6,898 research outputs found
Preventing DDoS using Bloom Filter: A Survey
Distributed Denial-of-Service (DDoS) is a menace for service provider and
prominent issue in network security. Defeating or defending the DDoS is a prime
challenge. DDoS make a service unavailable for a certain time. This phenomenon
harms the service providers, and hence, loss of business revenue. Therefore,
DDoS is a grand challenge to defeat. There are numerous mechanism to defend
DDoS, however, this paper surveys the deployment of Bloom Filter in defending a
DDoS attack. The Bloom Filter is a probabilistic data structure for membership
query that returns either true or false. Bloom Filter uses tiny memory to store
information of large data. Therefore, packet information is stored in Bloom
Filter to defend and defeat DDoS. This paper presents a survey on DDoS
defending technique using Bloom Filter.Comment: 9 pages, 1 figure. This article is accepted for publication in EAI
Endorsed Transactions on Scalable Information System
Hardware Acceleration of Network Intrusion Detection System Using FPGA
This thesis presents new algorithms and hardware designs for Signature-based Network Intrusion Detection System (SB-NIDS) optimisation exploiting a hybrid hardwaresoftware co-designed embedded processing platform. The work describe concentrates
on optimisation of a complete SB-NIDS Snort application software on a FPGA based
hardware-software target rather than on the implementation of a single functional unit
for hardware acceleration. Pattern Matching Hardware Accelerator (PMHA) based on
Bloom filter was designed to optimise SB-NIDS performance for execution on a Xilinx
MicroBlaze soft-core processor. The Bloom filter approach enables the potentially large
number of network intrusion attack patterns to be efficiently represented and searched
primarily using accesses to FPGA on-chip memory. The thesis demonstrates, the viability of hybrid hardware-software co-designed approach for SB-NIDS. Future work is
required to investigate the effects of later generation FPGA technology and multi-core
processors in order to clearly prove the benefits over conventional processor platforms
for SB-NIDS.
The strengths and weaknesses of the hardware accelerators and algorithms are analysed,
and experimental results are examined to determine the effectiveness of the implementation. Experimental results confirm that the PMHA is capable of performing network
packet analysis for gigabit rate network traffic. Experimental test results indicate that
our SB-NIDS prototype implementation on relatively low clock rate embedded processing platform performance is approximately 1.7 times better than Snort executing on
a general purpose processor on PC when comparing processor cycles rather than wall
clock time
Time is of the Essence: Machine Learning-based Intrusion Detection in Industrial Time Series Data
The Industrial Internet of Things drastically increases connectivity of
devices in industrial applications. In addition to the benefits in efficiency,
scalability and ease of use, this creates novel attack surfaces. Historically,
industrial networks and protocols do not contain means of security, such as
authentication and encryption, that are made necessary by this development.
Thus, industrial IT-security is needed. In this work, emulated industrial
network data is transformed into a time series and analysed with three
different algorithms. The data contains labeled attacks, so the performance can
be evaluated. Matrix Profiles perform well with almost no parameterisation
needed. Seasonal Autoregressive Integrated Moving Average performs well in the
presence of noise, requiring parameterisation effort. Long Short Term
Memory-based neural networks perform mediocre while requiring a high training-
and parameterisation effort.Comment: Extended version of a publication in the 2018 IEEE International
Conference on Data Mining Workshops (ICDMW
A Review of Intrusion Detection System
Intrusion detection systems are systems that can detect any kind of malicious attacks, corrupted data or any kind of intrusion that can pose threat to our systems. In this paper a study of various types of intrusion detection system is done along with the aid of many research papers which have employed machine learning , DNA sequence ,pattern matching ,data mining as a technique for learning attacks and taking preventive actions when similar types of attacks are encountered in the future. Study of these papers have given a deep insight to further explore the related techniques in the field of Intrusion Detection Systems
The HSS/SNiC : a conceptual framework for collapsing security down to the physical layer
This work details the concept of a novel network security model called the Super NIC (SNIC) and a Hybrid Super Switch (HSS). The design will ultimately incorporate deep packet inspection (DPI), intrusion detection and prevention (IDS/IPS) functions, as well as network access control technologies therefore making all end-point network devices inherently secure. The SNIC and HSS functions are modelled using a transparent GNU/Linux Bridge with the Netfilter framework
Anomaly Detection on Graph Time Series
In this paper, we use variational recurrent neural network to investigate the
anomaly detection problem on graph time series. The temporal correlation is
modeled by the combination of recurrent neural network (RNN) and variational
inference (VI), while the spatial information is captured by the graph
convolutional network. In order to incorporate external factors, we use feature
extractor to augment the transition of latent variables, which can learn the
influence of external factors. With the target function as accumulative ELBO,
it is easy to extend this model to on-line method. The experimental study on
traffic flow data shows the detection capability of the proposed method
- …