Early detection of Crossfire attacks using deep learning
|
|
- Leona Nichols
- 5 years ago
- Views:
Transcription
1 Early detection of Crossfire attacks using deep learning Saurabh Misra, Mengxuan Tan, Mostafa Rezazad, Ngai-Man Cheung Singapore University of Technology and Design
2 Content The Crossfire Attack A brief introduction Detection approach Network Data Simulation of data Methods for detection Baseline method Deep Autoencoder Convolutional Neural Network (CNN) Long Short-Term Memory Network (LSTM) Page 1
3 Traditional DDoS Attack Distributed Denial of Service attack (DDos) Attacker targets victims (i.e., web servers) directly Attacker overwhelms victim with network traffic Intended users are unable to access the servers Target Attacker Bots Page 2
4 The Crossfire Attack Introduction A sophisticated DDoS attack Disconnects an entire area from the Internet Targeting a link or set of links Distributed attack at source and destination level Using Botnet to generate traffic Traffic destined to many public servers (decoy servers) sharing the same network link Internet Target Link Target Link It is hard to detect Traffic is normal web traffic Traffic flow is very small in terms of size Attack can be very dynamic with changing source, destination and target link Source: Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, The Crossfire Attack, 2013 IEEE Symposium on Security and Privacy Page 3
5 The Crossfire Attack Early Detection at the Warm-up period Warm-up Period: Time difference between the time of the first bot-flow of the attack reaches the target link and the moment the target link is down. Target Link Intermediate Link Decoy Server 2 Objective: Early detection of the the attack during the warm-up period. Link is Flooded! Page 4
6 The Crossfire Attack Stages of the attack Stage 1: Link map construction Stage 2: Target links selection Internet Target Link Target Link Stage 3: Bot coordination Source: Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, The Crossfire Attack, 2013 IEEE Symposium on Security and Privacy Page 5
7 Our Research Contribution Detection Approach Analyse pros and cons of monitoring network traffic at different locations. Proposing location to monitor network traffic by providing justifications. Methods of Detection Analyse performances of three deep-learning models on detecting the attack at the proposed location. Page 6
8 The Crossfire Attack Detection Approach Internet Target Link Target Link Page 7
9 The Crossfire Attack Detection Approach Advantages Fastest way to stop an attack Internet Target Link Target Link 1 Disadvantages Unknown location of bots Page 8
10 The Crossfire Attack Detection Approach Advantages Disadvantages Target areas are usually equipped for self-defense. Internet Target Link Target Link 2 If no decoy servers are inside the target area, early detection is impossible. Page 9
11 The Crossfire Attack Detection Approach Advantages Disadvantages A simple threshold based detection system could detect the trend of the incoming traffic. Internet Target Link Target Link 3 Locations of target links are unknown. Attacker may switch target links during an attack Page 10
12 The Crossfire Attack Detection Approach Advantages Disadvantages Allow defenders to examine the correlation of attack traffic in the servers Internet Target Link Target Link The assumption that the decoy servers are not far from the target area must be made Defenders can actively respond to the attack 4 Page 11
13 The Crossfire Attack Detection Approach Target Link Intermediate Link Decoy Server 2 Difficulty of detection at decoy servers: Attack traffic is almost indistinguishable from background traffic Page 12
14 Network Data Data Simulation Features of data The data is the link utilization of 80 decoy servers. Distribution of data Background traffic is modelled by a Gaussian distribution When an attack happens, the link utilization slowly increases due to new attack traffic. This is called as the warmup phase of the attack. We attempt to detect the attack during this warmup period. Page 13
15 Detection Method Random Forest (Baseline) Deep-autoencoders Convolutional Neural Network (CNN) Long Short-Term Memory (LSTM) Page 14
16 Detection Method Random Forest Data Each sample consists of 80 variables representing network traffic value at each of the 80 decoy servers at one time step. tt 1 Number of decoy servers (80).. tt 2.. Internet Target Link Target Link. tt NN.. Page 15
17 Detection Method Baseline Performance Threshold Precision Recall F1 RF (Baseline) Page 16
18 Detection Method Deep Autoencoders Method Auto-encoder to extract intrinsic features from data Exploit spatiotemporal information from the data. Random Forest for classification of the extracted data Deep-autoencoder for datapreprocessing Random Forest for classification Page 17
19 Detection Method Deep Autoencoders Data Spatio-temporal data (Windows of 5 time-steps) tt 1 tt 2 tt 5. tt NN 5 tt NN 4 tt NN Page 18
20 Detection Method Deep Autoencoders Autoencoder structure Page 19
21 Detection Method Deep Autoencoders performance Threshold Precision Recall F1 RF (Baseline) Autoencoder Page 20
22 Detection Method CNN Intuition The Temporal Filter Learns the pattern for the attack only in the time axis independent of the servers. Target Link The Spatial Filter Discover the correlation between different servers as they are under attack at the same time. Internet Target Link Fully Connected layer Spatial Dimension Binary Output: Attack or not? Page 21
23 Detection Method CNN Structure Page 22
24 Detection Method 1 st convolution step Input Data: 15 X 80 windows Number of decoy servers (80) Temporal filters: 9x1 filters Number of time steps.... (15).. Page 23
25 Detection Method 1 st convolution step Input Data: 15 X 80 windows Number of decoy servers (80) Temporal filters: 9x1 filters Number of time steps.... (15).. Page 24
26 Detection Method Output of first convolution step: 16 Feature Maps of size 7 x 80 1 st convolution step Page 25
27 Detection Method 2 nd convolution step Input Data: 16 feature maps Spatial filters: 6x80x16 filters Page 26
28 Detection Method 2 nd convolution step.... X 20 Page 27
29 Detection Method Last convolution step 40 Non - attack Attack Page 28
30 Detection Method CNN Performance Threshold Precision Recall F1 RF (Baseline) Autoencoder CNN Page 29
31 Detection Method LSTM intuition LSTM LSTM Two stacked LSTMs to learn time series data Fully Connected layer for binary classification Circular buffer to reduce false positives Page 30
32 Detection Method LSTM Input Data: 64 X 80 windows Number of decoy servers (80) Number of time steps.... (64).. Page 31
33 Detection Method LSTM.... LSTM LSTM Page 32
34 Detection Method LSTM Number of hidden units in LSTM Non - attack Attack Circular buffer size of 7 Is there an attack in the window? For each time step Page 33
35 Detection Method LSTM Performance Threshold Precision Recall F1 RF (Baseline) Autoencoder CNN LSTM Page 34
36 Conclusion Research Focus Proposing location for detection Develop deep-learning models for attack detection Performance of models Long Short-Term Memory Network (LSTM) has the best performance Future work Simulate actual Crossfire Attack on testbeds Test models Page 35
37 Detection Method Simulating more realistic attack condition Current Assumption All 80 servers are decoy servers Page
38 Detection Method Simulating more realistic attack condition Simulating actual attack scenario Only 70 servers are decoy servers Page
39 Detection Method Performance of new attack condition Convolutional Neural Network (CNN) Servers under attack Threshold Precision Recall F1 80/ / Long Short-Term Memory Network (LSTM) Servers under attack Threshold Precision Recall F1 80/ / Page
40 The Crossfire Attack Stages of the attack Stage 1: Link map construction The attacker determines the topology of the network and creates a link map. Source: Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, The Crossfire Attack, 2013 IEEE Symposium on Security and Privacy Page
41 The Crossfire Attack Stages of the attack Stage 2: Target links selection The attacker selects the set of target links after evaluating their stability and utilization Source: Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, The Crossfire Attack, 2013 IEEE Symposium on Security and Privacy Page
42 The Crossfire Attack Stages of the attack Stage 3: Bot coordination The attacker coordinates the bot to generate lowrate traffic to the decoy servers which aggregate at the target links. Source: Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, The Crossfire Attack, 2013 IEEE Symposium on Security and Privacy Page
CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks
CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee *, Min Suk Kang, Virgil D. Gligor CyLab, Carnegie Mellon University * Qualcomm Dec. 12, 2013 Large Scale Link-Flooding
More informationCrossfire Attack Detection using Deep Learning in Software Defined ITS Networks
Crossfire Attack Detection using Deep Learning in Software Defined ITS Networks Akash Raj, Tram Truong-Huu, Purnima Murali Mohan, Mohan Gurusamy Department of Electrical and Computer Engineering National
More informationAutomated Website Fingerprinting through Deep Learning
Automated Website Fingerprinting through Deep Learning Vera Rimmer 1, Davy Preuveneers 1, Marc Juarez 2, Tom Van Goethem 1 and Wouter Joosen 1 NDSS 2018 Feb 19th (San Diego, USA) 1 2 Website Fingerprinting
More informationRouting Bottlenecks in the Internet: Causes, Exploits, and Countermeasures. ECE Department and CyLab, Carnegie Mellon University
Routing Bottlenecks in the Internet: Causes, Exploits, and Countermeasures Min Suk Kang Virgil D. Gligor ECE Department and CyLab, Carnegie Mellon University Nov 4, 2014 2 Route Diversity is Critical to
More informationDDOS Attack Prevention Technique in Cloud
DDOS Attack Prevention Technique in Cloud Priyanka Dembla, Chander Diwaker CSE Department, U.I.E.T Kurukshetra University Kurukshetra, Haryana, India Email: priyankadembla05@gmail.com Abstract Cloud computing
More informationANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS
ANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS Saulius Grusnys, Ingrida Lagzdinyte Kaunas University of Technology, Department of Computer Networks, Studentu 50,
More informationA SYSTEM FOR DETECTION AND PRVENTION OF PATH BASED DENIAL OF SERVICE ATTACK
A SYSTEM FOR DETECTION AND PRVENTION OF PATH BASED DENIAL OF SERVICE ATTACK P.Priya 1, S.Tamilvanan 2 1 M.E-Computer Science and Engineering Student, Bharathidasan Engineering College, Nattrampalli. 2
More informationIntrusion prevention systems are an important part of protecting any organisation from constantly developing threats.
Network IPS Overview Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. By using protocol recognition, identification, and traffic analysis
More informationDiffusion Convolutional Recurrent Neural Network: Data-Driven Traffic Forecasting
Diffusion Convolutional Recurrent Neural Network: Data-Driven Traffic Forecasting Yaguang Li Joint work with Rose Yu, Cyrus Shahabi, Yan Liu Page 1 Introduction Traffic congesting is wasteful of time,
More informationDifferent attack manifestations Network packets OS calls Audit records Application logs Different types of intrusion detection Host vs network IT
Different attack manifestations Network packets OS calls Audit records Application logs Different types of intrusion detection Host vs network IT environment (e.g., Windows vs Linux) Levels of abstraction
More informationDeep Learning Approach to Network Intrusion Detection
Deep Learning Approach to Network Intrusion Detection Paper By : Nathan Shone, Tran Nguyen Ngoc, Vu Dinh Phai, Qi Shi Presented by : Romi Bajracharya Overview Introduction Limitation with NIDS Proposed
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationIntrusion Detection Systems
Intrusion Detection Systems Dr. Ahmad Almulhem Computer Engineering Department, KFUPM Spring 2008 Ahmad Almulhem - Network Security Engineering - 2008 1 / 15 Outline 1 Introduction Overview History 2 Types
More informationNext Steps in Data Mining. Sistemas de Apoio à Decisão Cláudia Antunes
Next Steps in Data Mining Sistemas de Apoio à Decisão Cláudia Antunes Temporal Data Mining Cláudia Antunes Data Mining Knowledge Discovery is the nontrivial extraction of implicit, previously unknown,
More informationA TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS
ISSN: 2229-6948 (ONLINE) ICTACT JOURNAL OF COMMUNICATION TECHNOLOGY, JUNE 2010, VOLUME: 01, ISSUE: 02 DOI: 10.21917/ijct.2010.0013 A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
Gayatri Chavan,, 2013; Volume 1(8): 832-841 T INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK RECTIFIED PROBABILISTIC PACKET MARKING
More informationIntroduction to Security. Computer Networks Term A15
Introduction to Security Computer Networks Term A15 Intro to Security Outline Network Security Malware Spyware, viruses, worms and trojan horses, botnets Denial of Service and Distributed DOS Attacks Packet
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationRestricted Boltzmann Machines. Shallow vs. deep networks. Stacked RBMs. Boltzmann Machine learning: Unsupervised version
Shallow vs. deep networks Restricted Boltzmann Machines Shallow: one hidden layer Features can be learned more-or-less independently Arbitrary function approximator (with enough hidden units) Deep: two
More informationMulti-phase IRC Botnet & Botnet Behavior Detection Model
Software Verification and Validation Multi-phase IRC Botnet & Botnet Behavior Detection Model Aymen AlAwadi aymen@tmit.bme.hu Budapest university of technology and economics Department of Telecommunications
More informationRadware DefensePro DDoS Mitigation Release Notes Software Version Last Updated: December, 2017
Radware DefensePro DDoS Mitigation Release Notes Software Version 8.13.01 Last Updated: December, 2017 2017 Cisco Radware. All rights reserved. This document is Cisco Public. Page 1 of 9 TABLE OF CONTENTS
More informationAnalyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks. Carlos García Cordero Sascha Hauke Max Mühlhäuser Mathias Fischer
Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks Carlos García Cordero Sascha Hauke Max Mühlhäuser Mathias Fischer The Beautiful World of IoT 06.03.2018 garcia@tk.tu-darmstadt.de
More informationTowards Traffic Anomaly Detection via Reinforcement Learning and Data Flow
Towards Traffic Anomaly Detection via Reinforcement Learning and Data Flow Arturo Servin Computer Science, University of York aservin@cs.york.ac.uk Abstract. Protection of computer networks against security
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationOutline. Motivation. Our System. Conclusion
Outline Motivation Our System Evaluation Conclusion 1 Botnet A botnet is a collection of bots controlled by a botmaster via a command and control (C&C) channel Centralized C&C, P2P-based C&C Botnets serve
More informationDistributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT
Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT Tony T. Luo, Institute for Infocomm Research, A*STAR, Singapore - https://tonylt.github.io Sai G. Nagarajan, Singapore University
More informationDeep Learning. Deep Learning. Practical Application Automatically Adding Sounds To Silent Movies
http://blog.csdn.net/zouxy09/article/details/8775360 Automatic Colorization of Black and White Images Automatically Adding Sounds To Silent Movies Traditionally this was done by hand with human effort
More informationCS231N Section. Video Understanding 6/1/2018
CS231N Section Video Understanding 6/1/2018 Outline Background / Motivation / History Video Datasets Models Pre-deep learning CNN + RNN 3D convolution Two-stream What we ve seen in class so far... Image
More informationCorrelation Based Approach with a Sliding Window Model to Detect and Mitigate Ddos Attacks
Journal of Computer Science Original Research Paper Correlation Based Approach with a Sliding Window Model to Detect and Mitigate Ddos Attacks 1 Ayyamuthukumar, D. and 2 S. Karthik 1 Department of CSE,
More informationA Survey of Defense Mechanisms Against DDoS Flooding A
DDoS Defense: Scope And A Survey of Defense Mechanisms Against DDoS Flooding Attacks IIT Kanpur IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 4, FOURTH QUARTER 2013 DDoS Defense: Scope And Outline
More informationHillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis
Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis Keywords: Intelligent Next-Generation Firewall (ingfw), Unknown Threat, Abnormal Parameter, Abnormal Behavior,
More informationDeep-Q: Traffic-driven QoS Inference using Deep Generative Network
Deep-Q: Traffic-driven QoS Inference using Deep Generative Network Shihan Xiao, Dongdong He, Zhibo Gong Network Technology Lab, Huawei Technologies Co., Ltd., Beijing, China 1 Background What is a QoS
More informationData Sheet. DPtech Anti-DDoS Series. Overview. Series
Data Sheet DPtech Anti-DDoS Series DPtech Anti-DDoS Series Overview DoS (Denial of Service) leverage various service requests to exhaust victims system resources, causing the victim to deny service to
More informationAnti-DDoS. User Guide. Issue 05 Date
Issue 05 Date 2017-02-08 Contents Contents 1 Introduction... 1 1.1 Functions... 1 1.2 Application Scenarios...1 1.3 Accessing and Using Anti-DDoS... 2 1.3.1 How to Access Anti-DDoS...2 1.3.2 How to Use
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationEmerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan
Emerging Threat Intelligence using IDS/IPS Chris Arman Kiloyan Who Am I? Chris AUA Graduate (CS) Thesis : Cyber Deception Automation and Threat Intelligence Evaluation Using IDS Integration with Next-Gen
More informationCLASSIFICATION OF LINK BASED IDENTIFICATION RESISTANT TO DRDOS ATTACKS
CLASSIFICATION OF LINK BASED IDENTIFICATION RESISTANT TO DRDOS ATTACKS 1 S M ZAHEER, 2 V.VENKATAIAH 1 M.Tech, Department of CSE, CMR College Of Engineering & Technology, Kandlakoya Village, Medchal Mandal,
More informationChapter 7. Denial of Service Attacks
Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),
More informationNetwork Security. Chapter 0. Attacks and Attack Detection
Network Security Chapter 0 Attacks and Attack Detection 1 Attacks and Attack Detection Have you ever been attacked (in the IT security sense)? What kind of attacks do you know? 2 What can happen? Part
More informationTraceback Attacks in Cloud Pebbletrace Botnet nd International Conference on Distributed Computing Systems Workshops Wenjie Lin, David Lee
Traceback Attacks in Cloud Pebbletrace Botnet 2012 32nd International Conference on Distributed Computing Systems Workshops Wenjie Lin, David Lee Outline Introduction Key Identification Botnet attack in
More informationCombining Speak-up with DefCOM for Improved DDoS Defense
Combining Speak-up with DefCOM for Improved DDoS Defense Mohit Mehta, Kanika Thapar, George Oikonomou Computer and Information Sciences University of Delaware Newark, DE 19716, USA Jelena Mirkovic Information
More informationComprehensive datacenter protection
Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) Presented by Erland Jonsson Department of Computer Science and Engineering Intruders & Attacks Cyber criminals Activists State-sponsored organizations Advanced Persistent
More informationDetection of DDoS Attack on the Client Side Using Support Vector Machine
Detection of DDoS Attack on the Client Side Using Support Vector Machine Donghoon Kim * and Ki Young Lee** *Department of Information and Telecommunication Engineering, Incheon National University, Incheon,
More informationLecture 12. Application Layer. Application Layer 1
Lecture 12 Application Layer Application Layer 1 Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers
More informationLow-rate and High-rate Distributed DoS Attack Detection Using Partial Rank Correlation
Low-rate and High-rate Distributed DoS Attack Detection Using Partial Rank Correlation Monowar H. Bhuyan and Abhishek Kalwar Dept. of Computer Science & Engg. Kaziranga University, Jorhat-785006, Assam
More informationThe Protocols that run the Internet
The Protocols that run the Internet Attack types in the Internet Seminarvortrag Sommersemester 2003 Jens Gerken Content Internet Attacks Introduction Network Service Attacks Distributed Denial of Service
More informationDDOS - Fighting Fire with Fire Michael Walfish, Hari Balakrishnan, David Karger, and Scott Shenker.
DDOS - Fighting Fire with Fire Michael Walfish, Hari Balakrishnan, David Karger, and Scott Shenker. 12.02.2007 2005-12-31 Richard Your Socher Name www.socher.org Your Title Seminar: Security and Privacy
More informationDistributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS) Defending against Flooding-Based DDoS Attacks: A Tutorial Rocky K. C. Chang Presented by Adwait Belsare (adwait@wpi.edu) Suvesh Pratapa (suveshp@wpi.edu) Modified by
More informationBeauty and the Burst
Beauty and the Burst Remote Identification of Encrypted Video Streams Roei Schuster Cornell Tech, Tel Aviv University Vitaly Shmatikov Cornell Tech Eran Tromer Columbia University, Tel Aviv University
More informationProbabilistic Performance Analysis of Moving Target and Deception Reconnaissance Defenses
Probabilistic Performance Analysis of Moving Target and Deception Reconnaissance Defenses Michael Crouse, Bryan Prosser and Errin W. Fulp WAKE FOREST U N I V E R S I T Y Department of Computer Science
More informationThe UCSD Network Telescope
The UCSD Network Telescope Colleen Shannon cshannon @ caida.org NSF CIED Site Visit November 22, 2004 UCSD CSE Motivation Blocking technologies for automated exploits is nascent and not widely deployed
More informationNetwork Operations Intelligence. Evolving network operations by the power of intelligence
Network Operations Intelligence Evolving network operations by the power of intelligence 1 Future of Network Operations 2 Evolution with Intelligence 3 KT s Experience 4 Considerations 01 Current: An Operations
More informationEFFECTIVE INTRUSION DETECTION AND REDUCING SECURITY RISKS IN VIRTUAL NETWORKS (EDSV)
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 8, August 2014,
More informationThis Lecture. BUS Computer Facilities Network Management. Switching Network. Simple Switching Network
This Lecture BUS0 - Computer Facilities Network Management Switching networks Circuit switching Packet switching gram approach Virtual circuit approach Routing in switching networks Faculty of Information
More informationNo Time for Zero-Day Solutions John Muir, Managing Partner
No Time for Zero-Day Solutions John Muir, Managing Partner Executive Summary Innovations in virus construction and propagation have created a zero-day threat from email attachments that can wreak significant
More informationGeneric Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture
Generic Architecture EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California,
More informationMITIGATING DENIAL OF SERVICE ATTACKS IN OLSR PROTOCOL USING FICTITIOUS NODES
MITIGATING DENIAL OF SERVICE ATTACKS IN OLSR PROTOCOL USING FICTITIOUS NODES 1 Kalavathy.D, 2 A Gowthami, 1 PG Scholar, Dept Of CSE, Salem college of engineering and technology, 2 Asst Prof, Dept Of CSE,
More informationCS 155 Final Exam. CS 155: Spring 2009 June 2009
CS 155: Spring 2009 June 2009 CS 155 Final Exam This exam is open books and open notes. You may use course notes and documents that you have stored on a laptop, but you may NOT use the network connection
More informationDDoS Defense by Offense
DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker, SIGCOMM 06 Presented by Nikki Benecke, Nov. 7 th, 2006, for CS577 DDoS: Defense by Offense
More informationFast and Evasive Attacks: Highlighting the Challenges Ahead
Fast and Evasive Attacks: Highlighting the Challenges Ahead Moheeb Rajab, Fabian Monrose, and Andreas Terzis Computer Science Department Johns Hopkins University Outline Background Related Work Sampling
More informationDeep Learning. Deep Learning provided breakthrough results in speech recognition and image classification. Why?
Data Mining Deep Learning Deep Learning provided breakthrough results in speech recognition and image classification. Why? Because Speech recognition and image classification are two basic examples of
More informationFlow-based Anomaly Intrusion Detection System Using Neural Network
Flow-based Anomaly Intrusion Detection System Using Neural Network tational power to analyze only the basic characteristics of network flow, so as to Intrusion Detection systems (KBIDES) classify the data
More informationMachine Learning on Encrypted Data
Machine Learning on Encrypted Data Kim Laine Microsoft Research, Redmond WA January 5, 2017 Joint Mathematics Meetings 2017, Atlanta GA AMS-MAA Special Session on Mathematics of Cryptography Two Tracks
More informationDeep Learning Benchmarks Mumtaz Vauhkonen, Quaizar Vohra, Saurabh Madaan Collaboration with Adam Coates, Stanford Unviersity
Deep Learning Benchmarks Mumtaz Vauhkonen, Quaizar Vohra, Saurabh Madaan Collaboration with Adam Coates, Stanford Unviersity Abstract: This project aims at creating a benchmark for Deep Learning (DL) algorithms
More information2 OVERVIEW OF RELATED WORK
Utsushi SAKAI Jun OGATA This paper presents a pedestrian detection system based on the fusion of sensors for LIDAR and convolutional neural network based image classification. By using LIDAR our method
More informationYour projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /30 * 100
You should worry if you are below this point Your projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /0 * 100 o Optimistic: (Your
More informationCoDef: Collaborative Defense Against Large-Scale Link-Flooding Attacks
CoDef: Collaborative Defense Against Large-Scale Link-Flooding Attacks Soo Bum Lee Min Suk Kang Qualcomm ECE and CyLab San Diego, CA USA Carnegie Mellon University soobuml@qti.qualcomm.com Pittsburgh,
More informationEECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture
EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,
More informationCheck Point DDoS Protector Introduction
Check Point DDoS Protector Introduction Petr Kadrmas SE Eastern Europe pkadrmas@checkpoint.com Agenda 1 (D)DoS Trends 2 3 4 DDoS Protector Overview Protections in Details Summary 2 (D)DoS Attack Methods
More informationAnalysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs
Analysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs by Charikleia Zouridaki Charikleia Zouridaki 1, Marek Hejmo 1, Brian L. Mark 1, Roshan K. Thomas 2, and Kris Gaj 1 1 ECE
More informationBIG-IP Application Security Manager : Implementations. Version 13.0
BIG-IP Application Security Manager : Implementations Version 13.0 Table of Contents Table of Contents Preventing DoS Attacks on Applications... 13 What is a DoS attack?...13 About recognizing DoS attacks...
More informationAnti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 11 Date 2018-05-28 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationTable of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1
Table of Contents 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 i 1 Intrusion Detection Statistics Overview Intrusion detection is an important network
More informationActive defence through deceptive IPS
Active defence through deceptive IPS Authors Apostolis Machas, MSc (Royal Holloway, 2016) Peter Komisarczuk, ISG, Royal Holloway Abstract Modern security mechanisms such as Unified Threat Management (UTM),
More informationHOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL
HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL CONTENTS EXECUTIVE SUMMARY 1 WEB APPLICATION SECURITY CHALLENGES 2 INSIST ON BEST-IN-CLASS CORE CAPABILITIES 3 HARNESSING ARTIFICIAL INTELLIGENCE
More informationResources and Credits. Definition. Symptoms. Denial of Service 3/3/2010 COMP Information on Denial of Service attacks can
Resources and Credits Denial of Service COMP620 Information on Denial of Service attacks can be found on Wikipedia. Graphics and some text in these slides was taken from the Wikipedia site The textbook
More informationMachine Learning. Deep Learning. Eric Xing (and Pengtao Xie) , Fall Lecture 8, October 6, Eric CMU,
Machine Learning 10-701, Fall 2015 Deep Learning Eric Xing (and Pengtao Xie) Lecture 8, October 6, 2015 Eric Xing @ CMU, 2015 1 A perennial challenge in computer vision: feature engineering SIFT Spin image
More informationNon-Profiled Deep Learning-Based Side-Channel Attacks
Non-Profiled Deep Learning-Based Side-Channel Attacks Benjamin Timon UL Transaction Security, Singapore benjamin.timon@ul.com Abstract. Deep Learning has recently been introduced as a new alternative to
More informationA Deep Learning Framework for Authorship Classification of Paintings
A Deep Learning Framework for Authorship Classification of Paintings Kai-Lung Hua ( 花凱龍 ) Dept. of Computer Science and Information Engineering National Taiwan University of Science and Technology Taipei,
More informationCOMP 2000 W 2012 Lab no. 3 Page 1 of 11
COMP 2000 W 2012 Lab no. 3 Page 1 of 11 Lab Introduction Background The Internet is based on packet-switched protocols. Information is carried in packets (it is divided into packets), which can be imagined
More informationA Novel Approach to Denial-of-Service Attack Detection with Tracebacking
International Journal On Engineering Technology and Sciences IJETS 35 A Novel Approach to Denial-of-Service Attack Detection with Tracebacking Jasheeda P M.tech. Scholar jashi108@gmail.com Faisal E M.tech.
More informationDeep Learning in Visual Recognition. Thanks Da Zhang for the slides
Deep Learning in Visual Recognition Thanks Da Zhang for the slides Deep Learning is Everywhere 2 Roadmap Introduction Convolutional Neural Network Application Image Classification Object Detection Object
More informationIntrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks
Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial
More informationDetecting malware even when it is encrypted
Detecting malware even when it is encrypted Machine Learning for network HTTPS analysis František Střasák strasfra@fel.cvut.cz @FrenkyStrasak Sebastian Garcia sebastian.garcia@agents.fel.cvut.cz @eldracote
More informationDatabase and Knowledge-Base Systems: Data Mining. Martin Ester
Database and Knowledge-Base Systems: Data Mining Martin Ester Simon Fraser University School of Computing Science Graduate Course Spring 2006 CMPT 843, SFU, Martin Ester, 1-06 1 Introduction [Fayyad, Piatetsky-Shapiro
More informationUnsupervised Clustering of Web Sessions to Detect Malicious and Non-malicious Website Users
Unsupervised Clustering of Web Sessions to Detect Malicious and Non-malicious Website Users ANT 2011 Dusan Stevanovic York University, Toronto, Canada September 19 th, 2011 Outline Denial-of-Service and
More informationKnowledge-Defined Networking: Towards Self-Driving Networks
Knowledge-Defined Networking: Towards Self-Driving Networks Albert Cabellos (UPC/BarcelonaTech, Spain) albert.cabellos@gmail.com 2nd IFIP/IEEE International Workshop on Analytics for Network and Service
More informationEXPERIMENTAL STUDY OF FLOOD TYPE DISTRIBUTED DENIAL-OF- SERVICE ATTACK IN SOFTWARE DEFINED NETWORKING (SDN) BASED ON FLOW BEHAVIORS
EXPERIMENTAL STUDY OF FLOOD TYPE DISTRIBUTED DENIAL-OF- SERVICE ATTACK IN SOFTWARE DEFINED NETWORKING (SDN) BASED ON FLOW BEHAVIORS Andry Putra Fajar and Tito Waluyo Purboyo Faculty of Electrical Engineering,
More informationEnd-To-End Spam Classification With Neural Networks
End-To-End Spam Classification With Neural Networks Christopher Lennan, Bastian Naber, Jan Reher, Leon Weber 1 Introduction A few years ago, the majority of the internet s network traffic was due to spam
More informationDeep Tracking: Biologically Inspired Tracking with Deep Convolutional Networks
Deep Tracking: Biologically Inspired Tracking with Deep Convolutional Networks Si Chen The George Washington University sichen@gwmail.gwu.edu Meera Hahn Emory University mhahn7@emory.edu Mentor: Afshin
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationNETWORKING. 8. ITDNW08 Congestion Control for Web Real-Time Communication
NETWORKING 1. ITDNW01 Wormhole: The Hidden Virus Propagation Power of a Search Engine in Social 2. ITDNW02 Congestion Control for Background Data Transfers With Minimal Delay Impact 3. ITDNW03 Transient
More informationReview on Data Mining Techniques for Intrusion Detection System
Review on Data Mining Techniques for Intrusion Detection System Sandeep D 1, M. S. Chaudhari 2 Research Scholar, Dept. of Computer Science, P.B.C.E, Nagpur, India 1 HoD, Dept. of Computer Science, P.B.C.E,
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Datasheet SIEM in a nutshell The variety of cyber-attacks is extraordinarily large. Phishing, DDoS attacks in combination with ransomware demanding bitcoins
More informationApplication Layer DDOS Attack Detection Using Hybrid Machine Learning Approach
, pp.85-96 http://dx.doi.org/10.14257/ijsia.2017.11.4.07 Application Layer DDOS Attack Detection Using Hybrid Machine Learning Approach Rizwan ur Rahman, Deepak Singh Tomar and Jijin A.V. Maulana Azad
More informationDeep Learning. Volker Tresp Summer 2014
Deep Learning Volker Tresp Summer 2014 1 Neural Network Winter and Revival While Machine Learning was flourishing, there was a Neural Network winter (late 1990 s until late 2000 s) Around 2010 there
More informationCheck Point DDoS Protector Simple and Easy Mitigation
Check Point DDoS Protector Simple and Easy Mitigation Jani Ekman janie@checkpoint.com Sales Engineer DDoS Protector 1 (D)DoS Attacks 2 3 4 DDoS Protector Behavioral DoS Protection Summary 2 What is an
More information