A Potent Model for Unwanted Traffic Detection in QoS Network Domain
|
|
- Dorthy Banks
- 8 years ago
- Views:
Transcription
1 A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan, Ghassan Ahmed Al A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan *, Ghassan Ahmed Al School of Computer Scence, Unverst Sans Malaysa, Pulau Pnang, Pnang, Malaysa aaaa.cod08@student.usm.my, aman@cs.usm.my, ghassan@cs.usm.my do: /jdcta.vol4.ssue2.14 Abstract Unwanted traffc njecton whch amplfes the traffc loadng and ehausts network resources s counted as network securty threat. Despte of the numerous protecton systems, ths threat s stll lackng powerful remedy tll day. Ths paper proposes a potent model for unwanted traffc detecton n edge-to-edge QoS network doman. It s desgned to detect servce volatons and bandwdth theft n the network. The ngress and egress edges at the ISP doman are used to feed Rsk Management Unt (RMU) by nformaton about delay, jtter and throughput. RMU computes users' ratos to verfy the volatons n the Servce level Agreement (SLA) and to dentfy who s behnd these volatons. The smulaton results ndcate that our model s capable to detect the volatons n SLA. Furthermore t s precse for droppng the unwanted traffc wthout eceedng that to the wanted traffc. Keywords Dfferentated Servce; Unwanted traffc detecton; Qualty of Servce; Servce level agreement. 1. Introducton The ablty to measure QoS parameters s mportant to detect servce volatons and to contan attacker's sabotages n the nternet[1, 2]. The sophstcated attackers eplot the securty vulnerabltes ncluded n the open structure of the nternet to perform ther attacks. They tend to use the network traffc n order to hde ther malcous traffc by mng them wth the normal network traffc. Some of them use DDoS, worms, Network scan and SYN floodng attacks n order to perform servce volatons and bandwdth theft. Such attacks have dffcult challenges to prognoss the true postve.e. the challenges of droppng the malcous traffc wthout eceedng that to the legtmated traffc. Current Intruson Detecton Systems (IDS) are unable to effectvely remedy such challenges; however, some effcent research trend to study the breachng n the qualty of servces (QoS) parameters to dentfy and classfy network attacks such as[3-6]. The phlosophy of these researches s that QoS parameters whch bascally used to measure the network performance can also be used to determne whether that performance s normal or not. In ths paper we propose a potent model for unwanted traffc detecton n QoS edge-to-edge doman networks. The purpose of ths study was to present an effectve soluton for the above attacks challenges consderng the drawbacks of recent IDS approaches. Currently, t wll focus on detectng the unwanted traffc njecton and dentfyng whch user t has been generated by. Hence, montorng the users who abuse the network resources s requred to dfferentate between wanted and unwanted traffc. Customers of DffServ edge-to-edge QoS n mult-doman network have a Servce Level Agreement (SLA) for packet loss, delay, jtter and bandwdth guarantees provded by ther Internet Servce Provder (ISP)[7, 8]. The customer who eceeds ts guaranteed rato wll despol others' ratos. That s why; QoS parameters should be nspected at doman edges n order to prevent network resources ehauston. In ths paper, packet loss check s gnored. Our vson s to suffce by measurng jtter and bandwdth. These parameters can be measured more accurately. Jtter s aggregated for each user and compared wth ts guarantees n the SLA. When the user volates hs jtter guarantee n SLA, the throughput wll be computed as user transfer rate to verfy the servces volatons and to dentfy the user who s behnd these volatons. The man contrbuton of ths paper s lettng the decson whch confrms whether the servces guarantees are volated or not based on jtter metrc measurement. In fact, delay jtter s measured to correct the errors whch are caused by usng naccurate methods for delay measurng. Actually, these methods nclude drawbacks such as: non-synchronzaton when tmestamp of props packets s recorded between sender and recever edges or the asymmetrcal lnks f we smply measure RTT and dvde t by two. * Correspondng author. Tel.: E-mal address: aman@cs.usm.my 122
2 Internatonal Journal of Dgtal Content Technology and ts Applcatons Volume 4, Number 2, Aprl 2010 The rest of the paper s organzed as follows. Secton 2 dscusses the background and related work. In Secton 3, we revew the mpacts of unwanted traffc on QoS parameters. Secton 4 classfes the unwanted traffc. Secton 5 descrbes the archtecture and algorthm of SLA volaton. Secton 6 debates the metrcs (delay, jtter and bandwdth) measurement. Secton 7 presents smulaton results. In secton 8, the concluson and future work are ntroduced. Fnally, the acknowledgment s wrtten n secton Background and Related Work IDS are classfed nto known attack based, and unknown attack based. The known attack based detectors are defned as a set of rules wrtten to eamne the network traffc n order to nspect the known attacks characterstcs such as[9-11]. These IDS detectors also called a msuse or sgnature bases. Ther man drawback s the need for addng new rules when a new type of attack s dscovered. The unknown attack detectors are descrbed as anomaly based detecton systems n[12-15]. Though these types can detect a suspcous traffc, they can not gve a complete dagnoss about the attack nature. In addton, the possblty of normal traffc devaton from ts dstrbuton model whch s created frst leads to rse the false alarms generaton. There have been a number of related studes tended to measure the mbalance and breaches that occur n the QoS parameters to detect the servce volatons or to portend the resources theft. Ahsan H and Sona F et al [6],[16] and Ahsan H, Mohamed H and Bharat B[17] propose a scalable system for detectng servce volatons and bandwdth theft n DffServ edge to edge doman. Ths approach s smple and useful for nvestgaton SLA volatons; however, ts shortcomng by relyng the delay frstly to detect servce volatons. As t measures one way delay (OWD) by usng the tmestamps recorded at both ends. Accordng to[18], OWD s hard to measure by smply sendng probes from the source to the destnaton. Besdes, the probe-packet stream adds consderable etra-amount traffc on the network and thus produces a QoS performance that s not smlar to that wthout the nfluence of the probe-packet. In addton, the method of determnng the probablty wth whch the probe packets should be njected s not accurate[6]. Moreover, the core-asssted scheme for loss measurement s not useful and dffcult to deploy, added to the ambguty n determnng ts loss threshold. We-Zhou Lu, We-Xuan Gu et al[18], propose a non-synchronzed One-way queung delay measurement and ts applcaton on detectng DDoS attack. To avod the synchronzaton problem resultng from recordng the tmestamp at both ends, the ntervals are separately measured at the sender and the recever to compute OWD. Ths approach s lmted only to measure packet loss rate, OWD and jtter wthout propose a complete mechansm to detect attacks and dentfy ther sources. Garga and Reddy [5] present a real-tme detecton and contanment of network attacks usng QoS Regulaton. The network attack detector s desgned based on montorng the ncrease of the nput traffc by each protocol. Each protocol has two knds of threshold: hgh and low threshold. When the traffc volume of the correspondng protocol sgnfcantly eceeds a regulaton hgh threshold or s below the low threshold, the detector declares anomales and then the system swtches to class-based buffer management technques. The use of non class-based buffer management durng the normal tme mode to avod the wastng n the system resources s one advantage of these approaches. In addton, classfyng the traffc accordng to the correspondng protocol wll help later n recognzng the attacks types. On the other hand these regulaton-based systems contan drawbacks such as: the possblty of tranng ths approach to accept anomaly traffc as legtmate traffc. Also the protocols thresholds themselves are dffcult to assgn by the values whch ensure reducton n the false alarm rates. Km and Reddy[3], propose a smlar approach of Garga and Reddy to detect network attacks usng QoS regulaton. Furthermore, ths approach doesn t eplan feasble mechansms for montorng the nput traffc and classfyng the traffc accordng to the correspondng protocol. 3. Unwanted traffc mpact on QoS metrcs Qualty of servce (QoS) concept s a set of mechansms desgned to capably manage the network characterstcs n order to guarantee hgh qualty performance n the network servces. The network characterstcs are defned by QoS parameters whch nclude bandwdth, Delay, Jtter and Loss[19, 20]. These parameters whch we use to detect anomalous actvtes n the traffc are brefly descrbed n table 1. The network s n normal state as long as the ratos of the above QoS parameters are normal. Hereby, n ths paper, we consder the volaton n these parameters ratos occurrng by anomalous actvtes n the network traffc. 123
3 A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan, Ghassan Ahmed Al Table 1. Qualty of Servce (QoS) parameters Parameters Bandwdth Delay Jtter Loss Descrpton Traffc rate that can be carred from source to destnaton n a gven tme perod (mostly one second). The delay n data transmsson from one pont to another. The change n delay for a par of packets selected wthn a flow n the evaluaton nterval. The rato of packets dropped by the routers (lost packets). In fact n addton to malformed traffc, most of anomalous traffc n the network s caused by attackers and ntruders actvtes. Fgure.1 llustrates the mpacts of unwanted traffc upon QoS parameters. Unwanted traffc mpact because of the congeston caused by the malcous traffc or n case of the delay caused by that congeston. 4. Unwanted traffc classfcaton Unwanted traffc classfcaton s requred for dentfyng the knd of traffc whch s behnd servce volatons n the network. We quarantne the njected traffcs whch cause the amplfcaton n the network as unwanted traffc. Unsolcted traffc Unwanted traffc Malcous traffc Malformed traffc ncrease ++ ncrease ++ ncrease ++ decreas e Traffc knd Fgure 2. unwanted traffc classfcaton QoS Parameters Fgure 1. Unwanted traffc mpact on QoS parameters Bandwdth consumpton: s a result due to traffc amplfyng. Amplfyng process s done by njectng malcous or unwanted traffc such as dstrbuted denal of servce (DDoS) attacks or network scan. Tme delay: s a result of bandwdth consumpton. When there s bandwdth consumpton, there s a decrease n the data transfer rate through network paths n a tme unt; thus, there s a delay n the transmsson tme. Jtter: Resultng from the changes n delay for a par of packets selected wthn a flow n the evaluaton nterval. Data Loss: Some packets are dropped by routers Unwanted traffc can not be solely counted as malcous traffc. Fgure 2 shows that unwanted traffc s categorzed nto three knds: malcous, unsolcted and malformed traffcs. Malcous traffc s njected by attackers for evl purposes such as DDoS, worms, SYN floodng or network scans attacks. The proft and commerce purposes are behnd the unsolcted traffc njecton such as spam or cookes; whereas malformed traffc s generated because of network tools malfuncton. 5. Archtecture for detectng SLA breach Fgure 3. shows the methodology archtecture for detectng servce volaton and resoureces theft proposed n ths paper. The archtecture s composed of four man unts: Montorng Unt (MU), Verfcaton Unt (VU), Dagnoss Unt (DU) and Rsk Management Unt (RMU). 124
4 Internatonal Journal of Dgtal Content Technology and ts Applcatons Volume 4, Number 2, Aprl 2010 Traffc n Jtter Check Montorng Unt (MU) Normal Traffc Matchng RMU Bandwdth Check Verfcaton Unt (VU) Identfcaton Classfcaton Flter Out Dagnoss Unt (DU) Fgure 3. The archtecture for detectng SLA volaton MU functonalty s montorng the anomaly actvtes n the network traffc. It measures packets delay at the provder edges for every user and reportng that to RMU. RMU computes the jtters of each user n order to compare them wth ther jtter guarantees n the SLA. To verfy whether servces are volated or not, bandwdth gurantees should be measured. VU functonalty s to measure the data transfer rate for those users who breache ther jtter gurantees at provder egress edges and then forward the amount of consumed bandwdth to RMU. Tactcally bandwdth checkng wll not be eecuted before jtter guarantee has already been breached. In other words, bandwdth s defned as data transfer rate for the user at tme unt, whch means that any breach n delay guarantees changes data transfer tme and then affects data transfer rate. Hence, users who breache ther bandwdth guarantees too, wll be declared as unwanted network generators. RMU s the control and managment unt. It s seen as the heart n the body. In addton to the responsblty of dstrbutng the roles among the unts and assgnng prorty for the tactcal tasks, RMU computes the average numbers of jtter and consumed bandwdth for each user dependng on data gven by the related unts. Besdes, RMU s responsble of makng the crucal decsons whch determnes whether servces are breached and bandwdth are theved or not. Fgure.4 shows servce volatonss and bandwdth theft detecton algorthm whch s eecuted for jtter and bandwdth metrcs on DffServ doman. DU s responsble for classfyng the unwanted traffc whch s behnd servce volatons nto malcous, unsolcted and malformed traffc. Actually traffc classfcaton s out of ths paper scope, that s why DU s only planned to be studed later n the net paper. The negatve effect of traffc classfcaton overload n the performance parameter can be avoded frstly by zoomng out the classfcaton scope nto the traffc whch has been already proved as unwanted traffc. Secondly, by collectng the nformaton of unwanted traffc and placng them n a repostory. Then eecutng the operaton of classfcaton n the offlne way. 6. QoS parameters measurement Customers of end-to-end QoS n mult-doman Dfferentated Servces [8] network have SLA guarantees for packet loss, delay, jtter and data transfer rate provded by ther ISP. Ths secton descrbes feasble methods for measurng these QoS parameters for each user n the doman. The calculated ratos are compared wth the ratos granteed n SLA to detect the volatons n jtter, bandwdth and data loss gaurantees. We proposed prvate method for each of them as follow: 6.1 Delay and Jtter metrcs measurement One-Way-Delay (OWD) s measured accordng to [6] ether by recordng tmestamps of props packets or by dvdng the Round Trp Tme (RTT) by two. The man drawback of the frst way s the non synchronzaton between the two ends: however, the asymmetrc lnks gves us an appromated rato when we use RTT. To avod these drawbacks, we check delay jtter nstead of delay parameter, because such drawbacks can affect n delay rato computng, but they can not affect n jtter rato computng. Jtter s defned as the change between OWD for a par of packets selected wthn a flow n the evaluaton nterval[18]. That means for measurng jtter, delay must be computed frst. In ths paper, we choose to compute OWD by dvdng Two Way Delay (TWD) by two. TWD s the RTT whch s computed by measurng the tme from ngress to egress and back to ngress. The ngress edges forward the packet TWD nformaton to the RMU. The RMU computes the OWD for every packet traverses from ngress to egress as: TWD OWD (1) 2 The computed values of OWD s used to compute the jtter as jtter OWD OWD (2) Where 1 1 y y y OWD y s the delay computed for packet n 125
5 A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan, Ghassan Ahmed Al the flow y of user, and Unwanted traffc are detected Yes OWD Traffc n Packets Delay Montor Jtter computng Jtter > SLA Jtter guarantee Yes Bandwdth computng Bandwdth > SLA Bandwdth Guarantee No No Declare the user as resources robber y 1 s the delay value computed of net packet +1 n the same flow of same user. The jtter average of user can be computed by usng the eponental smooth movng average (ESMA)[21]. as follow: avg _ Jtr avg _ Jtr w jtter y 1 w (3) Where y jtter s the jtter rato computed for each flow y of user over tme nterval t, w s a small adaptaton factor set to 0.1 for ths computaton. In concluson, we nfer that unwanted traffc may have njected and network servces may have abused, when the jtter average of user eceeds ts jtter rato guarantee n the SLA. Fgure 4. SLA volaton detecton flowchart 6.2 Bandwdth metrc measurement Normal Traffc Matchng Accordng to[19], when the DffServ traffc eceeds the amount of bandwdth allocated for the customers specfed by SLA, the traffc stream has reached burst sze; consequently, the ecess packets are drooped out of traffc profle. Otherwse, packets are consdered as n traffc profle; smlarly, when the bandwdth s not enough, the network traffc wll be congested, and then the tme requred for transmttng data from one pont to another wll ncrease. In other wards, the traffc loss or transmttng delay can't occur as long as network bandwdth s not consumed. For these reasons, we consder the volaton n bandwdth guarantee an evdence for unwanted traffc njecton. The objectve of ths paper n addton to the anomalous actvtes detecton s the anomaly generator dentfcaton. A common fact that the user who consumes a bandwdth more than hs porton, he certanly starves the others. To dentfy starvaton source, we refer to every user who eceeds ts guarantee of jtter n order to measure hs throughput at all egress edges. Egress edges report RMU by the bandwdth consumed by each flow. The RMU aggregates the throughput of each user at all egress edges as the average of data transmsson rate of that user. In ths model, to easly measure the amount of bandwdth consumed by every flow, a mathematcal mechansm can be used. Accordng to[22], theoretcal when the network traffc loadng s staple, every TCP flow transmtted through congested path wll consume the same porton of bandwdth. In[23], Maths uses the followng equaton to measure bandwdth of a sngle TCP flow : MSS Fbw RTT C P where MSS s the mamum segment sze, RTT s the packet round trp tme, P s the drop probablty of the packet, and C s a constant depends on the type of TCP. In order to apply Maths's equaton, we take nto consderaton all condtons and parameters assumptons. The equaton wll be appled on congested lnk between ngress and egress edges. Ths lnk s appromately symmetrc. Flows of same user wll be assumed as comng from the same source. Egress edges compute the amount of bandwdth consumed by flow of user and report t to the RMU. RMU classfes the flows whch belong to user and aggregates the bandwdth average of each user at all egress edges by usng ESMA as avg _ Fbw avg _ Fbw weght Fbw 1 weght (5) Where Fbw s the amount of bandwdth consumed by flow of user over tme nterval t, weght s a small adaptaton factor set to 0.1 for ths computaton. We conclude that unwanted traffc have been njected and (4) 126
6 Internatonal Journal of Dgtal Content Technology and ts Applcatons Volume 4, Number 2, Aprl 2010 network resources have been robbred, f the average of bandwdth consumed by the user eceeds ts bandwdth guarantee n the SLA. 6.3 Loss metrc measurement Although loss parameter checkng s not ncluded n ths study, we eplan how t can be measured to help n detectng servce volatons and resources theft. We wll refer to edge-to-edge strategy as loss measurement mechansm between Provder Edges (PE). The ngress edge y reports RMU by all packets actually sent to egress edges over a tme unt t seconds for user, ( y Psent ), On the other hand, egress edges z reports RMU by all packets actually receved over a tme unt z for the same user, Pr cvd. The RMU computes the average loss rato for user as follow: avg _ EgPloss avg _ Psent avg _ Prcvd (6) avg _ Psent where avg_psent s average number of packets sent by user and avg_prcvd s average number of packets receved for the same user. Both these ratos are computed by RMU by usng ESMA over the same nterval. In concluson, we nfer that suspcous traffc may have njected, f ths average loss eceeds the loss guarantee n the SLA. 7. Smulaton result 7.1 Smulaton setup Ths secton descrbes our smulaton result for detectng the bandwdth consumng and servce volatons. We used the network smulator NS-2.33[24]. The network topology used n our smulaton comprses fve edges routers wth traffc condtoners and s core routers as llustrated n fgure 5. The lnk bandwdth capacty among all nodes s set to 10 Mbps. Propagaton delay of all lnks s 5 ms. The smulaton scenaro s desgned to evaluate the effectveness of the proposed scheme for montorng every customer on the provder edges. Ths scenaro s smulated consderng a Dfferentated Servce (DS) network doman. The doman accepts three servce level specfcatons (SLS) for three users. The user uses multple hosts to sends multple flows va one or more ngress edges along the topology lnks. The detals of SLS for users' flows are presented n table 2. U1 U2 U3 ngress1 0 Ingress2 CR1 3 CR 4 1 CR2 CR3 4 6 CR5 2 ngress3 7 Fgure 5. The smulated network topology We smulate 30 flows, each flow has the same average rate of 320 Kbps. TCP New Reno s used. For smplcty, fve eplct paths are selected between ngress and egress edges as follow: P0 ncludes nodes 3, 6, 8, 10 and t s assocated to flow (1-12); P1 ncludes nodes 0, 1, 4, 7, 8, 10 and t s assocated to flow (13-21); P2 ncludes nodes 0, 2, 5, 7, 8, 10 and t s assocated to flow (22-27); P3 ncludes nodes 5, 7, 8, 9 and t s assocated to flow (28-30); The smulaton tme s 30s. The delay, jtter and throughput of each user are measured every o.1 ms. Table 2. SLS of doman users Source Destnaton Throughput Delay jtter U1 R2 7 Mbps 25 ms 10% U2 R2 2 Mbps 25 ms 10% U3 R1 1 Mbps 25 ms 10% 7.2 Result and dscusson 5 DS doman CR6 8 egress1 In the smulaton, our proposed mechansm s nvestgated under lght load; and when there s an ecessve traffc by consderng same scenaro. Under the lght load, the normal traffc s smulated as follow: 12 flows generated by user U1 through P0; 9 flows generated by user U1 through P1; 6 flows generated by user U2 through P2; and 3 flows generated by user U3 on P3. Fgure 6 shows a normal stuaton between 0 and 6 seconds where network servces are not volated and bandwdths are adequate to accommodate all ncomng traffc. An attack s smulated on U1. At the seventh second, U1 starts to attack by sendng an ecessve traffc to R2. Lnk (8 10) becomes the most congested and ehbts ncreased delay ratos, because t s a bottleneck for P0, P1 and P2. The delay n P3 does not ncrease because t s not congested Egress2 R1 R2 127
7 Mean Delay (Second) Mean Delay (Second) Mean Delay (Second) A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan, Ghassan Ahmed Al U1 U2 U Delay Jtter Smulaton Tme (Second) Smulaton Tme (Second) Fgure 6. Users mean delay Fgure 6 also shows that U3 does not eceed ts delay rato, whle both U1 and U2 volate ther SLS by eceedng delay porton guaranteed at 7-23 seconds. That s why; the volaton s occurred by ether U1 or U2. The delay average of the aggregated flows s computed for both U1 and U2. The delay measurng procedure dscussed n secton 6.1. Fgure 6 shows that U1 eceeds ts delay guarantee to more than 70 ms and U2 also eceed ts delay guarantee to more than 40 ms. As we dscussed n secton 6, OWD measurement has some drawbacks that make t not accurate. Due to those drawbacks, the result of delay measurng s consdered not suffcent. Consequently, the crucal decson wll be taken based on jtter measurement. Fgure 7 and fgure 8 depct the jtter measurng for U1 and U2 respectvely. Fgure 7 shows that the jtter average of U1 s normal before 7 second and after 23 second; however t eceeds 2.5 ms to more than 10 ms between 7 and 23 seconds. Fgure 8 shows that the jtter average of U2 s round 2.5 ms at all smulaton tme. We consder the oscllatory jtter durng the tme 7-23 seconds s the evdence for servce volaton and bandwdth consume. The volaton n jtter guarantee whch s depcted n fgure 7 confrms the volaton n delay whch s depcted n fgure 6, whle the absence of volaton n jtter guarantee whch s depcted n fgure 8 negates the delay volaton as depcted prevously n fgure 6. So that U1 s consdered an unwanted traffc generator, whle U2 s consdered a legtmated user. The followng eamples demonstrate that the absence of jtter volaton n fgure 8 negates the delay volaton n fgure 6 for the user U2. Arrved tmes of the frst packet (T1) and arrved tme of the net packet (T2) are assumed respectvely as 25, Jtter value s computed as: Fgure 7. Flows mean jtter of U1 Fgure 8. Flows mean jtter of U2 Jtter = T2 - T1, Jtter = ( ) = 2.5 ms. Delay Jtter Smulaton Tme (Second) If packets delay value ncreases by ( s the error rato of OWD computng), jtter value wll not change because of that as Jtter = (T2 + ) (T1 + ), Jtter = ( ) (25 + 7) = 2.5 ms Fgure 9 shows the appromated throughput of the aggregated flows for each user n the doman. We measure the throughput of U1 by aggregatng the flows that follow P0 and P1, the throughput of U2 by aggregatng the flows that follow P2 and the throughput of U3 by aggregatng the flows that follow P3. Throughput measurng n Fgure 9 depcts that U1 breaches ts bandwdth guarantee by eceedng ts average rate nto more than 9 Mbps n the perod (7-23) seconds; however, the throughput of U2 and U3 s n 128
8 Throughput(Mbps) Internatonal Journal of Dgtal Content Technology and ts Applcatons Volume 4, Number 2, Aprl 2010 normal rate. Despte of loss metrc s not consdered n ths paper, loss rato can be measured at the edge routers for each user. Loss measurng method s eplaned n secton Fgure 9. Users mean throughput. 8. Concluson and future work Our mechansm presented n ths paper can detect the rsk before t occurs and dentfes ts generator and destnaton at the attack tme, wth no need to use traceback algorthms. Ths model s lght-weght and does not requre any etra components. we have demonstrated that through the smple archtecture on secton 4. All that we need s one devce for RMU. In addton, ths algorthm s effcent to detect SLA volatons and to dentfy the user who s behnd network servces abusng. The smulaton results ndcate that usng jtter s effectve to avod the drawbacks of usng delay. Moreover, t s useful to remedy the ncrease of false alarms. In future work, we wll plan to add the DU unt whch wll be responsble for classfyng the unwanted traffc nto malcous, unsolcted and malformed traffc. And then determnng whch knd was behnd servce volatons n the network. 9. Acknowledgements Ths research was supported by Short-term Grant No.304/PKOMP/639021, School of Computer Scence, Unverst Sans Malaysa, Penang, Malaysa. 10. References U1 U2 U Smulaton Tme (Second) [1] Y. Vnod, B. Paul, and U. Johannes, "Internet ntrusons: global characterstcs and prevalence." I. c. o. m. a. m. o. c. systems, Ed. USA: ACM, vol. 31, 2003, pp [2] G. A. Al, A. Jantan and A. A. Ahmed, "Honeybee-based model to detect ntruson," LNCS Sprnger-Verlage Berln Hedelberg 2009, [3] K. S. Soo and A. L. N. Reddy, "Real-tme detecton and contanment of network attacks usng QoS regulaton," n Communcatons, ICC IEEE Internatonal Conference on, 2005, Vol. 1, 2005, pp [4] M. Ada, N. Myosh, and K. Ishbash, "A scalable and lghtweght QoS montorng technque combnng passve and actve approaches," n INFOCOM Twenty-Second Annual Jont Conference of the IEEE Computer and Communcatons Socetes. IEEE, vol.1, 2003, pp [5] A. Garg and A. L. N. Reddy, "Mtgaton of DoS attacks through QoS regulaton," Mcroprocessors and Mcrosystems, vol. 28, 2004, pp [6] A. Habb, S. Fahmy, S. R. Avasarala, V. Prabhakar, and B. Bhargava, "On detectng servce volatons and bandwdth theft n QoS network domans," Computer Communcatons, vol. 26, 2003, pp [7] J. Henanen, F. Baker, W. Wess, J. Wroclawsk, "Assured forwardng PHB group," RFC 2597, June [8] C.-K. Tham and Y. Lu, "Assured end-to-end QoS through adaptve markng n mult-doman dfferentated servces networks," Computer Communcatons, vol. 28, 2005, pp [9] Roesch and Martn, "Snort - Lghtweght 1ntruson Detecton for Networks," Proc. USENIX Lsa 99, SeattLe, Nov. 7-12, [10] Pason and Vern, "Bro: A system for Detectng Network Intruders n Real-Tme," Lawrence Berkeley Natonal Laboratory Proceedngs, 7'th USENIX Securty Symposum, Jan , San Antono TX, [11] R. Ghader, B. Mnae-Bdgol, "Detectng Data Errors wth Employng Negatve Assocaton Rules," JDCTA : Internatonal Journal of Dgtal Content Technology and ts Applcatons, vol. Vol. 3, 2009, p. pp. 91 ~ 95. [12] R. Sekar, M. Bendre, D. Dhurjat, and P. Bollnen, "A fast automaton-based method for detectng anomalous program behavors," n Securty and Prvacy, S&P Proceedngs IEEE Symposum on, 2001, pp [13] L. SooHyung, K. HyunJu, N. JungChan, and J. JongSu, "Abnormal traffc detecton and ts mplementaton," n Advanced Communcaton Technology, 2005, ICACT The 7th Internatonal Conference on, 2005, pp [14] M. Thottan and J. Chuany, "Anomaly detecton n IP networks," Sgnal Processng, IEEE Transactons on, vol. 5, 20031, pp [15] S. Janakraman, V. Vasudevan, "ACO based Dstrbuted Intruson Detecton System," JDCTA: Internatonal Journal of Dgtal Content Technology and ts Applcatons, vol. Vol. 3, 2009, p. pp. 66 ~ 72. [16] H. Ahsan, F. Sona, and B. Bharat, "Montorng and controllng QoS network domans.": John Wley \& Sons, Inc., vol. 15, 2005, pp
9 A Potent Model for Unwanted Traffc Detecton n QoS Network Doman Abdulghan Al Ahmed, Aman Jantan, Ghassan Ahmed Al [17] A. Habb, M. M., Hefeeda, and B. Bhargava, "Detectng Servce Volatons and DoS Attacks," CERIAS Tech Report TR, [18] W.-Z. Lu, W.-X. Gu, and S.-Z. Yu, "One-way queung delay measurement and ts applcaton on detectng DDoS attack," Journal of Network and Computer Applcatons, vol. 32, 2009, pp [19] X. Xpeng and L. M. N, "Internet QoS: a bg pcture," Network, IEEE, vol. 13, 1999, pp [20] Csco, "Qualty of Servce Networkng," Internetworkng Technology Handbook, [21] Y. Gu, X. Hong, M. Mazzucco, and R. Grossman, "Rate Based Congeston Control over Hgh Bandwdth/Delay Lnks," IEEE/ACM Transacton on Networkng. [22] W. Hsen-Mng, W. Chn-Ch, and L. Woe, "On the Server Farness of Congeston Control n the ISP Edge Router," n Local Computer Networks, th Annversary. The IEEE Conference on, 2005, pp [23] M. Matthew, S. Jeffrey, M. Jamshd, and O. Teuns, "The macroscopc behavor of the TCP congeston avodance algorthm." c. c. Revew, Ed.: ACM, vol. 27, 1997, pp [24] " " The Network Smulator (ns-2) home page. Authers' Bography Abdulghan Al Ahmed receved the B.Sc (Hons) degree n Computer Scence from Sudan Unversty for Scence and Technology n He receved hs M. Sc. n Computer Scence (Network Securty) from al- Neelan Unversty n Snce 2005, he s a member n the research and development center at communcaton and technology cty, Sana'a, Yemen. From , he worked as part tme lecturer at Sana'a Unversty, Saba unversty and Yemena unversty, Sana'a, Yemen. He s currently PhD student n Unverst Sans Malaysa, Penang, Malaysa. Hs research nterests nclude computer and network securty, MPLS technology, QoS and embedded real-tme systems. Computer Scence (Artfcal Intellgence) and B.CompSc (Hons) n Computer Scence (major program) from the same unversty n 1996 and 1993, respectvely". He s currently nvolved n several network and securty system research projects such as developng Neuro-Fuzzy Intruson Detecton System engne, whch s to ncorporate neural network archtecture and fuzzy logc nference nto a hybrd engne; as well as other types of engnes such as honey bee adopted concept n protectng network ntruson. Other projects under hs supervson nclude malwares research such as appled AI concept for ant-vrus engne and Rootkt detecton and protecton, Network Forensc, RFID, and moble and wreless securty n general. In addton to the network and securty research, he also performs research and publcaton n several software engneerng areas,.e., Software Dynamc and Safe Updatng, Software Modelng and Archtecture such as CBSD, Secure Software/Programmng, and Software Testng and Qualty Assurance". Ghassan A. Al receved the B.Sc.(Hons.) degree n computer scence from Ajman Unversty, UAE, n Hs M.Sc. degree n computer scence from the Unverst Sans Malaysa n From , he worked at Al-Andaluse Unversty as an nstructor of computer scence as well as part tme lecturer at Sana'a Unversty. Later, he worked as a research offcer wth hs supervsor at Unverst Sans Malaysa. Currently, he s a PhD student wth Unverst Sans Malaysa. Hs research nterests nclude computer and network securty, E-commerce/web ntellgence and nformaton technology. "Aman Jantan s currently servng as a senor lecturer n the School of Computer Scences, Unverst Sans Malaysa. He receved hs PhD n Software Engneerng from Unverst Sans Malaysa n He receved M. Sc. n 130
PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign
PAS: A Packet Accountng System to Lmt the Effects of DoS & DDoS Debsh Fesehaye & Klara Naherstedt Unversty of Illnos-Urbana Champagn DoS and DDoS DDoS attacks are ncreasng threats to our dgtal world. Exstng
More informationA Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification
IDC IDC A Herarchcal Anomaly Network Intruson Detecton System usng Neural Network Classfcaton ZHENG ZHANG, JUN LI, C. N. MANIKOPOULOS, JAY JORGENSON and JOSE UCLES ECE Department, New Jersey Inst. of Tech.,
More informationNetwork Security Situation Evaluation Method for Distributed Denial of Service
Network Securty Stuaton Evaluaton Method for Dstrbuted Denal of Servce Jn Q,2, Cu YMn,2, Huang MnHuan,2, Kuang XaoHu,2, TangHong,2 ) Scence and Technology on Informaton System Securty Laboratory, Bejng,
More informationA Secure Password-Authenticated Key Agreement Using Smart Cards
A Secure Password-Authentcated Key Agreement Usng Smart Cards Ka Chan 1, Wen-Chung Kuo 2 and Jn-Chou Cheng 3 1 Department of Computer and Informaton Scence, R.O.C. Mltary Academy, Kaohsung 83059, Tawan,
More informationSurvey on Virtual Machine Placement Techniques in Cloud Computing Environment
Survey on Vrtual Machne Placement Technques n Cloud Computng Envronment Rajeev Kumar Gupta and R. K. Paterya Department of Computer Scence & Engneerng, MANIT, Bhopal, Inda ABSTRACT In tradtonal data center
More informationTraffic State Estimation in the Traffic Management Center of Berlin
Traffc State Estmaton n the Traffc Management Center of Berln Authors: Peter Vortsch, PTV AG, Stumpfstrasse, D-763 Karlsruhe, Germany phone ++49/72/965/35, emal peter.vortsch@ptv.de Peter Möhl, PTV AG,
More informationM3S MULTIMEDIA MOBILITY MANAGEMENT AND LOAD BALANCING IN WIRELESS BROADCAST NETWORKS
M3S MULTIMEDIA MOBILITY MANAGEMENT AND LOAD BALANCING IN WIRELESS BROADCAST NETWORKS Bogdan Cubotaru, Gabrel-Mro Muntean Performance Engneerng Laboratory, RINCE School of Electronc Engneerng Dubln Cty
More informationThe OC Curve of Attribute Acceptance Plans
The OC Curve of Attrbute Acceptance Plans The Operatng Characterstc (OC) curve descrbes the probablty of acceptng a lot as a functon of the lot s qualty. Fgure 1 shows a typcal OC Curve. 10 8 6 4 1 3 4
More informationStochastic Protocol Modeling for Anomaly Based Network Intrusion Detection
Stochastc Protocol Modelng for Anomaly Based Network Intruson Detecton Juan M. Estevez-Tapador, Pedro Garca-Teodoro, and Jesus E. Daz-Verdejo Department of Electroncs and Computer Technology Unversty of
More informationDEFINING %COMPLETE IN MICROSOFT PROJECT
CelersSystems DEFINING %COMPLETE IN MICROSOFT PROJECT PREPARED BY James E Aksel, PMP, PMI-SP, MVP For Addtonal Informaton about Earned Value Management Systems and reportng, please contact: CelersSystems,
More informationThe Development of Web Log Mining Based on Improve-K-Means Clustering Analysis
The Development of Web Log Mnng Based on Improve-K-Means Clusterng Analyss TngZhong Wang * College of Informaton Technology, Luoyang Normal Unversty, Luoyang, 471022, Chna wangtngzhong2@sna.cn Abstract.
More informationA Passive Network Measurement-based Traffic Control Algorithm in Gateway of. P2P Systems
roceedngs of the 7th World Congress The Internatonal Federaton of Automatc Control A assve Network Measurement-based Traffc Control Algorthm n Gateway of 2 Systems Ybo Jang, Weje Chen, Janwe Zheng, Wanlang
More informationFeature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College
Feature selecton for ntruson detecton Slobodan Petrovć NISlab, Gjøvk Unversty College Contents The feature selecton problem Intruson detecton Traffc features relevant for IDS The CFS measure The mrmr measure
More informationNetwork Services Definition and Deployment in a Differentiated Services Architecture
etwork Servces Defnton and Deployment n a Dfferentated Servces Archtecture E. kolouzou, S. Manats, P. Sampatakos,. Tsetsekas, I. S. Veners atonal Techncal Unversty of Athens, Department of Electrcal and
More informationFrequency Selective IQ Phase and IQ Amplitude Imbalance Adjustments for OFDM Direct Conversion Transmitters
Frequency Selectve IQ Phase and IQ Ampltude Imbalance Adjustments for OFDM Drect Converson ransmtters Edmund Coersmeer, Ernst Zelnsk Noka, Meesmannstrasse 103, 44807 Bochum, Germany edmund.coersmeer@noka.com,
More informationA Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing
A Replcaton-Based and Fault Tolerant Allocaton Algorthm for Cloud Computng Tork Altameem Dept of Computer Scence, RCC, Kng Saud Unversty, PO Box: 28095 11437 Ryadh-Saud Araba Abstract The very large nfrastructure
More informationAPPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT
APPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT Toshhko Oda (1), Kochro Iwaoka (2) (1), (2) Infrastructure Systems Busness Unt, Panasonc System Networks Co., Ltd. Saedo-cho
More informationAn Interest-Oriented Network Evolution Mechanism for Online Communities
An Interest-Orented Network Evoluton Mechansm for Onlne Communtes Cahong Sun and Xaopng Yang School of Informaton, Renmn Unversty of Chna, Bejng 100872, P.R. Chna {chsun,yang}@ruc.edu.cn Abstract. Onlne
More informationAn Alternative Way to Measure Private Equity Performance
An Alternatve Way to Measure Prvate Equty Performance Peter Todd Parlux Investment Technology LLC Summary Internal Rate of Return (IRR) s probably the most common way to measure the performance of prvate
More informationINVESTIGATION OF VEHICULAR USERS FAIRNESS IN CDMA-HDR NETWORKS
21 22 September 2007, BULGARIA 119 Proceedngs of the Internatonal Conference on Informaton Technologes (InfoTech-2007) 21 st 22 nd September 2007, Bulgara vol. 2 INVESTIGATION OF VEHICULAR USERS FAIRNESS
More informationData Broadcast on a Multi-System Heterogeneous Overlayed Wireless Network *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 24, 819-840 (2008) Data Broadcast on a Mult-System Heterogeneous Overlayed Wreless Network * Department of Computer Scence Natonal Chao Tung Unversty Hsnchu,
More informationEffective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints
Effectve Network Defense Strateges aganst Malcous Attacks wth Varous Defense Mechansms under Qualty of Servce Constrants Frank Yeong-Sung Ln Department of Informaton Natonal Tawan Unversty Tape, Tawan,
More informationA FEATURE SELECTION AGENT-BASED IDS
A FEATURE SELECTION AGENT-BASED IDS Emlo Corchado, Álvaro Herrero and José Manuel Sáz Department of Cvl Engneerng, Unversty of Burgos C/Francsco de Vtora s/n., 09006, Burgos, Span Phone: +34 947259395,
More informationInstitute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic
Lagrange Multplers as Quanttatve Indcators n Economcs Ivan Mezník Insttute of Informatcs, Faculty of Busness and Management, Brno Unversty of TechnologCzech Republc Abstract The quanttatve role of Lagrange
More informationFault tolerance in cloud technologies presented as a service
Internatonal Scentfc Conference Computer Scence 2015 Pavel Dzhunev, PhD student Fault tolerance n cloud technologes presented as a servce INTRODUCTION Improvements n technques for vrtualzaton and performance
More informationAn Approach for Detecting a Flooding Attack Based on Entropy Measurement of Multiple E-Mail Protocols
Journal of Appled Scence and Engneerng, Vol. 18, No. 1, pp. 79 88 (2015) DOI: 10.6180/jase.2015.18.1.10 An Approach for Detectng a Floodng Attack Based on Entropy Measurement of Multple E-Mal Protocols
More informationCooperative Load Balancing in IEEE 802.11 Networks with Cell Breathing
Cooperatve Load Balancng n IEEE 82.11 Networks wth Cell Breathng Eduard Garca Rafael Vdal Josep Paradells Wreless Networks Group - Techncal Unversty of Catalona (UPC) {eduardg, rvdal, teljpa}@entel.upc.edu;
More informationA Design Method of High-availability and Low-optical-loss Optical Aggregation Network Architecture
A Desgn Method of Hgh-avalablty and Low-optcal-loss Optcal Aggregaton Network Archtecture Takehro Sato, Kuntaka Ashzawa, Kazumasa Tokuhash, Dasuke Ish, Satoru Okamoto and Naoak Yamanaka Dept. of Informaton
More informationbenefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).
REVIEW OF RISK MANAGEMENT CONCEPTS LOSS DISTRIBUTIONS AND INSURANCE Loss and nsurance: When someone s subject to the rsk of ncurrng a fnancal loss, the loss s generally modeled usng a random varable or
More informationAn RFID Distance Bounding Protocol
An RFID Dstance Boundng Protocol Gerhard P. Hancke and Markus G. Kuhn May 22, 2006 An RFID Dstance Boundng Protocol p. 1 Dstance boundng Verfer d Prover Places an upper bound on physcal dstance Does not
More informationEfficient Bandwidth Management in Broadband Wireless Access Systems Using CAC-based Dynamic Pricing
Effcent Bandwdth Management n Broadband Wreless Access Systems Usng CAC-based Dynamc Prcng Bader Al-Manthar, Ndal Nasser 2, Najah Abu Al 3, Hossam Hassanen Telecommuncatons Research Laboratory School of
More informationModule 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur
Module LOSSLESS IMAGE COMPRESSION SYSTEMS Lesson 3 Lossless Compresson: Huffman Codng Instructonal Objectves At the end of ths lesson, the students should be able to:. Defne and measure source entropy..
More informationA cooperative connectionist IDS model to identify independent anomalous SNMP situations
A cooperatve connectonst IDS model to dentfy ndependent anomalous SNMP stuatons Álvaro Herrero, Emlo Corchado, José Manuel Sáz Department of Cvl Engneerng, Unversty of Burgos, Span escorchado@ubu.es Abstract
More informationAnalysis of Energy-Conserving Access Protocols for Wireless Identification Networks
From the Proceedngs of Internatonal Conference on Telecommuncaton Systems (ITC-97), March 2-23, 1997. 1 Analyss of Energy-Conservng Access Protocols for Wreless Identfcaton etworks Imrch Chlamtac a, Chara
More informationHow To Detect An 802.11 Traffc From A Network With A Network Onlne Onlnet
IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. X, NO. X, XXX 2008 1 Passve Onlne Detecton of 802.11 Traffc Usng Sequental Hypothess Testng wth TCP ACK-Pars We We, Member, IEEE, Kyoungwon Suh, Member, IEEE,
More informationtaposh_kuet20@yahoo.comcsedchan@cityu.edu.hk rajib_csedept@yahoo.co.uk, alam_shihabul@yahoo.com
G. G. Md. Nawaz Al 1,2, Rajb Chakraborty 2, Md. Shhabul Alam 2 and Edward Chan 1 1 Cty Unversty of Hong Kong, Hong Kong, Chna taposh_kuet20@yahoo.comcsedchan@ctyu.edu.hk 2 Khulna Unversty of Engneerng
More information"Research Note" APPLICATION OF CHARGE SIMULATION METHOD TO ELECTRIC FIELD CALCULATION IN THE POWER CABLES *
Iranan Journal of Scence & Technology, Transacton B, Engneerng, ol. 30, No. B6, 789-794 rnted n The Islamc Republc of Iran, 006 Shraz Unversty "Research Note" ALICATION OF CHARGE SIMULATION METHOD TO ELECTRIC
More informationAuditing Cloud Service Level Agreement on VM CPU Speed
Audtng Cloud Servce Level Agreement on VM CPU Speed Ryan Houlhan, aojang Du, Chu C. Tan, Je Wu Department of Computer and Informaton Scences Temple Unversty Phladelpha, PA 19122, USA Emal: {ryan.houlhan,
More informationQOS DISTRIBUTION MONITORING FOR PERFORMANCE MANAGEMENT IN MULTIMEDIA NETWORKS
QOS DISTRIBUTION MONITORING FOR PERFORMANCE MANAGEMENT IN MULTIMEDIA NETWORKS Yumng Jang, Chen-Khong Tham, Ch-Chung Ko Department Electrcal Engneerng Natonal Unversty Sngapore 119260 Sngapore Emal: {engp7450,
More informationQoS-Aware Active Queue Management for Multimedia Services over the Internet
QoS-Aware Actve Queue Management for Multmeda Servces over the Internet I-Shyan Hwang, *Bor-Junn Hwang, Pen-Mng Chang, Cheng-Yu Wang Abstract Recently, the multmeda servces such as IPTV, vdeo conference
More informationEnd-to-end measurements of GPRS-EDGE networks have
End-to-end measurements over GPRS-EDGE networks Juan Andrés Negrera Facultad de Ingenería, Unversdad de la Repúblca Montevdeo, Uruguay Javer Perera Facultad de Ingenería, Unversdad de la Repúblca Montevdeo,
More informationMulti-sensor Data Fusion for Cyber Security Situation Awareness
Avalable onlne at www.scencedrect.com Proceda Envronmental Scences 0 (20 ) 029 034 20 3rd Internatonal Conference on Envronmental 3rd Internatonal Conference on Envronmental Scence and Informaton Applcaton
More informationIMPACT ANALYSIS OF A CELLULAR PHONE
4 th ASA & μeta Internatonal Conference IMPACT AALYSIS OF A CELLULAR PHOE We Lu, 2 Hongy L Bejng FEAonlne Engneerng Co.,Ltd. Bejng, Chna ABSTRACT Drop test smulaton plays an mportant role n nvestgatng
More informationOn the Optimal Control of a Cascade of Hydro-Electric Power Stations
On the Optmal Control of a Cascade of Hydro-Electrc Power Statons M.C.M. Guedes a, A.F. Rbero a, G.V. Smrnov b and S. Vlela c a Department of Mathematcs, School of Scences, Unversty of Porto, Portugal;
More informationVoIP Playout Buffer Adjustment using Adaptive Estimation of Network Delays
VoIP Playout Buffer Adjustment usng Adaptve Estmaton of Network Delays Mroslaw Narbutt and Lam Murphy* Department of Computer Scence Unversty College Dubln, Belfeld, Dubln, IRELAND Abstract The poor qualty
More informationRequIn, a tool for fast web traffic inference
RequIn, a tool for fast web traffc nference Olver aul, Jean Etenne Kba GET/INT, LOR Department 9 rue Charles Fourer 90 Evry, France Olver.aul@nt-evry.fr, Jean-Etenne.Kba@nt-evry.fr Abstract As networked
More informationVRT012 User s guide V0.1. Address: Žirmūnų g. 27, Vilnius LT-09105, Phone: (370-5) 2127472, Fax: (370-5) 276 1380, Email: info@teltonika.
VRT012 User s gude V0.1 Thank you for purchasng our product. We hope ths user-frendly devce wll be helpful n realsng your deas and brngng comfort to your lfe. Please take few mnutes to read ths manual
More informationA Dynamic Load Balancing for Massive Multiplayer Online Game Server
A Dynamc Load Balancng for Massve Multplayer Onlne Game Server Jungyoul Lm, Jaeyong Chung, Jnryong Km and Kwanghyun Shm Dgtal Content Research Dvson Electroncs and Telecommuncatons Research Insttute Daejeon,
More informationAN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE
AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE Yu-L Huang Industral Engneerng Department New Mexco State Unversty Las Cruces, New Mexco 88003, U.S.A. Abstract Patent
More informationVision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION
Vson Mouse Saurabh Sarkar a* a Unversty of Cncnnat, Cncnnat, USA ABSTRACT The report dscusses a vson based approach towards trackng of eyes and fngers. The report descrbes the process of locatng the possble
More informationA New Quality of Service Metric for Hard/Soft Real-Time Applications
A New Qualty of Servce Metrc for Hard/Soft Real-Tme Applcatons Shaoxong Hua and Gang Qu Electrcal and Computer Engneerng Department and Insttute of Advanced Computer Study Unversty of Maryland, College
More informationCan Auto Liability Insurance Purchases Signal Risk Attitude?
Internatonal Journal of Busness and Economcs, 2011, Vol. 10, No. 2, 159-164 Can Auto Lablty Insurance Purchases Sgnal Rsk Atttude? Chu-Shu L Department of Internatonal Busness, Asa Unversty, Tawan Sheng-Chang
More informationFigure 1. Time-based operation of AIDP.
Adaptve Intruson Detecton & Preventon of Denal of Servce attacs n MANETs Adnan Nadeem Centre for Communcaton Systems Research Unversty of Surrey, UK a.nadeem@surrey.ac.u ABSTRACT Moble ad-hoc networs (MANETs)
More informationPerformance Evaluation of Multi-Stage Change-Point Detection Scheme against DDoS Attacks by Random Scan Worms
Performance Evaluaton of Mult-Stage Change-Pont Detecton Scheme aganst DDoS Attacks by Random Scan Worms Tutomu Murase *, Yuknobu Fukushma **, Masayosh Kobayash *, Sakko Nshmoto **, Ryohe Fumak * and Tokum
More informationA DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION. Michael E. Kuhl Radhamés A. Tolentino-Peña
Proceedngs of the 2008 Wnter Smulaton Conference S. J. Mason, R. R. Hll, L. Mönch, O. Rose, T. Jefferson, J. W. Fowler eds. A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION
More informationAn Introduction to 3G Monte-Carlo simulations within ProMan
An Introducton to 3G Monte-Carlo smulatons wthn ProMan responsble edtor: Hermann Buddendck AWE Communcatons GmbH Otto-Llenthal-Str. 36 D-71034 Böblngen Phone: +49 70 31 71 49 7-16 Fax: +49 70 31 71 49
More informationScalable and Secure Architecture for Digital Content Distribution
Valer Bocan Scalable and Secure Archtecture for Dgtal Content Dstrbuton Mha Fagadar-Cosma Department of Computer Scence and Engneerng Informaton Technology Department Poltehnca Unversty of Tmsoara Alcatel
More informationA Load-Balancing Algorithm for Cluster-based Multi-core Web Servers
Journal of Computatonal Informaton Systems 7: 13 (2011) 4740-4747 Avalable at http://www.jofcs.com A Load-Balancng Algorthm for Cluster-based Mult-core Web Servers Guohua YOU, Yng ZHAO College of Informaton
More informationDBA-VM: Dynamic Bandwidth Allocator for Virtual Machines
DBA-VM: Dynamc Bandwdth Allocator for Vrtual Machnes Ahmed Amamou, Manel Bourguba, Kamel Haddadou and Guy Pujolle LIP6, Perre & Mare Cure Unversty, 4 Place Jusseu 755 Pars, France Gand SAS, 65 Boulevard
More informationSome literature also use the term Process Control
A Formal Approach for Internal Controls Complance n Busness Processes Koumars Namr 1, Nenad Stojanovc 2 1 SAP Research Center CEC Karlsruhe, SAP AG, Vncenz-Preßntz-Str.1 76131 Karlsruhe, Germany Koumars.Namr@sap.com
More informationRELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT
Kolowrock Krzysztof Joanna oszynska MODELLING ENVIRONMENT AND INFRATRUCTURE INFLUENCE ON RELIABILITY AND OPERATION RT&A # () (Vol.) March RELIABILITY RIK AND AVAILABILITY ANLYI OF A CONTAINER GANTRY CRANE
More informationLATTICE-BASED FIREWALL FOR SAFETY INTERNET ACCESS
Proceedngs of the Postgraduate Annual Research Semnar 2005 238 LATTICE-BASED FIREWALL FOR SAFETY INTERNET ACCESS Cahyo Crysdan and Abdul Hanan Abdullah The Faculty of Computer Scence and Informaton System
More informationCHOLESTEROL REFERENCE METHOD LABORATORY NETWORK. Sample Stability Protocol
CHOLESTEROL REFERENCE METHOD LABORATORY NETWORK Sample Stablty Protocol Background The Cholesterol Reference Method Laboratory Network (CRMLN) developed certfcaton protocols for total cholesterol, HDL
More informationPerformance Analysis and Comparison of QoS Provisioning Mechanisms for CBR Traffic in Noisy IEEE 802.11e WLANs Environments
Tamkang Journal of Scence and Engneerng, Vol. 12, No. 2, pp. 143149 (2008) 143 Performance Analyss and Comparson of QoS Provsonng Mechansms for CBR Traffc n Nosy IEEE 802.11e WLANs Envronments Der-Junn
More informationReinforcement Learning for Quality of Service in Mobile Ad Hoc Network (MANET)
Renforcement Learnng for Qualty of Servce n Moble Ad Hoc Network (MANET) *T.KUMANAN AND **K.DURAISWAMY *Meenaksh College of Engneerng West K.K Nagar, Cheena-78 **Dean/academc,K.S.R College of Technology,Truchengode
More informationApplication of Multi-Agents for Fault Detection and Reconfiguration of Power Distribution Systems
1 Applcaton of Mult-Agents for Fault Detecton and Reconfguraton of Power Dstrbuton Systems K. Nareshkumar, Member, IEEE, M. A. Choudhry, Senor Member, IEEE, J. La, A. Felach, Senor Member, IEEE Abstract--The
More informationAn Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services
An Evaluaton of the Extended Logstc, Smple Logstc, and Gompertz Models for Forecastng Short Lfecycle Products and Servces Charles V. Trappey a,1, Hsn-yng Wu b a Professor (Management Scence), Natonal Chao
More informationA Novel Auction Mechanism for Selling Time-Sensitive E-Services
A ovel Aucton Mechansm for Sellng Tme-Senstve E-Servces Juong-Sk Lee and Boleslaw K. Szymansk Optmaret Inc. and Department of Computer Scence Rensselaer Polytechnc Insttute 110 8 th Street, Troy, Y 12180,
More informationA Novel Adaptive Load Balancing Routing Algorithm in Ad hoc Networks
Journal of Convergence Informaton Technology A Novel Adaptve Load Balancng Routng Algorthm n Ad hoc Networks Zhu Bn, Zeng Xao-png, Xong Xan-sheng, Chen Qan, Fan Wen-yan, We Geng College of Communcaton
More informationOpen Access A Load Balancing Strategy with Bandwidth Constraint in Cloud Computing. Jing Deng 1,*, Ping Guo 2, Qi Li 3, Haizhu Chen 1
Send Orders for Reprnts to reprnts@benthamscence.ae The Open Cybernetcs & Systemcs Journal, 2014, 8, 115-121 115 Open Access A Load Balancng Strategy wth Bandwdth Constrant n Cloud Computng Jng Deng 1,*,
More informationMAC Layer Service Time Distribution of a Fixed Priority Real Time Scheduler over 802.11
Internatonal Journal of Software Engneerng and Its Applcatons Vol., No., Aprl, 008 MAC Layer Servce Tme Dstrbuton of a Fxed Prorty Real Tme Scheduler over 80. Inès El Korb Ecole Natonale des Scences de
More informationA Statistical Model for Detecting Abnormality in Static-Priority Scheduling Networks with Differentiated Services
A Statstcal odel for Detectng Abnoralty n Statc-Prorty Schedulng Networks wth Dfferentated Servces ng L 1 and We Zhao 1 School of Inforaton Scence & Technology, East Chna Noral Unversty, Shangha 0006,
More informationivoip: an Intelligent Bandwidth Management Scheme for VoIP in WLANs
VoIP: an Intellgent Bandwdth Management Scheme for VoIP n WLANs Zhenhu Yuan and Gabrel-Mro Muntean Abstract Voce over Internet Protocol (VoIP) has been wdely used by many moble consumer devces n IEEE 802.11
More informationTraffic-light a stress test for life insurance provisions
MEMORANDUM Date 006-09-7 Authors Bengt von Bahr, Göran Ronge Traffc-lght a stress test for lfe nsurance provsons Fnansnspetonen P.O. Box 6750 SE-113 85 Stocholm [Sveavägen 167] Tel +46 8 787 80 00 Fax
More informationAN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
Internatonal Journal of Network Securty & Its Applcatons (IJNSA), Vol.5, No.3, May 2013 AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS Len Harn 1 and Changlu Ln 2 1 Department of Computer Scence
More informationRelay Secrecy in Wireless Networks with Eavesdropper
Relay Secrecy n Wreless Networks wth Eavesdropper Parvathnathan Venktasubramanam, Tng He and Lang Tong School of Electrcal and Computer Engneerng Cornell Unversty, Ithaca, NY 14853 Emal : {pv45, th255,
More informationA 2 -MAC: An Adaptive, Anycast MAC Protocol for Wireless Sensor Networks
: An Adaptve, Anycast MAC Protocol for Wreless Sensor Networks Hwee-Xan Tan and Mun Choon Chan Department of Computer Scence, School of Computng, Natonal Unversty of Sngapore {hweexan, chanmc}@comp.nus.edu.sg
More informationAn Adaptive and Distributed Clustering Scheme for Wireless Sensor Networks
2007 Internatonal Conference on Convergence Informaton Technology An Adaptve and Dstrbuted Clusterng Scheme for Wreless Sensor Networs Xnguo Wang, Xnmng Zhang, Guolang Chen, Shuang Tan Department of Computer
More informationTrust Formation in a C2C Market: Effect of Reputation Management System
Trust Formaton n a C2C Market: Effect of Reputaton Management System Htosh Yamamoto Unversty of Electro-Communcatons htosh@s.uec.ac.jp Kazunar Ishda Tokyo Unversty of Agrculture k-shda@noda.ac.jp Toshzum
More informationTHE DISTRIBUTION OF LOAN PORTFOLIO VALUE * Oldrich Alfons Vasicek
HE DISRIBUION OF LOAN PORFOLIO VALUE * Oldrch Alfons Vascek he amount of captal necessary to support a portfolo of debt securtes depends on the probablty dstrbuton of the portfolo loss. Consder a portfolo
More informationAd-Hoc Games and Packet Forwardng Networks
On Desgnng Incentve-Compatble Routng and Forwardng Protocols n Wreless Ad-Hoc Networks An Integrated Approach Usng Game Theoretcal and Cryptographc Technques Sheng Zhong L (Erran) L Yanbn Grace Lu Yang
More informationLecture 2: Single Layer Perceptrons Kevin Swingler
Lecture 2: Sngle Layer Perceptrons Kevn Sngler kms@cs.str.ac.uk Recap: McCulloch-Ptts Neuron Ths vastly smplfed model of real neurons s also knon as a Threshold Logc Unt: W 2 A Y 3 n W n. A set of synapses
More informationNegative Selection and Niching by an Artificial Immune System for Network Intrusion Detection
Negatve Selecton and Nchng by an Artfcal Immune System for Network Intruson Detecton Jungwon Km and Peter Bentley Department of omputer Scence, Unversty ollege London, Gower Street, London, W1E 6BT, U.K.
More informationA Perfect QoS Routing Algorithm for Finding the Best Path for Dynamic Networks
A Perfect QoS Routng Algorthm for Fndng the Best Path for Dynamc Networks Hazem M. El-Bakry Faculty of Computer Scence & Informaton Systems, Mansoura Unversty, EGYPT helbakry20@yahoo.com Nkos Mastoraks
More informationResponse Coordination of Distributed Generation and Tap Changers for Voltage Support
Response Coordnaton of Dstrbuted Generaton and Tap Changers for Voltage Support An D.T. Le, Student Member, IEEE, K.M. Muttaq, Senor Member, IEEE, M. Negnevtsky, Member, IEEE,and G. Ledwch, Senor Member,
More informationTesting CAB-IDS through Mutations: on the Identification of Network Scans
Testng CAB-IDS through Mutatons: on the Identfcaton of Network Scans Emlo Corchado, Álvaro Herrero, José Manuel Sáz Department of Cvl Engneerng, Unversty of Burgos, Span {escorchado, ahcoso, msaz}@ubu.es
More informationRESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL. Yaoqi FENG 1, Hanping QIU 1. China Academy of Space Technology (CAST) yaoqi.feng@yahoo.
ICSV4 Carns Australa 9- July, 007 RESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL Yaoq FENG, Hanpng QIU Dynamc Test Laboratory, BISEE Chna Academy of Space Technology (CAST) yaoq.feng@yahoo.com Abstract
More informationA Parallel Architecture for Stateful Intrusion Detection in High Traffic Networks
A Parallel Archtecture for Stateful Intruson Detecton n Hgh Traffc Networks Mchele Colajann Mrco Marchett Dpartmento d Ingegnera dell Informazone Unversty of Modena {colajann, marchett.mrco}@unmore.t Abstract
More informationAutomated Network Performance Management and Monitoring via One-class Support Vector Machine
Automated Network Performance Management and Montorng va One-class Support Vector Machne R. Zhang, J. Jang, and S. Zhang Dgtal Meda & Systems Research Insttute, Unversty of Bradford, UK Abstract: In ths
More informationA Dynamic Energy-Efficiency Mechanism for Data Center Networks
A Dynamc Energy-Effcency Mechansm for Data Center Networks Sun Lang, Zhang Jnfang, Huang Daochao, Yang Dong, Qn Yajuan A Dynamc Energy-Effcency Mechansm for Data Center Networks 1 Sun Lang, 1 Zhang Jnfang,
More informationCalculating the high frequency transmission line parameters of power cables
< ' Calculatng the hgh frequency transmsson lne parameters of power cables Authors: Dr. John Dcknson, Laboratory Servces Manager, N 0 RW E B Communcatons Mr. Peter J. Ncholson, Project Assgnment Manager,
More informationCalculation of Sampling Weights
Perre Foy Statstcs Canada 4 Calculaton of Samplng Weghts 4.1 OVERVIEW The basc sample desgn used n TIMSS Populatons 1 and 2 was a two-stage stratfed cluster desgn. 1 The frst stage conssted of a sample
More informationHow To Understand The Results Of The German Meris Cloud And Water Vapour Product
Ttel: Project: Doc. No.: MERIS level 3 cloud and water vapour products MAPP MAPP-ATBD-ClWVL3 Issue: 1 Revson: 0 Date: 9.12.1998 Functon Name Organsaton Sgnature Date Author: Bennartz FUB Preusker FUB Schüller
More informationMinimal Coding Network With Combinatorial Structure For Instantaneous Recovery From Edge Failures
Mnmal Codng Network Wth Combnatoral Structure For Instantaneous Recovery From Edge Falures Ashly Joseph 1, Mr.M.Sadsh Sendl 2, Dr.S.Karthk 3 1 Fnal Year ME CSE Student Department of Computer Scence Engneerng
More informationPerformance Analysis of Energy Consumption of Smartphone Running Mobile Hotspot Application
Internatonal Journal of mart Grd and lean Energy Performance Analyss of Energy onsumpton of martphone Runnng Moble Hotspot Applcaton Yun on hung a chool of Electronc Engneerng, oongsl Unversty, 511 angdo-dong,
More informationDamage detection in composite laminates using coin-tap method
Damage detecton n composte lamnates usng con-tap method S.J. Km Korea Aerospace Research Insttute, 45 Eoeun-Dong, Youseong-Gu, 35-333 Daejeon, Republc of Korea yaeln@kar.re.kr 45 The con-tap test has the
More informationWhen Network Effect Meets Congestion Effect: Leveraging Social Services for Wireless Services
When Network Effect Meets Congeston Effect: Leveragng Socal Servces for Wreless Servces aowen Gong School of Electrcal, Computer and Energy Engeerng Arzona State Unversty Tempe, AZ 8587, USA xgong9@asuedu
More informationWhat is Candidate Sampling
What s Canddate Samplng Say we have a multclass or mult label problem where each tranng example ( x, T ) conssts of a context x a small (mult)set of target classes T out of a large unverse L of possble
More informationLuby s Alg. for Maximal Independent Sets using Pairwise Independence
Lecture Notes for Randomzed Algorthms Luby s Alg. for Maxmal Independent Sets usng Parwse Independence Last Updated by Erc Vgoda on February, 006 8. Maxmal Independent Sets For a graph G = (V, E), an ndependent
More informationEnterprise Master Patient Index
Enterprse Master Patent Index Healthcare data are captured n many dfferent settngs such as hosptals, clncs, labs, and physcan offces. Accordng to a report by the CDC, patents n the Unted States made an
More information