3,729 research outputs found
The Dynamics of Internet Traffic: Self-Similarity, Self-Organization, and Complex Phenomena
The Internet is the most complex system ever created in human history.
Therefore, its dynamics and traffic unsurprisingly take on a rich variety of
complex dynamics, self-organization, and other phenomena that have been
researched for years. This paper is a review of the complex dynamics of
Internet traffic. Departing from normal treatises, we will take a view from
both the network engineering and physics perspectives showing the strengths and
weaknesses as well as insights of both. In addition, many less covered
phenomena such as traffic oscillations, large-scale effects of worm traffic,
and comparisons of the Internet and biological models will be covered.Comment: 63 pages, 7 figures, 7 tables, submitted to Advances in Complex
System
Correlations and Clustering in Wholesale Electricity Markets
We study the structure of locational marginal prices in day-ahead and
real-time wholesale electricity markets. In particular, we consider the case of
two North American markets and show that the price correlations contain
information on the locational structure of the grid. We study various
clustering methods and introduce a type of correlation function based on event
synchronization for spiky time series, and another based on string correlations
of location names provided by the markets. This allows us to reconstruct
aspects of the locational structure of the grid.Comment: 30 pages, several picture
SPECTRAL GRAPH-BASED CYBER DETECTION AND CLASSIFICATION SYSTEM WITH PHANTOM COMPONENTS
With cyber attacks on the rise, cyber defenders require new, innovative solutions to provide network protection. We propose a spectral graph-based cyber detection and classification (SGCDC) system using phantom components, the strong node concept, and the dual-degree matrix to detect, classify, and respond to worm and distributed denial-of-service (DDoS) attacks. The system is analyzed using absorbing Markov chains and a novel Levy-impulse model that characterizes network SYN traffic to determine the theoretical false-alarm rates of the system. The detection mechanism is analyzed in the face of network noise and congestion using Weylâs theorem, the Davis-Kahan theorem, and a novel application of the n-dimensional Euclidean metric. The SGCDC system is validated using real-world and synthetic datasets, including the WannaCry and Blaster worms and a SYN flood attack. The system accurately detected and classified the attacks in all but one case studied. The known attacking nodes were identified in less than 0.27 sec for the DDoS attack, and the worm-infected nodes were identified in less than one second after the second infected node began the target search and discovery process for the WannaCry and Blaster worm attacks. The system also produced a false-alarm rate of less than 0.005 under a scenario. These results improve upon other non-spectral graph systems that have detection rates of less than 0.97 sec and false alarm rates as high as 0.095 sec for worm and DDoS attacks.Lieutenant Commander, United States NavyApproved for public release. distribution is unlimite
Spectral Graph-based Cyber Worm Detection Using Phantom Components and Strong Node Concept
Innovative solutions need to be developed to defend against the continued threat of computer worms. We propose the spectral graph theory worm detection model that utilizes traffic dispersion graphs, the strong node concept, and phantom components to create detection thresholds in the eigenspectrum of the dual basis. This detection method is employed in our proposed model to quickly and accurately detect worm attacks with different attack characteristics. It also intrinsically identifies infected nodes, potential victims, and estimates the worm scan rate. We test our model against the worm-free NPS2013 dataset, a modeled Blaster worm, and the WannaCry CTU-Malware-Capture-Botnet-284-1 and CTU-Malware-Capture-Botnet-285-1 datasets. Our results show that the spectral graph theory worm detection model has better performance rates compared to other models reviewed in literature
Pedestrian demand modelling of large cities: an applied example from London
This paper introduces a methodology for the development of city wide pedestrian demand models and shows its application to London. The approach used for modelling is Multiple Regression Analysis of independent variables against the dependent variable of observed pedestrian flows. The test samples were from manual observation studies of average total pedestrian flow per hour on 237 sample sites. The model will provide predicted flow values for all 7,526 street segments in the 25 square kilometres of Central London. It has been independently validated by Transport for London and is being tested against further observation data. The longer term aim is to extend the model to the entire greater London area and to incorporate additional policy levers for use as a transport planning and evaluation tool
- âŠ