56 research outputs found
On Application Layer DDoS Attack Detection in High-Speed Encrypted Networks
Application-layer denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed by using legitimate requests from legitimately connected network machines which makes these attacks undetectable for signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer making it even harder to detect attacker’s activity without decrypting users network traffic and violating their privacy. In this paper, we present a method which allows us to timely detect various applicationlayer attacks against a computer network. We focus on detection of the attacks that utilize encrypted protocols by applying an anomaly-detection-based approach to statistics extracted from network packets. Since network traffic decryption can violate ethical norms and regulations on privacy, the detection method proposed analyzes network traffic without decryption. The method involves construction of a model of normal user behavior by analyzing conversations between a server and clients. The algorithm is self-adaptive and allows one to update the model every time when a new portion of network traffic data is available. Once the model has been built, it can be applied to detect various types of application-layer denial-of- service attacks. The proposed technique is evaluated with realistic end user network traffic generated in our virtual network environment. Evaluation results show that these attacks can be properly detected, while the number of false alarms remains very low
Sample of LMXBs in the Galactic bulge. I. Optical and near-infrared constraints from the Virtual Observatory
We report on the archival optical and near-infrared observations of 6 low
mass X-ray binaries situated in the Galactic bulge. We processed several recent
Chandra and XMM-Newton as well as Einstein datasets of a binary systems
suspected to be ultracompact, which gave us arcsec-scale positional uncertainty
estimates. We then undertook comprehensive search in existing archives and
other Virtual Observatory resources in order to discover unpublished
optical/NIR data on these objects. We found and analysed data from ESO Archive
and UKIRT Infrared Deep Sky Survey (UKIDSS) on SLX 1735-269, 3A 1742-294, SLX
1744-299, SLX 1744-300, GX 3+1, IGR J17505-2644 systems and publish their
finding charts and optical flux constraints in this paper, as well as simple
estimates of the physical parameters of these objects.Comment: 8 pages, 6 figures, 1 table; accepted for publication in MNRA
Infrared identification of 4U1323-619 revisited
We re-examine the infrared counterpart of the dipping low-mass x-ray binary
4U1323-619. New X-ray data available from the XMM and Chandra observatories
combined with archival IR observations from the ESO 3.6m New Technology
Telescope allow us to define a new possible counterpart. We present here its
photometric properties and compare them with a simple analytical model of an
accretion disc illuminated by the hot central corona known to be present in the
binary system.Comment: 4 pages, 1 table, 1 figure, accepted to MNRAS Letter
Support Vector Machine Integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware
Abstract.
—In the modern world, a rapid growth of mali-
cious software production has become one of the most signifi-
cant threats to the network security. Unfortunately, wides
pread
signature-based anti-malware strategies can not help to de
tect
malware unseen previously nor deal with code obfuscation te
ch-
niques employed by malware designers. In our study, the prob
lem
of malware detection and classification is solved by applyin
g a
data-mining-based approach that relies on supervised mach
ine-
learning. Executable files are presented in the form of byte a
nd
opcode sequences and n-gram models are employed to extract
essential features from these sequences. Feature vectors o
btained
are classified with the help of support vector classifiers int
egrated
with a genetic algorithm used to select the most essential fe
atures,
and a game-theory approach is applied to combine the classifi
ers
together. The proposed algorithm, ZSGSVM, is tested by usin
g a
set of byte and opcode sequences obtained from a set containi
ng
executable files of benign software and malware. As a result,
almost all malicious files are detected while the number of fa
lse
alarms remains very low.peerReviewe
Sample of LMXBs in the Galactic bulge - I. Optical and near-infrared constraints from the Virtual Observatory
International audienceWe report on the archival optical and near-infrared observations of six low-mass X-ray binaries situated in the Galactic bulge. We process several recent Chandra and XMM-Newton as well as Einstein data sets of binary systems suspected to be ultracompact, which give us arcsec-scale positional uncertainty estimates. We then undertake a comprehensive search in existing archives and other Virtual Observatory resources in order to discover unpublished optical/near-infrared data on these objects. We find and analyse data from European Southern Observatory Archive and UKIRT Infrared Deep Sky Survey on SLX 1735-269, 3A 1742-294, SLX 1744-299, SLX 1744-300, GX 3+1 and IGR J17505-2644 systems and publish their finding charts and optical flux constraints in this paper, as well as simple estimates of the physical parameters of these objects
Intelligent Solutions for Attack Mitigation in Zero-Trust Environments
Many of today’s smart devices are rushed to market with little consideration for basic security and privacy protection, making them easy targets for various attacks. Therefore, IoT will benefit from adapting a zero-trust networking model which requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are located within or outside of the network perimeter. Implementing such model can, however, become challenging, as the access policies have to be updated dynamically in the context of constantly changing network environment. In this research project, we are aiming to implement a prototype of intelligent defense framework relying on advanced technologies that have recently emerged in the area of software-defined networking and network function virtualization. The intelligent core of the system proposed is planned to employ several reinforcement machine learning agents which process current network state and mitigate both external attacker intrusions and stealthy advanced persistent threats acting from inside of the network environment.peerReviewe
On Optimal Deployment of Low Power Nodes for High Frequency Next Generation Wireless Systems
Recent development of wireless communication systems and standards is characterized by constant increase of allocated spectrum resources. Since lower frequency ranges cannot provide sufficient amount of bandwidth, new bands are allocated at higher frequencies, for which operators resort to deploy more base stations to ensure the same coverage and to utilize more efficiently higher frequencies spectrum. Striving for deployment flexibility, mobile operators can consider deploying low power nodes that could be either small cells connected via the wired backhaul or relays that utilize the same spectrum and the wireless access technology. However, even though low power nodes provide a greater flexibility in terms of where they can be deployed, they also create new challenges. In particular, it is often the case that operators need to balance carefully between how many additional low power nodes it is necessary to install versus potential gains of the whole system. Thus, in this study we aim to develop a model that can find optimal network configuration for low power nodes assisting operators network deployment process. The outcome of the analytical model is complemented by extensive dynamic system level simulations, by means of which we analyze overall system performance for the obtained solutions. We also show that deviations from optimal configurations can lead to significantly worse system performance.peerReviewe
- …