3 research outputs found
Real-Time Video Content Popularity Detection Based on Mean Change Point Analysis
Video content is responsible for more than 70% of the global IP traffic.
Consequently, it is important for content delivery infrastructures to rapidly
detect and respond to changes in content popularity dynamics. In this paper, we
propose the employment of on-line change point (CP) analysis to implement
real-time, autonomous and low-complexity video content popularity detection.
Our proposal, denoted as real-time change point detector (RCPD), estimates the
existence, the number and the direction of changes on the average number of
video visits by combining: (i) off-line and on-line CP detection algorithms;
(ii) an improved time-series segmentation heuristic for the reliable detection
of multiple CPs; and (iii) two algorithms for the identification of the
direction of changes. The proposed detector is validated against synthetic
data, as well as a large database of real YouTube video visits. It is
demonstrated that the RCPD can accurately identify changes in the average
content popularity and the direction of change. In particular, the success rate
of the RCPD over synthetic data is shown to exceed 94% for medium and large
changes in content popularity. Additionally,the dynamic time warping distance,
between the actual and the estimated changes, has been found to range
between20sampleson average, over synthetic data, to52samples, in real data.The
rapid responsiveness of the RCPD is instrumental in the deployment of
real-time, lightweight load balancing solutions, as shown in a real example
Denial of Service Attacks Detection in Software-Defined Wireless Sensor Networks
Software-defined networking (SDN) is a promising technology to overcome many
challenges in wireless sensor networks (WSN), particularly with respect to
flexibility and reuse. Conversely, the centralization and the planes'
separation turn SDNs vulnerable to new security threats in the general context
of distributed denial of service (DDoS) attacks. State-of-the-art approaches to
identify DDoS do not always take into consideration restrictions in typical
WSNs e.g., computational complexity and power constraints, while further
performance improvement is always a target. The objective of this work is to
propose a lightweight but very efficient DDoS attack detection approach using
change point analysis. Our approach has a high detection rate and linear
complexity, so that it is suitable for WSNs. We demonstrate the performance of
our detector in software-defined WSNs of 36 and 100 nodes with varying attack
intensity (the number of attackers ranges from 5% to 20% of nodes). We use
change point detectors to monitor anomalies in two metrics: the data packets
delivery rate and the control packets overhead. Our results show that with
increasing intensity of attack, our approach can achieve a detection rate close
to100% and that the type of attack can also be inferred
Centralized and Distributed Intrusion Detection for Resource Constrained Wireless SDN Networks
Software-defined networking (SDN) was devised to simplify network management
and automate infrastructure sharing in wired networks. These benefits motivated
the application of SDN in wireless sensor networks to leverage solutions for
complex applications. However, some of the core SDN traits turn the networks
prone to denial of service attacks (DoS). There are proposals in the literature
to detect DoS in wireless SDN networks, however, not without shortcomings:
there is little focus on resource constraints, high detection rates have been
reported only for small networks, and the detection is disengaged from the
identification of the type of the attack or the attacker. Our work targets
these shortcomings by introducing a lightweight, online change point detector
to monitor performance metrics that are impacted when the network is under
attack. A key novelty is that the proposed detector is able to operate in
either centralized or distributed mode. The centralized detector has very high
detection rates and can further distinguish the type of the attack (from a list
of known attacks). On the other hand, the distributed detector provides
information that allows to identify the nodes launching the attack. Our
proposal is tested over IEEE 802.15.4 networks. The results show detection
rates exceeding in networks of 36 and 100 nodes and identification of
the type of the attack with a probability exceeding when using the
centralized approach. Additionally, for some types of attack it was possible to
pinpoint the attackers with an identification probability over when
using distributed detectors