1,720,968 research outputs found
A Four-StepTechnique forTackling DDoS Attacks
No full textAbstractThis paper proposes a novel feedback-based control technique that tackles distributed denial of service (DDoS) attacks in four consecutive phases. While protection routers close to the server control inbound traffc rate andkeeps the server alive (phase 1), the server negotiate with upstream routers close to traffc sources to install leaky-buckets for its IP address. The negotiation continues until a defense router on each traffc link accepts the request (phase 2). Next, the server through a feedback-control process adjusts size of leaky-buckets until inbound traffc locates in a desired range (phase 3). Then through a fingerprint test, the server detects which port interfaces of defense routers purely carry good traffc and subsequently asks corresponding defense routers to remove the leaky-bucket limitations for those port interfaces. Additionally, the server amends size of leaky-buckets for the defense routers proportional to amount of good traffc that each one carries (phase 4). Simulation-based results shows that our technique effectively, defenses a victim server against various DDoS attacks such that in most cases more than 90% of good inbound traffc reaches the server while the DDoS attack has been controlled as well
An Ensemble-based Machine Learning Framework for Advanced Distributed Denial of Service Attack Detection in Software Defined Networks
Full text linkDistributed Denial of Service (DDoS) attacks pose a significant threat to modern network architectures, especially Software Defined Networking (SDN) due to its centralized controller. This study proposes an advanced framework for DDoS attack identification and prediction using state-of-the-art machine learning (ML) techniques in an SDN architecture. A comprehensive dataset was generated through a two-stage traffic generation procedure, simulating attack and normal scenarios over a 6-day period, from which fifteen were extracted to characterize network behavior. Multiple classifiers including Gradient Boosting Ensemble methods such as LightGBM, XGBoost, CatBoost, and Gradient Boosting Decision Trees, as well as additional ensemble methods such as AdaBoost and Bagging were evaluated alongside with One-Class SVM and Bayesian Networks. They were trained and evaluated using rigorous cross-validation. The results demonstrate near-perfect performance of ensemble models, achieving up to 99.98% accuracy with outstanding precision, recall, and area under curve metrics. To achieve efficient mitigation, the detection mechanism is deployed on local web servers, and a certificate authority-based secure communication channel transmits malicious IPs to the SDN controller, enabling low-latency, scalable, and real-time DDoS attack mitigation. This paper discusses the promise of applying cutting-edge ML models to enhance the robustness of SDN infrastructures against sophisticated cyber-attacks and offers a template for further research in dynamic network defense strategies
Tackling Application-layer DDoS Attacks
No full textAbstractIn application-layer distributed denial of service (DDoS) attacks, zombie machines attack the victim server through legitimate packets such that packets havelegitimate format and are sent through normal TCP connections. Consequently, neither intrusion detection systems (IDS) nor victim server can detects malicious packets. This paper proposes a novel scheme which is called ConnectionScore to resist against such DDoS attacks. During the attack time, anyconnection is scored based on history and statistical analysis which has been done during the normal condition. The bottleneck resources are retaken from those connections which take lower scores. Our analysis shows that connections established by the adversary give low scores. In fact, ConnectionScore technique can estimate legitimacy of connections with high probability.Toevaluate performanceofthe scheme,weperformexperimentson Emulabenvironmentusingreal traceroute data of ClarkNet WWW server
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Hybrid Intrusion detection model-based density clustering approach and deep learning for detection of malicious traffic over network
Full text linkIntrusion detection in modern network environments poses significant challenges due to the increasing volume and complexity of cyber-attacks. This study proposes a hybrid approach integrating density-based clustering with deep learning to identify malicious traffic over the network. The proposed framework consists of two steps: clustering and classifying data. in clustering, the proposed model uses density clustering techniques to pre-process and segment network traffic into coherent clusters, thereby reducing data noise within clusters. The deep learning model analyses these clusters, accurately distinguishing between benign and malicious activities. The proposed model was tested over the benchmark dataset CIRA-CIC-DoHBrw-2020. The performance of the proposed model compared with standard machine learning models and the number of states of the artworks. The experiment result demonstrates that our hybrid model significantly improves detection accuracy and reduces false-positive rates compared to existing methods
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
- …
