDIRI SENARYO ÖRNEKLERİ

Çağımızda bilgi teknolojileri hızla gelişirken mobil ve Nesnelerin İnterneti (Internet of Things-IoT) cihazlarının yaygınlaşması ile birlikte siber saldırganlar da her geçen gün yeni saldırı yöntemleri geliştirmektedir. Bu nedenle siber saldırılar kullanıcılarda büyük endişe yaratmaktadır ve bu endişelerin de giderek artacağı öngörülmektedir. Bu süreçte Saldırı Tespit Sistemleri (Intrusion Detection System-IDS) ve Saldırı Önleme Sistemleri (Intrusion Prevention System-IPS) önemli bir rol almaktadır. Bu çalışmada ilk olarak ağ güvenlik duvarları, ağ saldırıları ve ağ ortamında gerçekleşen saldırı türlerine yer verilmiştir. Sonrasında ağ saldırı türleri için örnek senaryolar oluşturulmuştur ve bu senaryolar üzerinde saldırıların nasıl gerçekleştirildiği açıklanmıştır. Saldırı türleri, Kanada İletişim Güvenliği Kuruluşu (Canada Communications Security Establishment-CSE) ve Kanada Siber Güvenlik Enstitüsü (Canadian Institute for Cybersecurity-CIC) tarafından yaratılan saldırı tespit sistemi değerlendirme verisetlerinde (CIC-IDS2017 ve CES-CIC-IDS2018) yer alan ve saldırganlar tarafından yaygın olarak kullanılan Hizmet Reddi Saldırısı (Denial of Service Attack-DoS), Dağıtılmış Hizmet Reddi Saldırısı (Distrubuted Denial of Service-DDoS), botnet, kaba kuvvet, port tarama, web uygulama ve sızma saldırıları olarak belirlenmiştir.

Anahtar Kelimeler:

Siber Saldırı Türleri, Saldırı Tespit Sistemi, Saldırı Önleme Sistemi, CIC-IDS2017, CES-CIC-IDS2018

ATTACK TYPES IN NETWORK ENVIRONMENT: ATTACK SCENARIO EXAMPLES

While information technologies are developing rapidly in our age, with the spread of mobile and Internet of Things (IoT) devices, cyber attackers are developing new attack methods day by day. For this reason, cyber attacks cause great concern for users and it is predicted that these concerns will increase gradually. In this process, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) play an important role. In this study, firstly, network firewalls, network attacks and attack types in network environment are mentioned. Afterwards, sample scenarios for network attack types are created and how the attacks are carried out on these scenarios are explained. The attack types are determined as Denial of Service Attack (DoS), Distributed Denial of Service (DDoS), botnet, brute force, port scan, web application and infiltration, which are included in intrusion detection evaluation datasets (CIC-IDS2017 and CES-CIC-IDS2018) created by Canada Communications Security Establishment (CSE) and Canadian Institute for Cybersecurity (CIC), and are widely used by attackers.

Keywords:

Cyber Attack Types, Intrusion Detection System, Intrusion Prevention System, CIC-IDS2017, CES-CIC-IDS2018,

PDF

___

Ajayi, O., Gangopadhyay, A., Erbacher, R. F., & Bursat, C. (2022). Developing Cross-Domain Host-Based Intrusion Detection. Electronics, 11(21), 3631.
Akgun, D., Hizal, S., & Cavusoglu, U. (2022). A new DDoS attacks intrusion detection model based on deep learning for cybersecurity. Computers & Security, 118, 102748.
Crespo-Martínez, I. S., Campazas-Vega, A., Guerrero-Higueras, Á. M., Riego-DelCastillo, V., Álvarez-Aparicio, C., & Fernández-Llamas, C. (2023). SQL injection attack detection in network flow data. Computers & Security, 127, 103093.
Gupta, S., Singhal, A., & Kapoor, A. (2016, April). A literature survey on social engineering attacks: Phishing attack. In 2016 international conference on computing, communication and automation (ICCCA) (pp. 537-540). IEEE.
Jacob, S., Qiao, Y., Ye, Y., & Lee, B. (2022). Anomalous distributed traffic: Detecting cyber security attacks amongst microservices using graph convolutional networks. Computers & Security, 118, 102728.
James, F. (2019, October). IoT cybersecurity based smart home intrusion prevention system. In 2019 3rd Cyber Security in Networking Conference (CSNet) (pp. 107-113). IEEE.
Kasim, Ö. (2021). An ensemble classification-based approach to detect attack level of SQL injections. Journal of Information Security and Applications, 59, 102852.
Kumar, A., Abhishek, K., Ghalib, M. R., Shankar, A., & Cheng, X. (2022). Intrusion detection and prevention system for an IoT environment. Digital Communications and Networks, 8(4), 540-551.
Kumari, P., & Jain, A. K. (2023). A Comprehensive Study of DDoS Attacks over IoT Network and Their Countermeasures. Computers & Security, 103096.
Rumsey, M. J. (2016). Cybersecurity: Challenging rhetoric to identify the future of defensive and offensive measures against defined threat actors (Doctoral dissertation, San Diego State University).
Salamatian, S., Huleihel, W., Beirami, A., Cohen, A., & Médard, M. (2019). Why botnets work: Distributed brute-force attacks need no synchronization. IEEE Transactions on Information Forensics and Security, 14(9), 2288-2299.
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp, 1, 108-116.
Singh, K. J., Thongam, K., & De, T. (2018). Detection and differentiation of application layer DDoS attack from flash events using fuzzy‐GA computation. IET Information Security, 12(6), 502-512.
Tams, B., Mihăilescu, P., & Munk, A. (2015). Security considerations in minutiae-based fuzzy vaults. IEEE Transactions on Information Forensics and Security, 10(5), 985-998. Taner, C. (2019). Herkes için Siber Güvenlik, Abaküs Kitap.
Tariq, I., Sindhu, M. A., Abbasi, R. A., Khattak, A. S., Maqbool, O., & Siddiqui, G. F. (2021). Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning. Expert Systems with Applications, 168, 114386.
Toklu, S., & Şimşek, M. (2018). Two-layer approach for mixed high-rate and low-rate distributed denial of service (DDoS) attack detection and filtering. Arabian Journal for Science and Engineering, 43(12), 7923-7931.