Filters








254,698 Hits in 5.9 sec

A statistical and distributed packet filter against DDoS attacks in Cloud environment

VIKASH C PANDEY, SATEESH K PEDDOJU, PRACHI S DESHPANDE
2018 Sadhana (Bangalore)  
The key idea of this scheme is to distribute multiple packet filters among individual virtual machines, which generate and share collective profile of normal behaviour with a coordinator node at constant  ...  Distributed Denial of Service (DDoS) attacks are a serious threat to Cloud. These attacks consume large amount of resources and increase the service usage cost by a significant factor.  ...  On instantiation of VMs, a new state is reached. When these new nodes generate or receive profiles, they change their state to existing.  ... 
doi:10.1007/s12046-018-0800-7 fatcat:y2lh57lgpnbrzae7sqrkzvkkam

Spam and denial of information attacks and defenses

Carlton Pu, John P. Imlay
2009 Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW '09  
As spam messages became a serious problem, victims introduced keyword filters (Round One) to distinguish spam from legitimate messages.  ...  The ongoing research applies similar ideas (and new ideas) to other adversarial  ...  Instead of retraining, we adopted a new design for learning filters to counter camouflage attack.  ... 
doi:10.1145/1558607.1558613 dblp:conf/csiirw/PuI09 fatcat:assxjd3azjgdjcej2rzicyo46e

Can Predictive Filters Detect Gradually Ramping False Data Injection Attacks Against PMUs? [article]

Zhigang Chu and Andrea Pinceti and Reetam Sen Biswas and Oliver Kosut and Anamitra Pal and Lalitha Sankar
2019 arXiv   pre-print
In this paper, it is shown that if an attack is suddenly injected into the system, a predictive filter with sufficient accuracy is able to detect it.  ...  However, an attacker can gradually increase the magnitude of the attack to avoid detection, and still cause damage to the system.  ...  At this point, a new matrix of load profiles for n buses can be generated as: P new = U 10 new Σ 10 V 10 T (13) where P new ∈ R n×18000 , U 10 new ∈ R n×10 is a matrix of coefficients randomly sampled  ... 
arXiv:1905.02271v1 fatcat:ojsv24yo3zbz3gs5yktn7tu3vy

Hybrid Fuzzy Adaptive Wiener Filtering with Optimization for Intrusion Detection

Revathi Sujendran, Malathi Arunachalam
2015 ETRI Journal  
After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the  ...  This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used.  ...  Their new concept achieves an accuracy of approximately 95%. M. Al-Kasassbeh [26] proposed a new concept for a Wiener filter as an agent to filter out various attacks that pass through a network.  ... 
doi:10.4218/etrij.15.0114.0275 fatcat:rrcbifhi3fg33cdlol52oxpbqe

Automated Self-Adaptation for Cyber-Defense -- Pushing Adaptive Perimeter Protection Inward

Brett Benyo, Partha Pal, Richard Schantz, Aaron Paulos, David J. Musliner, Tom Marble, Jeffrey M. Rye, Michael W. Boldt, Scott Friedman
2013 2013 IEEE 7th International Conference on Self-Adaptation and Self-Organizing Systems Workshops  
This paper presents a recently achieved incremental milestone on the long path toward more intelligently adaptive, automated and self-managed computer systems.  ...  We describe a number of experiments evaluating the relevance and effectiveness of the integrated cyber-defense operation.  ...  An FP can likewise occur if a derived filter is too general based on observed inputs, and a later benign request from a new client happens to match the inadvertently blocked section.  ... 
doi:10.1109/sasow.2013.22 dblp:conf/saso/BenyoPSPMMRBF13 fatcat:l57sioptvbgcxg473glmzjlvym

Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter [chapter]

Tomáš Halagan, Tomáš Kováčik, Peter Trúchly, Andrej Binder
2015 Lecture Notes in Computer Science  
Based on Counting Bloom filter, the attack detection and identification algorithm is proposed, implemented and evaluated in KaTaLyzer network traffic monitoring tool.  ...  Presented work focuses onto proposal, implementation and evaluation of the new method for detection and type identification of SYN flood (DoS) attacks.  ...  This work is a result of the Research and Development Operational Program for the projects Support of Center of Excellence for Smart Technologies, Systems and Services, ITMS 26240120005 and for the projects  ... 
doi:10.1007/978-3-319-24315-3_4 fatcat:k73i3hk7hnb3xihal4ad3dgazu

FILTERING MECHANISMS ON INTERNET PROTOCOL

Alpha Vijayan, SumeenaP S
2017 International Journal of Advanced Research  
Write ahead marking and stack based marking are two new marking methods. Stack pi is a new filtering mechanism and also a new packet marking scheme. The effect of legacy routers are eliminated here.  ...  When a blacklisted IP address is transferred to a new network this filtering become problematic. Route Filtering:-This is the filtering applied at the routers [25].  ... 
doi:10.21474/ijar01/4471 fatcat:bfwzim46wzbvzeuooovpj47ixm

Bouncer

Manuel Costa, Miguel Castro, Lidong Zhou, Lintao Zhang, Marcus Peinado
2007 ACM SIGOPS Operating Systems Review  
from the filter; symbolic summaries for common library functions that characterize their behavior succinctly as a set of conditions on the input; and generation of alternative exploits guided by symbolic  ...  Previous work computes filters using symbolic execution along the path taken by a sample exploit, but attackers can bypass these filters by generating exploits that follow a different execution path.  ...  We thank our shepherd Yuanyuan Zhou and the anonymous reviewers for comments that helped to improve the paper.  ... 
doi:10.1145/1323293.1294274 fatcat:utvnij64ujg55i5mj5xrko2ms4

Bouncer

Manuel Costa
2008 Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems - WRAITS '08  
from the filter; symbolic summaries for common library functions that characterize their behavior succinctly as a set of conditions on the input; and generation of alternative exploits guided by symbolic  ...  Previous work computes filters using symbolic execution along the path taken by a sample exploit, but attackers can bypass these filters by generating exploits that follow a different execution path.  ...  We thank our shepherd Yuanyuan Zhou and the anonymous reviewers for comments that helped to improve the paper.  ... 
doi:10.1145/1413901.1413902 fatcat:xy34bdkm2fhglhac5luutgswpi

Bouncer

Manuel Costa, Miguel Castro, Lidong Zhou, Lintao Zhang, Marcus Peinado
2007 Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles - SOSP '07  
from the filter; symbolic summaries for common library functions that characterize their behavior succinctly as a set of conditions on the input; and generation of alternative exploits guided by symbolic  ...  Previous work computes filters using symbolic execution along the path taken by a sample exploit, but attackers can bypass these filters by generating exploits that follow a different execution path.  ...  We thank our shepherd Yuanyuan Zhou and the anonymous reviewers for comments that helped to improve the paper.  ... 
doi:10.1145/1294261.1294274 dblp:conf/sosp/CostaCZZP07 fatcat:atfl6mdwzjedfjwkurkhmiyzmm

A family of keystream generators with large linear complexity

L.J. García-Villalba, M.C. Rodríguez-Palánquex
2001 Applied Mathematics Letters  
In thus work, a new class of keystream generators with a large hnear complexity has been derived The design crlterla are esslly compatible with those given m the hterature to prevent correlation attacks  ...  with the condltlons described m [8] which prevent the nonlinear filter generators from several correlation attacks (mverslon attacks, condltlonal correlation attacks, fast correlation attacks) 2.  ...  INTRODUCTION Most common sequence generators m stream cipher systems are based on a combmatron of LFSRs and nonlinear functions Dependmg on whether the keystream mvolves one or more than one LFSR, the  ... 
doi:10.1016/s0893-9659(00)00191-9 fatcat:s3fondnkb5gcla4eqnvpupybnm

A Novel Defensive Strategy for Facial Manipulation Detection Combining Bilateral Filtering and Joint Adversarial Training

Yifan Luo, Feng Ye, Bin Weng, Shan Du, Tianqiang Huang, Zhili Zhou
2021 Security and Communication Networks  
This paper proposes a new defense strategy for facial manipulation detectors, which combines a passive defense method, bilateral filtering, and a proactive defense method, joint adversarial training, to  ...  The introduction of joint adversarial training can train a model that defends against multiple adversarial attacks.  ...  Passive defense means defending against the adversarial attacks without modifying the structure and parameters of the model, while proactive defense needs to train a new model so that the new model can  ... 
doi:10.1155/2021/4280328 fatcat:lijmatyrmfgpdbkz2wfsxh4654

I6-FPS: Automating the ICMPv6 Filtering Rules

Wan Nor Ashiqin Wan Ali, Abidah Mat Taib, Syed Zulkarnain Syed Idrus, S.A. Aljunid, M.A.A. Mohd Salleh, C.B.M. Rashidi, P.J. Soh, K.N.F. Ku Azir
2018 MATEC Web of Conferences  
This research revealed that I6-FPS is significant in the initial phase of securing IPv6 deployment as well as focusing on the ICMPv6 filtering rules.  ...  The I6-FPS has the potential to be enhanced and developed over time by including more functions to that system in generating specific filtering ip6table rules.  ...  Process 6.0: View Attack The entity "Network/Security Administrator" can view all the reported attack, and if the entity has any solutions to mitigate the attack, he will generate new ip6tables rules as  ... 
doi:10.1051/matecconf/201815006001 fatcat:2ziyuiekmvbnrnpmmn63sffqc4

Cyber threats and defence approaches in SCADA systems

Dong-Ho Kang, Byoung-Koo Kim, Jung-Chan Na
2014 16th International Conference on Advanced Communication Technology  
The objective of this paper is to introduce our on-going work and discuss challenges and opportunities for preventing network and application protocol attacks on SCADA systems.  ...  The use of SCADA systems has been increased since the 1960s as a need arose to more efficiently monitor and control the status of remote equipment.  ...  Network Intrusion Detection as network security technique to reduce the threat of cyber-attacks on a SCADA network should solve the update of new signatures and the generation of the number of false alerts  ... 
doi:10.1109/icact.2014.6778974 fatcat:bk5b3quwcrdltat6wxrtnmijyu

A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques

Muhammad Tahir, Mingchu Li, Naeem Ayoub, Usman Shehzaib, Atif Wagan
2018 International Journal of Advanced Computer Science and Applications  
Aggregation of data traffic flow will be considered from a point of impact on filtering productivity.  This research work, is divided into following four parts:  Firstly, the overview of the DDoS attack  ...  These attacks always remain a massive warning to the World Wide Web (WWW).  ...  III SYN (SYNCHRONIZE) FLOOD ATTACKS FILTERING SYN Flood Mbit/s The New Testing Filter V1 The New Testing Filter V2 The New Testing Filter V3 Ebtables 182 178 174 Iptables V1 130 177  ... 
doi:10.14569/ijacsa.2018.090248 fatcat:v6xtvojvabdutp2bq7chpg2n3a
« Previous Showing results 1 — 15 out of 254,698 results