18 research outputs found
Botnets and Distributed Denial of Service Attacks
With their ever increasing malicious capabilities and potential to infect a vast majority of computers on the Internet, botnets are emerging as the single biggest threat to Internet security. The aim of this project is to perform a detailed analysis of botnets and the vulnerabilities exploited by them to spread themselves and perform various malicious activities such as DDoS attacks. DDoS attacks are without doubt the most potent form of attacks carried out by botnets. In order to better understand this growing phenomenon and develop effective counter measures, it is necessary to be able to simulate DDoS attacks in a controlled environment. Simulating a DDoS attack with control over various simulation and attack parameters will give us insights into how attacks achieve stealth and avoid detection. A detailed analysis of existing DDoS defense strategies and proposals combined with the insights derived from simulation should enable us to come up with innovative and feasible solutions to prevent and mitigate DDoS attacks carried out using Botnet
The Challenges in SDN/ML Based Network Security : A Survey
Machine Learning is gaining popularity in the network security domain as many
more network-enabled devices get connected, as malicious activities become
stealthier, and as new technologies like Software Defined Networking (SDN)
emerge. Sitting at the application layer and communicating with the control
layer, machine learning based SDN security models exercise a huge influence on
the routing/switching of the entire SDN. Compromising the models is
consequently a very desirable goal. Previous surveys have been done on either
adversarial machine learning or the general vulnerabilities of SDNs but not
both. Through examination of the latest ML-based SDN security applications and
a good look at ML/SDN specific vulnerabilities accompanied by common attack
methods on ML, this paper serves as a unique survey, making a case for more
secure development processes of ML-based SDN security applications.Comment: 8 pages. arXiv admin note: substantial text overlap with
arXiv:1705.0056
Finest Informant Filtering of Malicious Traffic in Intrusion Detection System
Traffic volume and diversity will have a major impact on the power of network intrusion detection systems (NIDS) to report malicious activity accurately. Supported the observation that a good deal of traffic is, in fact, not necessary to correct attack identification, we have a tendency to investigate affiliation filtering as a technique for up the performance of NIDS. Filtering capabilities are accessible in access management lists (ACLs). it's generally hold on in Ternary Content available Memory (TCAM), whereas the scale and value of TCAM puts a limit on the amount of filters. Although the filters were restricted in range it still was dear. And henceforward we have a tendency to gift a secured framework for filtering Malicious Traffic. This filtering framework is meant victimization Markov’s Chain model which may be effectively compared with the CRF. The framework is meant such the way that the Markov’s chain model are extensively trained by the system and so concerned within the purpose of filtering malicious traffic in network
Understanding the Detection of View Fraud in Video Content Portals
While substantial effort has been devoted to understand fraudulent activity
in traditional online advertising (search and banner), more recent forms such
as video ads have received little attention. The understanding and
identification of fraudulent activity (i.e., fake views) in video ads for
advertisers, is complicated as they rely exclusively on the detection
mechanisms deployed by video hosting portals. In this context, the development
of independent tools able to monitor and audit the fidelity of these systems
are missing today and needed by both industry and regulators.
In this paper we present a first set of tools to serve this purpose. Using
our tools, we evaluate the performance of the audit systems of five major
online video portals. Our results reveal that YouTube's detection system
significantly outperforms all the others. Despite this, a systematic evaluation
indicates that it may still be susceptible to simple attacks. Furthermore, we
find that YouTube penalizes its videos' public and monetized view counters
differently, the former being more aggressive. This means that views identified
as fake and discounted from the public view counter are still monetized. We
speculate that even though YouTube's policy puts in lots of effort to
compensate users after an attack is discovered, this practice places the burden
of the risk on the advertisers, who pay to get their ads displayed.Comment: To appear in WWW 2016, Montr\'eal, Qu\'ebec, Canada. Please cite the
conference version of this pape