Preventing DDoS using Bloom Filter: A Survey

Distributed Denial-of-Service (DDoS) is a menace for service provider and prominent issue in network security. Defeating or defending the DDoS is a prime challenge. DDoS make a service unavailable for a certain time. This phenomenon harms the service providers, and hence, loss of business revenue. Therefore, DDoS is a grand challenge to defeat. There are numerous mechanism to defend DDoS, however, this paper surveys the deployment of Bloom Filter in defending a DDoS attack. The Bloom Filter is a probabilistic data structure for membership query that returns either true or false. Bloom Filter uses tiny memory to store information of large data. Therefore, packet information is stored in Bloom Filter to defend and defeat DDoS. This paper presents a survey on DDoS defending technique using Bloom Filter.Comment: 9 pages, 1 figure. This article is accepted for publication in EAI Endorsed Transactions on Scalable Information System

Anomaly Detection in Network Streams Through a Distributional Lens

Anomaly detection in computer networks yields valuable information on events relating to the components of a network, their states, the users in a network and their activities. This thesis provides a unified distribution-based methodology for online detection of anomalies in network traffic streams. The methodology is distribution-based in that it regards the traffic stream as a time series of distributions (histograms), and monitors metrics of distributions in the time series. The effectiveness of the methodology is demonstrated in three application scenarios. First, in 802.11 wireless traffic, we show the ability to detect certain classes of attacks using the methodology. Second, in information network update streams (specifically in Wikipedia) we show the ability to detect the activity of bots, flash events, and outages, as they occur. Third, in Voice over IP traffic streams, we show the ability to detect covert channels that exfiltrate confidential information out of the network. Our experiments show the high detection rate of the methodology when compared to other existing methods, while maintaining a low rate of false positives. Furthermore, we provide algorithmic results that enable efficient and scalable implementation of the above methodology, to accomodate the massive data rates observed in modern infomation streams on the Internet. Through these applications, we present an extensive study of several aspects of the methodology. We analyze the behavior of metrics we consider, providing justification of our choice of those metrics, and how they can be used to diagnose anomalies. We provide insight into the choice of parameters, like window length and threshold, used in anomaly detection

Intrusion detection system for wireless sensor network

A Wireless Sensor Network (WSN) is a group of sensor nodes, they monitor a certain environmental information (sound, temperature, motion, pressure, light, etc.), and transmit the information to the base station. Its important to protect the data while information transmitted into the wireless environment. Data can be protected by using cryptographic scheme. a number of attacks can be possible on WSN because of its broadcasting nature, resource restrictions, and remote area of deployment. cryptograpic security can secure network from outside attacks, but fails to protect from inside attack. so we need a second line of defence like Intrusion Detection System.This goal is achieved. PIR motion sensor transmits a signal to base station and the base station trigger an alert message whenever an intruder found into the room. Temperature sensor sends a signal whenever the temperature of room is cross a certain threshold. And light sensor sends a signal whenever intensity of light is cross certain threshold. The attacker node is used to attack on nodes. If IDS found the malicious activity which is done by attacker node, it generates an alert message with the victim nodes information. So we can change the nodes information. As base station is connected to the computer so WSN nodes can be controlled by computer

Threats and perspective for the Internet of Things

Il paradigma di ubiquitous computing sta lentamente entrando nella vita di tutti i giorni, gli utenti sono sempre connessi e una nuova esigenza di monitoraggio e controllo sta nascendo. Dispositivi di comunicazione intelligenti, le reti domestiche multimediali e l’automazione industriale sono alcune coniugazioni possibili del paradigma di ubiquitous computing che sono ora disponibili per l’utente finale. La diffusione di questi sistemi è infatti destinata a crescere, spinta da entrambi i mondi accademico e industriale la quantità di lavoro di ricerca in questo campo è in aumento, e diverse aziende hanno messo le proprie soluzioni sul mercato. Nella visione di molti, l’utente sarebbe poi in grado di godere dei vantaggi di un sistema intelligente e impercettibile che si adatta all’ambiente ed ai suoi bisogni e unisce tutte le applicazioni e i servizi in un unico sistema integrato e facile da controllare. In questo lavoro vengono valutate alcune delle sfide architettoniche di questo nuovo modo di interagire tra l’utente e il suo ambiente circostante. Vengono mostrate la progettazione e la realizzazione di un SIP-based Home Gateway per il controllo remoto di Smart Objects in un ambiente domotico. È presentata anche un’architettura basata sul protocollo SIP per realizzare un sistema di domotica capace di interagire con dispositivi eterogenei e con varie interfacce utente, l’architettura si basa sull’uso del protocollo SIP come piano di controllo comune ed è centrata sul SIP Gateway Home. Per valutare le capacità del sistema descritto abbiamo effettuato anche una valutazione delle prestazioni, considerando i due problemi principali per questo tipo di dispositivi: scalabilita ad un elevato numero di richieste di servizio per secondo e l’interferenza/coesistenza di dispositivi appartenenti a diverse tecnologie/standard (ZigBee, Bluetooth, e Wi-Fi) presenti sullo stesso dispositivo. Sono stati valutati anche i problemi di sicurezza attraverso lo studio sperimentale di un Intrusion Detection System per attenuare tali problemi

Multimedia delivery in the future internet

The term “Networked Media” implies that all kinds of media including text, image, 3D graphics, audio and video are produced, distributed, shared, managed and consumed on-line through various networks, like the Internet, Fiber, WiFi, WiMAX, GPRS, 3G and so on, in a convergent manner [1]. This white paper is the contribution of the Media Delivery Platform (MDP) cluster and aims to cover the Networked challenges of the Networked Media in the transition to the Future of the Internet. Internet has evolved and changed the way we work and live. End users of the Internet have been confronted with a bewildering range of media, services and applications and of technological innovations concerning media formats, wireless networks, terminal types and capabilities. And there is little evidence that the pace of this innovation is slowing. Today, over one billion of users access the Internet on regular basis, more than 100 million users have downloaded at least one (multi)media file and over 47 millions of them do so regularly, searching in more than 160 Exabytes1 of content. In the near future these numbers are expected to exponentially rise. It is expected that the Internet content will be increased by at least a factor of 6, rising to more than 990 Exabytes before 2012, fuelled mainly by the users themselves. Moreover, it is envisaged that in a near- to mid-term future, the Internet will provide the means to share and distribute (new) multimedia content and services with superior quality and striking flexibility, in a trusted and personalized way, improving citizens’ quality of life, working conditions, edutainment and safety. In this evolving environment, new transport protocols, new multimedia encoding schemes, cross-layer inthe network adaptation, machine-to-machine communication (including RFIDs), rich 3D content as well as community networks and the use of peer-to-peer (P2P) overlays are expected to generate new models of interaction and cooperation, and be able to support enhanced perceived quality-of-experience (PQoE) and innovative applications “on the move”, like virtual collaboration environments, personalised services/ media, virtual sport groups, on-line gaming, edutainment. In this context, the interaction with content combined with interactive/multimedia search capabilities across distributed repositories, opportunistic P2P networks and the dynamic adaptation to the characteristics of diverse mobile terminals are expected to contribute towards such a vision. Based on work that has taken place in a number of EC co-funded projects, in Framework Program 6 (FP6) and Framework Program 7 (FP7), a group of experts and technology visionaries have voluntarily contributed in this white paper aiming to describe the status, the state-of-the art, the challenges and the way ahead in the area of Content Aware media delivery platforms