Search results for: distributed denial of service

Authors: Amin Hamrahi, Niloofar Moghaddam

Abstract:

Denial of Service is for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service (DoS) attacks have become a major threat to current computer networks. Many recent DoS attacks were launched via a large number of distributed attacking hosts in the Internet. These attacks are called distributed denial of service (DDoS) attacks. To have a better understanding on DoS attacks, this article provides an overview on existing DoS and DDoS attacks and major defense technologies in the Internet.

Keywords: denial of service, distributed denial of service, traffic, flooding

Procedia PDF Downloads 359

Authors: Manas Tripathi, Arunabha Mukhopadhyay

Abstract:

In Cloud computing environment, cloud servers, sometimes may crash after receiving huge amount of request and cloud services may stop which can create huge loss to users of that cloud services. This situation is called Denial of Service (DoS) attack. In Distributed Denial of Service (DDoS) attack, an attacker targets multiple network paths by compromising various vulnerable systems (zombies) and floods the victim with huge amount of request through these zombies. There are many solutions to mitigate this challenge but most of the methods allows the attack traffic to arrive at Cloud Service Provider (CSP) and then only takes actions against mitigation. Here in this paper we are rather focusing on preventive mechanism to deal with these attacks. We analyze network topology and find most vulnerable paths beforehand without waiting for the traffic to arrive at CSP. We have used Dijkstra's and Yen’s algorithm. Finally, risk assessment of these paths can be done by multiplying the probabilities of attack for these paths with the potential loss.

Keywords: cloud computing, DDoS, Dijkstra, Yen’s k-shortest path, network security

Procedia PDF Downloads 253

Authors: Robin Singh, Jing-Chiou Liou

Abstract:

The Internet of Things (IoT) devices are being used heavily as part of our everyday routines. Through improved communication and automated procedures, its popularity has assisted users in raising the quality of work. These devices are used in healthcare in order to better collect the patient’s data for their treatment. They are generally considered safe and secure. However, there is some possibility that some loopholes do exist which manufacturers do need to identify before some hacker takes advantage of them. For this study, we focused on two medical IoT devices which are pacemakers and hearing aids. The aim of this paper is to identify if there is any likelihood of these medical devices being hijacked and used as a botnet in Distributed Denial-Of Service attacks. Moreover, some mitigation strategies are being proposed to better secure

Keywords: cybersecurity, DDoS, IoT, medical devices

Procedia PDF Downloads 52

Authors: Neda Seyyedi, Reza Berangi

Abstract:

Voice over IP (VOIP) network, also known as Internet telephony, is growing increasingly having occupied a large part of the communications market. With the growth of each technology, the related security issues become of particular importance. Taking advantage of this technology in different environments with numerous features put at our disposal, there arises an increasing need to address the security threats. Being IP-based and playing a signaling role in VOIP networks, Session Initiation Protocol (SIP) lets the invaders use weaknesses of the protocol to disable VOIP service. One of the most important threats is denial of service attack, a branch of which in this article we have discussed as flooding attacks. These attacks make server resources wasted and deprive it from delivering service to authorized users. Distributed denial of service attacks and attacks with a low rate can mislead many attack detection mechanisms. In this paper, we introduce a mechanism which not only detects distributed denial of service attacks and low rate attacks, but can also identify the attackers accurately. We detect and prevent flooding attacks in SIP protocol using Shannon (FDP-S), Renyi (FDP-R) and Tsallis (FDP-T) entropy. We conducted an experiment to compare the percentage of detection and rate of false alarm messages using any of the Shannon, Renyi and Tsallis entropy as a measure of disorder. Implementation results show that, according to the parametric nature of the Renyi and Tsallis entropy, by changing the parameters, different detection percentages and false alarm rates will be gained with the possibility to adjust the sensitivity of the detection mechanism.

Keywords: VOIP networks, flooding attacks, entropy, computer networks

Procedia PDF Downloads 369

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 167

Authors: Borhan Marzougui

Abstract:

Road and Transport Authority (RTA) is moving ahead with the implementation of the leader’s vision in exploring all avenues that may bring better security and safety services to the community. Smart transport means using smart technologies such as IoT (Internet of Things). This technology continues to affirm its important role in the context of Information and Transportation Systems. In fact, IoT is a network of Internet-connected objects able to collect and exchange different data using embedded sensors. With the growth of IoT, Distributed Denial of Service (DDoS) attacks is also growing exponentially. DDoS attacks are the major and a real threat to various transportation services. Currently, the defense mechanisms are mainly passive in nature, and there is a need to develop a smart technique to handle them. In fact, new IoT devices are being used into a botnet for DDoS attackers to accumulate for attacker purposes. The aim of this paper is to provide a relevant understanding of dangerous types of DDoS attack related to IoT and to provide valuable guidance for the future IoT security method. Our methodology is based on development of the distributed algorithm. This algorithm manipulates dedicated intelligent and cooperative agents to prevent and to mitigate DDOS attacks. The proposed technique ensure a preventive action when a malicious packets start to be distributed through the connected node (Network of IoT devices). In addition, the devices such as camera and radio frequency identification (RFID) are connected within the secured network, and the data generated by it are analyzed in real time by intelligent and cooperative agents. The proposed security system is based on a multi-agent system. The obtained result has shown a significant reduction of a number of infected devices and enhanced the capabilities of different security dispositives.

Keywords: IoT, DDoS, attacks, botnet, security, agents

Procedia PDF Downloads 114

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 333

Authors: Aleburu Rufus Edeki

Abstract:

The activities of Boko Haram terrorist group have become worrisome in Nigeria. Boko Haram killed innocent civilians, destroyed schools, churches, military barracks, police stations, and other government establishments. The federal government of Nigerian Military engaged in counter-insurgency to curtail the activities of Boko Haram militant. The engagement of the military led to mass killing across the Northeast region. The reported cases of mass-killing led to petition written to the International Criminal Court by the civil society organization as a result of denial by the military authorities of their involvement. The investigation carried out by the International Criminal Court awash by denial of military involvement in war crimes. As a result of this denial, the ICC called for further investigation of war crimes by the military. This study was carried out among fifty-eight participants. In-depth interviews were conducted among the following participants: civilians 41; human rights commission 5 and civil society 12. This study revealed that professional ethics is associated with denial of military involvement in mass killing in the region. This study also revealed that denial is associated with personality. It was also found that social attributes such as trauma, shame, ostracism, criticism, and punishment are found with denial. It is therefore concluded in this study that protection is needed for war actors, so that situation of denial is minimal in post-conflict truth findings.

Keywords: Boko Haram, crime, insurgence, war

Procedia PDF Downloads 102

Authors: Bander Alzahrani

Abstract:

Information-centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) is one of the promising candidates for a future Internet, has recently been under the spotlight by the research community to investigate the possibility of redesigning the current Internet architecture to solve many issues such as routing scalability, security, and quality of services issues.. The Bloom filter-based forwarding is a source-routing approach that is used in the PSIRP architecture. This mechanism is vulnerable to brute force attacks which may lead to denial-of-service (DoS) attacks. In this work, we present a new forwarding approach that keeps the advantages of Bloom filter-based forwarding while mitigates attacks on the forwarding mechanism. In practice, we introduce a special type of forwarding nodes called Edge-FW to be placed at the edge of the network. The role of these node is to add an extra security layer by validating and inspecting packets at the edge of the network against brute-force attacks and check whether the packet contains a legitimate forwarding identifier (FId) or not. We leverage Certificateless Aggregate Signature (CLAS) scheme with a small size of 64-bit which is used to sign the FId. Hence, this signature becomes bound to a specific FId. Therefore, malicious nodes that inject packets with random FIds will be easily detected and dropped at the Edge-FW node when the signature verification fails. Our preliminary security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DoS with very high probability.

Keywords: bloom filter, certificateless aggregate signature, denial-of-service, information centric network

Procedia PDF Downloads 168

Authors: Lawrence Williams

Abstract:

As the mechanism which converts domains to internet protocol (IP) addresses, Domain Name System (DNS) is an essential part of internet usage. It was not designed securely and can be subject to attacks. DNS attacks have become more frequent and sophisticated and the need for detecting and preventing them becomes more important for the modern network. DNS tunnelling attacks are one type of attack that are primarily used for distributed denial-of-service (DDoS) attacks and data exfiltration. Discussion of different techniques to detect and prevent DNS tunneling attacks is done. The methods, models, experiments, and data for each technique are discussed. A proposal about feasibility is made. Future research on these topics is proposed.

Keywords: DNS, tunneling, exfiltration, botnet

Procedia PDF Downloads 37

Authors: Ehlimana Memisevic

Abstract:

Genocide denial is considered the final stage of genocide, which in the words of Gregory H. Stanton, represents "one of the most certain indicators of future genocides”. Genocide denial in Bosnia and Herzegovina started in 1992, almost simultaneously with the genocide itself. Over the course of the three decades, different forms of genocide and war crimes denial have been developed by state officials, politicians, journalists, and civilians, both in Republika Srpska – the Serb-dominated entity within Bosnia and Herzegovina – and Serbia. Moreover, genocide and war crimes are not only denied but also glorified and celebrated, which was described as "triumphalism" by the Australian-Bosnian scholar Hariz Halilovich who suggested it be added as the 11th phase of Gregory Stanton's "10 stages of genocide." Since 2007, there have been a number of attempts to criminalize genocide denial at the state level in Bosnia and Herzegovina. However, all of them were unsuccessful due to the opposition of representatives of Republika Srpska. On July 23, 2021, the High Representative in Bosnia and Herzegovina, Valentin Inzko, used his power as the final authority in overseeing the civil implementation of the Dayton Peace Accords to impose amendments to Bosnia and Herzegovina's criminal code to ban the denial and glorification of genocide, crimes against humanity and war crimes. However, immediately after the OHR's decision was announced, Milorad Dodik, a Serb member of Bosnia's tripartite presidency, held a press conference, publicly denied the genocide, and announced that this law would never be accepted in Republika Srpska. Denial remains explicit and public and is promulgated through official channels in Bosnia and Herzegovina. This paper will analyze the forms of genocide and other war crimes denial and glorification in the period after the amendments to the Criminal Code of Bosnia and Herzegovina were introduced, which include incrimination of public condoning, denial, gross trivialization or justification of a crime of genocide, crimes against humanity or a war crime established by a final adjudication of the international and domestic courts. We aim to determine the effect of the imposed law and the impact of the denial committed by high-ranking public officials on the denial and celebration of genocide and war crimes committed by ordinary citizens.

Keywords: genocide, denial, triumphalism, incrimination

Procedia PDF Downloads 40

Authors: Rafat Rob, Khaled Alotaibi, Dana Nour, Abdullah Albadrani, Abdulmohsen Mulhim

Abstract:

Power systems digitization solutions provides a comprehensive smart, cohesive, interconnected network, extensive connectivity between digital assets, physical power plants, and resources to form digital economies. However, digitization has exposed the classical air gapped power plants to the rapid spread of cyber threats and attacks in the process delaying and forcing many organizations to rethink their cyber security policies and standards before they can augment their operation the new advanced digital devices. Cyber Security requirements for power systems (and industry control systems therein) demand a new approach, unique methodology, and design process that is completely different to Cyber Security measures designed for the IT systems. In practice, Cyber Security strategy, as applied to power systems, tends to be closely aligned to those measures applied for IT system purposes. The differentiator for Cyber Security in terms of power systems are the physical assets and applications used, alongside the ever-growing rate of expansion within the industry controls sector (in comparison to the relatively saturated growth observed for corporate IT systems). These factors increase the magnitude of the cyber security risk within such systems. The introduction of smart devices and sensors along the grid initiate vulnerable entry points to the systems. Every installed Smart Meter is a target; the way these devices communicate with each other may instigate a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack. Attacking one sensor or meter has the potential to propagate itself throughout the power grid reaching the IT network, where it may manifest itself as a malware infiltration.

Keywords: supply chain, cybersecurity, maturity model, risk, smart grid

Procedia PDF Downloads 72

Authors: Parth Patel, Ying Zhu

Abstract:

Distributed systems have become ubiquitous, and they continue their growth through a range of services. With advances in resource virtualization technology such as Virtual Machines (VM) and software containers, developers no longer require high-end servers to test and develop distributed software. Even in commercial production, virtualization has streamlined the process of rapid deployment and service management. This paper introduces a distributed systems testbed that utilizes virtualization to enable distributed systems development on commodity computers. The testbed can be used to develop new services, implement theoretical distributed systems concepts for understanding, and experiment with virtual network topologies. We show its versatility through two case studies that utilize the testbed for implementing a theoretical algorithm and developing our own methodology to find high-risk edges. The results of using the testbed for these use cases have proven the effectiveness and versatility of this testbed across a range of scenarios.

Keywords: distributed systems, experimental testbed, peer-to-peer networks, virtual container technology

Procedia PDF Downloads 107

Authors: Tina Wu, Andrew Martin

Abstract:

The expansion of the Internet of Things (IoT) brings a new level of threat. Attacks on IoT are already being used by criminals to form botnets, launch Distributed Denial of Service (DDoS) and distribute malware. This opens a whole new digital forensic arena to develop forensic methodologies in order to have the capability to investigate IoT related crimes. However, existing proposed IoT forensic models are still premature requiring further improvement and validation, many lack details on the acquisition and analysis phase. This paper proposes an enhanced theoretical IoT digital forensic model focused on identifying and acquiring the main sources of evidence in a methodical way. In addition, this paper presents a theoretical acquisition framework of the different stages required in order to be capable of acquiring evidence from IoT devices.

Keywords: acquisition, Internet of Things, model, zoning

Procedia PDF Downloads 236

Authors: Judith Partouche-Sebban, Saeedeh Rezaee Vessal

Abstract:

Because of the rising number of new cases of cancer, especially among women, it is more than essential to better understand how women experience cancer in order to bring them adapted to support and care and enhance their well-being and patient experience. Cancer stands for a traumatic experience in which the diagnosis, its medical treatments, and the related side effects lead to deep physical and psychological changes that may arouse considerable stress and anxiety. In order to reduce these negative emotions, women tend to use various defense mechanisms, among which denial has been defined as the most frequent mechanism used by breast cancer patients. This study aims to better understand the consequences of the experience of cancer and their link with the adoption of a denial strategy. The empirical research was done among female cancer survivors in France. Since the topic of this study is relatively unexplored, a qualitative methodology and open-ended interviews were employed. In total, 25 semi-directive interviews were conducted with a female with different cancers, different stages of treatment, and different ages. A systematic inductive method was performed to analyze data. The content analysis enabled to highlight three different denial-related behaviors among women with cancer, which serve a self-protective function. First, women who expressed high levels of anxiety confessed they tended to completely deny the existence of their cancer immediately after the diagnosis of their illness. These women mainly exhibit many fears and a deep distrust toward the medical context and professionals. This coping mechanism is defined by the patient as being unconscious. Second, other women deliberately decided to deny partial information about their cancer, whether this information is related to the stages of the illness, the emotional consequences, or the behavioral consequences of the illness. These women use this strategy as a way to avoid the reality of the illness and its impact on the different aspects of their life as if cancer does not exist. Third, some women tend to reinterpret and give meaning to their cancer as a way to reduce its impact on their life. To this end, they may use magical thinking or positive reframing, or reinterpretation. Because denial may lead to delays in medical treatments, this topic deserves a deep investigation, especially in the context of oncology. As denial is defined as a specific defense mechanism, this study contributes to the existing literature in service marketing which focuses on emotions and emotional regulation in healthcare services which is a crucial issue. Moreover, this study has several managerial implications for healthcare professionals who interact with patients in order to implement better care and support for the patients.

Keywords: cancer, coping mechanisms, denial, healthcare services

Procedia PDF Downloads 52

Authors: Fisayo G. Ojo, Shamala K. Subramaniam, Zuriati Ahmad Zukarnain

Abstract:

As technology is advancing and wireless applications are becoming dependable sources, while the physical layer of the applications are been embedded into tiny layer, so the more the problem on energy efficiency and consumption. This paper reviews works done in recent years in wireless applications and distributed computing, we discovered that applications are becoming dependable, and resource allocation sharing with other applications in distributed computing. Applications embedded in distributed system are suffering from power stability and efficiency. In the reviews, we also prove that discrete event simulation has been left behind untouched and not been adapted into distributed system as a simulation technique in scheduling of each event that took place in the development of distributed computing applications. We shed more lights on some researcher proposed techniques and results in our reviews to prove the unsatisfactory results, and to show that more work still have to be done on issues of energy efficiency in wireless applications, and congestion in distributed computing.

Keywords: discrete event simulation (DES), distributed computing, energy efficiency (EE), internet of things (IOT), quality of service (QOS), user equipment (UE), wireless mesh network (WMN), wireless sensor network (wsn), worldwide interoperability for microwave access x (WiMAX)

Procedia PDF Downloads 154

Authors: Nguyen Manh Hien

Abstract:

Service quality is the highest requirement from users, especially for the service in electronic government. During the past decades, it has become a major area of academic investigation. Considering this issue, there are many researches that evaluated the dimensions and e-service contexts. This study also identified the dimensions of service quality but focused on a new conceptual and provides a new methodological in developing measurement scales of e-service quality such as information quality, service quality and organization quality. Finally, the study will suggest a key factor to evaluate e-government service quality better.

Keywords: dimensionality, e-government, e-service, e-service quality

Procedia PDF Downloads 497

Authors: Bing Li

Abstract:

The primitive code-level design patterns (PDP) are the rudimentary programming elements to develop any distributed systems in the generic distributed programming environment, GreatFree. The PDP works with the primitive distributed application programming interfaces (PDA), the distributed modeling, and the distributed concurrency for scaling-up. They not only hide developers from underlying technical details but also support sufficient adaptability to a variety of distributed computing environments. Programming with them, the simplest distributed system, the lightweight messaging two-node client/server (TNCS) system, is constructed rapidly with straightforward and repeatable behaviors, copy-paste-replace (CPR). As any distributed systems are made up of the simplest ones, those PDAs, as well as the PDP, are generic for distributed programming.

Keywords: primitive APIs, primitive code-level design patterns, generic distributed programming, distributed systems, highly patterned development environment, messaging

Procedia PDF Downloads 148

Authors: Masayuki Higashino, Toshiya Kawato, Takao Kawamura

Abstract:

A monolithic service is based on the N-tier architecture in many cases. In order to divide a monolithic service into microservices, it is necessary to redefine a model as a new microservice by extracting and merging existing models across layers. Refactoring a monolithic service into microservices requires advanced technical capabilities, and it is a difficult way. This paper proposes a design and concept to ease the migration of a monolithic service to microservices using the mobile agent technology. Our proposed approach, mobile agents-based design and concept, enables to ease dividing and merging services.

Keywords: mobile agent, microservice, web service, distributed system

Procedia PDF Downloads 129

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN

Procedia PDF Downloads 300

Authors: Seyed Mohsen Jameii

Abstract:

In the last years, remarkable improvements have been made in the ability of distributed database systems performance. A distributed database is composed of some sites which are connected to each other through network connections. In this system, if good harmonization is not made between different transactions, it may result in database incoherence. Nowadays, because of the complexity of many sites and their connection methods, it is difficult to extend different models in distributed database serially. The principle goal of concurrency control in distributed database is to ensure not interfering in accessibility of common database by different sites. Different concurrency control algorithms have been suggested to use in distributed database systems. In this paper, some available methods have been introduced and compared for concurrency control in distributed database.

Keywords: distributed database, two phase locking protocol, transaction, concurrency

Procedia PDF Downloads 318

Authors: Negin Mohammadrezaee Larki

Abstract:

Cloud Computing is a popular solution that has been used in recent years to cooperate and collaborate among distributed applications over networks. Moving successfully into cloud computing requires an architecture that will support the new cloud capabilities. Many business leaders and analysts agree that moving to cloud requires having a solid, service-oriented architecture to provide the infrastructure needed for successful cloud implementation.

Keywords: Service Oriented Architecture (SOA), Service Oriented Cloud Computing Architecture (SOCCA), cloud computing, cloud computing architecture

Procedia PDF Downloads 346

Authors: Chuang-Chun Chiou

Abstract:

Ageing population is a global trend; therefore the need of care service has been increasing dramatically. There are three basic forms of service delivered to the elderly: institution, community, and home. Particularly, the institutional service can be seen as an extension of medical service. The nursing home or so-called care home which is equipped with professional staff and facilities can provide a variety of service including rehabilitation service, short-term care, and long term care. Similar to hospital and other health care service, care home service do need to provide quality and cost-effective service to satisfy the dwellers. The main purpose of this paper is to show how lean thinking and service innovation can be applied to care home operation. The issues and key factors of implementing lean practice are discussed.

Keywords: lean, service improvement, SERVQUAL, care home service

Procedia PDF Downloads 567

Authors: Adamu Abdullahi, On Francisca, Saidu Isah Rambo, G. N. Obunadike, D. T. Chinyio

Abstract:

The paper discusses the potential threat of Denial of Service (DoS) attacks in the Internet of Things (IoT) networks on constrained application protocols (CoAP). As billions of IoT devices are expected to be connected to the internet in the coming years, the security of these devices is vulnerable to attacks, disrupting their functioning. This research aims to tackle this issue by applying mixed methods of qualitative and quantitative for feature selection, extraction, and cluster algorithms to detect DoS attacks in the Constrained Application Protocol (CoAP) using the Machine Learning Algorithm (MLA). The main objective of the research is to enhance the security scheme for CoAP in the IoT environment by analyzing the nature of DoS attacks and identifying a new set of features for detecting them in the IoT network environment. The aim is to demonstrate the effectiveness of the MLA in detecting DoS attacks and compare it with conventional intrusion detection systems for securing the CoAP in the IoT environment. Findings: The research identifies the appropriate node to detect DoS attacks in the IoT network environment and demonstrates how to detect the attacks through the MLA. The accuracy detection in both classification and network simulation environments shows that the k-means algorithm scored the highest percentage in the training and testing of the evaluation. The network simulation platform also achieved the highest percentage of 99.93% in overall accuracy. This work reviews conventional intrusion detection systems for securing the CoAP in the IoT environment. The DoS security issues associated with the CoAP are discussed.

Keywords: algorithm, CoAP, DoS, IoT, machine learning

Procedia PDF Downloads 41

Authors: Dongjae Kang, Sokho Son, Jinmee Kim

Abstract:

Cloud service brokering is a new service paradigm that provides interoperability and portability of application across multiple Cloud providers. In this paper, we designed cloud service brokerage system, any broker, supporting integrated service provisioning and SLA based service life cycle management. For the system design, we introduce the system concept and whole architecture, details of main components and use cases of primary operations in the system. These features ease the Cloud service provider and customer’s concern and support new Cloud service open market to increase cloud service profit and prompt Cloud service echo system in cloud computing related area.

Keywords: cloud service brokerage, multiple Clouds, Integrated service provisioning, SLA, network service

Procedia PDF Downloads 452

Authors: Sneha Leslie

Abstract:

The current situation in the cyber world is that crimes performed by Botnets are increasing and the masterminds (botmaster) are not detectable easily. The botmaster in the botnet compromises the legitimate host machines in the network and make them bots or zombies to initiate the cyber-attacks. This paper will focus on the live detection of the botmaster in the network by using the strong framework 'metasploit', when distributed denial of service (DDOS) attack is performed by the botnet. The affected victim machine will be continuously monitoring its incoming packets. Once the victim machine gets to know about the excessive count of packets from any IP, that particular IP is noted and details of the noted systems are gathered. Using the vulnerabilities present in the zombie machines (already compromised by botmaster), the victim machine will compromise them. By gaining access to the compromised systems, applications are run remotely. By analyzing the incoming packets of the zombies, the victim comes to know the address of the botmaster. This is an effective and a simple system where no specific features of communication protocol are considered.

Keywords: bonet, DDoS attack, network security, detection system, metasploit framework

Procedia PDF Downloads 222

Authors: Faisel Eltuhami Alzaalik, Omar Imhemed Alramli, Ahmed Mohamed Elaieb

Abstract:

The IEEE 802.11 defines two modes of MAC, distributed coordination function (DCF) and point coordination function (PCF) mode. The first sub-layer of the MAC is the distributed coordination function (DCF). A contention algorithm is used via DCF to provide access to all traffic. The point coordination function (PCF) is the second sub-layer used to provide contention-free service. PCF is upper DCF and it uses features of DCF to establish guarantee access of its users. Some papers and researches that have been published in this technology were reviewed in this paper, as well as talking briefly about the distributed coordination function (DCF) technology. The simulation of the PCF function have been applied by using a simulation program called network simulator (NS2) and have been found out the throughput of a transmitter system by using this function.

Keywords: DCF, PCF, throughput, NS2

Procedia PDF Downloads 538

Authors: R. Sivasamy, G. Paulraj, S. Kalaimani, N.Thillaigovindan

Abstract:

For profitable businesses, queues are double-edged swords and hence the pain of long wait times in a queue often frustrates customers. This paper suggests a technical way of reducing the pain of lines through a Poisson M/M1, M2/2 queueing system operated by two heterogeneous servers with an objective of minimising the mean sojourn time of customers served under the queue discipline ‘First Come First Served with an ‘m’ policy, i.e. FCFS-m policy’. Arrivals to the system form a Poisson process of rate λ and are served by two exponential servers. The service times of successive customers at server ‘j’ are independent and identically distributed (i.i.d.) random variables and each of it is exponentially distributed with rate parameter μj (j=1, 2). The primary condition for implementing the queue discipline ‘FCFS-m policy’ on these service rates μj (j=1, 2) is that either (m+1) µ2 > µ1> m µ2 or (m+1) µ1 > µ2> m µ1 must be satisfied. Further waiting customers prefer the server-1 whenever it becomes available for service, and the server-2 should be installed if and only if the queue length exceeds the value ‘m’ as a threshold. Steady-state results on queue length and waiting time distributions have been obtained. A simple way of tracing the optimal service rate μ*2 of the server-2 is illustrated in a specific numerical exercise to equalize the average queue length cost with that of the service cost. Assuming that the server-1 has to dynamically adjust the service rates as μ1 during the system size is strictly less than T=(m+2) while μ2=0, and as μ1 +μ2 where μ2>0 if the system size is more than or equal to T, corresponding steady state results of M/M1+M2/1 queues have been deduced from those of M/M1,M2/2 queues. To conclude this investigation has a viable application, results of M/M1+M2/1 queues have been used in processing of those waiting messages into a single computer node and to measure the power consumption by the node.

Keywords: two heterogeneous servers, M/M1, M2/2 queue, service cost and queue length cost, M/M1+M2/1 queue

Procedia PDF Downloads 339

Authors: Gopinath Ganapathy, Chellammal Surianarayanan

Abstract:

Services are growing rapidly and generally they are aggregated into a composite service to accomplish complex business processes. There may be several services that offer the same required function of a particular task in a composite service. Hence a choice has to be made for selecting suitable services from alternative functionally similar services. Quality of Service (QoS)plays as a discriminating factor in selecting which component services should be selected to satisfy the quality requirements of a user during service composition. There are two categories of approaches for QoS based service selection, namely global and local approaches. Global approaches are known to be Non-Polynomial (NP) hard in time and offer poor scalability in large scale composition. As an alternative to global methods, local selection methods which reduce the search space by breaking up the large/complex problem of selecting services for the workflow into independent sub problems of selecting services for individual tasks are coming up. In this paper, distributed architecture for selecting services based on QoS using local selection is presented with an overview of local selection methodology. The architecture describes the core components, namely, selection manager and QoS manager needed to implement the local approach and their functions. Selection manager consists of two components namely constraint decomposer which decomposes the given global or workflow level constraints in local or task level constraints and service selector which selects appropriate service for each task with maximum utility, satisfying the corresponding local constraints. QoS manager manages the QoS information at two levels namely, service class level and individual service level. The architecture serves as an implementation model for local selection.

Keywords: architecture of service selection, local method for service selection, QoS based service selection, approaches for QoS based service selection

Procedia PDF Downloads 396

Authors: T. M. Al Muhareb

Abstract:

Any organization should take into consideration the customers’ satisfaction while providing any service to their customers. The quality of services is always considered as the main aspect that attracts the customers’ attention and helps the airports to develop their services and operations. King Khalid International Airport is considered as the gateway of the Kingdom of Saudi Arabia. Therefore, the aim of this paper was to identify the quality service in the departure area at in King Khalid Airport. The SERVQUAL questionnaire was distributed among the passengers in King Khalid International Airport and the respondents have reached to 500 passengers. The results that are obtained from the SERVQUAL questionnaire showed that the quality of airport’s services is low.

Keywords: service quality, SERVQUAL methodology, King Khalid International Airport (KKIA), customers’ satisfaction

Procedia PDF Downloads 766