269 research outputs found
On the Efficacy of Live DDoS Detection with Hadoop
Distributed Denial of Service flooding attacks are one of the biggest
challenges to the availability of online services today. These DDoS attacks
overwhelm the victim with huge volume of traffic and render it incapable of
performing normal communication or crashes it completely. If there are delays
in detecting the flooding attacks, nothing much can be done except to manually
disconnect the victim and fix the problem. With the rapid increase of DDoS
volume and frequency, the current DDoS detection technologies are challenged to
deal with huge attack volume in reasonable and affordable response time.
In this paper, we propose HADEC, a Hadoop based Live DDoS Detection framework
to tackle efficient analysis of flooding attacks by harnessing MapReduce and
HDFS. We implemented a counter-based DDoS detection algorithm for four major
flooding attacks (TCP-SYN, HTTP GET, UDP and ICMP) in MapReduce, consisting of
map and reduce functions. We deployed a testbed to evaluate the performance of
HADEC framework for live DDoS detection. Based on the experiments we showed
that HADEC is capable of processing and detecting DDoS attacks in affordable
time
Measurement and field observation of atmospheric nanoparticles
13301甲第4638号博士(工学)金沢大学博士論文要旨Abstract 要旨Outline 以下に掲載:Atmospheric Environment 141 pp.30-40 2016. Elsevier. 共著者:Indra Chandra, Seyoung Kim, Takafumi Seto, Yoshio Otani, Akinori Takami, Ayako Yoshino, Satoshi Irei, Kihong Park, Tamio Takamura, Naoki Kaneyashu, Shiro Hatakeyam
On the Effectiveness of Genetic Search in Combinatorial Optimization
In this paper, we study the efficacy of genetic algorithms in the context of combinatorial optimization. In particular, we isolate the effects of cross-over, treated as the central component of genetic search. We show that for problems of nontrivial size and difficulty, the contribution of cross-over search is marginal, both synergistically when run in conjunction with mutation and selection, or when run with selection alone, the reference point being the search procedure consisting of just mutation and selection. The latter can be viewed as another manifestation of the Metropolis process. Considering the high computational cost of maintaining a population to facilitate cross-over search, its marginal benefit renders genetic search inferior to its singleton-population counterpart, the Metropolis process, and by extension, simulated annealing. This is further compounded by the fact that many problems arising in practice may inherently require a large number of state transitions for a near-optimal solution to be found, making genetic search infeasible given the high cost of computing a single iteration in the enlarged state-space.NSF (CCR-9204284
Active Internet Traffic Filtering: Real-time Response to Denial of Service Attacks
Denial of Service (DoS) attacks are one of the most challenging threats to
Internet security. An attacker typically compromises a large number of
vulnerable hosts and uses them to flood the victim's site with malicious
traffic, clogging its tail circuit and interfering with normal traffic. At
present, the network operator of a site under attack has no other resolution
but to respond manually by inserting filters in the appropriate edge routers to
drop attack traffic. However, as DoS attacks become increasingly sophisticated,
manual filter propagation becomes unacceptably slow or even infeasible.
In this paper, we present Active Internet Traffic Filtering, a new automatic
filter propagation protocol. We argue that this system provides a guaranteed,
significant level of protection against DoS attacks in exchange for a
reasonable, bounded amount of router resources. We also argue that the proposed
system cannot be abused by a malicious node to interfere with normal Internet
operation. Finally, we argue that it retains its efficiency in the face of
continued Internet growth.Comment: Briefly describes the core ideas of AITF, a protocol for facing
Denial of Service Attacks. 6 pages lon
Estimasi Parameter Hurst Pada Trafik Internet Untuk Analisis Kinerja Jaringan Internet Kampus
Salah satu cara untuk mengetahui kinerja jaringan internet adalah dengan mengukur trafik internetnya pada periode dan interval tertentu dan mengolahnya dengan menggunakan estimasi parameter Hurst. Estimasi parameter Hurst-nya menggunakan pemodelan FARIMA(p,d,q) sehingga diperoleh besaran parameter Hurst (H), yaitu H Î (½, 1) di mana semakin mendekati nilai 1 semakin berat beban jaringannya.
Pada makalah ini trafik internet yang digunakan adalah aliran paket data internet (internet packet-flow traffic) yang mengalir melewati 4 router yang berbeda tempat di kampus Universitas Surabaya (Ubaya) yaitu router di Fakultas Teknik (FT), Fakultas Bisnis dan Ekonomika
(FBE), Gedung Perpustakaan dan kampus A Ubaya Ngagel. Pengukuran trafik internet menggunakan perangkat lunak tcpdump pada tanggal 11 Juli 2013 dilakukan dari jam 06.00 WIB sampai 18.00 WIB dengan sampel pengukuran 1 detik. Hasil perhitungan dan analisis menunjukkan bahwa nilai parameter Hurst di lokasi router kampus A Ubaya Ngagel dengan nilai H = 0,81878, lokasi Perpustakaan H =
0,9799354, FT dengan H = 0,999987 dan FBE dengan nilai H =
0,999997. Dengan demikian dapat disimpulkan bahwa kinerja jaringan internet terbaik ada pada kampus A Ubaya Ngagel
- …