1,721,241 research outputs found
Detecting Yo-Yo DoS attack in acontainer-based environment
No full textDenial-of-Service (DoS) attacks are an ever persistent treath to IT environ-ments and it occurs today at an ever-increasing rate from year to year. Asthe world develops and companies migrate their systems from private loc-ations to public clouds, cyber criminals continue to use their classic DoSmethods on cloud networks. Some clever cyber criminals also come upwith new ways of rendering services unavailable for the intended users byexploring vulnerabilities in novel technologies such as clouds are. Still, typ-ical attacks such as SYN floods and amplification attacks are the most popu-lar attack vectors. There have been a big number of research on these classicDoS approaches, but security firms that operate DoS mitigation solutionscontinue to observe new trends in the DoS environment. More novel trendsdiffers from the classic attacks by utilizing multiple attack vectors at thesame time, hoarding big botnets and low-and-slow attacks among other. Anovel DoS attack is the Yo-Yo attack which sends bursts of traffic in orderto exploit cloud provider’s auto-scaling functionalities. Auto-scaling is avery important line of defense against DoS attacks, but the Yo-Yo attack isspecialized at exploiting a mechanism that we first thought only as an ad-vantage that now could be a concern for cloud providers. The Yo-Yo attackis able to impact the victims web server with performance degradation aswell as economic loss. This research will try to contribute with a detectionmechanism against the Yo-Yo attack, as well as doing so in a container-based environment. This research has not been conducted earlier with acontainer-based environment as far as the author can tell, and it is highlyrelevant for the time being as more and more users are choosing contain-ers for their web services, due to their lightweight being. The hypothesisis that (a) the Yo-Yo attack will not be able to determine the scaling phaseor scaling policy due to rapid deployment of container instances or (b) thatthe Yo-Yo attack will induct rapid scaling of container instances and causefurther economic loss than previously
Detecting Yo-Yo DoS attack in acontainer-based environment
Full text linkDenial-of-Service (DoS) attacks are an ever persistent treath to IT environ-ments and it occurs today at an ever-increasing rate from year to year. Asthe world develops and companies migrate their systems from private loc-ations to public clouds, cyber criminals continue to use their classic DoSmethods on cloud networks. Some clever cyber criminals also come upwith new ways of rendering services unavailable for the intended users byexploring vulnerabilities in novel technologies such as clouds are. Still, typ-ical attacks such as SYN floods and amplification attacks are the most popu-lar attack vectors. There have been a big number of research on these classicDoS approaches, but security firms that operate DoS mitigation solutionscontinue to observe new trends in the DoS environment. More novel trendsdiffers from the classic attacks by utilizing multiple attack vectors at thesame time, hoarding big botnets and low-and-slow attacks among other. Anovel DoS attack is the Yo-Yo attack which sends bursts of traffic in orderto exploit cloud provider’s auto-scaling functionalities. Auto-scaling is avery important line of defense against DoS attacks, but the Yo-Yo attack isspecialized at exploiting a mechanism that we first thought only as an ad-vantage that now could be a concern for cloud providers. The Yo-Yo attackis able to impact the victims web server with performance degradation aswell as economic loss. This research will try to contribute with a detectionmechanism against the Yo-Yo attack, as well as doing so in a container-based environment. This research has not been conducted earlier with acontainer-based environment as far as the author can tell, and it is highlyrelevant for the time being as more and more users are choosing contain-ers for their web services, due to their lightweight being. The hypothesisis that (a) the Yo-Yo attack will not be able to determine the scaling phaseor scaling policy due to rapid deployment of container instances or (b) thatthe Yo-Yo attack will induct rapid scaling of container instances and causefurther economic loss than previously.publishedVersio
Optimizing Cloud Infrastructure Provisioning through Terraformand Genetic Algorithms
Full text linkModern methodologies like DevOps have increasingly emphasized automation and efficiency in cloud infrastructure management, leading to the widespread adoption of Infrastructure as Code (IaC) and containerization. Kubernetes has become a leading solution for orchestrating containerized applications, automating many tasks traditionally performed manually. Despite its advantages, optimizing resource allocation in complex Kubernetes environments is challenging due to the many configurable options and their intricate dependencies. Genetic algorithms have shown promise in addressing complex optimization problems. This thesis explores the potential of genetic algorithms to optimize Kubernetes-based applications and their underlying infrastructure
To achieve this, a software tool was developed that uses genetic algorithms together with Terraform. The tool deploys several Kubernetes-based applications and their underlying virtual machine infrastructure in parallel. A genetic algorithm is utilized to iteratively evolve and refine the configurations. In addition, experiments were conducted to evaluate the performance of the genetic algorithm-based approach.
The findings of this thesis suggest that genetic algorithms hold potential for optimizing Kubernetes applications and their underlying infrastructure. The results demonstrate that the genetic algorithm-based approach can improve fitness by 34\%, outperforming random configuration selection, which achieved a 22\% improvement. Additionally, the optimization of Kubernetes metrics like memory requests and replica count seem to have the most effect on fitness, while VM metrics like CPU and RAM allocation become more important when resources are limited. The system's design, initially tailored for OpenStack, can be adapted for other cloud environments like AWS, GCP, or Azure with minor adjustments to the Terraform configuration and genetic algorithm parameters
Implementation of an approach to mitigate Yo-Yo attack in cloud auto-scaling mechanism
Full text linkIn recent years, global business has witnessed significant cloud adoption, which provides considerable value over traditional datacenters—achieving greater scalability, cost efficiency, and improved performance. Cloud auto-scaling is a cloud service feature to react to the variation in the live traffic load by spinning up or down instances on the fly. This new feature may also introduce new security threats. For example, DDoS attacks utilize multiple distributed attack resources to exploit resources such as cloud services. Auto-scaling mechanism transforms the DDoS attacks into Economic Denial of Sustainability attack (EDoS) or an emerging new type of attack called Yo-Yo attack. Yo-Yo attack is a newly disclosed attack, according to which attackers send a burst of traffic periodically to oscillate the auto-scaling system between scale-out and scale-in status.
In this thesis, we present a solution to detect a Yo-Yo attack and mitigate it in the cloud auto-scaling mechanism. The study shows to which extent the Yo-Yo attack differs from traditional DoS/DDoS attacks in cloud auto-scaling. An approach called Trust-based Adversarial Scanner Delaying (TASD), which is introduced by [ref] is implemented and tested under real cloud settings. The TASD system is deployed on Amazon Web Services (AWS). In TASD, the detection module uses a trust value algorithm to assign a Quality of Service (QoS) value to each user, and the mitigation module controls the flow of the traffic base on the trust value number of each user.
The experimental results show that the Yo-Yo attack causes significant performance degradation in addition to economic damage, while the attack is more difficult to detect and requires fewer resources from the attacker compared with traditional DDoS. Moreover, auto-scaling policy configuration is a key to minimizing the effect of Yo-Yo attacks. The experiment evaluations show that the TASD system can detect and mitigate Yo-Yo attacks in a real cloud application.publishedVersio
Analyzing automated activity and social deception on Twitter during the 2021 Norwegian election
Full text linkThe growing concern of fake news and social bots as threats to democracy leaves society with motivation to investigate and research its presence. In this thesis, we look into social bot research and try to understand the current landscape and its caveats, including its reliance on closed-source tools such as Botometer for bot detection. A Twitter data set is created, consisting of political Tweets made during the 2021 Norwegian election. A variety of techniques, such as manual inspection, plagiarism, exploratory data analysis, and Botometer scores are used to investigate the presence of automated activity and social bots. In the course of this thesis we find no concrete evidence of disguised automated activity or social bot presence, and discover multiple inconsistencies in the Botometer classification results. An argument is made for research to rely less on closed-source tools and resort to more reliable ways to investigate and understand social bots.publishedVersio
Exploring multilingual and contextual properties in word representations from BERT
No full textNowadays, contextual language models can solve a wide range of language tasks such as text classification, question answering and machine translation. These tasks often require the model to have knowledge about general language understanding, like how words relate to each other. This understanding is acquired through a pre-training stage where the model learn features from raw text data. However, we do not fully understand all the features the model learns through this pre-training stage. Does there exists information yet to be utilized? Can we make predictions more explainable? This thesis aims to extend the knowledge of what features a language model have acquired. We have chosen the model architecture BERT and have analyzed its word representations from two feature perspectives. The first perspective investigated similarities and dissimilarities between English and Norwegian word representations by evaluating their performance on a word retrieval task and a language detection task. The second perspective analyzed how a word representation changes if the word stands in the wrong context or if the word was inferred through the model without context
New classes of load balancing learning automata methods: A dynamical system approach applied to wind turbine fatigue distribution
Full text linkNew classes of Load Balancing Learning Automata methods, that equalize rewards or pay-offs (R) for all possible actions, are introduced in this study. The respective automata are designed to operate in a S-Model environment, which responds to any action with a binary domain bounded, continuous reward response (). Inspired by the momentum based stochastic gradient descent in deep learning, two methods namely the Momentum based Two Time Scale (MTTS) Type-1 and Type-2 approach are established. These methods, with different mathematical forms, incorporate the concept of momentum () as reinforcement to the action probability update process. This draws parallels with an earlier state of the art Two Time Scale (TTS) approach under a P-Model environment that incorporates the discrete binary reward or reinforcement (), in the action probability update, as the difference between the moving reward of a chosen action and the average of the moving reward of all actions. Similarly, the learning process of the MTTS method, is split into two parts. One where the action probabilities are updated with the momentum as reinforcement, after which the latter itself is updated. The other where the difference in reward gradient between two successive steps is used. It is shown that the MTTS approach converge to the optimal solution faster than both the simple, traditional S-Model based probability update and the state of the art, TTS load balancing methods, which are used as benchmarks. However, it is also discovered that if the hyper-parameters of TTS method are chosen in a certain manner that is against normal convention with which the method was initially defined, it outperforms the MTTS methods. Furthermore, within the MTTS Type-1 and Type-2 framework, an implementation that adjusts the learning rate based on action-reward history is also introduced. Similar approaches have been published in the field of Reinforcement Learning but such an application is missing in Learning Automata literature. Coined as the Prediction Enforced Adaptive Rate of Learning (PEARL) implementation, the automata before executing the chosen action, predicts using polynomial regression, the reward that would be gained and compares it with the actual reward observed after the action is executed. This difference between predicted and expected reward is used to augment the learning process. Essentially in PEARL, the automaton “learns the curve” for each action and uses the information gained to make decisions. Finally, the Jump To Optimal (JTO) method is presented. In this approach, the action probability-reward curves are constructed using historical iterative data to determine the action probability distribution that yield equal rewards for all actions at every iteration, which in turn is used to guide the update process. The results of all methods are compared against each other by assessing their and speed of convergence to the point of optimal action probability distribution and the stability at that point.
As a test of practical utility, they are applied to solve the Wind Farm turbine fatigue distribution problem. Turbines in Wind farms face the onslaught of wind stresses which are dynamical in nature, apart from other forms of dynamic and static stresses depending on whether they are onshore or offshore. The learning automaton methods are used to the achieve the optimal turbine power capture distribution in wind farms, in an effort to equalize thrust. This is done to equalize the fatigue on all turbines, thereby increasing the overall life span of the wind farm and reducing maintenance costs. In particular, the developed load balancing automatons are able to handle stochastic and non-stationary environments, which the turbines experience due to changing wind directions and rapdily fluctuating wind speeds, also called gusts. The environments are modelled using a publicly available dataset from the British company Shell and the wakes are modelled using the well known, Jensen model. The turbulence in the wind, is modelled using the Kaimal Wind Turbuelence Spectra
Exploring thehHyperparameter space of U-Net using genetic algorithms
No full textU-Net based architecture has become the de-facto standard approach for medical image segmentation in recent years. Many researchers have used the original U-Net as a skeleton for suggesting more advanced models such as UNet++ and UNet 3+. For our project, we also seek to optimize the original U-Net. Rather than changing the architecture itself, we optimize hyperparameters which does not affect the architecture, but affects the performance of the model. To optimize the hyperparameters, we use genetic algorithms. After the genetic algorithms have converged, we analyze the results and try to understand why the key factors behind explaining the performance
When Behavior Analysis Meets Machine Learning; Formation of Stimulus Equivalence Classes and Adaptive Learning in Artificial Agents
No full textIn this thesis, two well studied subjects in behavior analysis are computationally modeled; formation of stimulus equivalence classes, and adaptive learning. The former is addressed in Study I and Study II, while the latter is addressed in Study III and Study IV. Background. Stimulus equivalence as a behavioral analytic approach studies cognitive skills such as memory and learning. Despite its importance in experimental studies, from a computational modelling point of view, the formation of stimulus equivalence classes has largely been under-investigated. On the other hand, adaptive learning in a broad sense, is a tool to study several cognitive tasks including memory and remembering. An appropriate model can be used as a cognitive level finder, and as a recommendation tool to optimize the training and learning sequence of tasks. Aims. To propose computational models that replicate formation of stimulus equivalence classes and adaptive learning. The models are supposed to be simple, flexible and interpretable in order to be suitable for analysis of human complex behavior. Methods. Agents endowed with Reinforcement learning, more precisely Projective Simulation and Stochastic Point Location, are used to model the interaction between experimenter and the participant through the testing/learning process. Formation of derived relations in Study I is achieved by on demand computation during the test phase trials using likelihood reasoning. In Study II, subsequent to the training phase, an iterative diffusion process called Network Enhancement is used to form derived relations, which turns the test phase into a memory retrieval phase. The solution to Stochastic Point Location in Study III aims to estimate the tolerable task difficulty level in an online and interactive settings. In Study IV, the appropriate task difficulty for training and learning is sought by using a target success rate that is usually defined beforehand by the experimenter using a method called Balanced Difficulty Task Finder. Results. The proposed models for replication of equivalence relations, called Equivalence Projective Simulation (Study I) and Enhanced Equivalence Projective Simulation (Study II) could replicate a variety of settings in a matching-to-sample procedure. The models are quite flexible and appropriate to replicate results from real experiments and simulate different scenarios before performing an empirical experiment involving human subjects. In Study III, we suggest a new method to estimate the unknown point location in the Stochastic Point Location problem domain using the mutual probability flux concept and we prove that the proposed solution outperforms the legacy solution reported in the literature. The probability of receiving correct response from the participant is also estimated as a measure of reliability of participant's performance. In Study IV, we propose a model that is able to suggest a manageable difficulty level to a learner based on online feedback via an asymmetric adjustment technique of difficulty. Discussion. We aimed for models that are flexible, interpretative without a need of extensive pre-training of the model. By resorting to the theory of Projective Simulation, we propose an interpretable simulator for equivalence relations that enjoys the advantage of being easy to configure. By virtue of the Stochastic Point Location model, it is possible to eliminate the need for prior-knowledge about the participant while also avoiding complex modelling techniques. Although not pursued in this thesis, those two lines of modelling could be used in a complementary setting. For instance, adaptive learning can be integrated in the training phase of matching-to-sample or titrated delayed matching-to-sample procedures as suggested in Study IV
Group Recommendation Systems With Pairwise Preference Data
Full text linkBackground and Motivation: Group recommendation systems (GRS) are designed to find what a group of people likes and suggest things they will enjoy together. These systems aim to match the combined tastes of everyone in the group. GRSs are needed for social activities like watching movies, dining out, and planning trips, where decisions must please people with different preferences. The main challenge is to combine these different tastes into one recommendation that makes everyone happy. This research focuses on understanding how groups make decisions and creating algorithms that can accurately predict what a group will enjoy. Successfully solving this challenge can make group activities more enjoyable and harmonious.
Objectives: The main objective of this research is to propose new methods for group recommendation that are fair and precise. To accomplish this goal, six research questions (RQs) have been formulated. [RQ1] How does the utilization of pairwise preference data address the limitations of single-rating data in enhancing the effectiveness of group recommendation systems? [RQ2] How does clustering users based on similar preferences contribute to enhancing the fairness of recommendation systems? [RQ3] How can the prediction of missing data in pairwise preference datasets effectively address the cold start issue in GDM and GRS? [RQ4] How can we develop models to better understand and incorporate the influences among members’ preferences, thus enhancing group recommendation? [RQ5] How can leveraging diverse similarity features of users overcome the limitations of traditional group recommendation systems to enhance recommendation accuracy? [RQ6] How can aggregation and consensus-reaching mechanisms enhance group recommendation systems?
Methods: This research proposed and employed methodologies that can be classified into three primary categories: First, we utilized pairwise preference data, and predicted missing values. Second, we explored user grouping through the introduction of clustering techniques such as GcPp, MFP-based diversity clustering, and GCN-based diversity clustering. In this context, we examined various user similarity score calculations, some of which were proposed for the first time. Third, we developed consensus-reaching or aggregation methods that combine individual user preferences to form a cohesive group preference profile, which is essential for constructing the group recommendation model.
Contributions: The main contributions of this study include:
• Introducing an entropy-based matrix factorization technique for predicting missing values in pairwise preference datasets, which has broad applications in group recommendation systems and group decision-making.
• Proposing several methods for predicting user similarity scores using pairwise preference data, demonstrating higher accuracy compared to single rating data. These similarity scores were calculated using various methods:
1. User similarity scores based on preference graph and graph convolutional networks (GCN).
2. User similarity scores based on user vectors derived from: a) User-item scores obtained from matrix factorization (MF). b) User embedding vectors from a trained matrix factorization model. c) User embedding vectors from the weights of a trained graph neural network.
• Developing clustering methods for grouping the users with similar preferences to facilitate generating fair group recommendations, such as:
1. Dominant set clustering.
2. Diversity-based clustering, which minimizes user diversity scores within
groups.
• Introducing a consensus-reaching method based on user personalities, reflecting real-life scenarios where user contributions to group decisions depend on their personality traits.
• Developing aggregation methods that account for the contributions of individual users in the final group decision. These contributions are calculated using concepts such as the Shapley value and Wonderful Life Utility.
Bakgrunn og Motivasjon: Gruppeanbefalingssystemer (GRS) er utviklet for å finne ut hva en gruppe mennesker liker og til å foreslå ting de vil ha glede av sammen. Disse systemene har som mål å matche de kombinerte preferansene til alle i gruppen. GRS er nyttig for sosiale aktiviteter som å se på film, spise ute og planlegge turer, hvor beslutninger gi et best mulig resultat for flere med ulike preferanser. Den største utfordringen er å kombinere de ulike preferansene til én anbefaling som gjør alle fornøyde. Denne forskningen fokuserer på å forstå hvordan grupper tar beslutninger og å utvikle algoritmer som nøyaktig kan forutsi hva en gruppe vil sette pris på. Å lykkes med å løse denne utfordringen kan gjøre gruppeaktiviteter mer hyggelige og harmoniske.
Målsetninger: Hovedmålet med denne forskningen er å foreslå nye metoder for gruppeanbefalinger som er rettferdige og presise. For å oppnå dette målet er seks forskningsspørsmål (RQs) formulert: [RQ1] Hvordan kan bruk av parvise preferansedata løse begrensningene ved enkeltratingsdata for å øke effektiviteten til GRS? [RQ2] Hvordan bidrar klynging av brukere basert på lignende preferanser til å forbedre rettferdigheten i anbefalingssystemer? [RQ3] Hvordan kan prediksjon av manglende data i parvise preferansedatasett effektivt håndtere kaldstartproblemet i GDM og GRS? [RQ4] Hvordan kan vi utvikle modeller for å bedre forstå og inkorporere påvirkningene blant medlemmers preferanser, og dermed forbedre gruppeanbefalinger? [RQ5] Hvordan kan utnyttelse av mangfoldige likhetsegenskaper hos brukere overkomme begrensningene til tradisjonelle gruppeanbefalingssystemer for å forbedre anbefalingsnøyaktigheten? [RQ6] Hvordan kan aggregasjons- og konsensusmekanismer forbedre gruppeanbefalingssystemer?
Metoder: Denne forskningen foreslo og anvendte metodologier som kan klassifiseres i tre hovedkategorier: Først benyttet vi parvise preferansedata og forutså manglende verdier. For det andre utforsket vi brukergruppering gjennom introduksjon av klyngingsteknikker som GcPp, MFP-basert mangfoldsklynging og GCN-basert mangfoldsklynging. I denne sammenhengen undersøkte vi forskjellige metoder for å beregne brukersimilaritet, hvorav noen ble foreslått for første gang. For det tredje utviklet vi konsensus- eller aggregeringsmetoder som kombinerer individuelle brukerpreferanser for å danne en helhetlig gruppepreferanseprofil, som er essensielt for å
konstruere gruppeanbefalingsmodellen.
Bidrag: Hovedbidragene fra denne studien inkluderer:
• Introduksjon av en entropibasert matrisefaktoriseringsteknikk for å forutsi manglende verdier i parvise preferansedatasett, som har bred anvendelse i gruppeanbefalingssystemer og gruppedynamikk.
• Forslag til flere metoder for å forutsi brukersimilaritet ved bruk av parvise preferansedata, som viser høyere nøyaktighet sammenlignet med enkeltratingsdata. Disse similaritetsscorene ble beregnet ved hjelp av ulike metoder:
1. Brukersimilaritet basert på preferansegraf og grafkonvolusjonsnettverk (GCN).
2. Brukersimilaritet basert på brukervektorer hentet fra: a) Bruker-itemscores oppnådd fra matrisefaktorisering (MF). b) Brukerinnleiringsvektorer fra en trent matrisefaktoreringsmodell. c) Brukerinnleiringsvektorer fra vektene
til et trent grafnevralnettverk.
• Utvikling av klyngemetoder for å gruppere brukere med lignende preferanser for å fasilitere generering av rettferdige gruppeanbefalinger, som:
1. Dominant set klynging.
2. Mangfoldsbasert klynging, som minimerer brukermangfoldsscorer innenfor grupper.
• Introduksjon av en konsensusmetode basert på brukerpersonligheter, som reflekterer virkelige scenarioer hvor brukerens bidrag til gruppebeslutninger avhenger av deres personlighetstrekk.
• Utvikling av aggregeringsmetoder som tar hensyn til bidragene fra individuelle brukere i den endelige gruppedynamikken. Disse bidragene beregnes ved hjelp av konsepter som Shapley-verdi og Wonderful Life Utility.publishedVersio
- …
