711 research outputs found
Analyzing a Bloom Filter Algorithm via a join-the-shortest-queue queuing system
This paper deals with the problem of identifying elephants in the Internet Traffic. The aim is to analyze a new adaptive algorithm based on a Bloom Filter. This algorithm uses a so-called min-rule which can be described as in the supermarket model. This model consists of joining the shortest queue among d queues selected at random in a large number of m queues. In case of equality, one of the shortest queues is chosen at random. An analysis of a simplified model gives an insight into the error generated by the algorithm for the estimation of the number of the elephants. The main conclusion is that, as m gets large, there is a deterministic limit for the empirical distribution of the filter counters. Limit theorems are proved and the limit is identified. It depends on key parameters. The condition for the algorithm to perform well is discussed. Theoretical results are validated by experiments on a trac trace from France Telecom and by simulations
Adaptive algorithms for identifying large flows in IP traffic
We propose in this paper an on-line algorithm based on Bloom filters for
identifying large flows in IP traffic (a.k.a. elephants). Because of the large
number of small flows, hash tables of these algorithms have to be regularly
refreshed. Recognizing that the periodic erasure scheme usually used in the
technical literature turns out to be quite inefficient when using real traffic
traces over a long period of time, we introduce a simple adaptive scheme that
closely follows the variations of traffic. When tested against real traffic
traces, the proposed on-line algorithm performs well in the sense that the
detection ratio of long flows by the algorithm over a long time period is quite
high. Beyond the identification of elephants, this same class of algorithms is
applied to the closely related problem of detection of anomalies in IP traffic,
e.g., SYN flood due for instance to attacks. An algorithm for detecting SYN and
volume flood anomalies in Internet traffic is designed. Experiments show that
an anomaly is detected in less than one minute and the targeted destinations
are identified at the same time
A Review on Missing Tags Detection Approaches in RFID System
Radio Frequency Identification (RFID) system can provides automatic detection on very large number of tagged objects within short time. With this advantage, it is been using in many areas especially in the supply chain management, manufacturing and many others. It has the ability to track individual object all away from the manufacturing factory until it reach the retailer store. However, due to its nature that depends on radio signal to do the detection, reading on tagged objects can be missing due to the signal lost. The signal lost can be caused by weak signal, interference and unknown source. Missing tag detection in RFID system is truly significant problem, because it makes system reporting becoming useless, due to the misleading information generated from the inaccurate readings. The missing detection also can invoke fake alarm on theft, or object left undetected and unattended for some period. This paper provides review regarding this issue and compares some of the proposed approaches including Window Sub-range Transition Detection (WSTD), Efficient Missing-Tag Detection Protocol (EMD) and Multi-hashing based Missing Tag Identification (MMTI) protocol. Based on the reviews it will give insight on the current challenges and open up for a new solution in solving the problem of missing tag detection
Improving the detection of On-line Vertical Port Scan in IP Traffic
International audienceWe propose in this paper an on-line algorithm based on Bloom filters to detect port scan attacks in IP traffic. Only relevant information about destination IP addresses and destination ports are stored in two steps in a two-dimensional Bloom filter. This algorithm can be indefinitely performed on a real traffic stream thanks to a new adaptive refreshing scheme that closely follows traffic variations. It is a scalable algorithm able to deal with IP traffic at a very high bit rate thanks to the use of hashing functions over a sliding window. Moreover it does not need any a priori knowledge about traffic characteristics. When tested against real IP traffic, the proposed on-line algorithm performs well in the sense that it detects all the port scan attacks within a very short response time of only 10 seconds without any false positive
An Evaluation of Popular Copy-Move Forgery Detection Approaches
A copy-move forgery is created by copying and pasting content within the same
image, and potentially post-processing it. In recent years, the detection of
copy-move forgeries has become one of the most actively researched topics in
blind image forensics. A considerable number of different algorithms have been
proposed focusing on different types of postprocessed copies. In this paper, we
aim to answer which copy-move forgery detection algorithms and processing steps
(e.g., matching, filtering, outlier detection, affine transformation
estimation) perform best in various postprocessing scenarios. The focus of our
analysis is to evaluate the performance of previously proposed feature sets. We
achieve this by casting existing algorithms in a common pipeline. In this
paper, we examined the 15 most prominent feature sets. We analyzed the
detection performance on a per-image basis and on a per-pixel basis. We created
a challenging real-world copy-move dataset, and a software framework for
systematic image manipulation. Experiments show, that the keypoint-based
features SIFT and SURF, as well as the block-based DCT, DWT, KPCA, PCA and
Zernike features perform very well. These feature sets exhibit the best
robustness against various noise sources and downsampling, while reliably
identifying the copied regions.Comment: Main paper: 14 pages, supplemental material: 12 pages, main paper
appeared in IEEE Transaction on Information Forensics and Securit
RFID data reliability optimizer based on two dimensions bloom filter
Radio Frequency Identification (RFID) is a flexible deployment technology that has
been adopted in many applications especially in supply chain management. It
provides several features such as to monitor, to identify and to track specific item
hidden in a large group of objects in a short range of time. RFID system uses radio
waves to perform wireless interaction to detect and read data from the tagged object.
However, RFID data streams contain a lot of false positive and duplicate readings.
Both types of readings need to be removed to ensure reliability of information
produced from the data streams. A small occurrence of false positive can change the
whole information, while duplicate readings unnecessarily occupied storage and
processing resources. Many approaches have been proposed to remove false positive
and duplicate readings, but they are done separately. These readings exist in the same
data stream and must be removed using a single mechanism only. In this thesis, an
efficient approach based on Bloom filters was proposed to remove both noisy and
duplicate data from the RFID data streams. The noise and duplicate filter algorithm
was constructed based on bloom filter. There are two bloom filters in one algorithm
where each filter holds function either to remove noise data and to recognize data as
correct reading from duplicate data reading. In order to test the algorithm, synthetic
data was generated by using Poisson distribution. The simulation results show that
our proposed approach outperformed other existing approaches in terms of data
reliability
- …