检索结果-内蒙古大学图书馆

Virus dynamics of a distributed attack on a targeted network: Effect of firewall and optimal control

COMMUNICATIONS IN NONLINEAR SCIENCE AND NUMERICAL SIMULATION 2019年 73卷 74-91页

作者： Kumari, Sangeeta Singh, Prerna Upadhyay, Ranjit Kumar Indian Sch Mines Indian Inst Technol Dept Appl Math Dhanbad 826004 Bihar India

An attempt has been made to understand the virus dynamics of a distributed attack in a targeted network adopting firewall security coefficient and treatment rate. A mathematical model is proposed with two sub-frameworks of attacking and targeted class, which further reduces to non-dimensional model system and investigated along with the analysis of virus propagation control measures. Existence and stability of equilibrium points have been discussed. Using central manifold theory, it has been observed that as R-0 passes through unity, transcritical bifurcation occurs. In this work, the firewall security is taken as a media coverage factor and detected that it helps to diminish the virus propagation to some extent. The concept of optimal control theory is introduced as an another measure for controlling the virus proliferation. Numerical experiments are accomplished to justify the analytical findings. Finally, a sensitivity analysis is performed that offer insights into the criticality of parameters in determining the virus dispersion in networks. The inclusion of firewall security eradicates the malicious node propagation in a computer network by lowering the infection level although doesn't affect the value of R-0. (C) 2019 Elsevier B.V. All rights reserved.

关键词： Firewall distributed attack Transcritical bifurcation Optimal control Sensitivity analysis

来源：评论

学校读者我要写书评

暂无评论

A mathematical model for a distributed attack on targeted resources in a computer network

引用

COMMUNICATIONS IN NONLINEAR SCIENCE AND NUMERICAL SIMULATION 2014年第9期19卷 3149-3160页

作者： Haldar, Kaushik Mishra, Bimal Kumar Birla Inst Technol Dept Appl Math Ranchi 835215 Bihar India

A mathematical model has been developed to analyze the spread of a distributed attack on critical targeted resources in a network. The model provides an epidemic framework with two sub-frameworks to consider the difference between the overall behavior of the attacking hosts and the targeted resources. The analysis focuses on obtaining threshold conditions that determine the success or failure of such attacks. Considering the criticality of the systems involved and the strength of the defence mechanism involved, a measure has been suggested that highlights the level of success that has been achieved by the attacker. To understand the overall dynamics of the system in the long run, its equilibrium points have been obtained and their stability has been analyzed, and conditions for their stability have been outlined. (C) 2014 Elsevier B. V. All rights reserved.

关键词： Epidemic models Targeted attack distributed attack Stability

来源：评论

学校读者我要写书评

暂无评论

Hierarchical Anomaly-Based Detection of distributed DNS attacks on Enterprise Networks

引用

IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT 2021年第1期18卷 1031-1048页

作者： Lyu, Minzhao Gharakheili, Hassan Habibi Russell, Craig Sivaraman, Vijay Univ New South Wales Sch Elect Engn & Telecommun Sydney NSW 2052 Australia CSIROs Data61 Dept Networks Grp Sydney NSW 2015 Australia

Domain Name System (DNS) is a critical service for enterprise operations, and is often made openly accessible across firewalls. Malicious actors use this fact to attack organizational DNS servers, or use them as reflectors to attack other victims. Further, attackers can operate with little resources, can hide behind open recursive resolvers, and can amplify their attack volume manifold. The rising frequency and effectiveness of DNS-based DDoS attacks make this a growing concern for organizations. Solutions available today, such as firewalls and intrusion detection systems, use combinations of black-lists of malicious sources and thresholds on DNS traffic volumes to detect and defend against volumetric attacks, which are not robust to attack sources that morph their identity or adapt their rates to evade detection. We propose a method for detecting distributed DNS attacks that uses a hierarchical graph structure to track DNS traffic at three levels of host, subnet, and autonomous system (AS), combined with machine learning that identifies anomalous behaviors at various levels of the hierarchy. Our method can detect distributed attacks even with low rates and stealthy patterns. Our contributions are three-fold: (1) We analyze real DNS traffic over a week (nearly 400M packets) from the edges of two large enterprise networks to highlight various types of incoming DNS queries and the behavior of malicious entities generating query scans and floods;(2) We develop a hierarchical graph structure to monitor DNS activity, identify key attributes, and train/tune/evaluate anomaly detection models for various levels of the hierarchy, yielding more than 99% accuracy at each level;and (3) We apply our scheme to a month's worth of DNS data from the two enterprises and compare the results against blacklists and firewall logs to demonstrate its ability in detecting distributed attacks that might be missed by legacy methods while maintaining a decent real-time performance.

关键词： Computer crime Servers Internet Organizations Real-time systems Image edge detection IP networks distributed attack DNS network security anomaly detection

来源：评论

学校读者我要写书评

暂无评论

A distributed Black-Box Adversarial attack Based on Multi-Group Particle Swarm Optimization

引用

SENSORS 2020年第24期20卷 7158-7158页

作者： Suryanto, Naufal Kang, Hyoeun Kim, Yongsu Yun, Youngyeo Larasati, Harashta Tatimma Kim, Howon Pusan Natl Univ Sch Comp Sci & Engn Busan 609735 South Korea

Adversarial attack techniques in deep learning have been studied extensively due to its stealthiness to human eyes and potentially dangerous consequences when applied to real-life applications. However, current attack methods in black-box settings mainly employ a large number of queries for crafting their adversarial examples, hence making them very likely to be detected and responded by the target system (e.g., artificial intelligence (AI) service provider) due to its high traffic volume. A recent proposal able to address the large query problem utilizes a gradient-free approach based on Particle Swarm Optimization (PSO) algorithm. Unfortunately, this original approach tends to have a low attack success rate, possibly due to the model's difficulty of escaping local optima. This obstacle can be overcome by employing a multi-group approach for PSO algorithm, by which the PSO particles can be redistributed, preventing them from being trapped in local optima. In this paper, we present a black-box adversarial attack which can significantly increase the success rate of PSO-based attack while maintaining a low number of query by launching the attack in a distributed manner. attacks are executed from multiple nodes, disseminating queries among the nodes, hence reducing the possibility of being recognized by the target system while also increasing scalability. Furthermore, we utilize Multi-Group PSO with Random Redistribution (MGRR-PSO) for perturbation generation, performing better than the original approach against local optima, thus achieving a higher success rate. Additionally, we propose to efficiently remove excessive perturbation (i.e, perturbation pruning) by utilizing again the MGRR-PSO rather than a standard iterative method as used in the original approach. We perform five different experiments: comparing our attack's performance with existing algorithms, testing in high-dimensional space in ImageNet dataset, examining our hyperparameters (i.e., particle size, nu

关键词： adversarial examples particle swarm optimization distributed attack

来源：评论

学校读者我要写书评

暂无评论

Modeling and control of computer virus attack on a targeted network

引用

PHYSICA A-STATISTICAL MECHANICS AND ITS APPLICATIONS 2020年 538卷 122617-122617页

作者： Upadhyay, Ranjit Kumar Singh, Prerna Indian Sch Mines Dept Math & Comp Indian Inst Technol Dhanbad 826004 Bihar India Univ Sheffield Sch Math & Stat Sheffield S10 2TN S Yorkshire England

In this paper, a model with two different frameworks of an attacking class and a targeted class is introduced to study the virus mobility of an attack in a targeted network. Existence and stability of equilibrium points are discussed in equivalence with the basic reproduction number R-0. It is observed that as R-0 crosses unity, transcritical bifurcation arises in the system. The effect of firewall security is also shown graphically which has been taken as a media coverage factor in this work and it is discovered that firewall helps to bring down the virus propagation by reducing the infection peak. Optimal control concept is then introduced to propose one more measure for regulating the virus propagation. Numerical experimentations have been done to rationalize the analytical conclusions. In the end, a sensitivity analysis is executed that provides the information about relevance of parameters in deciding the virus spread in networks. (C) 2019 Elsevier B.V. All rights reserved.

关键词： distributed attack Firewall Optimal control Sensitivity analysis Targeted network

来源：评论

学校读者我要写书评

暂无评论

Traceback model for identifying sources of distributed attacks in real time

引用

SECURITY AND COMMUNICATION NETWORKS 2016年第13期9卷 2173-2185页

作者： Ahmed, Abdulghani Ali Sadiq, Ali Safa Zolkipli, Mohamad Fadli UMP Fac Comp Syst & Software Engn Pahang Malaysia

Locating sources of distributed attack is time-consuming;attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright (c) 2016 John Wiley & Sons, Ltd.

关键词： real-time trackback distributed attack explicit congestion notification service level agreement active connection

来源：评论

学校读者我要写书评

暂无评论

Information fusion-based method for distributed domain name system cache poisoning attack detection and identification

引用

IET INFORMATION SECURITY 2016年第1期10卷 37-44页

作者： Wu, Hao Dang, Xianglei Wang, Lidong He, Longtao Coordinat Ctr China CNCERT CC Natl Comp Network Emergency Response Tech Team Beijing Peoples R China

In this study, the authors consider the detection and identification problems of distributed domain name system (DNS) cache poisoning attack. In the considered distributed attack, multiple cache servers are invaded simultaneously and the attack intensity for each cache server is slight. It is difficult to detect and identify the distributed attack by the existing local information-based detection methods, as the abnormal features for each cache server are indistinctive under distributed attack. To handle this problem, they propose an information fusion-based detection and identification methods. They find that the entropies of the query Internet protocol (IP) addresses for all cache servers are approximately stationary and statistically independent under normal cases. When distributed attack happens, they show the fact that the correlation of the entropies among all cache servers could increase dramatically. On the basis of this feature, they make use of principal component analysis to design the detection and identification methods. Specifically, attack is true when the maximum eigenvalue of the normalised entropies matrix exceeds a threshold, and the attacked servers are identified by the main loading vector. At last, they take a large-scale DNS in China and a simulation as two examples to show the effectiveness of their methods.

关键词： sensor fusion cache storage Internet principal component analysis eigenvalues and eigenfunctions matrix algebra computer network security cache poisoning attack detection attack identification DNS multiple cache servers information fusion-based detection method information fusion-based identification method query Internet protocol address query IP address distributed attack principal component analysis eigenvalue normalised entropies matrix large-scale DNS China domain name system

来源：评论

学校读者我要写书评

暂无评论

How to distribute the detection load among virtual machines to maximize the detection of distributed attacks in the cloud?

How to distribute the detection load among virtual machines ...

引用

13th IEEE International Conference on Services Computing (SCC)

作者： Wahab, Omar Abdel Bentahar, Jamal Otrok, Hadi Mourad, Azzam Concordia Univ Concordia Inst Informat Syst Engn Montreal PQ Canada Khalifa Univ Sci Technol & Res Dept ECE Abu Dhabi U Arab Emirates Lebanese Amer Univ Dept Comp Sci & Math Beirut Lebanon

ISBN: (纸本)9781509026289

Security has been identified to be the principal stumbling-block preventing users and enterprises from moving their businesses to the cloud. The reason is that cloud systems, besides inheriting all the vulnerabilities of the traditional computing systems, appeal to new types of threats engendered mainly by the virtualization concept that allows multiple users' virtual machines (VMs) to share a common computing platform. This broadens the attack space of the malicious users and increases their ability to attack both the cloud system and other co-resident VMs. Motivated by the absence of any approach that addresses the problem of optimal detection load distribution in the domain of cloud computing, we develop a resource-aware maxmin game theoretical model that guides the hypervisor on how the detection load should be optimally distributed among its guest VMs in the real-time. The objective is to maximize the hypervisor's probability of detection, knowing that the attacker is dividing the attack over several VMs to minimize this probability. Experimental results on Amazon EC2 pricing dataset reveal that our model increases the probability of detecting distributed attacks, reduces the false positives, and minimizes the resources wasted during the detection process.

关键词： Detection load distribution distributed attack cloud computing security virtualization.

来源：评论

学校读者我要写书评

暂无评论

Does the Online Card Payment Landscape Unwittingly Facilitate Fraud?

引用

IEEE SECURITY & PRIVACY 2017年第2期15卷 78-86页

作者： Ali, Mohammed Aamir Arief, Budi Emms, Martin van Moorsel, Aad Newcastle Univ Ctr Cybercrime & Comp Secur Newcastle Upon Tyne Tyne & Wear England Univ Kent Sch Comp Canterbury Kent England Newcastle Univ Newcastle Upon Tyne Tyne & Wear England Newcastle Univ Sch Comp Newcastle Upon Tyne Tyne & Wear England

An extensive study of the current practice of online payment using credit and debit cards reveals the intrinsic security challenges caused by differences in how payment sites operate.

关键词： Logic gates Authorization Credit cards Software tools Browsers Atmospheric measurements INSPEC: Controlled Indexing credit transactions debit transactions financial data processing fraud security of data INSPEC: Non-Controlled Indexing online card payment fraud credit cards debit cards security measures centralized bank security mechanisms Author Keywords security online payment distributed attack fraudulent transactions survey ethical disclosure

来源：评论

学校读者我要写书评

暂无评论

Network Security Situation Analysis Aimed at distributed attack

Network Security Situation Analysis Aimed at Distributed Att...

引用

International Conference on Materials Science and Engineering Science

作者： Fu Yanming Chen Wen Li Lin Pan Yanxian Sichuan Univ Coll Comp Sci Chengdu 610064 Peoples R China Guangxi Technol Coll Machinery & Elect Nanning Peoples R China

ISBN: (纸本)9783037850169

When a certain distributed attack spreads in network, network hosts are classified into three types. The first type has undergone the distributed attack. The second type has the attacked likelihood. The third type is immune to the distributed attack. distributed attack will cause congested links in network usually. Network security situation of distributed attack can be determined by attack severity degree of hosts and congestion condition of network. The paper analyzes distributed attack spread and builds an attack graph. The attack graph is used to reflect attacked status of hosts and congestion degree of network. Network security situation is deduced based on the graph.

关键词： network security situation distributed attack attack graph congested links

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：