11 research outputs found
Fast-Flux Botnet Detection Based on Traffic Response and Search Engines Credit Worthiness
Botnets are considered as the primary threats on the Internet and there have been many research efforts to detect and mitigate them. Today, Botnet uses a DNS technique fast-flux to hide malware sites behind a constantly changing network of compromised hosts. This technique is similar to trustworthy Round Robin DNS technique and Content Delivery Network (CDN). In order to distinguish the normal network traffic from Botnets different techniques are developed with more or less success. The aim of this paper is to improve Botnet detection using an Intrusion Detection System (IDS) or router. A novel classification method for online Botnet detection based on DNS traffic features that distinguish Botnet from CDN based traffic is presented. Botnet features are classified according to the possibility of usage and implementation in an embedded system. Traffic response is analysed as a strong candidate for online detection. Its disadvantage lies in specific areas where CDN acts as a Botnet. A new feature based on search engine hits is proposed to improve the false positive detection. The experimental evaluations show that proposed classification could significantly improve Botnet detection. A procedure is suggested to implement such a system as a part of IDS
USAGE OF A EMBEDDED SYSTEM FOR BIOMETRIC FACE RECOGNITION IDENTIFICATION
Računalni sustavi danas uveliko pomažu u nastojanjima da unaprijedimo svijet. Izazov Covid virusa uveo nas je u novo normalno doba gdje bismo sve potencijalno zaražene osobe trebali odmah odvojiti karantenom od ostatka populacije. Užurbani tijek života nažalost dovodi do pojave sve većeg broja prekršitelja. U ovom radu prikazana je arhitektura i prijedlog ugrađenog sustava koji bi se mogao naučiti da prepoznaje osobe u samoizolaciji. Postavljanjem takvog sustava u frekventne zone prekršitelji bi vrlo brzo bili prepoznati. Usprkos tome što u radu dolazimo do dosta velikog praga pogreške, opravdana sumnja lakše će omogućiti snagama reda lakši nadzor osoba pod samoizolacijom.Computer systems today are a necessity in constant concept of improving the world. The challenge of the Covid virus has steered us into a new normal age where all potentially infected people should be quarantined immediately from the rest of the population. The hectic course of life unfortunately leads to the emergence of an increasing number of quarantine offenders. This paper presents the architecture and proposal of an embedded system that could be taught to recognize persons in quarantine. By placing such a system in the frequency zones, violators would be identified very quickly. Despite the fact that in our work we reach a fairly large error threshold, justified suspicion will more easily enable the police to more easily supervise persons under quarantine
UMJETNA INTELIGENCIJA U RAČUNALNIM IGRAMA
Today, the highly developed and competitive computer games industry needs to make better and better computer games and beat the competition. In order to keep the players entertained with computer games, manufacturers use a variety of techniques to make games interesting and challenging. This is largely aided by research in the field of artificial intelligence that is extremely well suited for computer games. Games need to be made as complex and unpredictable as possible to provide as much fun as possible. This article explores and gives an overview of all the most popular techniques that can be applied.Danas, visoko razvijena i konkurentna industrija računalnih igara mora proizvoditi sve bolje računalne igre kako bi bila bolja od konkurencije. Kako bi igrače nagnali na što dulje sudjelovanje u igri, proizvođači koriste razne tehnike kako bi one bile zanimljive i izazovne. Ovome u velikoj mjeri pomaže istraživanje u području umjetne inteligencije koja je izuzetno pogodna za razvoj računalnih igara. Igre moraju biti što je više moguće složene i nepredvidljive kako bi pružile igraču zabavu. Ovaj članak istražuje i daje pregled svih najpopularnijih tehnika koje se mogu primijeniti u ovom područj
OVERVIEW OF ARTIFICIAL NEURAL NETWORK TECHNOLOGIES
Neuronske mreže u današnje vrijeme se sve
više istražuju. Razlog tome je sklopovlje koje
danas nudi mogućnost obrade velike količine
podataka u stvarnom vremenu. Za uspješan rad
i konstruiranje neuronske mreže od velikog
su značaja aktivacijske funkcije. Njihovim
kvalitetnim odabirom utječe se na brzinu i
kvalitetu učenja same neuronske mreže. U radu
su objašnjeni osnovni principi rada neuronske
mreže nakon odabira kvalitetnih aktivacijskih
funkcija. Nadalje su prikazani osnovni principi
učenja neuronskih mreža s naglaskom na odabir
optimizacijskog algoritma koji se koriste za
učenje neuronske mreže.Neural networks are being researched more and
more today. The reason for research lies in the
hardware that nowadays offers the ability to
process large amounts of data in real time. For
the successful operation and construction of the
neural network, one of great importance is the
activation function.
Activation function selection affects the speed and
quality of training the neural network itself. The
basic principles of the neural network after the
selection of activation functions are explained in
the paper. The basic principles of learning neural
networks are outlined, focusing on selecting the
optimization algorithm used to learn the neural
network
DENIAL OF SERVICE ATTACK ANALYSIS IN REAL ENVIROMENT
U posljednje vrijeme Internet se značajno
unaprijedio i uvelike poboljšao komunikaciju
i poslovanje. Više poslovne korisnosti
proporcionalno utječe na količinu sigurnosnih
prijetnji. Najčešće sigurnosne prijetnje na
Internetu čine mrežni napadi. Najčešći mrežni
napad zasniva se na onemogućavanju normalne
komunikacije. Mrežni napadi koji su usredotočeni
na onemogućavanje komunikacije nazivamo
Napadima sa uskraćivanjem usluge (engl. Denial
of Service – DoS). DoS napad sprječava pristup
korisnicima da komuniciraju u okviru napadnute
računalne mreže ili onemogućavaju poslužitelja
da poslužuju normalne usluge. Različiti
mehanizmi su razvijeni za rano otkrivanje i
prevenciju od DoS napada na različitim razinama
mrežne infrastrukture. Postoji konstantan napor
za izradu novog boljeg modela za komunikaciju.
Međutim, metode napada također se razvijaju.
Kako bi se spriječilo blokiranje evoluirao je
novi oblik napada – Distribuirani napadi s
uskraćivanjem usluga (engl. Distributed Denial
of service napada (DDoS)). Kod DDoS-a
napadači su raspoređeni na cijelom Internetu.
Koristeći mrežu kompromitiranih računala (engl.
Botnet) napad može biti pokrenut istovremeno
sa stotina tisuća kompromitiranih računala.
Iskorištavajući veliku mrežu kompromitiranih
računala izvor napada može biti dodatno skriven
korištenjem Distribuiranog refl ektivnog napada
s uskraćivanjem usluga (engl. Distributive
Refl ective Denial of Service (DRDoS)).
U ovom radu ćemo predstaviti različite verzije
DoS napada.
U pravom mrežnom okruženju, mjerenjem se
pokazuje značajnost utjecaja na rad mreže kroz
dostupnost poslužitelja. Dodatno, predložiti će se
mogućnosti otkrivanja i prevencije takvih napada.Lately, the Internet has signifi cantly improved
and greatly enhanced communication and
business. More commercial usefulness
proportionally aff ects the amount of security
threats. The most common security threats
on the Internet are network attacks. The most
common network attack is based on disabling
normal communication. Network attacks that
focus on disabling communication are called
Denial of Service (DoS) attacks. A DoS attack
prevents access to users to communicate within
the attacked computer network, or prevent
the server to provide normal services. Various
mechanisms have been developed for the early
detection and prevention of DoS attacks on
diff erent levels of the network infrastructure.
There is a constant eff ort to create a new and
better model for communication. However,
methods of attack are also being developed. In
order to prevent blocking, a new form of attack
has evolved – Distributed Denial of Service
(DDoS) attacks. In a DDoS attack, the attackers
are distributed throughout the Internet. By using a
malicious distributed computer network (botnet)
an attack can be launched simultaneously by
thousands of compromised computers (bots).
Using a large network of infected computers, an
attack source can be additionally hidden by using
Distributive Refl ective DoS (DRDoS) attacks. In
this paper, we will present the diff erent versions
of DoS attacks. In a real network environment,
measurements show the signifi cance of the impact
on the operation of the network through server
availability. Additionally, the possibilities of
how to detect and prevent such attacks will be
proposed and their usefulness is discussed
Botnet detection based on domain name system traffic features in real time
Mreže kompromitiranih računala (eng. Botnet) danas se smatraju primarnom prijetnjom te su mnoga istraživanja usmjerena na njihovo otkrivanje i blokiranje. Moderne mreže kompromitiranih računala koriste se skrivanjem kroz osobine imeničkog protokola (eng. Fast-flux) kako bi zaštitili svoje domene kroz stalnu rotaciju kompromitiranih računala poslužitelja. U praksi ovaj koncept podsjeća na primijenjenu tehniku za pouzdano posluživanje (Content Delivery Network - CDN). Radi otkrivanja mreža kompromitiranih računala potrebno je uočiti razlike između te dvije primjene. Cilj rada je poboljšati tehniku otkrivanja mreža kompromitiranih računala na sustavu za otkrivanje napada ili usmjerniku. U radu se predlaže nova klasifikacijska metoda za analizu imeničkog prometa u svrhu razlikovanja mreža kompromitiranih računala od legitimne mreže za pouzdano posluživanje. Naglasak u klasifikaciji je usmjeren na primjenu u ugrađenom sustavu. Temeljem klasifikacije primijenjena je metoda mjerenja brzine odziva domene sa ciljem otkrivanja poslužitelja posrednika. Radi bolje klasifikacije kroz smanjenje lažnih pozitivnih rezultata predlaže se nova metoda analize broja pogodaka na pretraživačima. Dobiveni rezultati pokazuju da novo predložena klasifikacija može značajno unaprijediti otkrivanje mreže kompromitiranih računala. Predlaže se procedura za ugradnju navedene klasifikacije u ugrađeni sustav kao dio sustava za otkrivanje napada.Botnets are considered as the primary threats on the Internet and there have been many research efforts to detect and mitigate them. Today, Botnet uses a DNS technique fast-flux to hide malware sites behind a constantly changing network of compromised hosts. This technique is similar to trustworthy Round Robin DNS technique and Content Delivery Network (CDN). In order to distinguish the normal network traffic from Botnets different techniques are developed with more or less success. The aim of this paper is to improve Botnet detection using an Intrusion Detection System (IDS) or router. A novel classification method for online Botnet detection based on DNS traffic features that distinguish Botnet from a CDN based traffic is presented. Botnet features are classified according to the possibility of usage and implementation in a embedded system. Traffic response is analysed as a strong candidate for online detection. Its disadvantage lies in specific areas where CDN acts as a Botnet. A new feature based on search engine hits is proposed to improve the false positive detection. The experimental evaluations show that proposed classification could significantly improve Botnet detection. A procedure is suggested to implement such a system as a part of an IDS
Botnet detection based on domain name system traffic features in real time
Mreže kompromitiranih računala (eng. Botnet) danas se smatraju primarnom prijetnjom te su mnoga istraživanja usmjerena na njihovo otkrivanje i blokiranje. Moderne mreže kompromitiranih računala koriste se skrivanjem kroz osobine imeničkog protokola (eng. Fast-flux) kako bi zaštitili svoje domene kroz stalnu rotaciju kompromitiranih računala poslužitelja. U praksi ovaj koncept podsjeća na primijenjenu tehniku za pouzdano posluživanje (Content Delivery Network - CDN). Radi otkrivanja mreža kompromitiranih računala potrebno je uočiti razlike između te dvije primjene. Cilj rada je poboljšati tehniku otkrivanja mreža kompromitiranih računala na sustavu za otkrivanje napada ili usmjerniku. U radu se predlaže nova klasifikacijska metoda za analizu imeničkog prometa u svrhu razlikovanja mreža kompromitiranih računala od legitimne mreže za pouzdano posluživanje. Naglasak u klasifikaciji je usmjeren na primjenu u ugrađenom sustavu. Temeljem klasifikacije primijenjena je metoda mjerenja brzine odziva domene sa ciljem otkrivanja poslužitelja posrednika. Radi bolje klasifikacije kroz smanjenje lažnih pozitivnih rezultata predlaže se nova metoda analize broja pogodaka na pretraživačima. Dobiveni rezultati pokazuju da novo predložena klasifikacija može značajno unaprijediti otkrivanje mreže kompromitiranih računala. Predlaže se procedura za ugradnju navedene klasifikacije u ugrađeni sustav kao dio sustava za otkrivanje napada.Botnets are considered as the primary threats on the Internet and there have been many research efforts to detect and mitigate them. Today, Botnet uses a DNS technique fast-flux to hide malware sites behind a constantly changing network of compromised hosts. This technique is similar to trustworthy Round Robin DNS technique and Content Delivery Network (CDN). In order to distinguish the normal network traffic from Botnets different techniques are developed with more or less success. The aim of this paper is to improve Botnet detection using an Intrusion Detection System (IDS) or router. A novel classification method for online Botnet detection based on DNS traffic features that distinguish Botnet from a CDN based traffic is presented. Botnet features are classified according to the possibility of usage and implementation in a embedded system. Traffic response is analysed as a strong candidate for online detection. Its disadvantage lies in specific areas where CDN acts as a Botnet. A new feature based on search engine hits is proposed to improve the false positive detection. The experimental evaluations show that proposed classification could significantly improve Botnet detection. A procedure is suggested to implement such a system as a part of an IDS
Botnet detection based on domain name system traffic features in real time
Mreže kompromitiranih računala (eng. Botnet) danas se smatraju primarnom prijetnjom te su mnoga istraživanja usmjerena na njihovo otkrivanje i blokiranje. Moderne mreže kompromitiranih računala koriste se skrivanjem kroz osobine imeničkog protokola (eng. Fast-flux) kako bi zaštitili svoje domene kroz stalnu rotaciju kompromitiranih računala poslužitelja. U praksi ovaj koncept podsjeća na primijenjenu tehniku za pouzdano posluživanje (Content Delivery Network - CDN). Radi otkrivanja mreža kompromitiranih računala potrebno je uočiti razlike između te dvije primjene. Cilj rada je poboljšati tehniku otkrivanja mreža kompromitiranih računala na sustavu za otkrivanje napada ili usmjerniku. U radu se predlaže nova klasifikacijska metoda za analizu imeničkog prometa u svrhu razlikovanja mreža kompromitiranih računala od legitimne mreže za pouzdano posluživanje. Naglasak u klasifikaciji je usmjeren na primjenu u ugrađenom sustavu. Temeljem klasifikacije primijenjena je metoda mjerenja brzine odziva domene sa ciljem otkrivanja poslužitelja posrednika. Radi bolje klasifikacije kroz smanjenje lažnih pozitivnih rezultata predlaže se nova metoda analize broja pogodaka na pretraživačima. Dobiveni rezultati pokazuju da novo predložena klasifikacija može značajno unaprijediti otkrivanje mreže kompromitiranih računala. Predlaže se procedura za ugradnju navedene klasifikacije u ugrađeni sustav kao dio sustava za otkrivanje napada.Botnets are considered as the primary threats on the Internet and there have been many research efforts to detect and mitigate them. Today, Botnet uses a DNS technique fast-flux to hide malware sites behind a constantly changing network of compromised hosts. This technique is similar to trustworthy Round Robin DNS technique and Content Delivery Network (CDN). In order to distinguish the normal network traffic from Botnets different techniques are developed with more or less success. The aim of this paper is to improve Botnet detection using an Intrusion Detection System (IDS) or router. A novel classification method for online Botnet detection based on DNS traffic features that distinguish Botnet from a CDN based traffic is presented. Botnet features are classified according to the possibility of usage and implementation in a embedded system. Traffic response is analysed as a strong candidate for online detection. Its disadvantage lies in specific areas where CDN acts as a Botnet. A new feature based on search engine hits is proposed to improve the false positive detection. The experimental evaluations show that proposed classification could significantly improve Botnet detection. A procedure is suggested to implement such a system as a part of an IDS
ANALIZA ARHITEKTURE MODERNOG STAKLENIKA
Embedded systems connected to the global network (IoT) are increasingly entering all areas of science. Network connectivity makes it possible to transfer information obtained in the field to the cloud in a very short time, where, thanks to processing, it is possible to draw important conclusions and determine the further course of a particular process. In the field of agronomy, environmental and process variables are improving cultivation by reducing the cost of sensors and electronic components. By analysing the characteristics of environment and nutrients, it is possible to discover their relationship with cultivation. The necessary environmental variables were found in recent papers and new ones are introduced according to project team. With proposed greenhouse architecture, we tried to achieve the most reliable and accurate measurement with the lowest possible project cost. The proposed architecture allows for scalability by changing the number of nodes or sensors. The software design controls the frequency of measurements and the unit of accuracy. The data is transferred to the cloud in a very short time and is insured against losses in case of network connectivity disruption. The paper presents preliminary results of the working system.Ugrađeni sustavi povezani s globalnom mrežom (IoT) sve više ulaze u sva područja znanosti. Mrežna povezanost omogućuje prijenos informacija dobivenih na terenu u vrlo kratkom vremenu u oblak, gdje je zahvaljujući obradi moguće donijeti važne zaključke i odrediti daljnji tijek pojedinog procesa. U području agronomije, okolišne i procesne varijable poboljšavaju uzgoj smanjenjem troškova senzora i elektroničkih komponenti. Analizom karakteristika okoliša i hranjivih tvari moguće je otkriti njihov odnos s uzgojem. Potrebne varijable okoliša pronađene su u novijim radovima, a nove su uvedene prema projektnom timu. S predloženom arhitekturom staklenika pokušali smo postići najpouzdanije i najtočnije mjerenje uz najnižu moguću cijenu projekta. Predložena arhitektura omogućuje skalabilnost promjenom broja čvorova ili senzora. Dizajn softvera kontrolira učestalost mjerenja i jedinicu točnosti. Podaci se u vrlo kratkom vremenu prenose u oblak i osigurani su od gubitaka u slučaju prekida mrežne povezanosti. U radu su prikazani preliminarni rezultati rada sustava
SMALL ANIMAL PHYSICAL ACTIVITY MONITORING SYSTEM
Gadgets are omnipresent in today\u27s people\u27s lives.
Many of them do not have a needed and smart
function, but are here to bring joy and happiness
to people worldwide. Consumerism and hyper
production has lowered the price of consumer and
business electronics. The theme of this paper is
to project and implement an automated system
that monitors a pet’s physical activity via popular
Arduino mass produced development electronics.
The system is monitoring the amount of physical
activity and calculate average distance and
speed the animal is doing daily. The principles
and scheme of the assembly will be shown and
described