This document contains implementation report of a system that is able to monitor the network using SNMP and identify the specific possible attacks (DoS and port scan) using a cluster analysis. In the first task, the program discovers the topology of the network. After successful discovery phase, it will be able to monitor the link utilization (network link-states) for a specified period of time, and then detect the anomaly, using k-means clustering scheme [1]. These anomalies will be analyzed to recognize the attack. Moreover, this program also provides an advance feature, which is defined as optional task, as it executes online monitoring and detects the attacks using Davies-Bouldin Index as quality scoring measurement [2].
--
Please contact trough lailiaidi at gmail.com for download request
A new cryptosystem with four levels of encryption and parallel programmingcsandit
Evolution in the communication systems has changed the paradigm of human life on this planet.
The growing network facilities for the masses have converted this world to a village (or may be
even smaller entity of human accommodation) in a sense that every part of the world is
reachable for everyone in almost no time. But this fact is also not an exception for coins having
two sides. With increasing use of communication networks the various threats to the privacy,
integrity and confidentiality of the data sent over the network are also increasing, demanding
the newer and newer security measures to be implied. The ancient techniques of coded
messages are imitated in terms of new software environments under the domain of
cryptography. The cryptosystems provide a means for the secured transmission of data over an
unsecured channel by providing encoding and decoding functionalities. This paper proposes a
new cryptosystem based on four levels of encryption. The system is suitable for communication
within the trusted groups.
Introduction: OSI Security Architecture, Security attacks, ,Security Services, Security
Mechanisms, Model for Network Security, Fundamentals of Abstract Algebra : Groups, Rings,
Fields, Modular Arithmetic, Euclidean Algorithm, Finite Fields of the form GF(p),Polynomial
Arithmetic, Finite Fields of the form GF(2n),Classical Encryption techniques, Block Ciphers and
Data Encryption Standard.
A new cryptosystem with four levels of encryption and parallel programmingcsandit
Evolution in the communication systems has changed the paradigm of human life on this planet.
The growing network facilities for the masses have converted this world to a village (or may be
even smaller entity of human accommodation) in a sense that every part of the world is
reachable for everyone in almost no time. But this fact is also not an exception for coins having
two sides. With increasing use of communication networks the various threats to the privacy,
integrity and confidentiality of the data sent over the network are also increasing, demanding
the newer and newer security measures to be implied. The ancient techniques of coded
messages are imitated in terms of new software environments under the domain of
cryptography. The cryptosystems provide a means for the secured transmission of data over an
unsecured channel by providing encoding and decoding functionalities. This paper proposes a
new cryptosystem based on four levels of encryption. The system is suitable for communication
within the trusted groups.
Introduction: OSI Security Architecture, Security attacks, ,Security Services, Security
Mechanisms, Model for Network Security, Fundamentals of Abstract Algebra : Groups, Rings,
Fields, Modular Arithmetic, Euclidean Algorithm, Finite Fields of the form GF(p),Polynomial
Arithmetic, Finite Fields of the form GF(2n),Classical Encryption techniques, Block Ciphers and
Data Encryption Standard.
Advanced Encryption Standard, Multiple Encryption and Triple DES, Block Cipher Modes of
operation, Stream Ciphers and RC4, Confidentiality using Symmetric Encryption, Introduction
to Number Theory: Prime Numbers, Fermat’s and Euler’s Theorems, Testing for Primality, The
Chinese Remainder Theorem, Discrete Logarithms, Public-Key Cryptography and RSA
A New hybrid method in watermarking using DCT and AESIJERD Editor
In this paper I'm trying to make a combination between the encryption by using one of the most
powerful algorithm called Advanced Encryption Standard (AES) to encrypt a secret message another word logo
and then embed it in the digital image in frequency domain by using the Discrete Cosine Transform (DCT) in
low frequency to increase the robustness and then applying some attacks to check it.
Gsp 125 Enthusiastic Study / snaptutorial.comStephenson101
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
confusion culling.
redirection.
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
For more course tutorials visit
uophelp.com is now newtonhelp.com
www.newtonhelp.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
confusion culling.
redirection.
Java Foundations: Data Types and Type ConversionSvetlin Nakov
Learn how to use data types and variables in Java, how variables are stored in the memory and how to convert from one data type to another.
Watch the video lesson and access the hands-on exercises here: https://softuni.org/code-lessons/java-foundations-certification-data-types-and-variables
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
For more course tutorials visit
www.tutorialrank.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Advanced Encryption Standard, Multiple Encryption and Triple DES, Block Cipher Modes of
operation, Stream Ciphers and RC4, Confidentiality using Symmetric Encryption, Introduction
to Number Theory: Prime Numbers, Fermat’s and Euler’s Theorems, Testing for Primality, The
Chinese Remainder Theorem, Discrete Logarithms, Public-Key Cryptography and RSA
A New hybrid method in watermarking using DCT and AESIJERD Editor
In this paper I'm trying to make a combination between the encryption by using one of the most
powerful algorithm called Advanced Encryption Standard (AES) to encrypt a secret message another word logo
and then embed it in the digital image in frequency domain by using the Discrete Cosine Transform (DCT) in
low frequency to increase the robustness and then applying some attacks to check it.
Gsp 125 Enthusiastic Study / snaptutorial.comStephenson101
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
confusion culling.
redirection.
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
For more course tutorials visit
uophelp.com is now newtonhelp.com
www.newtonhelp.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
encapsulation.
accessibility inversion.
confusion culling.
redirection.
Java Foundations: Data Types and Type ConversionSvetlin Nakov
Learn how to use data types and variables in Java, how variables are stored in the memory and how to convert from one data type to another.
Watch the video lesson and access the hands-on exercises here: https://softuni.org/code-lessons/java-foundations-certification-data-types-and-variables
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
Question 2. 2. Hiding data in a class is also called (Points : 3)
For more classes visit
www.snaptutorial.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
For more course tutorials visit
www.tutorialrank.com
Question 1. 1. In addition to grouping functions together, a class also groups (Points : 3)
libraries.
math operations.
print statements.
variables.
SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices.
•It is an application level protocol and is designed for application layer so that it can monitor devices made by different manufacturers and installed on different physical networks.
•In other words SNMP frees management tasks from both the physical characteristics of managed devices and the underlying network technology.
•It is based on the concept of manager and agent.
–Agent - process running on each managed node collecting information about the device it is running on. It is a router or a host that runs SNMP server program
–Manager - process running on a management workstation that requests information about devices on the network. It is a host that runs the SNMP client program.
I gave this presentation 3 times, regarding the demo the first time I used CISCO
packet tracer (simulator) by configuring the router with the SNMP configuration and
adding a community-string then browsing the router elements via an MIB browser from
any pc connected to the router.
the second and third times I made a live demo by using the (pure PERL SNMP library)
and writing a small PERL script using the functions from it and connected my laptop
to the configured router using putty..
pure PERL SNMP library link:
http://code.google.com/p/snmp-session/
A SERIAL COMPUTING MODEL OF AGENT ENABLED MINING OF GLOBALLY STRONG ASSOCIATI...ijcsa
The intelligent agent based model is a popular approach in constructing Distributed Data Mining (DDM) systems to address scalable mining over large scale and ever increasing distributed data. In an agent based
distributed system, variety of agents coordinate and communicate with each other to perform the various
tasks of the Data Mining (DM) process. In this study a serial computing mode of a multi-agent system
(MAS) called Agent enabled Mining of Globally Strong Association Rules (AeMGSAR) is presented based
on the serial itinerary of the mobile agents. A Running environment is also designed for the implementation and performance study of AeMGSAR system.
A NEW CRYPTOSYSTEM WITH FOUR LEVELS OF ENCRYPTION AND PARALLEL PROGRAMMINGcscpconf
Evolution in the communication systems has changed the paradigm of human life on this planet. The growing network facilities for the masses have converted this world to a village (or may be even smaller entity of human accommodation) in a sense that every part of the world is reachable for everyone in almost no time. But this fact is also not an exception for coins having two sides. With increasing use of communication networks the various threats to the privacy, integrity and confidentiality of the data sent over the network are also increasing, demanding the newer and newer security measures to be implied. The ancient techniques of coded messages are imitated in terms of new software environments under the domain of cryptography. The cryptosystems provide a means for the secured transmission of data over an unsecured channel by providing encoding and decoding functionalities. This paper proposes a new cryptosystem based on four levels of encryption. The system is suitable for communication within the trusted groups.
UNIT II COMMUNICATION IN DISTRIBUTED SYSTEM 10
System Model – Inter process Communication – the API for internet protocols – External data representation and Multicast communication. Network virtualization: Overlay networks. Case study: MPI Remote Method Invocation And Objects: Remote Invocation – Introduction – Request-reply protocols – Remote procedure call – Remote method invocation. Case study: Java RMI – Group communication – Publish-subscribe systems – Message queues – Shared memory approaches – Distributed objects – Case study: Enterprise Java Beans -from objects to components.
Node Legitimacy Based False Data Filtering Scheme in Wireless Sensor NetworksEswar Publications
False data injection attack is a serious threat to wireless sensor network. In this paper, a node legitimacy based false data filtering scheme (NLFS) is proposed. NLFS verifies not only message authentication codes (MACs) contains in reports, but also the legitimacy of nodes that endorse the report. The verification guarantees that compromised nodes from different geographical areas cannot collude to inject false data, which makes NLFS has a high tolerance of compromised nodes. In addition, NLFA only utilizes the relationships between node IDs to verify the legitimacy of nodes without other software or hardware overhead. Simulation results show that NLFS can filter 95% false reports within three hops and is resilience to an increasing number of compromised nodes.
4Developers 2018: Ile (nie) wiesz o strukturach w .NET (Łukasz Pyrzyk)PROIDEA
Kiedy ostatnio stworzyłeś nową strukturę pisząc aplikację w .NET? Wiesz do czego wykorzystywać struktury i jak mogą one zwiększyć wydajność Twojego programu? W prezentacji pokażę czym charakteryzują się struktury, jak dużo różni je od klas oraz opowiem o kilku ciekawych eksperymentach.
This tutorial was presented in KDD 2016 conference in San Francisco, CA. You can find the main presentation at http://www.slideshare.net/NeeraAgarwal2/streaming-analytics
Mobile Music Business Models in Asia's Emerging MarketsLaili Aidi
Aidi, Laili; Markendahl, Jan; Tollmar, Konrad; Selvakumar, Ekambar; Huang, Jin; and Blennerud, Greger, In proceeding of: 12th International Conference on Mobile Business, Berlin 2013
In the telecom business, there has been a heavy competition from Internet, media and handset vendors companies. These over-the-top (OTT) players offer compiling telecom services, cause a transformation in the telecom business ecosystem, and the most challenging services posed here are media services. China, India and Indonesia, as world’s emerging markets in Asia, are predicted to take the largest share in the global mobile traffic explosion by 2015. It is critical for mobile network operators (MNOs) in this region to explore strategy for mobile media services, as mobile broadband is likely preferred
compared to fixed broadband.
In this paper, we analyze and compare mobile music business models used in these markets and structure the relation models between the key actors, using Actors, Relations and Business Activities (ARA) model. We present the economic models that are emerging, and an insight of why and how these multitudes actors are betting on currently. We found that the MNOs generally have a much stronger position compared to their counterparts in the developed markets, and the personalization services, like ring-back tone, are still a huge success. The actors tend to deliver the services by their own, rather than to collaborate in a horizontal business setting.
Public version of my presentation slide as guess lecturer at Politeknik Telkom, Bandung, May 4, 2013, discussing about "Internet of Things" Feel free to comment and/or download
Master Thesis Report: Business Models for Mobile Broadband Media Services – C...Laili Aidi
The increase mobile data traffic from the emerging Internet services, especially multimedia, has posed considerable challenges for the telecom industry. Their initial mobile data services business models are generally not compatible with these emerging Internet services. Thus, there is a substantial need to investigate the suitable options to make media as a profitable telecom business sector. However, there are different challenges and opportunity factors in developing sustainable mobile media business in each market, due to the unique circumstances applied as the result of customer characteristics, mobile market situation and regulatory/law enforcement.
The first purpose of this thesis is to explore the business model options to deliver media services on top of mobile broadband. Although, we limit our focus to Indonesia, we first analyzed the worldwide patterns toward the media services in order to get a broader view of the current trend. We mapped multitudes of actor involved in digital online / on the top (OTT) media service, which together they form different types of constellation in the value network, as well as service, delivery and revenue model. We also put our focus to get the lessons learned from Spotify’s business model, by framing it using Chesbrough and Rosenbloom’s model.
The second purpose is to understand the Indonesian mobile user's characteristic toward the mobile media services. We conducted survey to 119 Indonesians, analyzed and validated the result with the correlation tests (Cronbach Alpha and Pearson correlation), within the Unified theory of acceptance and use of technology (UTAUT) framework. Our findings confirm the low willingness to pay, but an open attitude for the services. The mobile device and network quality are not the barriers for them to adopt the services, and there is a tight connection between the decisions to adopt the services with the perception that the service is popular.
Through those findings, we assessed the feasibility of the identified options and formulated the recommendations. We used our understanding about Indonesian market structure (telecom and media), regulation, and mobile user, as well as the lesson that we got from media services provisioning in Sweden and worldwide trend. We found that the pricing tiers, adjustable pricing, and differentiated features are some of the key success factors. Meanwhile, being part in the point-to-multipoint partnership with the well-known OTT player is the potential position that the Mobile network operators (MNOs) in Indonesia should take in provisioning OTT media services, rather than deliver the services by their own.
Paper - Competing or Aligning? Assessment for Telecom Operator's strategy to ...Laili Aidi
Up until recently, it was rarely direct competition between telecom operators, cable and satellite Pay-TV providers in digital TV/Video, as their business area were different and value chain was well established. However, technology advance has altered digital TV/Video landscape, made these Communication Service Providers (CSPs) cross other’s area and opened door for new actor (OTT player) to enter the market. This triggers second change in the landscape, as it potentially bypasses CSP’s role in digital media value chain.
There are generic potential options for telecom operator to address OTT service‘s treat, where the trend shows gradual shifts toward allowing or promoting. This study assesses telecom operator’s reaction strategies to react to this digital TV/Video convergence trend. Our analysis reveals two typical relation patterns in the value network, used by telecom operators based on strategy options above, which are ”point-to-point” and ”point-to-multipoint” relation model. We explore the underlining motivations that based these strategies, as well as analysis of the eco-systems: actors identification, business roles and distributed responsibilities among them, where we use ARA (Actors, Resource, Activities) point of view to model these value networks.
Master Thesis Presentation: Business Models for Mobile Broadband Media Servic...Laili Aidi
The increase mobile data traffic from the emerging Internet services, especially multimedia, has posed considerable challenges for the telecom industry. Their initial mobile data services business models are generally not compatible with these emerging Internet services. Thus, there is a substantial need to investigate the suitable options to make media as a profitable telecom business sector. However, there are different challenges and opportunity factors in developing sustainable mobile media business in each market, due to the unique circumstances applied as the result of customer characteristics, mobile market situation and regulatory/law enforcement.
The first purpose of this thesis is to explore the business model options to deliver media services on top of mobile broadband. Although, we limit our focus to Indonesia, we first analyzed the worldwide patterns toward the media services in order to get a broader view of the current trend. We mapped multitudes of actor involved in digital online / on the top (OTT) media service, which together they form different types of constellation in the value network, as well as service, delivery and revenue model. We also put our focus to get the lessons learned from Spotify’s business model, by framing it using Chesbrough and Rosenbloom’s model.
The second purpose is to understand the Indonesian mobile user's characteristic toward the mobile media services. We conducted survey to 119 Indonesians, analyzed the result with one sample T-tests and validated it with the correlation tests (Cronbach Alpha and Pearson correlation), within the Unified theory of acceptance and use of technology (UTAUT) framework. Our findings confirm the low willingness to pay, but an open attitude for the services. The mobile device and network quality are not the barriers for them to adopt the services, and there is a tight connection between the decisions to adopt the services with the perception that the service is popular.
Through those findings, we assessed the feasibility of the identified options and formulated the recommendations. We used our understanding about Indonesian market structure (telecom and media), regulation, and mobile user, as well as the lesson that we got from media services provisioning in Sweden and worldwide trend. We found that the pricing tiers, adjustable pricing, and differentiated features are some of the key success factors. Meanwhile, being part in the point-to-multipoint partnership with the well-known OTT player is the potential position that the Mobile network operators (MNOs) in Indonesia should take in provisioning OTT media services, rather than deliver the services by their own.
Abstract - Competing or Aligning? Assessment for Telecom Operator's strategy ...Laili Aidi
Up until recently, it was rarely direct competition between telecom operators, cable and satellite Pay-TV providers in digital TV/Video, as their business area were different and value chain was well established. However, technology advance has altered digital TV/Video landscape, made these Communication Service Providers (CSPs) cross other’s area and opened door for new actor (OTT player) to enter the market. This triggers second change in the landscape, as it potentially bypasses CSP’s role in digital media value chain.
There are generic potential options for telecom operator to address OTT service‘s treat, where the trend shows gradual shifts toward allowing or promoting. This study assesses telecom operator’s reaction strategies to react to this digital TV/Video convergence trend. Our analysis reveals two typical relation patterns in the value network, used by telecom operators based on strategy options above, which are ”point-to-point” and ”point-to-multipoint” relation model. We explore the underlining motivations that based these strategies, as well as analysis of the eco-systems: actors identification, business roles and distributed responsibilities among them, where we use ARA (Actors, Resource, Activities) point of view to model these value networks.
Nowadays, more and more we see the collaboration between the Music industry Players with other Players in other industries. It started decade ago by the collaboration with the Internet industry (such as iTunes), and then recently expanded to the collaboration with the players in the different industries.
Master Thesis Proposal Presentation: Business Models for Mobile-broadband Med...Laili Aidi
This thesis intends to systematically research the suitable business model options for mobile-broadband media services, which specifically focuses to Indonesia’s telecom market, as one of the world largest emerging economy.
Master Thesis Proposal: Business Models for Mobile-broadband Media Services –...Laili Aidi
This thesis intends to systematically research the suitable business model options for mobile-broadband media services, which specifically focuses to Indonesia’s telecom market, as one of the world largest emerging economy.
This project figure out the pattern of the bytes in the stego file and how steganalysis tool can identify the bytes appended to the truck file by steganography tool. This analysis is based on basic theory of steganography and steganalysis, and using a hex editor in order to check what kind of bytes that the steganography tool appends to the truck file.
---
Please contact to lailiaidi at gmail.com for download request
These days, the interests in challenged networks are increasing and many researches are performed to seek a reliable end-to-end connectivity under harsh environments, which have a long propagation delay, high error rates, low data rate, and intermittent connectivity. Delay Tolerant Network was introduced to provide challenged networks with reliable transmission and interoperability with an overlay network concept. In this paper, we present comprehensive overview of Delay Tolerant Network and introduce a study case about the implementation of this network. This paper is designed to encourage the exploration of this field by giving basic concept and also motivate to investigate this area by presenting a study case at the end section.
---
Please contact to lailiaidi@gmail.com for download request
These days, the interests in challenged networks are increasing and many researches are performed to seek a reliable end-to-end connectivity under harsh environments, which have a long propagation delay, high error rates, low data rate, and intermittent connectivity. Delay Tolerant Network was introduced to provide challenged networks with reliable transmission and interoperability with an overlay network concept. In this paper, we present comprehensive overview of Delay Tolerant Network and introduce a study case about the implementation of this network. This paper is designed to encourage the exploration of this field by giving basic concept and also motivate to investigate this area by presenting a study case at the end section.
---
Please contact to lailiaidi@gmail.com for download request
Dimensioning and Cost Structure Analysis of Wide Area Data Service Network - ...Laili Aidi
This report contains discussion of the radio access network design and the cost structure analysis of different deployment options of Radio Access Technologies (RATs). The objective is to provide specific amount of user, with specific traffic demand and deployment scenario.
--
Please contact trough lailiaidi at gmail.com for download request
Analysis of WiMAX regulation in South Korea and Indonesia - PresentationLaili Aidi
Abstract—The development and rollout of WiMAX introduces several regulatory and policy issues. This paper highlights the WiMAX Regulation in South Korea, as a country that is already more mature and had become the first to implement Wireless Broadband Access (WBA) of its kind (WiBro) in the world, and Indonesia, as a country that is still in the process of formulating the reconcilable regulation. The paper begins with a brief overview of the technologies behind WiMAX and compared the market situation relative to broadband and 3G mobile networks. Next, the paper examines the potentially significant specific policy and regulatory issues for regulator in each country and competition climate between stockholders. Finally, this data was used to obtain recommendations to overcome the said problems. We found out that WiMAX may prove to be a disruptive technology for existing telecommunication and Internet sector, but careful policy effectuation can ensure that the disruption could create the maximum benefit possible in the society and market.
---
Please contact trough lailiaidi at gmail.com for download request
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
SNMP Project: SNMP-based Network Anomaly Detection Using Clustering
1. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
1. Summary
This project aims to design and implement a system that is able to monitor the network using SNMP and
identify the specific possible attacks (DoS and port scan) using a cluster analysis. In the first task, the
program discovers the topology of the network. After successful discovery phase, it will be able to
monitor the link utilization (network link-states) for a specified period of time, and then detect the
anomaly, using k-means clustering scheme [1]. These anomalies will be analyzed to recognize the attack.
Moreover, this program also provides an advance feature, which is defined as optional task, as it
executes online monitoring and detects the attacks using Davies-Bouldin Index as quality scoring
measurement [2].
2. Software Design and MIB objects
A. The MIB objects which are used in this system are:
i. During network crawling System Group and Interface Group (Interfaces table), as listed below:
sysName, OID 1.3.6.1.2.1.1.5. This MIB object is used to get the administratively assigned name
of the router
ifIndex, OID 1.3.6.1.2.1.2.2.1.1. This MIB object is used to get the interface value of the router
ifDescr, OID 1.3.6.1.2.1.2.2.1.2. This MIB object is used to get the description of the specific
interface that is discovered previously from the ifIndex MIB object request.
ipAdEntIfIndex, OID 1.3.6.1.2.1.4.20.1.2. This MIB object represent the index that identifies the
interface to which it is applicable in the value ifIndex MIB object. Using this MIB Object, we can
identify the Interfaces that exist in the IP routing table of the Router.
ipAdEntAddr, OID 1.3.6.1.2.1.4.20.1.1. This MIB object represents the IP address of the specific
interface of the Router.
ii. To discover the network topology, we identified the link level neighbor of each of the identified
Router using MIB Objects in Interface Group (IP Routing tables), which is the ipRouteNextHop, OID
1.3.6.1.2.1.4.21.1.7. This MIB object represents the next hop IP address of a route in the router.
iii. To identify the attacks, we used two MIB Objects in the Interface Group (Interfaces table) that relate
to interface utilization of a route, thus it able to represent the link-states of the network, as listed
below:
ifInOctets, OID 1.3.6.1.2.1.2.2.1.10. This MIB object represents the total number of octets
received on the specific interface of the Router.
ifInUcastPkts, OID 1.3.6.1.2.1.2.2.1.11. This MIB object represents the amount of unicast packets
delivered to a higher-layer protocol.
B. Below is the design of the software in this SNMP-based network management system, including the
classes, key data structures and operations. A full-size class diagram is given in Appendix 5A.
i. Class Start, the starting point to running the program. It contains the constant variables, used as
default parameters to run the specific task, if user has not specified with command line arguments.
ii. Class Router, represents the Managed node (Router), which contains:
hostname, which is String data type containing the hostname of the node
interfaces, which is Map of Integer (interface index) to RouterInf data structure containing
the interfaces of a router
localIps, which is List of Strings containing the local IP addresses of a router
neighborIps, which is List of Strings containing the neighbor (next-hop) IP addresses of a router
1
2. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
iii. Class RouterInf, represents the network interface of the router, which contains:
The IP Address, called ip, which is String data type.
The description, called desc, which is String data type.
iv. Class SNMPUtils, is static class that provide the SNMP values and operations that are needed to
accomplish the task, which are:
OID, which is Map of Strings from the human readable OID names data type to Strings of OID
numeric values, for the MIB objects of which are requested during the run of this program
open() and close(), opens and closes the SNMP session
getVarBind(), returns SNMP getNext MIB variable-value binding (value with its OID)
getVar(), returns SNMP getNext MIB value
v. Class SNMPCrawler, responsible for the node and link discovery task of the test-bed network:
createRouter(), creates a router and add to global list of routers operation
addInterfaces(), discovers and adds a list of the Interfaces of a router
addNeigbors(), discovers and adds a list of the link level Neighbors of a router
vi. Class SNMPPoller, provides polling operation to capture the link-states of routers:
poll and onlinePoll, operations used in Task 2, respective Task 3, to poll all routers for a
specified period of time and quit, or to continuously poll and call Clusterer after w polling
rounds.
xRounds and yRounds, which is Hashtable of integer data type to List of Long data structure.
This Integer represent the round number, and the List of Long data structure contains the sum
of ifInOctets, respective ifInUcastPkts, from every interface of each router in each round
vii. Class PollingTread
This class has composition relationship with Class SNMPPoller, which polls the information of the
routers simultaneously in every round.
vii. Class Clusterer, is a Thread that provides clustering calculation based on k-means clustering
method and/or Davies-Bouldin Index and show the result. This class contains 2 data structures which
represent the global-state of the network in every round, and operations which are:
deltXt and deltYt, the delta values of MIB object ifInOctets and MIB object ifInUcastPkts from
all routers in every round, calculated from the average value of the sum of MIB object from all
interfaces from all routers in round t
cluster(), the cluster formation operation, which is used to perform clustering until the it is
convergence or reach the maximum iteration for convergence (10 iterations)
getNewCentroids(), calculates the centroids from a list of type Cluster
calcDbi(), DBI value operation, used to get the Davis-Boulman Index of the clusters in each
calculation for the same dataset.
findAttacks(), identifies the DoS and port scan attacks.
vii. Class Cluster
This class has composition relationship with Class Clusterer, represent the cluster object, containing
CentroidX and CentroidY, the X, respective Y values of the centroid
Xs and Ys, holds all the X, respective Y values of all the points in this cluster
getNumPoints, returns the number of points in this cluster
2
3. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
3. Clustering Algorithm and Anomaly Detection Scheme
/** Anomaly detection **/
delXt = createDeltas(createAverages(xRounds, "X"));
delYt = createDeltas(createAverages(yRounds, "Y"));
numDeltas = delXt.size();
List<Cluster> initClusters = new ArrayList<Cluster>();
while(initCentroids.size() < k) {
Cluster c = new Cluster(delXt.get(p),delYt.get(p));
initClusters.add(c);
} }
List<Cluster> clusters = cluster(initClusters);
List<Cluster> newCentroids = getNewCentroids(clusters);
int numIterations = 0;
while (!haveSameCentroids(clusters, newCentroids)) {
clusters = cluster(newCentroids);
newCentroids = getNewCentroids(clusters);
if (numIterations++ > MAX_CLUSTERING_ITERATIONS)
break;
} }
double dbi = computeDbi(clusters);
Our clustering algorithm is based off the instructions in the project description in sections 2.3b and 2.3c
[3]. For all of our calculations we have kept track of the values for the x value (the sum of the ifInOctets
MIB values for every interfaces on a given router) and the y value (the sum of the ifInUcastPkts MIB
values for every interface on a router) as separate variables, to the data structures as simple as possible,
since they both change and are operated on independent of each other. At the end of the polling phase
we have two tables that hold all of the polled values, xRounds and yRounds. These tables have the
polling round number as keys, and the values are lists of the x or y values from all routers that
responded with valid results for the corresponding polling round. This data, along with an integer
interval, specifying how often polling should occur, an integer k, to indicate the number of clusters
that should be created, and repeats, to indicate how many times we should recalculate the clusters for
a different time period, are the inputs to the clustering function.
The clustering algorithm begins by determining the average global state for each round, by summing up
all values the list for that round, and then dividing by the number of responses in the list. This number
can vary, if we have received a timeout when requesting a MIB value from a router. One of the biggest
design choices for this project was to decide how to handle these timeouts. If we receive a timeout
from a router while trying to get information about one of the interfaces, we do not add the information
received from the other interfaces to the list for the round, so there will be one less entry in the list from
this round. We have chosen to do this, because we assume that the null responses from the routers
occur independently of when an attack occurs (only as a result of too many students executing at one
time), so we do not want to bring down the global state average for that round and create something
that may look anomalous, but not because of an attack. Another facet of this decision was if we
received a null during a poll of the x value from a router, but not during a poll of the y value, should we
add the y sum value to the y list, even though we are not adding the x value to the x list? We have
decided that because we are only dealing with global averages in this project, and not with the
information from specific routers, that there is no reason why we cannot return one MIB sum value to
help calculate the average. All of these conditions can be seen in the run() method of the
PollingThread class, in SNMPPoller.java.
3
4. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
After averaging, we determine the changes in global state. This is done by finding the differences
between the averages, stored as deltXt and deltYt. Since we are storing all data for x and y
separately, there is the possibility that this lists could become different lengths. However, this could
only occur if we were to get null responses from all routers for one of the values, but not the other, in a
given round. We consider this to be incredibly unlikely, so we assume the size of x list to be the same as
the size of the y list.
In the next step, we run a loop to pick a new random points in the data set to be initial centroids (x(p),
y(p)). Then we make a loop though all of the rounds, and for each point (x(t),y(t)), we record the
Euclidean distance to all of the initial centroids. After calculating the distances, the point is then added
to a cluster with the centroid which is closest to itself. The clusters are stored as lists of type Cluster.
Then we compute the new centroid for each cluster. This step is repeated until we get the same
centroids after an iteration (convergence), or until a maximum number of iterations (10) is met. After
the clusters are created, the Davies-Bouldin index (DBI) is computed for each clustering round. This
entire clustering process is repeated repeats number of times, to compare values discovered from
clusterings with different random initial centroids.
/** Anomaly detection **/
int largestCentroidCluster = clusters.getClusterWithLargestCentroid();
long largestCentroid = clusters.get(LargestCentroidCluster).getCentroid();
int secondLargestCentroidCluster = clusters.getClusterWithLargestCentroid();
long secondLargestCentroid = clusters.get(LargestCentroidCluster).getCentroid();
if(clusters.get(largestCentroidCluster).getNumPoints() <
clusters.get(secondLargestCentroidCluster).getNumPoints()) {
print ("There was a DoS attack in cluster: t" + largestCentroidCluster + 1) -
Rounds: ");
for(int i: clusters.get(largestCentroidCluster).getRounds()) {
print(clustersRounds.get(largestCentroidCluster).get(i) + " "); }
print ("nThere was a port scan attack in cluster: " +
(secondLargestCentroidCluster + 1) - Rounds: ");
for(int i=0; i<clustersRounds.get(secondLargestCentroidCluster).size(); i++) {
print(clustersRounds.get(secondLargestCentroidCluster).get(i) + " "); }
}
The anomaly detection scheme (ADS) works by using the qualities listed in section 2.3d of the project
description. First, the top two clusters are picked by their centroid value, which means the two clusters
whose centroid is furthest from the origin. After that, we determine if attacks have happened, by
testing if the qualities of these two clusters agree with qualities laid out in the project description, that is
to say, that if the largest of the two centroids has a smaller size, we call this a DoS Attack, and can
therefore call the other cluster a port scan attack. If these two clusters do not share these qualities, we
consider that it is indeterminate whether there was an attack or not. This can happen due to poor
choice of random initial centroids which prohibit the clusters from forming in predictable ways. Our
clusterer takes a variable integer repeats, which controls how many times we repeat the calculations
with different initial random centroids, that we are more accurately able to say during which rounds
there may have been an attack. We have decided to run the ADS on all clusterings, rather than just the
clusterings with the lowest DBI, because we have found that the clusterings with the lowest DBI do not
always show the most accurate attack detection (see Section 4A). We do however determine and
output which clustering has the lowest DBI, to conform to the requirements of Task 3.
4
5. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
4. Analysis of Results
In this section we present plots of data produced from a run of the program in Task 2. Similar data is
created from every in Task 3, with the difference that the lowest DBI is identified, and only that data is
output to a file. For this run of the program , we have selected to do 15 clusterings to ensure a breadth
of different results, and selected 3 unique clusterings to discuss here. For the plots we output data to
files from our program and then use GnuPlot to create the images [4].
In section A, we see clustering round number 12. This round had the lowest DBI. However, we can see
that the clusters were not very evenly distributed. We can tell that Cluster 1 (only one point, the
centroid, so the red cross is covered by the light blue square), and Cluster 2 are likely anomalous, but
maybe shouldn’t be clustered as they are. This is due to poor random initialization of the centroids. As
the initial centroid became the only member of the Cluster 1 in the first iteration, even after subsequent
iterations, it remained the only member of the cluster. In section B, we see clustering round number 13,
with a somewhat higher DBI. In this round we still identify the attacks by the criteria given in section
2.3d of the project description, however by looking at the points, it appears that most of the anomalous
points are clustered into Cluster 2, causing the algorithm to identify Cluster 1 as another anomalous
cluster, even though many of its points appear to be in the normal range. In section C, we see clustering
round 15, with a moderately low DBI. In this clustering we have identified two anomalous looking
clusters, but were unable to identify either as a specific attack, because the cluster with the largest
centroid also had the greatest size (contrary to the criteria).
A. Output from clustering 12:
Calculation number: 12
Cluster 1: INITIAL CENTROID: (2441728310,207925532) CENTROID: (2441728310,207925532)
Distance to origin: 2147483647 size:1
Cluster 2: INITIAL CENTROID: (471870614,60886306) CENTROID: (214883629,107039622)
Distance to origin: 240067604 size:44
Cluster 3: INITIAL CENTROID: (1885516800,337995273) CENTROID: (1789368680,226861600)
Distance to origin: 1803692451 size:4
Cluster 4: INITIAL CENTROID: (1714528937,12997585) CENTROID: (749674099,115085316)
Distance to origin: 758456250 size:24
DBI: 0.51
There was a DoS attack in cluster: 1 -Rounds: 9
There was a port scan attack in cluster: 3 -Rounds: 4 11 17 18
5
6. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
B. Output from clustering 13:
Calculation number: 13
Cluster 1: INITIAL CENTROID: (374573948,35643439) CENTROID: (805820188,111405014)
Distance to origin: 813484635 size:19
Cluster 2: INITIAL CENTROID: (660388911,93972355) CENTROID: (1919840606,223074386)
Distance to origin: 1932757132 size:5
Cluster 3: INITIAL CENTROID: (115915131,16393588) CENTROID: (112389070,105981524)
Distance to origin: 154477786 size:28
Cluster 4: INITIAL CENTROID: (253233972,55685827) CENTROID: (400624290,113025046)
Distance to origin: 416262516 size:21
DBI: 0.76
There was a DoS attack in cluster: 2 -Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 1 -Rounds: 0 2 3 5 6 7 8 10 12 14 16 19 20 30 35 36 38 58 72
C. Output from clustering 15:
Calculation number: 15
Cluster 1: INITIAL CENTROID: (13258747,117923684) CENTROID: (148767001,101947479)
Distance to origin: 180346635 size:33
Cluster 2: INITIAL CENTROID: (704077379,56711499) CENTROID: (1580738673,176220052)
Distance to origin: 1590530810 size:9
Cluster 3: INITIAL CENTROID: (203160196,49844066) CENTROID: (580964867,78434420)
Distance to origin: 586235562 size:29
Cluster 4: INITIAL CENTROID: (171386150,79317073) CENTROID: (531160408,681158721)
Distance to origin: 863775770 size:2
DBI: 0.6
Unable to positively identify attacks due to cluster sizes and centroid values.
6
7. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
5. Appendix
A. UML Class diagram of the project
Figure 1. Class Diagram of the designed software
7
8. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
B. Console Output from the run of the program discussed in Section 4
[aidl@brooklyn src]$ java Start -t 2 -r 15 –o 1
Starting EP2300 SNMP assignment, Task 2 (Clustering Global States)
Beginning crawl at IP: 192.168.1.10 (default)
Crawled Router: R9
Interface (1): 192.168.1.10 FastEthernet0/0
Interface (2): 192.168.4.10 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.4.14
Neighbor: 192.168.1.15
Crawled Router: R13
Interface (1): 192.168.4.14 FastEthernet0/0
Interface (2): 192.168.14.14 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.14.1
Neighbor: 192.168.4.10
Crawled Router: R14
Interface (1): 192.168.1.15 FastEthernet0/0
Interface (2): 192.168.13.15 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.1.10
Neighbor: 192.168.13.3
com.adventnet.snmp.snmp2.SnmpException: Time Synchronization has failed.
at com.adventnet.snmp.snmp2.usm.USMUserEntry.timeSynchronize(USMUserEntry.java:1185)
at com.adventnet.snmp.snmp2.usm.USMUtils.doTimeSync(USMUtils.java:2028)
at com.adventnet.snmp.snmp2.usm.USMUtils.doTimeSync(USMUtils.java:1927)
at com.adventnet.snmp.snmp2.usm.USMUtils.init_v3_parameters(USMUtils.java:1414)
at SNMPUtils.getVarBind(SNMPUtils.java:92)
at SNMPUtils.getVarBind(SNMPUtils.java:132)
at SNMPCrawler.addNeighbors(SNMPCrawler.java:112)
at SNMPCrawler.createRouter(SNMPCrawler.java:68)
at SNMPCrawler.start(SNMPCrawler.java:44)
at SNMPCrawler.<init>(SNMPCrawler.java:25)
at Start.main(Start.java:133)
Crawled Router: R0
Interface (1): 192.168.8.1 FastEthernet0/0
Interface (2): 192.168.14.1 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.8.2
Neighbor: 192.168.14.14
Crawled Router: R2
Interface (1): 192.168.12.3 FastEthernet0/0
Interface (2): 192.168.13.3 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.13.15
Neighbor: 192.168.12.4
Crawled Router: R1
Interface (1): 192.168.0.2 FastEthernet0/0
Interface (2): 192.168.8.2 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.8.1
Neighbor: 192.168.0.11
Crawled Router: R3
Interface (1): 192.168.9.4 FastEthernet0/0
Interface (2): 192.168.12.4 FastEthernet0/1
Interface (3): null Null0
Neighbor: 192.168.12.3
Neighbor: 192.168.9.9
Crawled Router: R10
Interface (1): 192.168.0.11 FastEthernet0/0
Interface (2): 192.168.7.11 FastEthernet0/1
8
10. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
[During the polling of Task 2 we frequently receive TimeSynchronizationExceptions outputted from the
SNMP class that we do not control. Also, we output every time we get a null response from a router.
We handle these nulls as discussed in Section 3. We receive many of these throughout the polling, so
we have edited away most of this output for simplicity, but here is a sample]
com.adventnet.snmp.snmp2.SnmpException: Discovery Failed
at com.adventnet.snmp.snmp2.SnmpEngineEntry.discoverSnmpEngineID(SnmpEngineEntry.java:698)
at com.adventnet.snmp.snmp2.usm.USMUtils.doDiscovery(USMUtils.java:1871)
at com.adventnet.snmp.snmp2.usm.USMUtils.init_v3_parameters(USMUtils.java:1413)
at SNMPUtils.getVarBind(SNMPUtils.java:92)
at SNMPUtils.getVar(SNMPUtils.java:142)
at PollingThread.run(SNMPPoller.java:197)
com.adventnet.snmp.snmp2.SnmpException: Failed to authenticate the SecurityParameters for user
2G1332_student SnmpEngineEntry not found for address 192.168.10.12 port 161
at com.adventnet.snmp.snmp2.Snmp3Message.processMessage(Snmp3Message.java:1132)
at com.adventnet.snmp.snmp2.SnmpSession.processPDUForVersion3(SnmpSession.java:2297)
at com.adventnet.snmp.snmp2.SnmpSession.setPDUParams(SnmpSession.java:2134)
at com.adventnet.snmp.snmp2.SnmpSession.send(SnmpSession.java:1974)
at com.adventnet.snmp.snmp2.SnmpSession.syncSend(SnmpSession.java:2558)
at SNMPUtils.getVarBind(SNMPUtils.java:109)
at SNMPUtils.getVar(SNMPUtils.java:142)
at PollingThread.run(SNMPPoller.java:197)
SNMP EXCEPTION ON IP: 192.168.10.12 OID: .1.3.6.1.2.1.2.2.1.10.1
NPE in Polling Thread.run() - X - Router: R11 round:0
RESULT IS NULL!!! TIMEOUT!!! IP: 192.168.0.2 OID: .1.3.6.1.2.1.2.2.1.10.1
NPE in Polling Thread.run() - X - Router: R1 round:0
RESULT IS NULL!!! TIMEOUT!!! IP: 192.168.9.9 OID: .1.3.6.1.2.1.2.2.1.11.2
NPE in Polling Thread.run() - Y - Router: R8 round:0
RESULT IS NULL!!! TIMEOUT!!! IP: 192.168.0.11 OID: .1.3.6.1.2.1.2.2.1.10.2
NPE in Polling Thread.run() - X - Router: R10 round:1
RESULT IS NULL!!! TIMEOUT!!! IP: 192.168.9.9 OID: .1.3.6.1.2.1.2.2.1.11.2
NPE in Polling Thread.run() - Y - Router: R8 round:3
RESULT IS NULL!!! TIMEOUT!!! IP: 192.168.2.16 OID: .1.3.6.1.2.1.2.2.1.11.2
NPE in Polling Thread.run() - Y - Router: R15 round:3
[End of sample of the errors… We now jump to poll completion, which begins with outputting the delta values
created from the global link-states we discovered during polling]
Done polling (74 rounds): 216s
Round: 1 Delta values (676248289,25047813)
Round: 2 Delta values (518732205,69707029)
Round: 3 Delta values (611057586,38984022)
Round: 4 Delta values (615854761,10902145)
Round: 5 Delta values (1714528937,12997585)
Round: 6 Delta values (1140419653,186713705)
Round: 7 Delta values (1190290703,59148273)
Round: 8 Delta values (944308308,182602369)
Round: 9 Delta values (642704189,9359653)
Round: 10 Delta values (2441728310,207925532)
Round: 11 Delta values (631360059,274612228)
Round: 12 Delta values (1885516800,337995273)
Round: 13 Delta values (1186561012,203413028)
Round: 14 Delta values (524948788,288193238)
Round: 15 Delta values (751719760,157507201)
Round: 16 Delta values (296589241,75250562)
Round: 17 Delta values (1110173658,21333530)
Round: 18 Delta values (1664293503,165717608)
10
12. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
Cluster 2: INITIAL CENTROID: (265811242,51863374) CENTROID: (580964867,78434420) Distance to
origin: 586235562 size:29
Cluster 3: INITIAL CENTROID: (518732205,69707029) CENTROID: (1580738673,176220052) Distance
to origin: 1590530810 size:9
Cluster 4: INITIAL CENTROID: (35145500,46103212) CENTROID: (148767001,101947479) Distance to
origin: 180346635 size:33
DBI: 0.6
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 2
Cluster 1: INITIAL CENTROID: (374573948,35643439) CENTROID: (522807513,76506519) Distance to
origin: 528375759 size:26
Cluster 2: INITIAL CENTROID: (474301583,5731296) CENTROID: (946176222,155346847) Distance to
origin: 958844140 size:9
Cluster 3: INITIAL CENTROID: (1186561012,203413028) CENTROID: (1919840606,223074386)
Distance to origin: 1932757132 size:5
Cluster 4: INITIAL CENTROID: (21176490,184948620) CENTROID: (148942667,121383621) Distance to
origin: 192140317 size:33
DBI: 0.71
There was a DoS attack in cluster: 3
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 2
-Rounds: 5 6 7 12 14 16 19 35 72
Calculation number: 3
Cluster 1: INITIAL CENTROID: (21176490,184948620) CENTROID: (531160408,681158721) Distance to
origin: 863775770 size:2
Cluster 2: INITIAL CENTROID: (181309216,9536905) CENTROID: (580964867,78434420) Distance to
origin: 586235562 size:29
Cluster 3: INITIAL CENTROID: (380146409,47529811) CENTROID: (1580738673,176220052) Distance
to origin: 1590530810 size:9
Cluster 4: INITIAL CENTROID: (49593959,23426091) CENTROID: (148767001,101947479) Distance to
origin: 180346635 size:33
DBI: 0.6
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 4
Cluster 1: INITIAL CENTROID: (39243653,103893047) CENTROID: (148767001,101947479) Distance to
origin: 180346635 size:33
Cluster 2: INITIAL CENTROID: (524948788,288193238) CENTROID: (623554579,392449562) Distance to
origin: 736774708 size:6
Cluster 3: INITIAL CENTROID: (751719760,157507201) CENTROID: (1580738673,176220052) Distance
to origin: 1590530810 size:9
Cluster 4: INITIAL CENTROID: (399287805,162308) CENTROID: (566758980,51288730) Distance to
origin: 569074929 size:25
DBI: 0.88
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 5
Cluster 1: INITIAL CENTROID: (135747952,199565599) CENTROID: (531160408,681158721) Distance to
origin: 863775770 size:2
Cluster 2: INITIAL CENTROID: (471870614,60886306) CENTROID: (642200879,84508717) Distance to
origin: 647737363 size:25
Cluster 3: INITIAL CENTROID: (141795148,92786867) CENTROID: (179274839,93354752) Distance to
origin: 202125153 size:38
Cluster 4: INITIAL CENTROID: (1714528937,12997585) CENTROID: (1639559299,195580867) Distance
to origin: 1651183384 size:8
DBI: 0.59
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 6
12
13. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
Cluster 1: INITIAL CENTROID: (750450800,470387) CENTROID: (1639559299,195580867) Distance
to origin: 1651183384 size:8
Cluster 2: INITIAL CENTROID: (474301583,5731296) CENTROID: (642200879,84508717) Distance to
origin: 647737363 size:25
Cluster 3: INITIAL CENTROID: (181309216,9536905) CENTROID: (179274839,93354752) Distance to
origin: 202125153 size:38
Cluster 4: INITIAL CENTROID: (202964762,142709252) CENTROID: (531160408,681158721) Distance to
origin: 863775770 size:2
DBI: 0.59
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 7
Cluster 1: INITIAL CENTROID: (35145500,46103212) CENTROID: (125609513,133119380) Distance to
origin: 183026006 size:29
Cluster 2: INITIAL CENTROID: (141795148,92786867) CENTROID: (794448653,118183368) Distance to
origin: 803191117 size:19
Cluster 3: INITIAL CENTROID: (127443602,56944295) CENTROID: (402050931,69039048) Distance to
origin: 407935462 size:20
Cluster 4: INITIAL CENTROID: (670542749,28956986) CENTROID: (1919840606,223074386) Distance
to origin: 1932757132 size:5
DBI: 0.72
There was a DoS attack in cluster: 4
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 2
-Rounds: 0 2 3 5 6 7 8 10 12 14 16 19 20 30 35 36 38 58 72
Calculation number: 8
Cluster 1: INITIAL CENTROID: (1140419653,186713705) CENTROID: (1580738673,176220052)
Distance to origin: 1590530810 size:9
Cluster 2: INITIAL CENTROID: (206672650,124642678) CENTROID: (173328543,95873467) Distance to
origin: 198077019 size:37
Cluster 3: INITIAL CENTROID: (249289848,205913351) CENTROID: (531160408,681158721) Distance to
origin: 863775770 size:2
Cluster 4: INITIAL CENTROID: (615854761,10902145) CENTROID: (613765445,83661868) Distance to
origin: 619441142 size:25
DBI: 0.59
Unable to positively identify attacks due to cluster sizes and centroid values.
Calculation number: 9
Cluster 1: INITIAL CENTROID: (704077379,56711499) CENTROID: (967923491,172555343) Distance to
origin: 983184230 size:9
Cluster 2: INITIAL CENTROID: (27472574,234937466) CENTROID: (154557992,121475778) Distance to
origin: 196582139 size:34
Cluster 3: INITIAL CENTROID: (381931973,67041728) CENTROID: (539230996,71544657) Distance to
origin: 543956528 size:25
Cluster 4: INITIAL CENTROID: (1893135481,390735934) CENTROID: (1919840606,223074386)
Distance to origin: 1932757132 size:5
DBI: 0.69
There was a DoS attack in cluster: 4
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 1
-Rounds: 5 6 7 12 14 16 19 35 72
Calculation number: 10
Cluster 1: INITIAL CENTROID: (202964762,142709252) CENTROID: (117457850,237870111) Distance to
origin: 265289532 size:12
Cluster 2: INITIAL CENTROID: (206672650,124642678) CENTROID: (220474127,53230079) Distance to
origin: 226808910 size:28
Cluster 3: INITIAL CENTROID: (1140419653,186713705) CENTROID: (1919840606,223074386)
Distance to origin: 1932757132 size:5
Cluster 4: INITIAL CENTROID: (467187496,127598320) CENTROID: (709438867,111675265) Distance to
origin: 718174679 size:28
13
14. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
DBI: 0.89
There was a DoS attack in cluster: 3
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 4
-Rounds: 0 1 2 3 5 6 7 8 10 12 13 14 16 19 20 21 23 30 31 35 36 38 42 44 57 58 63 72
Calculation number: 11
Cluster 1: INITIAL CENTROID: (127443602,56944295) CENTROID: (148767001,101947479) Distance to
origin: 180346635 size:33
Cluster 2: INITIAL CENTROID: (1186561012,203413028) CENTROID: (1077897973,113797691)
Distance to origin: 1083888349 size:6
Cluster 3: INITIAL CENTROID: (1714528937,12997585) CENTROID: (1919840606,223074386) Distance
to origin: 1932757132 size:5
Cluster 4: INITIAL CENTROID: (524948788,288193238) CENTROID: (554150316,118094414) Distance to
origin: 566594090 size:29
DBI: 0.63
There was a DoS attack in cluster: 3
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 2
-Rounds: 5 6 7 12 16 35
Calculation number: 12
Cluster 1: INITIAL CENTROID: (2441728310,207925532) CENTROID: (2441728310,207925532)
Distance to origin: 2147483647 size:1
Cluster 2: INITIAL CENTROID: (471870614,60886306) CENTROID: (214883629,107039622) Distance to
origin: 240067604 size:44
Cluster 3: INITIAL CENTROID: (1885516800,337995273) CENTROID: (1789368680,226861600)
Distance to origin: 1803692451 size:4
Cluster 4: INITIAL CENTROID: (1714528937,12997585) CENTROID: (749674099,115085316) Distance to
origin: 758456250 size:24
DBI: 0.51
There was a DoS attack in cluster: 1
-Rounds: 9
There was a port scan attack in cluster: 3
-Rounds: 4 11 17 18
Calculation number: 13
Cluster 1: INITIAL CENTROID: (374573948,35643439) CENTROID: (805820188,111405014) Distance to
origin: 813484635 size:19
Cluster 2: INITIAL CENTROID: (660388911,93972355) CENTROID: (1919840606,223074386) Distance
to origin: 1932757132 size:5
Cluster 3: INITIAL CENTROID: (115915131,16393588) CENTROID: (112389070,105981524) Distance to
origin: 154477786 size:28
Cluster 4: INITIAL CENTROID: (253233972,55685827) CENTROID: (400624290,113025046) Distance to
origin: 416262516 size:21
DBI: 0.76
There was a DoS attack in cluster: 2
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 1
-Rounds: 0 2 3 5 6 7 8 10 12 14 16 19 20 30 35 36 38 58 72
Calculation number: 14
Cluster 1: INITIAL CENTROID: (534606351,246896) CENTROID: (1919840606,223074386) Distance
to origin: 1932757132 size:5
Cluster 2: INITIAL CENTROID: (399287805,162308) CENTROID: (805820188,111405014) Distance to
origin: 813484635 size:19
Cluster 3: INITIAL CENTROID: (253233972,55685827) CENTROID: (400624290,113025046) Distance to
origin: 416262516 size:21
Cluster 4: INITIAL CENTROID: (88486619,7202473) CENTROID: (112389070,105981524) Distance to
origin: 154477786 size:28
DBI: 0.76
There was a DoS attack in cluster: 1
14
15. EP2300 SNMP Project Report Amy Skinner (skinner@kth.se) - Laili Aidi (aidi@kthse)
-Rounds: 4 9 11 17 18
There was a port scan attack in cluster: 2
-Rounds: 0 2 3 5 6 7 8 10 12 14 16 19 20 30 35 36 38 58 72
Calculation number: 15
Cluster 1: INITIAL CENTROID: (13258747,117923684) CENTROID: (148767001,101947479) Distance to
origin: 180346635 size:33
Cluster 2: INITIAL CENTROID: (704077379,56711499) CENTROID: (1580738673,176220052) Distance
to origin: 1590530810 size:9
Cluster 3: INITIAL CENTROID: (203160196,49844066) CENTROID: (580964867,78434420) Distance to
origin: 586235562 size:29
Cluster 4: INITIAL CENTROID: (171386150,79317073) CENTROID: (531160408,681158721) Distance to
origin: 863775770 size:2
DBI: 0.6
Unable to positively identify attacks due to cluster sizes and centroid values.
The calculation with the mininum Davies-Bouldin Index occurred in clustering round: 12 with DBI: 0.51
[As mentioned in Section 4, we ran 15 calculations to ensure that we could find significantly unique clusterings
to discuss – ordinarily this is set to the default of 3 clusterings. In Task 3, we would have already begun the next
round of polling before clustering, and this would repeat every w rounds]
C. References
[1] k-means clustering http://en.wikipedia.org/wiki/K-means_clustering
[2] Davies–Bouldin index http://en.wikipedia.org/wiki/Davies–Bouldin_index
[3] EP2300 SNMP Project Description
http://www.s3.kth.se/lcn/courses/EP2300/snmp_project_2011.pdf
[4] GnuPlot http://www.gnuplot.info/
15