Fast flux botnet detection based on adaptive dynamic evolving spiking neural network

A botnet, a set of compromised machines controlled distantly by an attacker, is the basis of numerous security threats around the world. Command and Control (C&C) servers are the backbone of botnet communications, where the bots and botmaster send reports and attack orders to each other, respectively. Botnets are also categorised according to their C&C protocols. A Domain Name System (DNS) method known as Fast-Flux Service Network (FFSN) is a special type of botnet that has been engaged by bot herders to cover malicious botnet activities, and increase the lifetime of malicious servers by quickly changing the IP addresses of the domain name over time. Although several methods have been suggested for detecting FFSNs domains, nevertheless they have low detection accuracy especially with zero-day domain, quite a long detection time, and consume high memory storage. In this research we propose a new system called Fast Flux Killer System (FFKA) that has the ability to detect “zero-day” FF-Domains in online mode with an implementation constructed on Adaptive Dynamic evolving Spiking Neural Network (ADeSNN) and in an offline mode to enhance the classification process which is a novelty in this field. The adaptation includes the initial weight, testing criteria, parameters customization, and parameters adjustment. The proposed system is expected to detect fast flux domains in online mode with high detection accuracy and low false positive and false negative rates respectively. It is also expected to have a high level of performance and the proposed system is designed to work for a lifetime with low memory usage. Three public datasets are exploited in the experiments to show the effects of the adaptive ADeSNN algorithm, two of them conducted on the ADeSNN algorithm itself and the last one on the process of detecting fast flux domains. The experiments showed an improved accuracy when using the proposed adaptive ADeSNN over the original algorithm. It also achieved a high detection accuracy in detecting zero-day fast flux domains that was about (99.54%) in an online mode, when using the public fast flux dataset. Finally, the improvements made to the performance of the adaptive algorithm are confirmed by the experiments

Obfuscation of Anomalies and Security Incidents in DNS Traffic

Práce se nejdříve zabývá analýzou současných metod detekce anomálií a bezpečnostních incidentů v DNS provozu. Později jsou v práci navrženy obfuskační techniky, pomocí kterých je možné obejít současnou anomální detekci v DNS. Pro implementační část práce byly vybrány útoky zneužívající DNS protokol na tunelování jiné síťové komunikace - konkrétně bylo uvažováno využití tunelování pro řízení a kontrolu botnetu. Hlavním cílem práce je poukázat na nutnost objevování nových přístupů pro detekci anomálií a bezpečnostních incidentů v DNS provozu.The work analyze current detection methods of anomalies and security incidents in DNS traffic, and than design new obfuscation techniques which are capable of evading anomaly detection. Network attacks, exploiting the DNS protocol for tunneling of other network traffic, were selected for implementation part of the work. Control of botnet is considered as malicious application of tunneling through the DNS protocol. The main result of the work is to emphasize the necessity of discovering new detection principles of anomalies and security incidents in DNS traffic.

Seventh Annual Report of the Bureau of Ethnology to the Secretary of the Smithsonian Institution 1885-\u2786

Annual Report of the Bureau of Ethnology, 1885-86. [2989] Research related to the American Indian; includes Indian linguistic families, Ojibwa and Cherokee ceremonial, etc

Seventh Annual Report of the Bureau of Ethnology to the Secretary of the Smithsonian Institution 1885-'86

52-1Annual Report of the Bureau of Ethnology, 1885-86. [2989] Research related to the American Indian; includes Indian linguistic families, Ojibwa and Cherokee ceremonial, etc.1891-15

Chi-Thinking: Chiasmus and Cognition

The treatise proposes chiasmus is a dominant instrument that conducts processes and products of human thought. The proposition grows out of work in cognitive semantics and cognitive rhetoric. These disciplines establish that conceptualization traces to embodied image schematic knowledge. The Introduction sets out how this knowledge gathers from perceptions, experiences, and memories of the body's commonplace engagements in space. With these ideas as suppositional foundation, the treatise contends that chiastic instrumentation is a function of a corporeal mind steeped in elementary, nonverbal spatial forms or gestalts. It shows that chiasmus is a space shape that lends itself to cognition via its simple, but unique architecture and critically that architecture's particular meaning affordances. We profile some chiastic meanings over others based on local conditions. Chiastic iconicity ('lending') devolves from LINE CROSSING in 2-D and PATH CROSSING in 3-D space and from other image schemas (e.g., BALANCE, PART-TO-WHOLE) that naturally syndicate with CROSSING. Profiling and iconicity are cognitive activities. The spatio-physical and the visual aspects of cross diagonalization are discussed under the Chapter Two heading 'X-ness.' Prior to this technical discussion, Chapter One surveys the exceptional versatility and universality of chiasmus across verbal spectra, from radio and television advertisements to the literary arts. The purposes of this opening section are to establish that chiasticity merits more that its customary status as mere rhetorical figure or dispensable stylistic device and to give a foretaste of the complexity, yet automaticity of chi-thinking. The treatise's first half describes the complexity, diversity, and structural inheritance of chiasmus. The second half treats individual chiasma, everything from the most mundane instantiations to the sublime and virtuosic. Chapter Three details the cognitive dimensions of the macro chiasm, which are appreciable in the micro. It builds on the argument that chiasmus secures two cognitive essentials: association and dissociation. Chapter Four, advantaged by Kenneth Burke's "psychology of form," elects chiasmus an instrument of inordinate form and then explores the issue of Betweenity, i.e., how chiasma, like crisscrosses, direct notice to an intermediate region. The study ends on the premise that chiasmus executes form-meaning pairings with which humans are highly fluent