Validasi Traffic Denial of Service pada Live Network

Serangan Denial of Service(DoS) merupakan serangan yang semakin meningkat dalam jaringan komputer dalam beberapa tahun terakhir. Sejumlah solusi telah diusulkan untuk deteksi dan mitigasi serangan DoS. Namun riset tentang deteksi serangan DoS masih menggunakan dataset. Implementasi deteksi DoS masih terbatas karena belum adanya validasi traffic DoS di Live Network. Untuk mengatasi masalah ini penulis melakukan validasi serangan DoS Berdasarkan dataset NSL-KDD yang dilakukan di Live Network. Traffic DoS yang diamati adalah TCP, UDP, dan ICMP. Tujuan dari penelitian ini adalah untuk menjadi rujukan peneliti selanjutnya dalam melakukan riset terhadap deteksi serangan DoS di live network. Dalam penelitian ini, teknik validasi yang digunakan untuk melakukan validasi adalah teknik validasi matematis dengan menggunakan pengujian validitas pearson.. Hasil dari validasi trafik DoS pada penelitian ini adalah 0,8878 yang artinya mendapatkan nilai validasi yang sangat kuat terhadap dataset NSL-KDD. Kata kunci: Denial of Service, Live Network, NSL-KDD Datase

Preemptive modelling towards classifying vulnerability of DDoS attack in SDN environment

Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack

Forensics Based SDN in Data Centers

Recently, most data centers have adopted for Software-Defined Network (SDN) architecture to meet the demands for scalability and cost-efficient computer networks. SDN controller separates the data plane and control plane and implements instructions instead of protocols, which improves the Quality of Services (QoS) , enhances energy efficiency and protection mechanisms . However, such centralizations present an opportunity for attackers to utilize the controller of the network and master the entire network devices, which makes it vulnerable. Recent studies efforts have attempted to address the security issue with minimal consideration to the forensics aspects. Based on this, the research will focus on the forensic issue on the SDN network of data center environments. There are diverse approaches to accurately identify the various possible threats to protect the network. For this reason, deep learning approach will used to detect DDoS attacks, which is regarded as the most proper approach for detection of threat. Therefore, the proposed network consists of mobile nodes, head controller, detection engine, domain controller, source controller, Gateway and cloud center. The first stage of the attack is analyzed as serious, where the process includes recording the traffic as criminal evidence to track the criminal, add the IP source of the packet to blacklist and block all packets from this source and eliminate all packets. The second stage not-serious, which includes blocking all packets from the source node for this session, or the non-malicious packets are transmitted using the proposed protocol. This study is evaluated in OMNET ++ environment as a simulation and showed successful results than the existing approaches

Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection

Organizations' own personnel now have a greater ability than ever before to misuse their access to critical organizational assets. Insider threat detection is a key component in identifying rare anomalies in context, which is a growing concern for many organizations. Existing perimeter security mechanisms are proving to be ineffective against insider threats. As a prospective filter for the human analysts, a new deep learning based insider threat detection method that uses the Dempster-Shafer theory is proposed to handle both accidental as well as intentional insider threats via organization's channels of communication in real time. The long short-term memory (LSTM) architecture is applied to a recurrent neural network (RNN) in this work to detect anomalous network behavior patterns. Furthermore, belief is updated with Dempster's conditional rule and utilized to fuse evidence to achieve enhanced prediction. The CERT Insider Threat Dataset v6.2 is used to train the behavior model. Through performance evaluation, our proposed method is proven to be effective as an insider threat detection technique

A method of chained recommendation for charging piles in internet of vehicles

With the popularization of new energy electric vehicles (EVs), the recommendation algorithm is widely used in the relatively new field of charge piles. At the same time, the construction of charging infrastructure is facing increasing demand and more severe challenges. With the ubiquity of Internet of vehicles (IoVs), inter-vehicle communication can share information about the charging experience and traffic condition to help achieving better charging recommendation and higher energy efficiency. The recommendation of charging piles is of great value. However, the existing methods related to such recommendation consider inadequate reference factors and most of them are generalized for all users, rather than personalized for specific populations. In this paper, we propose a recommendation method based on dynamic charging area mechanism, which recommends the appropriate initial charging area according to the user's warning level, and dynamically changes the charging area according to the real-time state of EVs and charging piles. The recommendation method based on a classification chain provides more personalized services for users according to different charging needs and improves the utilization ratio of charging piles. This satisfies users' multilevel charging demands and realizes a more effective charging planning, which is beneficial to overall balance. The chained recommendation method mainly consists of three modules: intention detection, warning levels classification, and chained recommendation. The dynamic charging area mechanism reduces the occurrence of recommendation conflict and provides more personalized service for users according to different charging needs. Simulations and computations validate the correctness and effectiveness of the proposed method.This work is supported by the National Natural Science Foundation of China (U1636215, 61871140, 61872100), the National Key research and Development Plan (2018YFB0803504); the Beijing Municipal Natural Science Foundation (No. 4172006), the Guangdong Province Key Research and Development Plan (2019B010137004), and the Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme (2019)

FIMPA: A Fixed Identity Mapping Prediction Algorithm in Edge Computing Environment

Edge computing is a research hotspot that extends cloud computing to the edge of the network. Due to the recent developments in computation, storage and network technology for end devices, edge networks have become more powerful, making it possible to integrate locator/identity separation protocol (LISP) into these networks. Accordingly, in this paper, we introduce LISP into edge routers at the edge network, focusing primarily on the delay problem of mapping resolution and cache updating in LISP with the help of edge computing. To solve this delay problem, we first analyze the communication process of the locator/identity separation network and consider using the prediction method to underpin this research. In order to achieve a good prediction result, we propose and implement a Fixed Identity Mapping Prediction Algorithm (FIMPA) based on collaborative filtering, and further verify the effectiveness of the proposed algorithm through experiments on real-world data