Transient Performance of PacketScore for blocking DDoS attacks

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Transient Performance of PacketScore for blocking DDoS attacks"

Transcription

1 Transient Perforance of PacketScore for blocking DDoS attacks Mooi Choo Chuah 1 Wing Cheong Lau Yoohwan Ki H. Jonathan Chao CSE Deartent Bell Laboratories EECS Deartent ECE Deartent Lehigh Univ. Lucent Technologies Case Western Reserve Univ. Polytechnic Univ. Bethlehe, PA Holdel, NJ Cleveland, OH Brooklyn, NY Abstract--Distributed Denial of Service (DDoS) attack is a critical threat to the Internet. Recently we have roosed the PacketScore schee, a DDoS defense architecture that suorts autoated attack detection, on-line attack characterization and attack blocking. Its key idea is to use a statistics-based acket scoring echanis to distinguish between legitiate and nonlegitiate ackets and discard ackets based on the acket scores. In order for such an aroach to work, we need to erfor on-line traffic characterizations, and coare such characterizations with noinal rofiles (generated fro ast history or off-line analysis). The threshold used for the scorebased selective acket discard decision is dynaically adjusted based on the score distribution of recent incoing ackets. In our revious aer [Ki04], we discuss how our roosed syste erfors in different attack scenarios. In this aer, we first give a brief review of the PacketScore aroach and further elaborate on the transient erforance under varying attack tyes and intensities, which ay be exloited in ore sohisticated attacks. We then show that PacketScore is well caable of blocking such sohisticated attacks by sily adjusting the easureent window tie scale to closely track the attack rofile. I. INTRODUCTION One of the ajor threats to cyber security is Distributed Denial-of-Service (DDoS) attack in which the victi network eleent(s) are bobarded with high volue of fictitious, attacking ackets originated fro a large nuber of achines. The ai of DDoS attack is to overload the victi and render it incaable of erforing noral transactions. Recently, the DDoS roble has attracted uch attention fro the research counity. So far, the focus has been on the design of traffic arking and traceback rotocols [Be01, Pa01, Sa01, Sn01] which enable downstrea rers to deterine and notify the ustrea rers of the attacking ackets. Once the ustrea sources of the attack have been identified, roosed ushback echaniss [Io02, Ya02] are used to contain the daage of the attack. However, the effectiveness of such an aroach is contingent uon the ability to extract a recise characterization of the attacking ackets. While there has been recent work by the data-ining research counity to recognize intrusion atterns using offline achine-learning aroaches [Le98, Ma99], these schees are ostly offline-oriented. An excetion to this trend is the D-WARD aroach [Mi02], which does erfor liited statistical traffic rofiling at the edge of the networks to detect new tyes of DDoS attacks online. D-WARD ais at stoing DDoS attacks near their sources, i.e., the ingress rers. While such "source-side" tackling aroach is attractive in ters of having less deanding oerating-seed and scalability requireents, its viability hinges on the voluntary cooeration of ajority of ingress network adinistrators internet-wide. There are also a sall set of coercial roducts [Mazu, Rive] which advertise liited suort of statistics-based adative filtering techniques. However, ost of these solutions do not fully autoate acket differentiation or filter enforceent. Instead, they only recoend a set of binary filter rules to the network adinistrator to be installed in their rers or firewalls. Recently we have roosed a statistics-based schee, called PacketScore, for autoated on-line attack characterization and acket discarding [Ki04], where we rovided a detailed descrition of our PacketScore aroach and siulation results under different attack scenarios. However, we did not rovide any sensitivity analysis on how the score distribution changes with tie when different attack tyes occur. In this aer, we concentrate ore on the transient erforance of the PacketScore syste. In articular, we discuss how the erforance changes with different attack tyes, different attack intensities and different easureent window ties. The rest of this aer is organized as follows: in Section II, we rovide an overview of the PacketScore DDoS defense architecture. In Section III, we discuss how PacketScore erfors in different attack scenarios and show its transient behavior. We exaine the erforance under changing attack tyes coosed of four riary attack tyes (generic, TCP- SYN flooding, SQL Slaer wor, and noinal attack), and changing attack intensities. We conclude in Section IV with soe future work that we intend to exlore. II. PACKETSCORE OVERVIEW In PacketScore, we erfor online traffic rofiling of the incoing traffic and coare it with the noinal traffic rofile for abnorality detection. The key concet in rofiling is the notion of "Conditional Legitiate Probability" (CLP) which indicates the likelihood of a acket being a legitiate one given the attribute values it ossesses. Packets are selectively discarded by coaring the CLP of each acket with a dynaic threshold. The viability of this aroach is based on the reise that there are soe traffic characteristics that are inherently stable during noral network oerations of a network, in the absence of DDOS attacks. This "invariant" reise was suorted by recent traffic easureents and analysis reorted in [Fra03,Liu02,Ki04]. The PacketScore syste is coosed of two arts, the noinal rofile generation art (off-line) and the scoring/discarding art (on-line). We will review the in the following subsections. 1 This work was done while Professor Chuah was with Bell Labs.

2 A. Conditional Legitiate Probability Let N n be the nuber of ackets arriving during a tie eriod T during noral oeration (n for noral). Let {A, B, C, } be the acket attributes, {a 1, a 2, a 3, } be the ossible values for attribute A, {b 1, b 2, b 3, } be the ossible values for attribute B, and so on. We denote P n (Aa i ) as the ratio of the ackets having value a i for attribute A, which is equivalent to the nuber of ackets having the value of a i for attribute A divided by N n. ( i P n ( A a i ) 1) Let us assue that during the sae eriod T, N a attack ackets are added. The total nuber of ackets during T is then N n + N a, which we denote by N (a for attack, for easured). Siilarly to P n (Aa i ), we define P a (Aa i ) and P (Aa i ) as following: P a (Aa i ): the ratio of ackets having value a i for attribute A aong N a attack ackets P (Aa i ): the ratio of ackets having value a i for attribute A aong N total ackets We define the conditional legitiate robability (CLP) as the conditional robability of a acket being legitiate given the set of attribute values it carries, that is, CLP (acket ) P (acket is legitiate attribute A a, attribute B b, ), where a, b, are the attribute values of a acket It can be rewritten as follows: P(( legitiate) ( A a, B b,...)) CLP( ) P( A a, B b,...)... Eq. (1) Nn Pn( A a, B b,...) N Nn Pn ( A a, B b,...) N P ( A a, B b,...) N N P ( A a, B b,...) If the attributes are indeendent, then P(Aa, Bb, ) P(Aa ) * P(Bb ) *, and the CLP can be further rewritten as, N n Pn ( A a ) Pn ( B b )... CLP ( ).. Eq. (2) N P ( A a ) P ( B b )... Consider one of the ters P n ( A a ) P ( A a ) in Eq.(2) during a DDoS attack. If the acket is one of the any attack ackets with attribute value a, then P a (A a ) is high during attack and P (A a ) becoes high. Since P n (A a ) is stable, the resulting CLP becoes low. On the other hand, for other attributes values that few attack ackets have, a, the ratio P a (A a ) is low even if the actual nuber of such attack ackets are greater than the nuber of noral ackets. This akes P (A a ) low and subsequently akes the CLP low. CLP is considered a score for indicating the legitiacy of a acket and the effectiveness is alified as we eloy ore acket attributes, including joint attributes of ultile attributes, and as the attack volue increases. The otential acket attributes are any field in the IP acket header that are exected to change substantially under DDoS attack, such as source IP refix, rotocol tye, acket size, server ort nuber (since the server bound traffic is ore stable), TTL, TCP flag atterns, and cobination of ultile attributes such as TTL + Source IP refix. B. Off-line Noinal Profile Generation Since the actual legitiate traffic distribution during attack is unknown, we need to establish a reference rofile, called noinal rofile, fro the ast traffic. This rofiling inforation is stored in the for of noralized histogras of one or higher diensions. Due to the large nuber of attributes and attribute values to be incororated in a rofile, an efficient data structure is required to ileent such histogras. Towards this end, we use iceberg-style histogras [Ba02], where the histogra only includes those entries in the oulation which aear ore frequently than a reset ercentage threshold, say x. For entries which are absent fro the iceberg-style histogra, we will use the uer bound, i.e., x as their relative frequency. Tradeoffs between icebergthreshold, histogra storage requireent and acket differentiation erforance are discussed in [Ki04]. C. On-line PacketScore Oeration While attack ackets arrive continuously and the true rofile changes as new ackets arrive, continuous rofile generation and scoring is very difficult. Instead we take ieline aroach where the tie is divided into fixed intervals, and each oeration is erfored based on the snashot of the revious eriod. In PacketScore, the following 3 stages are erfored in ieline, naely, incoing acket rofiling, scoring, and discarding. First, acket rofile is easured at eriod T 1, and a scorebook is generated at the end of the eriod. Using the scorebook, the subsequent ackets are scored at eriod T 2, and the score distribution grah is generated along with the cutoff threshold score at the end of eriod T 2. At eriod T 3, the incoing ackets are either acceted or discarded based on the threshold score. Incoing Packet Profiling Siilar to the off-line acket rofile, an on-line rofile is generated as ackets arrive. Rather than erforing exensive calculation of the CLP on the fly, we eloy a scorebook aroach. A frozen set of recent histogras in eriod T 1 is used along with the stored off-line noinal rofile to generate a set of "scorebooks" which as a secific cobination of attribute values to its corresonding "score". To accelerate the coutation, a logarithic version of Eq. (2) is used. Scoring and Selective Discarding The objective of PacketScore is to rioritize the ackets based on their CLP values and discarding the ost likely attack ackets. Since an exact rioritization would require offline, ultile-ass oerations, e.g., sorting, we take the following alternative aroach to realize an online, one-ass oeration. First, all the incoing ackets during T 2 are scored. Second, we construct a cuulative distribution function (CDF) with the CLP scores of the ackets. Then a loadshedding algorith [Ka01] is used to deterine the fraction ( Φ ) of arriving ackets to be discarded in order to control the utilization of the victi to be below a value. Once the required acket-discarding ercentage, Φ, is deterined, the corresonding CLP discarding threshold, Thd, is looked u fro the CDF of the CLP scores. We then discard a susicious acket if its CLP score is below the threshold, Thd. While

3 CLP-coutation is always erfored for each incoing acket, selective acket discarding only haens when the syste is oerating beyond its safe () utilization level. Otherwise, the overload control schee will set Φ to zero. D. Sale score distribution Figure 1 shows a tyical score distribution under a constant DDoS attack. The attack ackets (red) are concentrated in the lower scored region while legitiate ackets (blue) have higher scores. The black bar reresents the cutoff threshold scores for discard decision, which reoves the ajority of the attack traffic. Packet nubers in log Score High Figure 1. ic acket score distribution III. PERFORMANCE ANALYSIS A. Perforance Metrics We quantify the erforance of PacketScore in the following three asects: First, we exaine the differences in the score distribution for attack and legitiate ackets. Such differences are quantified using 2 etrics, naely, R A and R L. Let Min L (Max A ) be the lowest (highest) score observed for the incoing legitiate (attacking) ackets. Define R A (R L ) to be the fraction of attacking (legitiate) ackets which have a score below Min L (above Max A ). The closer of the values of R A and R L to 100, the better the score-differentiation ower. To avoid the asking effect of isolated lier ackets having extree scores, we take Min L (Max A ) to be the 1 st (99 th ) ercentile of the score distribution of legitiate (attacking) ackets. Second, we easure the false ositive (i.e., fraction of legitiate ackets got falsely discarded), and false negative (i.e., fraction of attacking ackets got falsely aditted) ratios of PacketScore. While R A and R L can quantify the score differentiation ower, the final coe of selective discarding also deends on the dynaics of the threshold udate echaniss. Third, we observe whether the aount of assing traffic after discarding is within an accetable range for the destination. To easure the effectiveness of the overload control, we coare the actual ut utilization against the axiu utilization ( t arg et set by the schee ). In our siulations is read fro the noinal traffic rofile. We review the erforance of PacketScore under constant attack, and then observe the erforance under varying attacks. We study three tyes of changing attacks, i.e., attack tye change, attack intensity change, and both attack tye and intensity change. The default attack intensity is 10 ties of noinal traffic, and the easureent window tie is 10 seconds. For all attack scenarios, the siulation is erfored for 300 seconds. For the traffic data, the acket trace data fro WIDE roject is used [WIDE]. B. Attack Tyes Table 1 shows the erforance of PacketScore under constant attack with four riary attack tyes and ixed attack as defined as following. (All attack ackets have randoized source IP address and source ort nuber) Generic attack: All attribute values of the attack ackets are uniforly randoized over their corresonding allowable ranges. TCP-SYN flooding attack: All attack ackets are TCP SYN ackets SQL Slaer Wor attack: All attack ackets are UDP ackets to ort 1434 with the size between 371 to 400 bytes Noinal attack: All attacking ackets reseble the ost doinant tye of legitiate ackets observed in Internet, i.e byte TCP ackets with server-ort 80 and TCP-flag set to ACK. Mixed attack: above 4 attacks are equally ixed PacketScore shows rearkable effectiveness in discarding attack ackets under constant attack, including ixed attack. After PacketScore rocessing, 1100 of noinal traffic volue is reduced down to ab 100 of noinal traffic. Attack Tye Searation - ve R A R L Generic TCP-SYN flooding SQL Slaer Wor Noinal Mixed Table 1: PacketScore erforance under consistent attack tye (Measureent window 10 seconds) We now observe the effect of a changing attack where an attack tye randoly selected fro the four riary attack tyes continues for an exonentially distributed eriod before another attack tye is icked. Table 2 tabulates the siulation results for changing attacks. attacks are ore challenging to block due to their colex/ tie-varying attacking acket characteristics. When a change occurs, it takes two easureent eriods for PacketScore to establish new rofiles and scorebooks due to the nature of ieline rocessing. During this adjustent eriods, PacketScore schee can be isled to defend against soe no-longerexisting attack ackets. This situation is described in Figure 2, showing the sudden divergence uon change occurrences. The effect becoes worse if the attack tye changes raidly coared to the easureent eriod tie scale.

4 Attack Tye Searation - ve R A R L attack duration 10 sec) attack duration 30 sec) attack duration 60 sec) Table 2: PacketScore erforance under changing attack tye (Measureent window 10 sec., with fine-grain overload control) Packets er Second (s) Attack incoing Attack going Legitiate incoing Legitiate going Figure 2: Incoing vs. going traffic under changing attack tye (Ave. attack duration 10 sec., Measureent window 10 sec.) One way to irove the effectiveness of the PacketScore schee is to aly fine-grain overload control within a easureent window as in our earlier study [Ki04] where 0.1-second fine-grain control is used in a 60-sec easureent window case. Figure 3 shows that the fine-grain overload control achieves soe iroveent. However, its effectiveness ay be liited because the scorebook and CDF reains the sae through the easureent window eriod even after the attack traffic rofile changes. Attack Tye Searation - ve R A R L (fine-grain OC window 1 sec) (fine-grain OC window 0.1 sec) Table 3: PacketScore erforance under changing attack tye (Measureent window 10 sec., ave. attack duration 10 sec. with fine-grain overload control) Another way is to shorten the easureent window tie to seed u scorebooks/ CDF udates with fine-grain overload control. When the easureent window tie is reduced to 1 second (Table 4), PacketScore can track the attack change very closely and show very good erforance. The overloading is reduced fro 202 to 111 of the utilization rate where the easureent window is the sae as the average attack-changing rate. (10 seconds for both) Fro Tables 2 and 3, we observe that shortening the easureent eriod works better than fine-grain overload control. Figure 3 shows the resulting incoing/going traffic er eriod using 1-second easureent window. Soe attack ackets are still being aditted, but their volue is uch saller coared to the 10-second window case. As a result, the going rate is ore accurately controlled. Attack Tye Searation - ve R A R L attack duration 10 sec) attack duration 30 sec) attack duration 60 sec) Table 4: PacketScore erforance under changing attack tye (Measureent window 1 seconds) Packets er Second (s) Attack Incoing Attack Outgoing Legitiate Incoing Legitiate Outgoing Figure 3: Incoing vs. going traffic under changing attack tye (Ave. attack duration 10 sec., Measureent window 1 sec) C. Attack Intensities The attack intensity exresses the volue of attack ackets in ters of ultiles of the noinal acket volue. We easure the erforance with varying attack intensity using generic attack. As a baseline, Table 4 shows the erforance using constant attack intensity. By design, the differentiation ower of PacketScore iroves as the DDoS attack intensifies. This is because as attack traffic volue increases, the difference between the current traffic rofile and the noinal one also increases. Attack intensity - Searation ve R A R L X X X X X X Table 5: PacketScore erforance under changing attack intensities (Measureent window 10 seconds) In varying attack, the attack intensity changes randoly aong 1,2,4,8, 16 and 32 ties of noinal traffic volue. Table 6 shows the results where the attack intensity change interval is 10 seconds and 30 seconds. Attack intensity Searation - ve R A R L Randoly every 10 seconds randoly every 30 seconds Table 6: PacketScore erforance under changing attack intensities (Measureent window 10 second) Siilar to the changing attack tye case, when the attack intensity change interval is the sae as the easureent window eriod, the erforance of PacketScore degrades. However, as we reduce the easureent window tie to 1 second (Table 7), the erforance of PacketScore stabilizes and the going rate is controlled to 125 of the rate.

5 Attack intensity randoly Searation - ve R A R L every 10 seconds randoly every 30 seconds Table 7: PacketScore erforance by changing attack intensities (Measureent window 1 second) D. Attack Tyes and Intensities A clever attacker ay try to vary both attack tyes and intensity. We cobine the varying attack tye and varying attack intensity, and exaine the results. Using a 10 second easureent window, PacketScore only anages to throttle attack traffic such that going rate is 1.5 to 3.5 ties of rate. But by reducing the easureent window tie, PacketScore detects the changes in traffic attern quickly and adats to it. Table 8 shows the results under cobined attack using 1-second window. The going rate is controlled within 119 of the rate. Attack Tye 10 sec) 10 sec) 30 sec) 30 sec) Attack intensity - ve Searation RA RL randoly every 10 sec randoly every 30 sec randoly every 10 sec randoly every 30 sec Table 8: PacketScore erforance under changing attack tyes and intensities (Measureent window 1 second) Although the false ositive, negative ratios and the going rates are slightly higher than in the constant attack cases, the results are well within accetable range for ractical use. Any cobination of changing attacks can be effectively blocked by PacketScore schee if the easureent window scale is shorter than the attack change granularity, e.g., 1:10 in our case. PacketScore schee is effective with very short easureent windows e.g. 0.l-10 seconds as long as the nuber of ackets within a window is sufficient for statistical rocessing. A few hundred ackets or ore within a easureent window is sufficient for rofiling. It is difficult for an attacker to launch a recisely tie-coordinated attack below the resolution of seconds due to the nature of Internet. This allows PacketScore schee to block ractically all tyes of changing attacks. IV. CONCLUSIONS We have reviewed the architecture of the PacketScore schee that defends against DDoS attacks and studied its transient erforance under changing attacks. PacketScore can tackle never-seen-before DDoS attack tyes by roviding a statistics-based adative differentiation between attacking and legitiate ackets. It is caable of blocking virtually all kinds of attacks as long as the attackers can t recisely iic the sites traffic characteristics. The ackets following the noinal traffic rofile have higher score while others have lower score. The ore different the attack rofile is fro the noinal rofile, the wider the score searation is. By exloiting the rofile/scorebook generation rocess, a clever attacker ay try to islead PacketScore by changing the attack tyes and/or intensities. PacketScore can easily overcoe such an attack by using shorter easureent window to track the attack traffic attern ore closely. There are other interesting issues on how different tyes of noinal rofile affect the erforance and how PacketScore erfors under different iceberg coverage. They are discussed in [Ki04]. We lan to investigate the erforance with acket nuber-based window rather than tie intervals and other overloading control algoriths. REFERENCES [Ba02] B. Babcock et al, Models and Issues in DataStrea Systes, ACM Sy. on Princiles of Database Sys., Jun [Be01] S. Bellovin, M. Leech, T. Taylor, ICMP Traceback Messages, draft-ietf-itrace-01.txt, Internet draft, Oct [Fra03] C. Fraleigh et al, Packet Level Traffic Measureents fro the Srint IP backbone, IEEE Network, Noveber, 2003 [Io02] J. Ioannidis, S.M. Bellovin, "Ileenting Pushback: Rer- Based Defense Against DDoS Attacks", Network and Distributed Syste Security Sy., Feb [Ka01] S. Kasera et al, Fast and Robust Signaling Overload Control, ICNP, Nov [Ki04] Y. Ki, W.C. Lau, M. Chuah, J. Chao, PacketScore: Statistics-based Overload Control against Distributed Denial-of- Service attack, IEEE Infoco, March 2004 [Lau03] W. Lau, M. Chuah, J. Chao, Y. Ki, PacketScore - A roactive defense schee against distributed denial-of-service attacks, NSF Proosal under subission [Le98] W. Lee, S.J. Stolfo, Data Mining Aroaches for Intrusion Detection," the 7th USENIX Security Sy., Jan [Liu02] D. Liu, F. Huebner, Alication Profiling of IP Trafic," LCN 2002 [Ma99] D. Marchette, A Statistical Method for Profiling Network Traffic, the 1st USENIX Worksho on Intrusion Detection and Network Monitoring, Ar [Mazu] Mazu Networks Inc. htt://www.azunetworks.co [Mi02] J. Mirkovic, G. Prier, P. Reiher, Attacking DDoS at the Source, ICNP, Nov [Pa01] K. Park and H. Lee, On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack, Infoco, [Rive] Riverhead Networks Inc. htt://www.riverheadnetworks.co [Sa01] S. Savage, D. Wetherall, A. Karlin, and T. Anderson, Network Suort for IP Traceback, IEEE/ACM TON, Vol. 9, no. 3, June [Sn01] A. Snoeren et al, Hash-based IP Traceback, SIGCOMM, Aug [WIDE] MAWI Traffic Archive, htt://tracer.csl.sony.co.j/awi/ [Ya02] D.K.Y. Yau, J.C.S. Lui, F. Liang, Defending Against Distributed Denial-of-Service Attacks with Max-in Fair Servercentric Rer Throttles," IWQoS, 2002.

Analysis of a Secure Software Upload Technique in Advanced Vehicles using Wireless Links

Analysis of a Secure Software Upload Technique in Advanced Vehicles using Wireless Links Proceedings of the 007 IEEE Intelligent Transortation Systes Conference Seattle, WA, USA, Set. 30 - Oct. 3, 007 WeC4.3 Analysis of a Secure Uload Technique in Advanced Vehicles using Wireless Links Irina

More information

SCIENTIFIC simulations executed on parallel computing

SCIENTIFIC simulations executed on parallel computing IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 20, NO. X, XXX 2009 1 Scheduling Parallel Task Grahs on (Alost) Hoogeneous Multicluster Platfors Pierre-François Dutot, Tchiou N Také, Frédéric

More information

1 Adaptive Control. 1.1 Indirect case:

1 Adaptive Control. 1.1 Indirect case: Adative Control Adative control is the attet to redesign the controller while online, by looking at its erforance and changing its dynaic in an autoatic way. Adative control is that feedback law that looks

More information

Dynamic Price Quotation in a Responsive Supply Chain for One-of-a-K ind Production

Dynamic Price Quotation in a Responsive Supply Chain for One-of-a-K ind Production Dynaic Price Quotation in a Resonsive Suly Chain for One-of-a-K ind Production Jian (Ray) Zhang Deartent of Mechanical and Manufacturing Engineering, University of Calgary, 5 University Drive NW, Calgary,

More information

ALPi: A DDoS Defense System for High-Speed Networks Paulo E. Ayres, Huizhong Sun, H. Jonathan Chao, Fellow, IEEE, and Wing Cheong Lau

ALPi: A DDoS Defense System for High-Speed Networks Paulo E. Ayres, Huizhong Sun, H. Jonathan Chao, Fellow, IEEE, and Wing Cheong Lau 1864 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 24, NO. 10, OCTOBER 2006 ALPi: A DDoS Defense System for High-Speed Networks Paulo E. Ayres, Huizhong Sun, H. Jonathan Chao, Fellow, IEEE, and

More information

du dy du dy Laminar and turbulent flow CIVE1400: An Introduction to Fluid Mechanics Flowing real fluids exhibit viscous effects, they:

du dy du dy Laminar and turbulent flow CIVE1400: An Introduction to Fluid Mechanics Flowing real fluids exhibit viscous effects, they: CIVE400: An Introduction to Fluid Mechanics eal fluids Dr P A Sleigh P.A.Sleigh@leeds.ac.uk Flowing real fluids exhibit viscous effects, they: Dr CJ Noakes C.J.Noakes@leeds.ac.uk stick to solid surfaces

More information

RateGuard: A Robust Distributed Denial of Service (DDoS) Defense System

RateGuard: A Robust Distributed Denial of Service (DDoS) Defense System RateGuard: A Robust Distributed Denial of Service (DDoS) Defense System Huizhong Sun ECE. Polytechnic Institute of NYU Brooklyn, USA hzsun@antioch.poly.edu Wingchiu Ngan ECE. Polytechnic Institute of NYU

More information

A multi objective virtual machine placement method for reduce operational costs in cloud computing by genetic

A multi objective virtual machine placement method for reduce operational costs in cloud computing by genetic International Journal of Couter Networs and Counications Security VOL. 2, NO. 8, AUGUST 2014, 250 259 Available online at: www.icncs.org ISSN 2308-9830 C N C S A ulti obective virtual achine laceent ethod

More information

CLOUD computing is quickly becoming an effective and

CLOUD computing is quickly becoming an effective and IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 6, YEAR 203 Otial Multiserver Configuration for Profit Maxiization in Cloud Couting Junwei Cao, Senior Meber, IEEE, Kai Hwang, Fellow,

More information

PREDICTION OF MILKLINE FILL AND TRANSITION FROM STRATIFIED TO SLUG FLOW

PREDICTION OF MILKLINE FILL AND TRANSITION FROM STRATIFIED TO SLUG FLOW PREDICTION OF MILKLINE FILL AND TRANSITION FROM STRATIFIED TO SLUG FLOW ABSTRACT: by Douglas J. Reineann, Ph.D. Assistant Professor of Agricultural Engineering and Graee A. Mein, Ph.D. Visiting Professor

More information

TOPIC T3: DIMENSIONAL ANALYSIS AUTUMN 2013

TOPIC T3: DIMENSIONAL ANALYSIS AUTUMN 2013 TOPIC T3: DIMENSIONAL ANALYSIS AUTUMN 013 Objectives (1 Be able to deterine the diensions of hysical quantities in ters of fundaental diensions. ( Understand the Princile of Diensional Hoogeneity and its

More information

An Innovate Dynamic Load Balancing Algorithm Based on Task

An Innovate Dynamic Load Balancing Algorithm Based on Task An Innovate Dynaic Load Balancing Algorith Based on Task Classification Hong-bin Wang,,a, Zhi-yi Fang, b, Guan-nan Qu,*,c, Xiao-dan Ren,d College of Coputer Science and Technology, Jilin University, Changchun

More information

Tackling Congestion to Address Distributed Denial of Service: A Push-Forward Mechanism

Tackling Congestion to Address Distributed Denial of Service: A Push-Forward Mechanism Tackling Congestion to Address Distributed Denial of Service: A Push-Forward Mechanism Srinivasan Krishnamoorthy and Partha Dasgupta Computer Science and Engineering Department Arizona State University

More information

Monitoring Frequency of Change By Li Qin

Monitoring Frequency of Change By Li Qin Monitoring Frequency of Change By Li Qin Abstract Control charts are widely used in rocess monitoring roblems. This aer gives a brief review of control charts for monitoring a roortion and some initial

More information

A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS

A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS ICTACT JOURNAL ON COMMUNICATION TECHNOLOGY, JUNE 2010, ISSUE: 02 A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS S.Seetha 1 and P.Raviraj 2 Department of

More information

An Efficient Filter for Denial-of-Service Bandwidth Attacks

An Efficient Filter for Denial-of-Service Bandwidth Attacks An Efficient Filter for Denial-of-Service Bandwidth Attacks Samuel Abdelsayed, David Glimsholt, Christopher Leckie, Simon Ryan and Samer Shami Department of Electrical and Electronic Engineering ARC Special

More information

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks 2011 International Conference on Network and Electronics Engineering IPCSIT vol.11 (2011) (2011) IACSIT Press, Singapore An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks Reyhaneh

More information

Detection of Distributed Denial of Service Attack with Hadoop on Live Network

Detection of Distributed Denial of Service Attack with Hadoop on Live Network Detection of Distributed Denial of Service Attack with Hadoop on Live Network Suchita Korad 1, Shubhada Kadam 2, Prajakta Deore 3, Madhuri Jadhav 4, Prof.Rahul Patil 5 Students, Dept. of Computer, PCCOE,

More information

LAB VIII. LOW FREQUENCY CHARACTERISTICS OF JUNCTION FIELD EFFECT TRANSISTORS

LAB VIII. LOW FREQUENCY CHARACTERISTICS OF JUNCTION FIELD EFFECT TRANSISTORS LAB V. LOW FREQUENCY CHARACTERSTCS OF JUNCTON FELD EFFECT TRANSSTORS 1. OBJECTVE n this lab, you will study the -V characteristics and sall-signal odel of Junction Field Effect Transistors (JFET).. OVERVEW

More information

Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation

Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation Large-Scale IP Traceback in High-Seed Internet: Practical Techniques and Theoretical Foundation Jun Li Minho Sung Jun (Jim) Xu College of Comuting Georgia Institute of Technology {junli,mhsung,jx}@cc.gatech.edu

More information

Botnets Detection Based on IRC-Community

Botnets Detection Based on IRC-Community Botnets Detection Based on IRC-Counity Wei Lu and Ali A. Ghorbani Network Security Laboratory, Faculty of Coputer Science University of New Brunswick, Fredericton, NB E3B 5A3, Canada {wlu, ghorbani}@unb.ca

More information

GRADUAL OPTIMIZATION OF URBAN FIRE STATION LOCATIONS BASED ON GEOGRAPHICAL NETWORK MODEL

GRADUAL OPTIMIZATION OF URBAN FIRE STATION LOCATIONS BASED ON GEOGRAPHICAL NETWORK MODEL GRADUAL OPTIMIZATION OF URBAN FIRE STATION LOCATIONS BASED ON GEOGRAPHICAL NETWORK MODEL Yu Yan a, b, Guo Qingsheng a, Tang Xining c a School of Resource and Environent Science, Wuhan University, 29 Luoyu

More information

Analyzing Spatiotemporal Characteristics of Education Network Traffic with Flexible Multiscale Entropy

Analyzing Spatiotemporal Characteristics of Education Network Traffic with Flexible Multiscale Entropy Vol. 9, No. 5 (2016), pp.303-312 http://dx.doi.org/10.14257/ijgdc.2016.9.5.26 Analyzing Spatioteporal Characteristics of Education Network Traffic with Flexible Multiscale Entropy Chen Yang, Renjie Zhou

More information

Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial

Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial Rocky K. C. Chang The Hong Kong Polytechnic University Presented by Scott McLaren 1 Overview DDoS overview Types of attacks

More information

Online Bagging and Boosting

Online Bagging and Boosting Abstract Bagging and boosting are two of the ost well-known enseble learning ethods due to their theoretical perforance guarantees and strong experiental results. However, these algoriths have been used

More information

Implementation of Active Queue Management in a Combined Input and Output Queued Switch

Implementation of Active Queue Management in a Combined Input and Output Queued Switch pleentation of Active Queue Manageent in a obined nput and Output Queued Switch Bartek Wydrowski and Moshe Zukeran AR Special Research entre for Ultra-Broadband nforation Networks, EEE Departent, The University

More information

Applying Multiple Neural Networks on Large Scale Data

Applying Multiple Neural Networks on Large Scale Data 0 International Conference on Inforation and Electronics Engineering IPCSIT vol6 (0) (0) IACSIT Press, Singapore Applying Multiple Neural Networks on Large Scale Data Kritsanatt Boonkiatpong and Sukree

More information

A Novel Packet Marketing Method in DDoS Attack Detection

A Novel Packet Marketing Method in DDoS Attack Detection SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun

More information

An Approach to Combating Free-riding in Peer-to-Peer Networks

An Approach to Combating Free-riding in Peer-to-Peer Networks An Approach to Cobating Free-riding in Peer-to-Peer Networks Victor Ponce, Jie Wu, and Xiuqi Li Departent of Coputer Science and Engineering Florida Atlantic University Boca Raton, FL 33431 April 7, 2008

More information

On the (in)effectiveness of Probabilistic Marking for IP Traceback under DDoS Attacks

On the (in)effectiveness of Probabilistic Marking for IP Traceback under DDoS Attacks On the (in)effectiveness of Probabilistic Maring for IP Tracebac under DDoS Attacs Vamsi Paruchuri, Aran Durresi 2, and Ra Jain 3 University of Central Aransas, 2 Louisiana State University, 3 Washington

More information

PERFORMANCE METRICS FOR THE IT SERVICES PORTFOLIO

PERFORMANCE METRICS FOR THE IT SERVICES PORTFOLIO Bulletin of the Transilvania University of Braşov Series I: Engineering Sciences Vol. 4 (53) No. - 0 PERFORMANCE METRICS FOR THE IT SERVICES PORTFOLIO V. CAZACU I. SZÉKELY F. SANDU 3 T. BĂLAN Abstract:

More information

Dynamic Placement for Clustered Web Applications

Dynamic Placement for Clustered Web Applications Dynaic laceent for Clustered Web Applications A. Karve, T. Kibrel, G. acifici, M. Spreitzer, M. Steinder, M. Sviridenko, and A. Tantawi IBM T.J. Watson Research Center {karve,kibrel,giovanni,spreitz,steinder,sviri,tantawi}@us.ib.co

More information

Synopsys RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Development FRANCE

Synopsys RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Development FRANCE RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Develoment FRANCE Synosys There is no doubt left about the benefit of electrication and subsequently

More information

Filtering Based Techniques for DDOS Mitigation

Filtering Based Techniques for DDOS Mitigation Filtering Based Techniques for DDOS Mitigation Comp290: Network Intrusion Detection Manoj Ampalam DDOS Attacks: Target CPU / Bandwidth Attacker signals slaves to launch an attack on a specific target address

More information

Moisture transfer (moist air) Csaba Szikra senior research fellow TUB Faculty of Architecture Department of Building Energetics and Services

Moisture transfer (moist air) Csaba Szikra senior research fellow TUB Faculty of Architecture Department of Building Energetics and Services Moisture transfer (oist air) Csaba Szikra senior research fellow TUB Faculty of Architecture Deartent of Building Energetics and Services szikra@egt.be.hu 2010 Psychroetry Moist air Psychroetry involves

More information

ESTIMATION OF THE DEMAND FOR RESIDENTIAL WATER IN A STONE- GEARY FORM AND THE CHOICE OF THE PRICE VARIABLE MARIE-ESTELLE BINET. Associate Professor

ESTIMATION OF THE DEMAND FOR RESIDENTIAL WATER IN A STONE- GEARY FORM AND THE CHOICE OF THE PRICE VARIABLE MARIE-ESTELLE BINET. Associate Professor ESTIMATION OF THE DEMAND FOR RESIDENTIAL WATER IN A STONE- GEARY FORM AND THE CHOICE OF THE PRICE VARIABLE MARIE-ESTELLE BINET Associate Professor arie-estelle.binet@univ-rennes1.fr CREM (UMR 611 CNRS),

More information

FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES

FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES Document: MRM-1004-GAPCFR11 (0005) Page: 1 / 18 FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES AUDIT TRAIL ECO # Version Change Descrition MATRIX- 449 A Ga Analysis after adding controlled documents

More information

Software Quality Characteristics Tested For Mobile Application Development

Software Quality Characteristics Tested For Mobile Application Development Thesis no: MGSE-2015-02 Software Quality Characteristics Tested For Mobile Application Developent Literature Review and Epirical Survey WALEED ANWAR Faculty of Coputing Blekinge Institute of Technology

More information

Compensating Fund Managers for Risk-Adjusted Performance

Compensating Fund Managers for Risk-Adjusted Performance Comensating Fund Managers for Risk-Adjusted Performance Thomas S. Coleman Æquilibrium Investments, Ltd. Laurence B. Siegel The Ford Foundation Journal of Alternative Investments Winter 1999 In contrast

More information

Data Streaming Algorithms for Estimating Entropy of Network Traffic

Data Streaming Algorithms for Estimating Entropy of Network Traffic Data Streaing Algoriths for Estiating Entropy of Network Traffic Ashwin Lall University of Rochester Vyas Sekar Carnegie Mellon University Mitsunori Ogihara University of Rochester Jun (Ji) Xu Georgia

More information

Load balancing over redundant wireless sensor networks based on diffluent

Load balancing over redundant wireless sensor networks based on diffluent Load balancing over redundant wireless sensor networks based on diffluent Abstract Xikui Gao Yan ai Yun Ju School of Control and Coputer Engineering North China Electric ower University 02206 China Received

More information

Local Connectivity Tests to Identify Wormholes in Wireless Networks

Local Connectivity Tests to Identify Wormholes in Wireless Networks Local Connectivity Tests to Identify Wormholes in Wireless Networks Xiaomeng Ban Comuter Science Stony Brook University xban@cs.sunysb.edu Rik Sarkar Comuter Science Freie Universität Berlin sarkar@inf.fu-berlin.de

More information

Measuring Bottleneck Bandwidth of Targeted Path Segments

Measuring Bottleneck Bandwidth of Targeted Path Segments Measuring Bottleneck Bandwidth of Targeted Path Segents Khaled Harfoush Deartent of Couter Science North Carolina State University Raleigh, NC 27695 harfoush@cs.ncsu.edu Azer Bestavros Couter Science Deartent

More information

Resource Allocation in Wireless Networks with Multiple Relays

Resource Allocation in Wireless Networks with Multiple Relays Resource Allocation in Wireless Networks with Multiple Relays Kağan Bakanoğlu, Stefano Toasin, Elza Erkip Departent of Electrical and Coputer Engineering, Polytechnic Institute of NYU, Brooklyn, NY, 0

More information

Large-Scale IP Traceback in High-Speed Internet

Large-Scale IP Traceback in High-Speed Internet 2004 IEEE Symposium on Security and Privacy Large-Scale IP Traceback in High-Speed Internet Jun (Jim) Xu Networking & Telecommunications Group College of Computing Georgia Institute of Technology (Joint

More information

Application of Netflow logs in Analysis and Detection of DDoS Attacks

Application of Netflow logs in Analysis and Detection of DDoS Attacks International Journal of Computer and Internet Security. ISSN 0974-2247 Volume 8, Number 1 (2016), pp. 1-8 International Research Publication House http://www.irphouse.com Application of Netflow logs in

More information

This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and

This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and This article aeared in a journal ublished by Elsevier. The attached coy is furnished to the author for internal non-commercial research and education use, including for instruction at the authors institution

More information

Concurrent Program Synthesis Based on Supervisory Control

Concurrent Program Synthesis Based on Supervisory Control 010 American Control Conference Marriott Waterfront, Baltimore, MD, USA June 30-July 0, 010 ThB07.5 Concurrent Program Synthesis Based on Suervisory Control Marian V. Iordache and Panos J. Antsaklis Abstract

More information

Firewalls and Intrusion Detection

Firewalls and Intrusion Detection Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall

More information

Future Generation Computer Systems

Future Generation Computer Systems Future Generation Computer Systems 29 (2013) 1838 1850 Contents lists available at SciVerse ScienceDirect Future Generation Computer Systems journal homepage: www.elsevier.com/locate/fgcs A confidence-based

More information

Packet-Marking Scheme for DDoS Attack Prevention

Packet-Marking Scheme for DDoS Attack Prevention Abstract Packet-Marking Scheme for DDoS Attack Prevention K. Stefanidis and D. N. Serpanos {stefanid, serpanos}@ee.upatras.gr Electrical and Computer Engineering Department University of Patras Patras,

More information

Analysis of a Distributed Denial-of-Service Attack

Analysis of a Distributed Denial-of-Service Attack Analysis of a Distributed Denial-of-Service Attack Ka Hung HUI and OnChing YUE Mobile Technologies Centre (MobiTeC) The Chinese University of Hong Kong Abstract DDoS is a growing problem in cyber security.

More information

Managing Complex Network Operation with Predictive Analytics

Managing Complex Network Operation with Predictive Analytics Managing Coplex Network Operation with Predictive Analytics Zhenyu Huang, Pak Chung Wong, Patrick Mackey, Yousu Chen, Jian Ma, Kevin Schneider, and Frank L. Greitzer Pacific Northwest National Laboratory

More information

Network TrafficBehaviorAnalysisby Decomposition into Control and Data Planes

Network TrafficBehaviorAnalysisby Decomposition into Control and Data Planes Network TrafficBehaviorAnalysisby Decomposition into Control and Data Planes Basil AsSadhan, Hyong Kim, José M. F. Moura, Xiaohui Wang Carnegie Mellon University Electrical and Computer Engineering Department

More information

Automatic Search for Correlated Alarms

Automatic Search for Correlated Alarms Automatic Search for Correlated Alarms Klaus-Dieter Tuchs, Peter Tondl, Markus Radimirsch, Klaus Jobmann Institut für Allgemeine Nachrichtentechnik, Universität Hannover Aelstraße 9a, 0167 Hanover, Germany

More information

ASIC Design Project Management Supported by Multi Agent Simulation

ASIC Design Project Management Supported by Multi Agent Simulation ASIC Design Project Manageent Supported by Multi Agent Siulation Jana Blaschke, Christian Sebeke, Wolfgang Rosenstiel Abstract The coplexity of Application Specific Integrated Circuits (ASICs) is continuously

More information

AUTOMATIC SATELLITE IMAGE REGISTRATION BY COMBINATION OF STEREO MATCHING AND RANDOM SAMPLE CONSENSUS

AUTOMATIC SATELLITE IMAGE REGISTRATION BY COMBINATION OF STEREO MATCHING AND RANDOM SAMPLE CONSENSUS AUTOATIC SATELLITE IAGE REGISTRATION BY COBINATION OF STEREO ATCHING AND RANDO SAPLE CONSENSUS Taejung Ki* Yong-Jo I** *Satellite Technology Research Center Korea Advanced Institute of Science and Technology

More information

Chapter 2 Thermodynamics of Turbochargers

Chapter 2 Thermodynamics of Turbochargers Chater herodynaics of urbochargers. herodynaic Characteristics Soe essential therodynaic characteristics of gases are needed to know in the turbocharging. hey are usually alied to therodynaics of turbochargers

More information

Extended-Horizon Analysis of Pressure Sensitivities for Leak Detection in Water Distribution Networks: Application to the Barcelona Network

Extended-Horizon Analysis of Pressure Sensitivities for Leak Detection in Water Distribution Networks: Application to the Barcelona Network 2013 European Control Conference (ECC) July 17-19, 2013, Zürich, Switzerland. Extended-Horizon Analysis of Pressure Sensitivities for Leak Detection in Water Distribution Networks: Application to the Barcelona

More information

Managing specific risk in property portfolios

Managing specific risk in property portfolios Managing secific risk in roerty ortfolios Andrew Baum, PhD University of Reading, UK Peter Struemell OPC, London, UK Contact author: Andrew Baum Deartment of Real Estate and Planning University of Reading

More information

Multi-Channel Opportunistic Routing in Multi-Hop Wireless Networks

Multi-Channel Opportunistic Routing in Multi-Hop Wireless Networks Multi-Channel Oortunistic Routing in Multi-Ho Wireless Networks ANATOLIJ ZUBOW, MATHIAS KURTH and JENS-PETER REDLICH Humboldt University Berlin Unter den Linden 6, D-99 Berlin, Germany (zubow kurth jr)@informatik.hu-berlin.de

More information

Red Hat Enterprise Linux: Creating a Scalable Open Source Storage Infrastructure

Red Hat Enterprise Linux: Creating a Scalable Open Source Storage Infrastructure Red Hat Enterprise Linux: Creating a Scalable Open Source Storage Infrastructure By Alan Radding and Nick Carr Abstract This paper discusses the issues related to storage design and anageent when an IT

More information

Energy Proportionality for Disk Storage Using Replication

Energy Proportionality for Disk Storage Using Replication Energy Proportionality for Disk Storage Using Replication Jinoh Ki and Doron Rote Lawrence Berkeley National Laboratory University of California, Berkeley, CA 94720 {jinohki,d rote}@lbl.gov Abstract Energy

More information

Robust Execution Of Packet Flow In Routers To Prevent Ddos Attack Using Trace Back

Robust Execution Of Packet Flow In Routers To Prevent Ddos Attack Using Trace Back Journal of Recent Research in Engineering and Technology 3(1), 2016, pp7-19 Article ID J11602 ISSN (Online): 2349 2252, ISSN (Print):2349 2260 Bonfay Publications, 2016 Research Article Robust Execution

More information

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN Kanika 1, Renuka Goyal 2, Gurmeet Kaur 3 1 M.Tech Scholar, Computer Science and Technology, Central University of Punjab, Punjab, India

More information

A Novel Architecture Style: Diffused Cloud for Virtual Computing Lab

A Novel Architecture Style: Diffused Cloud for Virtual Computing Lab A Novel Architecture Style: Diffused Cloud for Virtual Comuting Lab Deven N. Shah Professor Terna College of Engg. & Technology Nerul, Mumbai Suhada Bhingarar Assistant Professor MIT College of Engg. Paud

More information

Storage Basics Architecting the Storage Supplemental Handout

Storage Basics Architecting the Storage Supplemental Handout Storage Basics Architecting the Storage Sulemental Handout INTRODUCTION With digital data growing at an exonential rate it has become a requirement for the modern business to store data and analyze it

More information

Use of extrapolation to forecast the working capital in the mechanical engineering companies

Use of extrapolation to forecast the working capital in the mechanical engineering companies ECONTECHMOD. AN INTERNATIONAL QUARTERLY JOURNAL 2014. Vol. 1. No. 1. 23 28 Use of extrapolation to forecast the working capital in the echanical engineering copanies A. Cherep, Y. Shvets Departent of finance

More information

An Analysis of Reliable Classifiers through ROC Isometrics

An Analysis of Reliable Classifiers through ROC Isometrics An Analysis of Reliable Classifiers through ROC Isometrics Stijn Vanderlooy s.vanderlooy@cs.unimaas.nl Ida G. Srinkhuizen-Kuyer kuyer@cs.unimaas.nl Evgueni N. Smirnov smirnov@cs.unimaas.nl MICC-IKAT, Universiteit

More information

An Analysis Model of Botnet Tracking based on Ant Colony Optimization Algorithm

An Analysis Model of Botnet Tracking based on Ant Colony Optimization Algorithm An Analysis Model of Botnet Tracing based on Ant Colony Otimization Algorithm Ping Wang Tzu Chia Wang* Pu-Tsun Kuo Chin Pin Wang Deartment of Information Management Kun Shan University, Taiwan TEL: 886+6-05-0545

More information

Standards and Protocols for the Collection and Dissemination of Graduating Student Initial Career Outcomes Information For Undergraduates

Standards and Protocols for the Collection and Dissemination of Graduating Student Initial Career Outcomes Information For Undergraduates National Association of Colleges and Eployers Standards and Protocols for the Collection and Disseination of Graduating Student Initial Career Outcoes Inforation For Undergraduates Developed by the NACE

More information

Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network

Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network Finding a Needle in a Haystack: Pinointing Significant BGP Routing Changes in an IP Network Jian Wu, Zhuoqing Morley Mao University of Michigan Jennifer Rexford Princeton University Jia Wang AT&T Labs

More information

DNVGL-RP-O501 Edition August 2015

DNVGL-RP-O501 Edition August 2015 RECOMMENDED PRACTICE DNVGL-RP-O501 Edition August 2015 Managing sand roduction and erosion The electronic df version of this docuent found through htt://www.dnvgl.co is the officially binding version.

More information

THE Internet is an open architecture susceptible to various

THE Internet is an open architecture susceptible to various IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 16, NO. 10, OCTOBER 2005 1 You Can Run, But You Can t Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers Terence K.T. Law,

More information

Game-based Analysis of Denial-of- Service Prevention Protocols. Ajay Mahimkar Class Project: CS 395T

Game-based Analysis of Denial-of- Service Prevention Protocols. Ajay Mahimkar Class Project: CS 395T Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T Overview Introduction to DDoS Attacks Current DDoS Defense Strategies Client Puzzle Protocols for DoS

More information

A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm

A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm International Journal of Comuter Theory and Engineering, Vol. 7, No. 4, August 2015 A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm Xin Lu and Zhuanzhuan Zhang Abstract This

More information

CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS

CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS Review of the Air Force Academy No (23) 203 CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS Cătălin CIOACĂ Henri Coandă Air Force Academy, Braşov, Romania Abstract: The

More information

A quantum secret ballot. Abstract

A quantum secret ballot. Abstract A quantu secret ballot Shahar Dolev and Itaar Pitowsky The Edelstein Center, Levi Building, The Hebrerw University, Givat Ra, Jerusale, Israel Boaz Tair arxiv:quant-ph/060087v 8 Mar 006 Departent of Philosophy

More information

Generating Certification Authority Authenticated Public Keys in Ad Hoc Networks

Generating Certification Authority Authenticated Public Keys in Ad Hoc Networks SECURITY AND COMMUNICATION NETWORKS Published online in Wiley InterScience (www.interscience.wiley.co). Generating Certification Authority Authenticated Public Keys in Ad Hoc Networks G. Kounga 1, C. J.

More information

Cooperative Caching for Adaptive Bit Rate Streaming in Content Delivery Networks

Cooperative Caching for Adaptive Bit Rate Streaming in Content Delivery Networks Cooperative Caching for Adaptive Bit Rate Streaing in Content Delivery Networs Phuong Luu Vo Departent of Coputer Science and Engineering, International University - VNUHCM, Vietna vtlphuong@hciu.edu.vn

More information

COMMONWEALTH OF VIRGINIA STATE CORPORATION COMMISSION AT RICHMOND, OCTOBER 30, 2015 ~ ORDER FOR NOTICE AND HEARING

COMMONWEALTH OF VIRGINIA STATE CORPORATION COMMISSION AT RICHMOND, OCTOBER 30, 2015 ~ ORDER FOR NOTICE AND HEARING APPLICATION OF COMMONWEALTH OF VIRGINIA STATE CORPORATION COMMISSION AT RICHMOND, OCTOBER 30, 2015 ~ (a i/i A. CO VIRGINIA ELECTRIC AND POWER COMPANY CASE NO. PUE-2015-00104 For aroval and certification

More information

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds International Journal of Research Studies in Science, Engineering and Technology Volume 1, Issue 9, December 2014, PP 139-143 ISSN 2349-4751 (Print) & ISSN 2349-476X (Online) A Novel Distributed Denial

More information

On Multicast Capacity and Delay in Cognitive Radio Mobile Ad-hoc Networks

On Multicast Capacity and Delay in Cognitive Radio Mobile Ad-hoc Networks On Multicast Caacity and Delay in Cognitive Radio Mobile Ad-hoc Networks Jinbei Zhang, Yixuan Li, Zhuotao Liu, Fan Wu, Feng Yang, Xinbing Wang Det of Electronic Engineering Det of Comuter Science and Engineering

More information

A CHAOS MODEL OF SUBHARMONIC OSCILLATIONS IN CURRENT MODE PWM BOOST CONVERTERS

A CHAOS MODEL OF SUBHARMONIC OSCILLATIONS IN CURRENT MODE PWM BOOST CONVERTERS A CHAOS MODEL OF SUBHARMONIC OSCILLATIONS IN CURRENT MODE PWM BOOST CONVERTERS Isaac Zafrany and Sa BenYaakov Departent of Electrical and Coputer Engineering BenGurion University of the Negev P. O. Box

More information

arxiv:0805.1434v1 [math.pr] 9 May 2008

arxiv:0805.1434v1 [math.pr] 9 May 2008 Degree-distribution stability of scale-free networs Zhenting Hou, Xiangxing Kong, Dinghua Shi,2, and Guanrong Chen 3 School of Matheatics, Central South University, Changsha 40083, China 2 Departent of

More information

A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks

A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks ALI E. EL-DESOKY 1, MARWA F. AREAD 2, MAGDY M. FADEL 3 Department of Computer Engineering University of El-Mansoura El-Gomhoria St.,

More information

Exploiting Hardware Heterogeneity within the Same Instance Type of Amazon EC2

Exploiting Hardware Heterogeneity within the Same Instance Type of Amazon EC2 Exploiting Hardware Heterogeneity within the Sae Instance Type of Aazon EC2 Zhonghong Ou, Hao Zhuang, Jukka K. Nurinen, Antti Ylä-Jääski, Pan Hui Aalto University, Finland; Deutsch Teleko Laboratories,

More information

Rummage Web Server Tuning Evaluation through Benchmark

Rummage Web Server Tuning Evaluation through Benchmark IJCSNS International Journal of Comuter Science and Network Security, VOL.7 No.9, Setember 27 13 Rummage Web Server Tuning Evaluation through Benchmark (Case study: CLICK, and TIME Parameter) Hiyam S.

More information

DETECTION OF DDOS ATTACKS USING DATA MINING

DETECTION OF DDOS ATTACKS USING DATA MINING DETECTION OF DDOS ATTACKS USING DATA MINING Kanwal Garg 1, Rshma Chawla 2 1 Assoc.Prof., M.M. Institute of Computer Technology & Business Management, M. M. University, Mullana- Ambala. Email id: gargkanwal@yahoo.com

More information

A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks

A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks SHWETA VINCENT, J. IMMANUEL JOHN RAJA Department of Computer Science and Engineering, School of Computer Science and Technology

More information

The Online Freeze-tag Problem

The Online Freeze-tag Problem The Online Freeze-tag Problem Mikael Hammar, Bengt J. Nilsson, and Mia Persson Atus Technologies AB, IDEON, SE-3 70 Lund, Sweden mikael.hammar@atus.com School of Technology and Society, Malmö University,

More information

Distributed Denial of Service (DDoS)

Distributed Denial of Service (DDoS) Distributed Denial of Service (DDoS) Defending against Flooding-Based DDoS Attacks: A Tutorial Rocky K. C. Chang Presented by Adwait Belsare (adwait@wpi.edu) Suvesh Pratapa (suveshp@wpi.edu) Modified by

More information

co Characterizing and Tracing Packet Floods Using Cisco R

co Characterizing and Tracing Packet Floods Using Cisco R co Characterizing and Tracing Packet Floods Using Cisco R Table of Contents Characterizing and Tracing Packet Floods Using Cisco Routers...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1

More information

International Journal of Emerging Technologies in Computational and Applied Sciences (IJETCAS) www.iasir.net

International Journal of Emerging Technologies in Computational and Applied Sciences (IJETCAS) www.iasir.net International Association of Scientific Innovation and Research (IASIR) (An Association Unifying the Sciences, Engineering, and Applied Research) International Journal of Emerging Technologies in Computational

More information

Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks

Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks Prashil S. Waghmare PG student, Sinhgad College of Engineering, Vadgaon, Pune University, Maharashtra, India. prashil.waghmare14@gmail.com

More information

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service

More information

Prof. Dr.- Ing. Firoz Kaderali Dipl.-Ing. Alex Essoh

Prof. Dr.- Ing. Firoz Kaderali Dipl.-Ing. Alex Essoh Intrusion Detection - Introduction and Outline Prof. Dr.- Ing. Firoz Kaderali Dil.-Ing. Alex Essoh Talk Outline Motivation Intrusions Intrusion Prevention Intrusion Detection Major Intrusion Detection

More information

A Flow-based Method for Abnormal Network Traffic Detection

A Flow-based Method for Abnormal Network Traffic Detection A Flow-based Method for Abnormal Network Traffic Detection Myung-Sup Kim, Hun-Jeong Kang, Seong-Cheol Hong, Seung-Hwa Chung, and James W. Hong Dept. of Computer Science and Engineering POSTECH {mount,

More information

A Simple Model of Pricing, Markups and Market. Power Under Demand Fluctuations

A Simple Model of Pricing, Markups and Market. Power Under Demand Fluctuations A Simle Model of Pricing, Markus and Market Power Under Demand Fluctuations Stanley S. Reynolds Deartment of Economics; University of Arizona; Tucson, AZ 85721 Bart J. Wilson Economic Science Laboratory;

More information

Denial of Service Attacks and Countermeasures. Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS)

Denial of Service Attacks and Countermeasures. Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS) Denial of Service Attacks and Countermeasures Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS) Student Objectives Upon successful completion of this module,

More information