This document proposes a method for fast detection of DDoS attacks using non-adaptive group testing (NAGT). It begins with background on DDoS attacks and group testing techniques. It then describes using a strongly explicit d-disjunct matrix in NAGT to map IP addresses to "tests" performed by routers. The router counters would indicate potential hot items (attackers or victims). Two decoding algorithms are presented to identify the hot items from the test results with poly-log time complexity meeting data stream requirements. The method aims to provide early warning of DDoS attacks through efficient group testing of IP packets.
This document compares the k-means and grid density clustering algorithms. K-means partitions data into k clusters based on minimizing distances between points and cluster centroids. It works well with numerical data but can be affected by outliers. Grid density determines dense grids based on neighbor densities and can handle different shaped and multi-density clusters without knowing the number of clusters beforehand. It has advantages over k-means in that it can handle categorical data, noise and arbitrary shaped clusters.
Elgamal signature for content distribution with network codingijwmn
This document proposes a scheme that uses ElGamal signature in network coding to enhance security. Network coding allows nodes to generate output packets as linear combinations of input packets. However, this makes the network vulnerable to pollution attacks where malicious nodes can insert corrupted packets. The proposed scheme signs data packets with ElGamal signatures. When nodes receive packets, they can verify the signatures' validity to check for corrupted packets without decoding. The scheme exploits the linearity of network coding and allows nodes to easily check packet integrity. An example is provided to demonstrate how the ElGamal signature scheme would work in the context of network coding for content distribution.
Prevention of Packet Hiding Methods In Selective Jamming AttackIJCERT
The sharing nature of wireless medium provides various challenging features among various set of users. It is very important in real world and it provides better transfer rate but authentication is ignored. The limitations of existing wired network are overcome by wireless network. These networks act as source for various types of jamming attacks. In analysis and detection of jamming attack various methods are available but sometime they fail. In case of external threat the analysis and reporting of jamming attack is very easy model but it is quite difficult in terms of internal threat model, these internal term uses the knowledge about network secrets and network protocols to launch various attacks with very low effort. Various cryptographic techniques are implemented to prevent these attacks. The main goal of this project is to prevent the information at the wireless physical layer and allowed the safe transmission among communicated nodes although the attacker is present.
Text classification based on gated recurrent unit combines with support vecto...IJECEIAES
As the amount of unstructured text data that humanity produce largely and a lot of texts are grows on the Internet, so the one of the intelligent technique is require processing it and extracting different types of knowledge from it. Gated recurrent unit (GRU) and support vector machine (SVM) have been successfully used to Natural Language Processing (NLP) systems with comparative, remarkable results. GRU networks perform well in sequential learning tasks and overcome the issues of “vanishing and explosion of gradients in standard recurrent neural networks (RNNs) when captureing long-term dependencies. In this paper, we proposed a text classification model based on improved approaches to this norm by presenting a linear support vector machine (SVM) as the replacement of Softmax in the final output layer of a GRU model. Furthermore, the cross-entropy function shall be replaced with a margin-based function. Empirical results present that the proposed GRU-SVM model achieved comparatively better results than the baseline approaches BLSTM-C, DABN.
A FPGA-Based Deep Packet Inspection Engine for Network Intrusion Detection Sy...Muhammad Nasiri
This document summarizes a paper that proposes an FPGA-based deep packet inspection engine for network intrusion detection systems. The paper describes using FPGA for parallel processing of multiple signature patterns, including static strings and regular expressions. It presents architectures for handling one, correlated, and independent patterns. Simulation results show the proposed engine can process packets at line rate and maintain throughput even with 100% malicious traffic, unlike the software-based Snort detection engine. The goal is to speed up intrusion detection by offloading deep packet inspection to reconfigurable FPGA hardware.
Novel algorithms for Knowledge discovery from neural networks in Classificat...Dr.(Mrs).Gethsiyal Augasta
The document describes a new discretization algorithm called DRDS (Discretization based on Range Coefficient of Dispersion and Skewness) for neural networks classifiers. DRDS is a supervised, incremental and bottom-up discretization method that automates the discretization process by introducing the number of intervals and stopping criterion. It has two phases: Phase I generates an Initial Discretization Scheme (IDS) by searching globally, and Phase II refines the intervals by merging them up to a stopping criterion without affecting quality. The algorithm uses range coefficient of dispersion and data skewness to select the best interval length and number of intervals for discretization. Experimental results show DRDS effectively discretizes data for neural network classification.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document discusses using a genetic algorithm for routing in delay tolerant networks. It proposes using anycast routing between groups of nodes and applying crossover between groups using genetic algorithms. The algorithm initializes a network of nodes divided into groups. It then applies crossover between groups by swapping node IDs. A random fitness function is used to decrement the node population by deleting source and destination nodes after message transfer. Simulation results show the genetic algorithm approach effectively routes messages between groups in the delay tolerant network.
This document compares the k-means and grid density clustering algorithms. K-means partitions data into k clusters based on minimizing distances between points and cluster centroids. It works well with numerical data but can be affected by outliers. Grid density determines dense grids based on neighbor densities and can handle different shaped and multi-density clusters without knowing the number of clusters beforehand. It has advantages over k-means in that it can handle categorical data, noise and arbitrary shaped clusters.
Elgamal signature for content distribution with network codingijwmn
This document proposes a scheme that uses ElGamal signature in network coding to enhance security. Network coding allows nodes to generate output packets as linear combinations of input packets. However, this makes the network vulnerable to pollution attacks where malicious nodes can insert corrupted packets. The proposed scheme signs data packets with ElGamal signatures. When nodes receive packets, they can verify the signatures' validity to check for corrupted packets without decoding. The scheme exploits the linearity of network coding and allows nodes to easily check packet integrity. An example is provided to demonstrate how the ElGamal signature scheme would work in the context of network coding for content distribution.
Prevention of Packet Hiding Methods In Selective Jamming AttackIJCERT
The sharing nature of wireless medium provides various challenging features among various set of users. It is very important in real world and it provides better transfer rate but authentication is ignored. The limitations of existing wired network are overcome by wireless network. These networks act as source for various types of jamming attacks. In analysis and detection of jamming attack various methods are available but sometime they fail. In case of external threat the analysis and reporting of jamming attack is very easy model but it is quite difficult in terms of internal threat model, these internal term uses the knowledge about network secrets and network protocols to launch various attacks with very low effort. Various cryptographic techniques are implemented to prevent these attacks. The main goal of this project is to prevent the information at the wireless physical layer and allowed the safe transmission among communicated nodes although the attacker is present.
Text classification based on gated recurrent unit combines with support vecto...IJECEIAES
As the amount of unstructured text data that humanity produce largely and a lot of texts are grows on the Internet, so the one of the intelligent technique is require processing it and extracting different types of knowledge from it. Gated recurrent unit (GRU) and support vector machine (SVM) have been successfully used to Natural Language Processing (NLP) systems with comparative, remarkable results. GRU networks perform well in sequential learning tasks and overcome the issues of “vanishing and explosion of gradients in standard recurrent neural networks (RNNs) when captureing long-term dependencies. In this paper, we proposed a text classification model based on improved approaches to this norm by presenting a linear support vector machine (SVM) as the replacement of Softmax in the final output layer of a GRU model. Furthermore, the cross-entropy function shall be replaced with a margin-based function. Empirical results present that the proposed GRU-SVM model achieved comparatively better results than the baseline approaches BLSTM-C, DABN.
A FPGA-Based Deep Packet Inspection Engine for Network Intrusion Detection Sy...Muhammad Nasiri
This document summarizes a paper that proposes an FPGA-based deep packet inspection engine for network intrusion detection systems. The paper describes using FPGA for parallel processing of multiple signature patterns, including static strings and regular expressions. It presents architectures for handling one, correlated, and independent patterns. Simulation results show the proposed engine can process packets at line rate and maintain throughput even with 100% malicious traffic, unlike the software-based Snort detection engine. The goal is to speed up intrusion detection by offloading deep packet inspection to reconfigurable FPGA hardware.
Novel algorithms for Knowledge discovery from neural networks in Classificat...Dr.(Mrs).Gethsiyal Augasta
The document describes a new discretization algorithm called DRDS (Discretization based on Range Coefficient of Dispersion and Skewness) for neural networks classifiers. DRDS is a supervised, incremental and bottom-up discretization method that automates the discretization process by introducing the number of intervals and stopping criterion. It has two phases: Phase I generates an Initial Discretization Scheme (IDS) by searching globally, and Phase II refines the intervals by merging them up to a stopping criterion without affecting quality. The algorithm uses range coefficient of dispersion and data skewness to select the best interval length and number of intervals for discretization. Experimental results show DRDS effectively discretizes data for neural network classification.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document discusses using a genetic algorithm for routing in delay tolerant networks. It proposes using anycast routing between groups of nodes and applying crossover between groups using genetic algorithms. The algorithm initializes a network of nodes divided into groups. It then applies crossover between groups by swapping node IDs. A random fitness function is used to decrement the node population by deleting source and destination nodes after message transfer. Simulation results show the genetic algorithm approach effectively routes messages between groups in the delay tolerant network.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Machine Learning Algorithms for Image Classification of Hand Digits and Face ...IRJET Journal
This document discusses machine learning algorithms for image classification using five different classification schemes. It summarizes the mathematical models behind each classification algorithm, including Nearest Class Centroid classifier, Nearest Sub-Class Centroid classifier, k-Nearest Neighbor classifier, Perceptron trained using Backpropagation, and Perceptron trained using Mean Squared Error. It also describes two datasets used in the experiments - the MNIST dataset of handwritten digits and the ORL face recognition dataset. The performance of the five classification schemes are compared on these datasets.
In this work a method for video streaming authentication based on butterfly graphs is presanted. As well as other methods variables such as the sender delay, receiver delay, computation overhead, communication overhead, robustness against packet loss, should be considered. The aim of this work is improvement of communication overhead as an important parameter, in networks which packet loss ratio is random and burst. For this purpose we develop butterfly graph to increase authentication probability.
Deep learning algorithms have drawn the attention of researchers working in the field of computer vision, speech
recognition, malware detection, pattern recognition and natural language processing. In this paper, we present an overview of
deep learning techniques like Convolutional neural network, deep belief network, Autoencoder, Restricted Boltzmann machine
and recurrent neural network. With this, current work of deep learning algorithms on malware detection is shown with the
help of literature survey. Suggestions for future research are given with full justification. We also showed the experimental
analysis in order to show the importance of deep learning techniques.
A SURVEY TO REAL-TIME MESSAGE-ROUTING NETWORK SYSTEM WITH KLA MODELLINGijseajournal
ABSTRACT
Messages routing over a network is one of the most fundamental concept in communication which requires simultaneous transmission of messages from a source to a destination. In terms of Real-Time Routing, it refers to the addition of a timing constraint in which messages should be received within a specified time delay. This study involves Scheduling, Algorithm Design and Graph Theory which are essential parts of the Computer Science (CS) discipline. Our goal is to investigate an innovative and efficient way to present these concepts in the context of CS Education. In this paper, we will explore the fundamental modelling of routing real-time messages on networks. We study whether it is possible to have an optimal on-line algorithm for the Arbitrary Directed Graph network topology. In addition, we will examine the message routing’s algorithmic complexity by breaking down the complex mathematical proofs into concrete, visual examples. Next, we explore the Unidirectional Ring topology in finding the transmission’s “makespan”.Lastly, we propose the same network modelling through the technique of Kinesthetic Learning Activity (KLA). We will analyse the data collected and present the results in a case study to evaluate the effectiveness of the KLA approach compared to the traditional teaching method.
We propose an algorithm for training Multi Layer Preceptrons for classification problems, that we named Hidden Layer Learning Vector Quantization (H-LVQ). It consists of applying Learning Vector Quantization to the last hidden layer of a MLP and it gave very successful results on problems containing a large number of correlated inputs. It was applied with excellent results on classification of Rurtherford
backscattering spectra and on a benchmark problem of image recognition. It may also be used for efficient feature extraction.
An Enhanced Message Digest Hash Algorithm for Information Securitypaperpublications3
Abstract: Information is an important commodity in the world of Electronic communication. To achieve a secure communication between communicating parties, the protection of authenticity and integrity of information is necessary. Cryptographic hash functions play a central role in cryptology. A cryptographic hash function takes an input of arbitrary large size and returns a small fixed size hash value. It satisfies three major cryptographic properties: preimage resistance, second preimage resistance and collision resistance. Due to its cryptographic properties hash function has become an important cryptographic tool which is used to protect information authenticity and integrity. This thesis presents a review of cryptographic hash functions. The thesis includes various applications of hash functions. It gives special emphasis on dedicated hash functions MD5.
Recent breakthroughs in cryptanalysis of standard hash functions like SHA-1 and MD5 raise the need for alternatives. In the past few years, there have been significant research advances in the analysis of hash functions and it was shown that none of the hash algorithm is secure enough for critical purposes whether it is MD5 or SHA-1. Nowadays scientists have found weaknesses in a number of hash functions, including MD5, SHA and RIPEMD. So the purpose of this thesis is combination of some function to reinforce these functions and also increasing hash code of message digest of length up to 160 that makes stronger algorithm against collision and brute force attacks.
Extended pso algorithm for improvement problems k means clustering algorithmIJMIT JOURNAL
The clustering is a without monitoring process and one of the most common data mining techniques. The
purpose of clustering is grouping similar data together in a group, so were most similar to each other in a
cluster and the difference with most other instances in the cluster are. In this paper we focus on clustering
partition k-means, due to ease of implementation and high-speed performance of large data sets, After 30
year it is still very popular among the developed clustering algorithm and then for improvement problem of
placing of k-means algorithm in local optimal, we pose extended PSO algorithm, that its name is ECPSO.
Our new algorithm is able to be cause of exit from local optimal and with high percent produce the
problem’s optimal answer. The probe of results show that mooted algorithm have better performance
regards as other clustering algorithms specially in two index, the carefulness of clustering and the quality
of clustering.
Packet Classification using Support Vector Machines with String KernelsIJERA Editor
Since the inception of internet many methods have been devised to keep untrusted and malicious packets away
from a user’s system . The traffic / packet classification can be used
as an important tool to detect intrusion in the system. Using Machine Learning as an efficient statistical based
approach for classifying packets is a novel method in practice today . This paper emphasizes upon using an
advanced string kernel method within a support vector machine to classify packets .
There exists a paper related to a similar problem using Machine Learning [2]. But the researches mentioned in
their paper are not up-to date and doesn’t account for modern day
string kernels that are much more efficient . My work extends their research by introducing different approaches
to classify encrypted / unencrypted traffic / packets .
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Novel text categorization by amalgamation of augmented k nearest neighbourhoo...ijcsity
Machine learning for text classification is the
underpinning
of document
cataloging
, news filtering,
document
steering
and
exemplif
ication
. In text mining realm, effective feature selection is significant to
make the learning task more accurate and competent. One of the
traditional
lazy
text classifier
k
-
Nearest
Neighborhood (
k
NN) has
a
major pitfall in calculating the similarity between
all
the
objects in training and
testing se
t
s,
there by leads to exaggeration of
both
computational complexity
of the algorithm
and
massive
consumption
of
main memory
. To diminish these shortcomings
in
viewpoint
of a
data
-
mining
practitioner
a
n
amalgamati
ve technique is proposed in this paper using
a novel restructured version of
k
NN called
Augmented
k
NN
(AkNN)
and
k
-
Medoids
(kMdd)
clustering.
The proposed work
comprises
preprocesses
on
the
initial training
set
by
imposing
attribute feature selection
for reduc
tion of high dimensionality, also it
detects and excludes the high
-
fliers
samples
in t
he
initial
training set
and
re
structure
s
a
constricted
training
set
.
The kMdd clustering algorithm generates the cluster centers (as interior objects) for each category
and
restructures
the constricted training set
with centroids
. This technique
is
amalgamated with
AkNN
classifier
that
was prearranged with
text mining similarity measure
s.
Eventually, s
ignifican
tweights
and ranks were
assigned to each object in the new
training set based upon the
ir
accessory towards the
object in testing set
.
Experiments
conducted
on Reuters
-
21578 a
UCI benchmark
text mining
data
set
, and
comparisons with
traditional
k
NN
classifier designates
the
referred
method
yield
spreeminentrecital
in b
oth clustering and
classification
The document discusses the process of automated text classification using natural language processing. It covers various machine learning techniques for text classification including supervised learning methods like Naive Bayes classification and k-nearest neighbors. The key steps of the text classification process include data preprocessing, creating a training set and test set, developing a classification model using an algorithm, and then classifying new text data. Specific methods like bag-of-words representation and document-term matrices are also discussed for transforming text into a numerical format that machine learning algorithms can understand.
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...Shankar Lal
Noise addition for anonymisation is a known technique for increasing the privacy of a data sets. However this technique is often presented as individual and independent, or, just stated as techniques to be applied. This increases the danger of
misapplication of these techniques and a resulting anonymised data set that is open to relatively easy re-identification or reconstruction. To better understand the application of these techniques we demonstrate their application to a specific domain - that of network trace anonymisation.
The document describes several alternative models for information retrieval, including fuzzy set models, extended Boolean models, generalized vector space models, latent semantic indexing models, neural network models, and Bayesian network models. It provides details on fuzzy set models that allow gradual membership in sets, extended Boolean models that combine Boolean queries with vector space characteristics, and Bayesian networks that use directed acyclic graphs and conditional probabilities.
Intrusion Detection System for Classification of Attacks with Cross Validationinventionjournals
Now days, due to rapidly uses of internet, the patterns of network attacks are increasing. There are various organizations and institutes are using internet and access or share the sensitive information in network. To protect information from unauthorized or intruders is one of the important issues. In this paper, we have used decision tree techniques like C4.5 and CART as classifier for classification of attacks. We have proposed an ensemble model that is combination of C4.5 and Classification and Regression Tree (CART) as robust classifier for classification of attacks. We have used NSL-KDD data set with binary and multiclass problem with 10-fold cross validation. The proposed ensemble model gives satisfactory accuracy as 99.67% and 99.53% in case of binary class and multiclass NSL-KDD data set respectively.
This paper summarizes and improves upon the NTBCBT mutual exclusion algorithm. The NTBCBT algorithm has problems related to safety, liveness, and scheduling when nodes request access to a critical resource. The paper proposes an improved algorithm called PBCBT that addresses these weaknesses. PBCBT requires only 3log(N) messages per access to the critical section, compared to 4log(N) for NTBCBT. It also has an improved synchronization delay of 2log(N) messages compared to 3log(N) for NTBCBT. The improvements are achieved through removing unnecessary messages, reorganizing node instructions, and prioritizing requests based on timestamps.
Opera Mediaworks Russia Sales (Oct 2013) | AddInAppAmir Basyrov
The World’s Leading Mobile Advertising Platform.
Мы предлагаем размещение баннеров различных форматов в мобильном браузере Opera, в приложениях сети AdMarvel (к примеру, Shazam).
The document discusses reflections on a company's logo, especially with regards to color and how arrows can illustrate continuation or growth. It recommends using the color blue in the logo and only blue, with the number 44 also included.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
IMAGE AUTHENTICATION THROUGH ZTRANSFORM WITH LOW ENERGY AND BANDWIDTH (IAZT)IJNSA Journal
In this paper a Z-transform based image authentication technique termed as IAZT has been proposed to
authenticate gray scale images. The technique uses energy efficient and low bandwidth based invisible data
embedding with a minimal computational complexity. Near about half of the bandwidth is required
compared to the traditional Z–transform while transmitting the multimedia contents such as images with
authenticating message through network. This authenticating technique may be used for copyright
protection or ownership verification. Experimental results are computed and compared with the existing
authentication techniques like Li’s method [11], SCDFT [13], Region-Based method [14] and many more
based on Mean Square Error (MSE), Peak Signal to Noise Ratio (PSNR), Image Fidelity (IF), Universal
Quality Image (UQI) and Structural Similarity Index Measurement (SSIM) which shows better performance
in IAZT.
Jeans and jeans have subtle differences. Jeans typically have front pockets and back pockets, while jeans may have additional details like decorative pockets. The document appears to discuss and provide examples of different pocket styles commonly found on jeans.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Machine Learning Algorithms for Image Classification of Hand Digits and Face ...IRJET Journal
This document discusses machine learning algorithms for image classification using five different classification schemes. It summarizes the mathematical models behind each classification algorithm, including Nearest Class Centroid classifier, Nearest Sub-Class Centroid classifier, k-Nearest Neighbor classifier, Perceptron trained using Backpropagation, and Perceptron trained using Mean Squared Error. It also describes two datasets used in the experiments - the MNIST dataset of handwritten digits and the ORL face recognition dataset. The performance of the five classification schemes are compared on these datasets.
In this work a method for video streaming authentication based on butterfly graphs is presanted. As well as other methods variables such as the sender delay, receiver delay, computation overhead, communication overhead, robustness against packet loss, should be considered. The aim of this work is improvement of communication overhead as an important parameter, in networks which packet loss ratio is random and burst. For this purpose we develop butterfly graph to increase authentication probability.
Deep learning algorithms have drawn the attention of researchers working in the field of computer vision, speech
recognition, malware detection, pattern recognition and natural language processing. In this paper, we present an overview of
deep learning techniques like Convolutional neural network, deep belief network, Autoencoder, Restricted Boltzmann machine
and recurrent neural network. With this, current work of deep learning algorithms on malware detection is shown with the
help of literature survey. Suggestions for future research are given with full justification. We also showed the experimental
analysis in order to show the importance of deep learning techniques.
A SURVEY TO REAL-TIME MESSAGE-ROUTING NETWORK SYSTEM WITH KLA MODELLINGijseajournal
ABSTRACT
Messages routing over a network is one of the most fundamental concept in communication which requires simultaneous transmission of messages from a source to a destination. In terms of Real-Time Routing, it refers to the addition of a timing constraint in which messages should be received within a specified time delay. This study involves Scheduling, Algorithm Design and Graph Theory which are essential parts of the Computer Science (CS) discipline. Our goal is to investigate an innovative and efficient way to present these concepts in the context of CS Education. In this paper, we will explore the fundamental modelling of routing real-time messages on networks. We study whether it is possible to have an optimal on-line algorithm for the Arbitrary Directed Graph network topology. In addition, we will examine the message routing’s algorithmic complexity by breaking down the complex mathematical proofs into concrete, visual examples. Next, we explore the Unidirectional Ring topology in finding the transmission’s “makespan”.Lastly, we propose the same network modelling through the technique of Kinesthetic Learning Activity (KLA). We will analyse the data collected and present the results in a case study to evaluate the effectiveness of the KLA approach compared to the traditional teaching method.
We propose an algorithm for training Multi Layer Preceptrons for classification problems, that we named Hidden Layer Learning Vector Quantization (H-LVQ). It consists of applying Learning Vector Quantization to the last hidden layer of a MLP and it gave very successful results on problems containing a large number of correlated inputs. It was applied with excellent results on classification of Rurtherford
backscattering spectra and on a benchmark problem of image recognition. It may also be used for efficient feature extraction.
An Enhanced Message Digest Hash Algorithm for Information Securitypaperpublications3
Abstract: Information is an important commodity in the world of Electronic communication. To achieve a secure communication between communicating parties, the protection of authenticity and integrity of information is necessary. Cryptographic hash functions play a central role in cryptology. A cryptographic hash function takes an input of arbitrary large size and returns a small fixed size hash value. It satisfies three major cryptographic properties: preimage resistance, second preimage resistance and collision resistance. Due to its cryptographic properties hash function has become an important cryptographic tool which is used to protect information authenticity and integrity. This thesis presents a review of cryptographic hash functions. The thesis includes various applications of hash functions. It gives special emphasis on dedicated hash functions MD5.
Recent breakthroughs in cryptanalysis of standard hash functions like SHA-1 and MD5 raise the need for alternatives. In the past few years, there have been significant research advances in the analysis of hash functions and it was shown that none of the hash algorithm is secure enough for critical purposes whether it is MD5 or SHA-1. Nowadays scientists have found weaknesses in a number of hash functions, including MD5, SHA and RIPEMD. So the purpose of this thesis is combination of some function to reinforce these functions and also increasing hash code of message digest of length up to 160 that makes stronger algorithm against collision and brute force attacks.
Extended pso algorithm for improvement problems k means clustering algorithmIJMIT JOURNAL
The clustering is a without monitoring process and one of the most common data mining techniques. The
purpose of clustering is grouping similar data together in a group, so were most similar to each other in a
cluster and the difference with most other instances in the cluster are. In this paper we focus on clustering
partition k-means, due to ease of implementation and high-speed performance of large data sets, After 30
year it is still very popular among the developed clustering algorithm and then for improvement problem of
placing of k-means algorithm in local optimal, we pose extended PSO algorithm, that its name is ECPSO.
Our new algorithm is able to be cause of exit from local optimal and with high percent produce the
problem’s optimal answer. The probe of results show that mooted algorithm have better performance
regards as other clustering algorithms specially in two index, the carefulness of clustering and the quality
of clustering.
Packet Classification using Support Vector Machines with String KernelsIJERA Editor
Since the inception of internet many methods have been devised to keep untrusted and malicious packets away
from a user’s system . The traffic / packet classification can be used
as an important tool to detect intrusion in the system. Using Machine Learning as an efficient statistical based
approach for classifying packets is a novel method in practice today . This paper emphasizes upon using an
advanced string kernel method within a support vector machine to classify packets .
There exists a paper related to a similar problem using Machine Learning [2]. But the researches mentioned in
their paper are not up-to date and doesn’t account for modern day
string kernels that are much more efficient . My work extends their research by introducing different approaches
to classify encrypted / unencrypted traffic / packets .
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Novel text categorization by amalgamation of augmented k nearest neighbourhoo...ijcsity
Machine learning for text classification is the
underpinning
of document
cataloging
, news filtering,
document
steering
and
exemplif
ication
. In text mining realm, effective feature selection is significant to
make the learning task more accurate and competent. One of the
traditional
lazy
text classifier
k
-
Nearest
Neighborhood (
k
NN) has
a
major pitfall in calculating the similarity between
all
the
objects in training and
testing se
t
s,
there by leads to exaggeration of
both
computational complexity
of the algorithm
and
massive
consumption
of
main memory
. To diminish these shortcomings
in
viewpoint
of a
data
-
mining
practitioner
a
n
amalgamati
ve technique is proposed in this paper using
a novel restructured version of
k
NN called
Augmented
k
NN
(AkNN)
and
k
-
Medoids
(kMdd)
clustering.
The proposed work
comprises
preprocesses
on
the
initial training
set
by
imposing
attribute feature selection
for reduc
tion of high dimensionality, also it
detects and excludes the high
-
fliers
samples
in t
he
initial
training set
and
re
structure
s
a
constricted
training
set
.
The kMdd clustering algorithm generates the cluster centers (as interior objects) for each category
and
restructures
the constricted training set
with centroids
. This technique
is
amalgamated with
AkNN
classifier
that
was prearranged with
text mining similarity measure
s.
Eventually, s
ignifican
tweights
and ranks were
assigned to each object in the new
training set based upon the
ir
accessory towards the
object in testing set
.
Experiments
conducted
on Reuters
-
21578 a
UCI benchmark
text mining
data
set
, and
comparisons with
traditional
k
NN
classifier designates
the
referred
method
yield
spreeminentrecital
in b
oth clustering and
classification
The document discusses the process of automated text classification using natural language processing. It covers various machine learning techniques for text classification including supervised learning methods like Naive Bayes classification and k-nearest neighbors. The key steps of the text classification process include data preprocessing, creating a training set and test set, developing a classification model using an algorithm, and then classifying new text data. Specific methods like bag-of-words representation and document-term matrices are also discussed for transforming text into a numerical format that machine learning algorithms can understand.
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...Shankar Lal
Noise addition for anonymisation is a known technique for increasing the privacy of a data sets. However this technique is often presented as individual and independent, or, just stated as techniques to be applied. This increases the danger of
misapplication of these techniques and a resulting anonymised data set that is open to relatively easy re-identification or reconstruction. To better understand the application of these techniques we demonstrate their application to a specific domain - that of network trace anonymisation.
The document describes several alternative models for information retrieval, including fuzzy set models, extended Boolean models, generalized vector space models, latent semantic indexing models, neural network models, and Bayesian network models. It provides details on fuzzy set models that allow gradual membership in sets, extended Boolean models that combine Boolean queries with vector space characteristics, and Bayesian networks that use directed acyclic graphs and conditional probabilities.
Intrusion Detection System for Classification of Attacks with Cross Validationinventionjournals
Now days, due to rapidly uses of internet, the patterns of network attacks are increasing. There are various organizations and institutes are using internet and access or share the sensitive information in network. To protect information from unauthorized or intruders is one of the important issues. In this paper, we have used decision tree techniques like C4.5 and CART as classifier for classification of attacks. We have proposed an ensemble model that is combination of C4.5 and Classification and Regression Tree (CART) as robust classifier for classification of attacks. We have used NSL-KDD data set with binary and multiclass problem with 10-fold cross validation. The proposed ensemble model gives satisfactory accuracy as 99.67% and 99.53% in case of binary class and multiclass NSL-KDD data set respectively.
This paper summarizes and improves upon the NTBCBT mutual exclusion algorithm. The NTBCBT algorithm has problems related to safety, liveness, and scheduling when nodes request access to a critical resource. The paper proposes an improved algorithm called PBCBT that addresses these weaknesses. PBCBT requires only 3log(N) messages per access to the critical section, compared to 4log(N) for NTBCBT. It also has an improved synchronization delay of 2log(N) messages compared to 3log(N) for NTBCBT. The improvements are achieved through removing unnecessary messages, reorganizing node instructions, and prioritizing requests based on timestamps.
Opera Mediaworks Russia Sales (Oct 2013) | AddInAppAmir Basyrov
The World’s Leading Mobile Advertising Platform.
Мы предлагаем размещение баннеров различных форматов в мобильном браузере Opera, в приложениях сети AdMarvel (к примеру, Shazam).
The document discusses reflections on a company's logo, especially with regards to color and how arrows can illustrate continuation or growth. It recommends using the color blue in the logo and only blue, with the number 44 also included.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
IMAGE AUTHENTICATION THROUGH ZTRANSFORM WITH LOW ENERGY AND BANDWIDTH (IAZT)IJNSA Journal
In this paper a Z-transform based image authentication technique termed as IAZT has been proposed to
authenticate gray scale images. The technique uses energy efficient and low bandwidth based invisible data
embedding with a minimal computational complexity. Near about half of the bandwidth is required
compared to the traditional Z–transform while transmitting the multimedia contents such as images with
authenticating message through network. This authenticating technique may be used for copyright
protection or ownership verification. Experimental results are computed and compared with the existing
authentication techniques like Li’s method [11], SCDFT [13], Region-Based method [14] and many more
based on Mean Square Error (MSE), Peak Signal to Noise Ratio (PSNR), Image Fidelity (IF), Universal
Quality Image (UQI) and Structural Similarity Index Measurement (SSIM) which shows better performance
in IAZT.
Jeans and jeans have subtle differences. Jeans typically have front pockets and back pockets, while jeans may have additional details like decorative pockets. The document appears to discuss and provide examples of different pocket styles commonly found on jeans.
Understanding Experiential Function of LanguageRusdi Noor Rosa
These slides introduce the basic understanding of experiential functions of language. Besides, some examples of simple analysis of clauses based on their transitivity elements were presented.
The document is a list of repeated text stating "Quality Matters – A national benchmark for online course design" and providing a link to qualitymatters.org. It repeats this text and link over 30 times.
La comunicación permite el intercambio de ideas, experiencias y valores entre las personas. A través de la comunicación, las personas pueden transmitir sentimientos, actitudes y conocerse mejor a sí mismas y al mundo que les rodea. Para mejorar las relaciones y la comunicación entre las personas, es importante que se conozcan bien a sí mismas y valoren quiénes son.
Este documento presenta consejos para crear contenido viral y blogs que se lean. Explica que el contenido original y de calidad es fundamental para el éxito de un blog. También recomienda usar diferentes tipos de contenido como infografías, videos y presentaciones. Además, ofrece consejos para escribir títulos atractivos que capturen la atención y contengan palabras clave optimizadas para motores de búsqueda.
1) The document introduces a special seminar titled "Evidence Based Decision Making – Reality or Chimera?" to honor Jack Short, the leaving Secretary General of IRF and ECMT.
2) It questions whether knowledge has any power and if facts should ruin a good story.
3) The seminar will discuss six questions around the topics of infrastructure investment, pricing policies, transport policy assumptions, the role of administration, a changing world, and lessons learned from an evidence-based perspective.
What is the role of print in the multimedia pack?WAN-IFRA
The Globe and Mail is Canada's national newspaper, founded in 1844. It is a comprehensive broadsheet newspaper that provides national, international and business news coverage as well as sports, arts and lifestyle content. The Globe and Mail aims to deliver quality journalism across various topics to readers.
Changing the Role of Agriculture: Moving Beyond Production in the 21st CenturyEcoAgriculture Partners
This is a keynote presentation that outlines the environmental consequences of production oriented agriculture in the 20th century and defines three critical roles for agriculture in the 21st century; as a supporter of ecosystems, a foundation for locally-led development, and as a partner in sustainable city-region development.
The talk highlights key examples of where agriculture is currently serving these roles. Finally, the presentation concludes with recommendations to the food and agriculture community that are necessary in order to facilitate scaling the lessons from the highlighted examples to a global scale. These actions include; integrating sustainable agriculture into all of the sustainable development goals, building cross sector coalitions at all levels, developing supportive financing frameworks, and mobilizing new research and education around sustainable agriculture. Presented by EcoAgriculture Partners' President Sara Scherr at the 2nd Global Food Security Conference in Ithaca, NY.
This document discusses electronic fuel injection (EFI) systems. It explains that EFI systems are more precise, reliable, and cost-effective than carburetor systems. EFI provides the correct air-fuel ratio, reduces exhaust pollution, and increases engine power. It then describes different types of fuel injection systems, including single-point and multi-point as well as indirect and direct injection. Various sensors that provide input to the engine control unit (ECU) are also outlined, such as oxygen, throttle position, engine temperature, inlet air temperature, and crankshaft position sensors.
Experiencia de trabajo colaborativo y mediación de TICs a través del cual se propuso el diseño de un Zoologico virtual con la participación de todos los estudiantes.
Este documento proporciona pautas para centros educativos sobre la atención a la diversidad y el bilingüismo. Describe principios generales sobre el aprendizaje de idiomas y la inclusión. También recomienda estrategias metodológicas flexibles como el trabajo por proyectos y rincones. Además, ofrece orientaciones específicas para atender a estudiantes con necesidades educativas especiales como discapacidad auditiva o retraso mental.
La Fundación Mapfre organiza la Semana de la Prevención de Incendios en varios municipios de Sevilla del 7 al 11 de octubre. El programa incluye charlas, simulacros y talleres sobre prevención de incendios dirigidos a comerciantes, personas mayores, escolares y el público en general con el objetivo de promover la autoprotección y concienciar sobre los riesgos de incendio. Las actividades están organizadas por la Diputación de Sevilla y los ayuntamientos de El Saucejo, Gerena, Montellano, Osuna y
FAST DETECTION OF DDOS ATTACKS USING NON-ADAPTIVE GROUP TESTINGIJNSA Journal
Network security has become more important role today to personal users and organizations. Denial-ofService (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious problem in network. The major challenges in design of an efficient algorithm in data stream are one-pass over the input, poly-log space, poly-log update time and poly-log reporting time. In this paper, we use strongly explicit construction d-disjunct matrices in Non-adaptive group testing (NAGT) to adapt these requirements and propose a solution for fast detecting DoS and DDoS attacks based on NAGT approach.
ON THE PERFORMANCE OF INTRUSION DETECTION SYSTEMS WITH HIDDEN MULTILAYER NEUR...IJCNCJournal
Deep learning applications, especially multilayer neural network models, result in network intrusion detection with high accuracy. This study proposes a model that combines a multilayer neural network with Dense Sparse Dense (DSD) multi-stage training to simultaneously improve the criteria related to the performance of intrusion detection systems on a comprehensive dataset UNSW-NB15. We conduct experiments on many neural network models such as Recurrent Neural Network (RNN), Long-Short Term Memory (LSTM), Gated Recurrent Unit (GRU), etc. to evaluate the combined efficiency with each model through many criteria such as accuracy, detection rate, false alarm rate, precision, and F1-Score.
On The Performance of Intrusion Detection Systems with Hidden Multilayer Neur...IJCNCJournal
Deep learning applications, especially multilayer neural network models, result in network intrusion detection with high accuracy. This study proposes a model that combines a multilayer neural network with Dense Sparse Dense (DSD) multi-stage training to simultaneously improve the criteria related to the performance of intrusion detection systems on a comprehensive dataset UNSW-NB15. We conduct experiments on many neural network models such as Recurrent Neural Network (RNN), Long-Short Term Memory (LSTM), Gated Recurrent Unit (GRU), etc. to evaluate the combined efficiency with each model through many criteria such as accuracy, detection rate, false alarm rate, precision, and F1-Score.
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
This document proposes modifications to the physical and data link layers to improve resistance against jamming attacks in wireless sensor networks. At the physical layer, it introduces an uncorrelated groups based direct sequence spread spectrum (DSSS) technique that uses different pseudorandom noise sequences to spread data bits, selecting sequences from uncorrelated groups to make decoding more difficult for attackers. At the data link layer, it modifies the sensor medium access control (SMAC) protocol with two changes: randomizing data packet slot sizes and using mixed integer programming to maximize network coverage while mitigating throughput impacts from countermeasures. Experimental results show the proposed approach can reduce an attacker's lifetime advantage by over 8% compared to other countermeasures.
This document proposes modifications to the physical and data link layers to improve resistance against jamming attacks in wireless sensor networks. In the physical layer, an uncorrelated groups based direct sequence spread spectrum technique is proposed where sequences are grouped and selected randomly to spread messages. In the data link layer, two modifications to the SMAC protocol are proposed: 1) Data Packet Separation Slot Size Randomization, which separates data packets to mislead jammers' estimation of slot size, forcing them to deplete power more quickly. 2) Maximum Covers using Mixed Integer Programming algorithm, which aims to minimize energy consumption while scheduling network tasks. Simulation results show the proposed techniques can achieve over 8% reduction in an attacker's lifetime advantage compared to
This document discusses a novel method for intrusion awareness using Distributed Situational Awareness (D-SA). It proposes using D-SA and support vector machines (SVM) for network intrusion detection and classification. The method is evaluated using the KDD Cup 1999 intrusion detection dataset. Experimental results show the proposed D-SA method achieves higher detection rates compared to rule-based classification techniques.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
S IMULATION B ASED S TUDY OF C OOPERATIVE B LACK H OLE A TTACK R ESOLU...pijans
An Ad hoc Network is a pool of wireless mobile node
s energetically forming a network without the use o
f
any pre-accessible network infrastructure or centra
lized administrator. These nodes communicate with
each other by hop-to-hop communication. This dynami
c topology of mobile ad-hoc networks (MANETs)
allows nodes to get attached and leave the network
at any second of time. Thus MANET can be used in a
variety of fields. Current MANETs are designed prim
ary for military utility. This generic characterist
ic of
MANET has rendered its vulnerability to security at
tacks. Due to which unprotected attacks of the
malicious nodes can occur at any time. This paper f
ocuses on one such attack known as “Black hole
attack” and the routing protocol being used here is
AODV
The document discusses using recurrent neural networks to detect Android malware. It proposes developing a deep learning model using LSTM or GRU networks to efficiently detect malware files. The existing approaches have limitations in detecting new malware. The proposed system would use recurrent networks to model sequential Android app data and detect malware, including new emerging types.
Elimination of wormhole attacker node in manet using performance evaluation m...Alexander Decker
This document summarizes a research paper that proposes a new method for detecting wormhole attacker nodes in mobile ad hoc networks (MANETs). The method detects malicious nodes based on analyzing hop counts and time delays in routes, without requiring any special hardware or protocol modifications. The proposed method is simulated using OPNET software with scenarios of 50 nodes, both with and without wormhole attacks. The results show that without prevention, a wormhole attack decreases average hop count and increases delays. However, when the proposed method is applied, it is able to detect the attacker nodes and avoid their paths, regaining normal hop counts and delays.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable to several malicious attacks. The secure routing is essential to transmit packets from source to the destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work more efficiently and the message passing within the nodes will also get more authenticated from the cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by evaluating some network performances such as average delay, throughput of communication and packets loss.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing
cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by
evaluating some network performances such as average delay, throughput of communication and packets
loss.
Defending Reactive Jammers in WSN using a Trigger Identification Service.ijsrd.com
In the last decade, the greatest threat to the wireless sensor network has been Reactive Jamming Attack because it is difficult to be disclosed and defend as well as due to its mass destruction to legitimate sensor communications. As discussed above about the Reactive Jammers Nodes, a new scheme to deactivate them efficiently is by identifying all trigger nodes, where transmissions invoke the jammer nodes, which has been proposed and developed. Due to this identification mechanism, many existing reactive jamming defending schemes can be benefited. This Trigger Identification can also work as an application layer .In this paper, on one side we provide the several optimization problems to provide complete trigger identification service framework for unreliable wireless sensor networks and on the other side we also provide an improved algorithm with regard to two sophisticated jamming models, in order to enhance its robustness for various network scenarios.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by evaluating some network performances such as average delay, throughput of communication and packets
loss
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing
cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by
evaluating some network performances such as average delay, throughput of communication and packets
loss.
LSTM deep learning method for network intrusion detection system IJECEIAES
The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-Term Memory (LSTM) to recognize menaces and to obtain a long-term memory on them, in order to stop the new attacks that are like the existing ones, and at the same time, to have a single mean to block intrusions. According to the results of the experiments of detections that we have realized, the Accuracy reaches up to 99.98 % and 99.93 % for respectively the classification of two classes and several classes, also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is effective, it has a great ability to memorize and differentiate between normal traffic and attacks, and its identification is more accurate than other Machine Learning classifiers.
Multi Stage Filter Using Enhanced Adaboost for Network Intrusion DetectionIJNSA Journal
Based on the analysis and distribution of network attacks in KDDCup99 dataset and real time traffic, this paper proposes a design of multi stage filter which is an efficient and effective approach in dealing with various categories of attacks in networks. The first stage of the filter is designed using Enhanced Adaboost with Decision tree algorithm to detect the frequent attacks occurs in the network and the second stage of the filter is designed using enhanced Adaboost with Naïve Byes algorithm to detect the moderate attacks occurs in the network. The final stage of the filter is used to detect the infrequent
attack which is designed using the enhanced Adaboost algorithm with Naïve Bayes as a base learner. Performance of this design is tested with the KDDCup99 dataset and is shown to have high detection rate with low false alarm rates.
This document presents a multi-classification approach for detecting network attacks using a layered model. The proposed system consists of two stages - the first stage classifies network records as normal or an attack, while the second stage further classifies any detected attacks into four categories (DoS, Probe, R2L, U2R) using separate layers. Experimental results on the NSL-KDD dataset show the layered approach using the JRip classifier achieved very high classification accuracy of over 99% for each attack category, outperforming existing approaches. The multi-layered model is effective for improving detection of minority attack classes without reducing performance on majority classes.
Defending against collaborative attacks byranjith kumar
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
Similar to FAST DETECTION OF DDOS ATTACKS USING NON-ADAPTIVE GROUP TESTING (20)
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Webinar: Designing a schema for a Data WarehouseFederico Razzoli
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
FAST DETECTION OF DDOS ATTACKS USING NON-ADAPTIVE GROUP TESTING
1. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
DOI : 10.5121/ijnsa.2013.5505 63
FAST DETECTION OF DDOS ATTACKS USING
NON-ADAPTIVE GROUP TESTING
Huynh Nguyen Chinh1
, Tan Hanh2
, and Nguyen Dinh Thuc3
1
Faculty of Information Technology, University of Technical Education Ho Chi Minh
City (UTE-HCMC), HCMC, Vietnam
2
Faculty of Information Technology, Posts and Telecommunications Institute of
Technology (PTIT), HCMC, Vietnam
3
Faculty of Information Technology, University of Science (UoS), HCMC-VNU,
Vietnam
ABSTRACT
Network security has become more important role today to personal users and organizations. Denial-of-
Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious problem in network. The
major challenges in design of an efficient algorithm in data stream are one-pass over the input, poly-log
space, poly-log update time and poly-log reporting time. In this paper, we use strongly explicit construction
d-disjunct matrices in Non-adaptive group testing (NAGT) to adapt these requirements and propose a
solution for fast detecting DoS and DDoS attacks based on NAGT approach.
KEYWORDS
Denial-of-service attack, ditributed denial-of-service attack, Group testing, Non-Adaptive Group testing, d-
disjunct matrix.
1. INTRODUCTION
1.1 Denial-of-Service attacks
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks have become a
serious problem in network. In these attacks, attackers sent a very large number of packets to
victims in a very short amount of time. They aim to make a service unavailable to legitimate
clients. They are easily done for attackers to launch but are difficult for target users to defend [3].
Network detection and mitigation is necessary to mitigate such malicious attacks. Internet service
providers (ISPs) can help customers defend against bandwidth attacks by deploying appropriate
filtering rules at routers, or alternatively using routing mechanisms to filter packets to drop
malicious packets.
Routers receive and process a lot of packets in network. Every packet has a destination IP
address. If there are many packets passing through router which have the same IP destination, it
may be a DoS attack.
Our solution aims to provide early warning and tracking DoS or DDoS attacks by collecting IP
packets and finding Hot-IPs (hosts appear with high frequency in network and they also called hot
2. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
64
items, attackers or victims). In our solution, router acts as the sensor. When packet arrives at
router, the IP header is extracted and put into groups. Based on the embedded source and
destination IP addresses, the analysis is done. This method is much faster than one-by-one testing.
1.2 Group Testing
In the World War II, the millions of citizens of USA join the army. At that time, infectious
diseases such as syphilis are serious problems. The cost for testing who was infected in turn was
very expensive and it also took several times. They wanted to detect who was infected as fast as
possible with the lowest cost. Robert Dorfman [6] proposed a solution to solve this problem. The
main idea of this solution is getting N bloods samples from N citizens and combined groups of
blood samples to test. It would help to detect infected soldiers as few tests as possible. This idea
formed a new research field: Group testing.
Group testing is an applied mathematical theory applied in many different areas [8]. The goal of
group testing is to identify the set of defective items in a large population of items using as few
tests as possible. There are two types of group testing [11]: Adaptive group testing and non-
adaptive group testing (NAGT). In adaptive group testing, later stages are designed depending on
the test outcome of the earlier stages. In non-adaptive group testing, all tests must be specified
without knowing the outcomes of the other tests. Many applications, such as data streams, require
the NAGT, in which all tests are to be performed at once: the outcome of one test cannot be used
to adaptively design another test. Therefore, in this paper, we only consider NAGT.
In data stream, it is very efficient way to detect hot items. Cormode and Muthukrishnan [4] set the
scenario that millions of packets went through a router. They want to find the “hot items” (Hot-
IPs) in data stream. To achieve this goal, they build a matrix t NM × that could support up to
32
2N = users and detect at most d hot items. After that, each th
j user (or each IP) was assigned to
one column of this matrix (denoted jM and it was unique). Router would store a vector
counter 1 1 2( , ,..., )T
t tC c c c× = , and if th
j user appeared, it increased jC C M= + . They also set a
threshold to convert the vector counter to Boolean vector. However, this scheme could not be
used in their model because they did not have a strongly explicit construction and the time to
decode this matrix was expensive ( ).O tN Alternately, they used the techniques based on Group
Testing and left these problems for the future works.
1.3 Related Works
In 2009, Khattab et al. [10] proposed system-based “live baiting” defend scheme by applying
group testing theory to application DoS detection. They based on a “high probability d-disjunct”
matrix.
In 2010, Ying Xuan et al. [1] presented Group Testing based approach deployed on backend
servers. They use t virtual servers as testing pools and N clients, in which d clients are attackers.
Consider the binary matrix t nM × , the clients can be mapped the columns and virtual servers into
rows in ,M where 1ijm = if and only if the requests from client j are distributed to virtual server
.i With regard to the test outcome column ,V they have [1] 1V = if and only if virtual server i has
received malicious requests from at least one attacker, but they cannot identify the attackers at
once unless this virtual server is handling only one client. Otherwise, if [ ] 0V i = , all the clients
3. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
65
assigned to server i are legitimate. The d attackers can then be captured by decoding the test
outcome vector V and the matrix .M
In 2013, Dayanandam et al. [2] combine the approach of Ying Xuan et al. [1] and password based
scheme to defend DDoS attacks. One of the main limitations of these methods was not construct
strongly explicit d-disjunct matrix. In 2010, Indyk, Ngo and Rudra proved that they can fast
decoding group testing matrix. It means that we can apply this method to fast detecting Hot-IPs in
network. They also proved that NAGT can adapt requirements for data stream algorithm: one-
pass over the input, poly-log space (the matrix is not stored directly), poly-log update time and
poly-log reporting time [5].
1.4 Paper Organization
We begin with some preliminaries in Section 2. In Section 3 gives the system setup. We describe
our experimentation in Section 4. The last Section is conclusion.
Our Main Results
In this paper, we present a solution for fast detecting Hot-IPs in network using Non-adaptive
group testing approach. We implement strongly explicit d-disjunct matrix in our experimentation.
2. PRELIMINARIES
2.1 Non-Adaptive Group Testing
The basic problem of NAGT can be described as follows. Given a population of N items which
contains at most d “positives” items, we want to identify the positives as quickly as possible
using t simultaneous “test”. Each test is a subset of items, which returns “positive” if there’s at
least one positive item in the subset. We want to “decode” uniquely the set of positives given the
results of the t simultaneous tests.
NAGT can be represented by a t N× binary matrix ,M where the columns of the matrix
correspond to items and the rows correspond to tests. In which, 1ijm = means that the th
j item
belongs to the th
i test, and vice versa. We assume that we have at most d defective items. It is
well known that if M is a d-disjunct matrix, we can show all at most d defectives.
Definition (d-disjunct matrix).[11] A binary matrix M with t rows and N columns is called d-
disjunct matrix if and only if the union of any d columns does not contain any other column.
Here is an example of d-disjunct matrix:
4. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
66
9 7
0 0 1 0 0 1 1
0 0 1 0 1 0 0
0 0 1 1 0 0 0
0 1 0 0 0 1 0
, 2, 7, 90 1 0 0 1 0 1
0 1 0 1 0 0 0
1 0 0 0 0 1 0
1 0 0 0 1 0 0
1 0 0 1 0 0 1
M d N t×
= = = =
There are two methods to construct d-disjunct matrices: random and non-random constructions.
The advantage of non-random construction is that we can generate any column of matrix as we
need. In this paper, we only consider the non-random construction of d-disjunct matrix. Non-
random d-disjunct matrix is constructed by concatenated codes [9]. The codes concatenation
between Reed-Solomon code and Identity matrix is represented below.
2.2 Reed Solomon and Concatenated Codes
• Reed Solomon [7]
For a message 0 1( ,..., ) k
k q−= ∈m m m ,F let P be a polynomial
1
0 1 1( ) ... k
kP X X X −
−= + + +m m m m
In which the degree of ( )P Xm is at most k-1. RS code [ , ]qn k with k n q≤ ≤ is a mapping RS:
k n
q q→F F is defined as follows. Let 1{ ,..., }nα α be any n distinct members of qF
1( ) ( ( ),..., ( ))nRS P Pα α= m mm
It is well known that any polynomial of degree at most 1k − over qF has at most 1k − roots. For
any '≠m m , the Hamming distance between ( )RS m and ( ')RS m is at least 1d n k= − + .
Therefore, RS code is a [ , , 1]qn k n k− + code.
• Code Concatenation [9]
Let outC is a 1 1( , )qn k code with 2
2k
q = is an outer code, and inC be a 2 2 2( , )n k binary code. Given
1n arbitrary 2 2 2( , )n k code, denoted by 11
,..., .n
in inC C It means that 1[ ],i n∀ ∈ i
inC is a mapping from
2
2
k
F to 2
2
n
F . A concatenation code 11
( ,..., )n
out in inC C C C= ° is a 1 2 1 2 2( , )n n k k code defined as
follows: given a message 1 2 2 1
( )k k k k
∈ =m F F and let 11( ,..., ) ( )n outx x C= m ,
with 2
2
k
ix ∈ F then 1 1
1
1 1
1( ,..., )( ) ( ( ),..., ( ))n n
out in in in in nC C C C x C x° =m , in which C is constructed by
replacing each symbol of outC by a codeword in inC .
5. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
67
Here is an example of a matrix constructed by concatenated codes.
outC :
0 1 2 0 1 2
0 1 2 1 2 0
0 1 2 2 0 1
inC :
1 0 0
0 1 0
0 0 1
:out inC C°
1 0 0 1 0 0
0 1 0 0 1 0
0 0 1 0 0 1
1 0 0 0 0 1
0 1 0 1 0 0
0 0 1 0 1 0
1 0 0 0 1 0
0 1 0 0 0 1
0 0 1 1 0 0
2.3 Algorithm and Analysis
We will look into the connection between group testing and hot items problem established by
Cormode and Muthukrishnan [4]. Let consider a t N× d-disjunct matrix ,M where N is the
number of items and 2 2
( log ).t O d N= Note that we have a strongly explicit construction. Besides
this, we maintain total number of input .m The initialization and update process as well as
reporting problem are shown as following:
Initialization: 0, 0, for 1 .im C i t= = ≤ ≤
Update: 1, 1i im m C C= + = + if and only if 1.ijm =
Reporting hot items: given (1 )iC i t≤ ≤ and ,m output all hot items indices .j
The problem of reporting hot items turns out to be the decoding problem of group testing. We
briefly present two decoding algorithms as follows.
Given a sequence of m IPs from [ ],N an item is considered “hot” if it occurs more than
/ ( 1)m d + times. Note that there can be at most d hot items. Given the matrix ( )t N ijM m× = d-
disjunct, 1ijm = if jIP belong to group test th
i . Using counters ( )1 2, , , , [ ]t ic c c c t∈K , when an
item [ ]j N∈ arrives, increment all of the counters ic such that 1ijm = . From these counters, we
defined a result vector {0,1}t
r ∈ as follows: Let 1ir = if / ( 1)ic m d> + and 0ir = , otherwise. A
test’s outcome is positive if and only if it contains a hot item.
6. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
68
Algorithm 1: naïve decoding
• Input: Given M be d-disjunct t N× matrix and R∈{0,1}t
• Output: Hot-IPs
With each ri=0 do
for i=1 to N do
if (mij)=1 Then
IP:=IP{j}
Return IP, the set of remaining items
Algorithm 2: Fast decoding
To construct an efficiently decodable group testing matrix, the main idea is to stack on top of one
another a “filtering” matrix and an “identification” matrix. The filtering matrix is used to identify
quickly a “small” set of candidate items which include all the positives. Then, the identification
matrix is used to pinpoint precisely the positives.
Input : Given M be d-disjunct t N× matrix and R∈{0,1}t
.
Output: Hot-IPs.
Step 1. Finding a set { | ( ) 1}i q iS j r j= ∈ =F contains at most d “Hot-IPs”.
Step 2. Using the naïve algorithm to find “Hot-IPs” based on this set.
Analysis of the Algorithm:
• One-pass requirement: we use non-adaptive group testing. Therefore, the algorithm for
the hot items can be implemented in one pass. If adaptive group testing is used, the
algorithm is no longer one pass.
• Poly-log space requirement: we can represent each counter in (log log )O n m+ bits. This
means we need ((log log ) )O n m t+ bits to maintain the counters. With
2 2
( log )t O d N= and (log ),d O N= we need the total space to maintain the counters is
4
(log (log log )).O N N m+ The d-disjunct matrix is constructed by concatenated codes
and we can generate any column as we need. Therefore, we do not need to store the
matrix .M
• Poly-log update time: Since Reed-Solomon code is strongly explicit, the d-disjunct matrix
is strongly explicit.
We construct d-disjunct matrix M by concatenated codes *
,out inC C C= ° where outC is a
[ , ]qq k -RS code and inC is an identify matrix .qI
7. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
69
Recall that codewords of *
C are columns of the matrix M. The update problem is like an
encoding, in which given an input message k
q∈m F specifying which column we want
(where m is the representation of [ ]j N∈ when thought of as an element of k
qF ), the
output is ( )outC m and it corresponds to the column .Mm Because outC is a linear code, it
can be done in 2
( log )O q poly q× time, which means the update process can be done in
2
( log )O q poly q× time. Since we have 2
,t q= the update process can be finished with
( log )O t poly t× time.
• Reporting time: The naïve decoding algorithm (algorithm 1) on a d-disjunct matrix can
identify all the positives in ( )O tN time. In 2010, P. Indyk, Hung Q. Ngo and Rudra [5]
proved that the algorithm 2 can be decoded in 2 2
( ) log ( ).poly d t t O t⋅ +
3. SET UP
Router stores [ 1, ]qq k− -RS codes which defined in section 2. Router can construct d-disjunct
matrix t NM × ( k
N q≤ ). For initialization, th
j IP will be identified by assigning a unique column
jM of .M Router stores a counter vector 1 10t tC × ×= . If there has any packet coming to th
j IP,
.jC C M= + We assume that the total of the frequency of N items is m , and we have at most d
“Hot” items. A value is common if its frequency is smaller than .
1
m
d +
We use the method was
proposed by Cormode and Muthukrishnan [4]. We will convert C into Boolean vector using the
following rules:
• If ( )
1
m
C i
d
>
+
, th
i test outcome is 1.
• If ( )
1
m
C i
d
≤
+
, th
i test outcome is 0.
4. EXPERIMENTATION
We use a server (IBM X3650, CPU 3.0Ghz, RAM 4GB, OS CentOS) acting as the router in our
system and some software at clients to generate any number of packets. We implement the
algorithm in C program, using “pcap” library to capture packets through router. Each packet
captured, the IP header is extracted. Based on the embedded destination addresses, the analysis is
done.
We can generate -disjunctd matrices as define in Section 2 and support the number of hosts as
much as we want. In our experiments, a matrix is generated from 32[31,5] -RS code and identity
matrix 32I can support up to 5
32 33554432= hosts, detect at most
31 1
7
5 1
d
−
= = −
where the
code length is 31 32 992.t = × =
We test many cases with different hosts sending packets at the same time and results are
described in table 1 (we ignore time to capture packets and only count the time to decode
8. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
70
captured packets). We use 7 hosts acting as attackers and they perform DoS attacks to the
network with a very large number of packets forwarded to router.
Table 1. Decoding time for Hot-IPs with 32[31,5] - RS code
N IPs
Decoding
time (sec)
N IPs
Decoding
time (sec)
100,000 14.42 600,000 68.66
200,000 22.68 700,000 81.31
300,000 35.55 800,000 92.51
400,000 47.56 900,000 104.90
500,000 60.20 1,000,000 116.66
In another case, we construct d-disjunct matrices using some RS codes and results are described
in Table 2.
Table 2. Decoding time for Hot-IPs with some RS codes
RS codes d
Decoding
time (sec)
N(IPs)
8[7,3] 3 0.000 512
16[15,3] 7 0.110 4096
32[31,3] 15 3.650 32768
64[63,3] 31 142.13 262144
5. CONCLUSION
Early detecting DoS and DDoS attacks in networks are the most important problem in order to
mitigate risks on network. In this paper, we present the efficient solution of Non-Adaptive group
testing method for fast detecting distributed denial-of-service attacks in network. Our future
works are evaluating the solution at ISPs, implement the algorithm with the multi-processing, and
combine with distributed model to lowering cost.
REFERENCES
[1] Ying Xuan, Incheol Shin, My T. Thai, Taieb Znati , “Detecting Application Denial-of-Service
Attacks: A Group-Testing-Based Approach”, Parallel and Distributed Systems, IEEE Transactions
on (Volume:21 , Issue: 8 ), 2010
[2] Dayanandam G., Rao T.V., Pavan Kumar Reddy S., and Revinuthala Sruthi, “Password Based
Scheme And Group Testing For Defending Ddos Attacks”, International Journal of Network
Security & Its applications (IJNSA), Vol.5, No.3, May 2013.
9. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
71
[3] Tao Peng, Christopher Leckie, And Kotagiri Ramamohanarao, “Survey of Network-Based Defense
Mechanisms Countering the DoS and DDoS Problems”, ACM Computing Surveys, Vol. 39, No.
1, Article 3, Publication date: April 2007.
[4] Cormode, Graham, and S. Muthukrishnan, “What’s hot and what’s not: tracking most frequent
items dynamically”, In Proceedings of the twentysecond ACM SIGMOD-SIGACT-SIGART
symposium on Principles of database systems, pp. 296-306. ACM, 2003.
[5] Indyk P., Hung Q. Ngo, and Atri Rudra, “Efficiently decodable nonadaptive group testing”, In
Proceedings of the Twenty-First Annual ACMSIAM Symposium on Discrete Algorithms
(SODA’2010), New York, 2010, ACM, pp. 1126-1142.
[6] Robert Dorfman,”The detection of defective members of large populations”, The Annals of
Mathematical Statistics (1943): 436-440.
[7] Reed I. and Solomon G., “Polynomial codes over certain finite fields”, Journal of the Society for
Industrial and Applied Mathematics, 8 (1960), pp. 300–304.
[8] Ngo Q. Hung, Ding-Zhu Du, “A survey on combinatorial group testing algorithms with
applications to DNA library screening”, Discrete mathematical problems with medical
applications 55 (2000): 171-182.
[9] Forney Jr, G. David, “Concatenated codes”, No.TR-440. Massachusetts Inst Of Tech Cambridge
Research Lab Of Electronics, 1965.
[10] Khattab S., Gobriel S., Melhem R., and Mosse D., “Live Baiting for Service-level DoS Attackers”,
INFOCOM 2008.
[11] Du D.Z. and Hwang F. K., “Combinatorial group testing and its applications, volume 12 of Series
on Applied Mathematics”, World Scientic Publishing Co.Inc., River Edge, NJ, second edition,
2000.