Development of protection mechanisms against DRDoS-attacks and combined DRDoS-attacks

Distributed “denial of service” attacks based on the traffic reflection and amplification (DRDoS attacks) still are a powerful threat for computer networks. More than half of all attacks were executed by using multiple types of attacks. Development of new protection mechanisms against such attacks is one of the most important tasks in the field of computer security. In this paper, we present experiments on DNS attack, NTP attacks and combined DRDoS-attack simulation. We simulated several protection mechanisms as well as a mechanism developed by us. We compared these protection mechanisms for different kinds of attacks

The Framework for Simulation of Bioinspired Security Mechanisms against Network Infrastructure Attacks

The paper outlines a bioinspired approach named “network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine nessesary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described

Smart collection of measurement from moving objects

This article describes dynamic management’s approach of measurement data streams from moving objects. It allows reducing network traffic and distributing computing all around the measurement acquisition environment. For this purpose, as integration technology of measuring devices, conception of a fog computing is being used. In order to make decisions for switching streams, machine learning methods are being implemented. Experiments proved network traffic’s great reduction of transmissible measurements

Framework for Simulation of Bioinspired Security Mechanisms against Network Infrastructure Attacks

The paper outlines a bioinspired approach named "network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine nessesary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described

Cloud for Distributed Data Analysis Based on the Actor Model

This paper describes the construction of a Cloud for Distributed Data Analysis (CDDA) based on the actor model. The design uses an approach to map the data mining algorithms on decomposed functional blocks, which are assigned to actors. Using actors allows users to move the computation closely towards the stored data. The process does not require loading data sets into the cloud and allows users to analyze confidential information locally. The results of experiments show that the efficiency of the proposed approach outperforms established solutions

The Motif-Based Approach to the Analysis of the Employee Trajectories within Organization

The analysis of the employees’ movement within organization building is an important task of the investigation of the business processes existing in the organization, including provision its cyberphysical security. In the paper, the motif-based approach to behavior pattern description and anomalies in organization staff movement is proposed. The motif of the employees’ movement represents a combination of the spatial and temporal attributes of the movement enforced by attributes of the visited controlled zone. The usage of motifs enables transformation of the raw logs from the proximity sensors of the access control system containing only identifiers of the controlled zones into semantically meaningful list of the activities. This approach is demonstrated with an application to the 2016 VAST Mini-Challenge 2 data set, which describes movement of the employees within organization building

Decomposition of Data Mining Algorithms into Unified Functional Blocks

The present paper describes the method of creating data mining algorithms from unified functional blocks. This method splits algorithms into independently functioning blocks. These blocks must have unified interfaces and implement pure functions. The method allows us to create new data mining algorithms from existing blocks and improves the existing algorithms by optimizing single blocks or the whole structure of the algorithms. This becomes possible due to a number of important properties inherent in pure functions and hence functional blocks

Distributed Measurement Data Gathering about Moving Objects

This paper describes approaches to gathering measurement data about moving objects in networks with low bandwidth. The first approach uses Fog computing conception and suggests moving assessing the quality of the measurement data into measuring points. The second approach uses prediction of telemetry quality by mining models. In addition, the paper presents implementation of these approaches based on actor model. As a result, it became possible not only to load balancing among edge and cloud nodes, but also to significantly reduce the network traffic, which in turn brings the possibility of decreasing the requirements for communication channels bandwidth and of using wireless networks for gathering measurement data about moving objects