scholarly journals Long-Memory Dependence Statistical Models for DDoS Attacks Detection

2015 ◽  
Vol 20 (4) ◽  
pp. 31-40
Author(s):  
Tomasz Andrysiak ◽  
Łukasz Saganowski ◽  
Mirosław Maszewski ◽  
Piotr Grad
Keyword(s):  
Network Traffic ◽  
Long Memory ◽  
Statistical Models ◽  
Likelihood Function ◽  
Information Criteria ◽  
Abnormal Behavior ◽  
Ddos Attacks ◽  
Network Attack ◽  
Function Selection ◽  
Selection Of

Abstract DDoS attacks detection method based on modelling the variability with the use of conditional average and variance in examined time series is proposed in this article. Variability predictions of the analyzed network traffic are realized by estimated statistical models with long-memory dependence ARFIMA, Adaptive ARFIMA, FIGARCH and Adaptive FIGARCH. We propose simple parameter estimation models with the use of maximum likelihood function. Selection of sparingly parameterized form of the models is realized by means of information criteria representing a compromise between brevity of representation and the extent of the prediction error. In the described method we propose using statistical relations between the forecasted and analyzed network traffic in order to detect abnormal behavior possibly being a result of a network attack. Performed experiments confirmed effectiveness of the analyzed method and cogency of the statistical models.

scholarly journals A DDoS Attacks Detection Based on Conditional Heteroscedastic Time Series Models

2015 ◽  
Vol 20 (1) ◽  
pp. 23-33 ◽  
Author(s):  
Tomasz Andrysiak ◽  
Łukasz Saganowski ◽  
Mirosław Maszewski ◽  
Piotr Grad
Keyword(s):  
Time Series ◽  
Maximum Likelihood ◽  
Present Article ◽  
Network Traffic ◽  
Statistical Models ◽  
Likelihood Function ◽  
Estimation Error ◽  
Time Series Models ◽  
Ddos Attacks ◽  
Network Infrastructure

Abstract Dynamic development of various systems providing safety and protection to network infrastructure from novel, unknown attacks is currently an intensively explored and developed domain. In the present article there is presented an attempt to redress the problem by variability estimation with the use of conditional variation. The predictions of this variability were based on the estimated conditional heteroscedastic statistical models ARCH, GARCH and FIGARCH. The method used for estimating the parameters of the exploited models was determined by calculating maximum likelihood function. With the use of compromise between conciseness of representation and the size of estimation error there has been selected as a sparingly parameterized form of models. In order to detect an attack-/anomaly in the network traffic there were used differences between the actual network traffic and the estimated model of the traffic. The presented research confirmed efficacy of the described method and cogency of the choice of statistical models.

scholarly journals Anomaly Detection in Smart Metering Infrastructure with the Use of Time Series Analysis

2017 ◽  
Vol 2017 ◽  
pp. 1-15 ◽  
Author(s):  
Tomasz Andrysiak ◽  
Łukasz Saganowski ◽  
Piotr Kiedrowski
Keyword(s):  
Time Series ◽  
Anomaly Detection ◽  
Network Traffic ◽  
Statistical Models ◽  
Optimal Parameter ◽  
Forecast Error ◽  
Abnormal Behavior ◽  
Smart Metering ◽  
Use Of Time ◽  
Advanced Metering

The article presents solutions to anomaly detection in network traffic for critical smart metering infrastructure, realized with the use of radio sensory network. The structure of the examined smart meter network and the key security aspects which have influence on the correct performance of an advanced metering infrastructure (possibility of passive and active cyberattacks) are described. An effective and quick anomaly detection method is proposed. At its initial stage, Cook’s distance was used for detection and elimination of outlier observations. So prepared data was used to estimate standard statistical models based on exponential smoothing, that is, Brown’s, Holt’s, and Winters’ models. To estimate possible fluctuations in forecasts of the implemented models, properly parameterized Bollinger Bands was used. Next, statistical relations between the estimated traffic model and its real variability were examined to detect abnormal behavior, which could indicate a cyberattack attempt. An update procedure of standard models in case there were significant real network traffic fluctuations was also proposed. The choice of optimal parameter values of statistical models was realized as forecast error minimization. The results confirmed efficiency of the presented method and accuracy of choice of the proper statistical model for the analyzed time series.

Application of experimental design for selection of optimal modes of electro-deformation cladding with a flexible tool

2020 ◽  
pp. 71-76
Author(s):  
M.A. Levantsevich ◽  
E.V. Pilipchuk ◽  
N.N Maksimchenko ◽  
L.S. Belevskiy ◽  
R.R. Dema
Keyword(s):  
Composite Material ◽  
Experimental Design ◽  
Statistical Models ◽  
Experiment Planning ◽  
Flexible Tool ◽  
Tool Coating ◽  
Coating Composite ◽  
Selection Of

Experimental-statistical models of the process of forming composite chromium coatings by electrodeformation cladding with a flexible tool are developed, which allow to determine the parameters of the regimes for obtaining coatings of the required thickness and roughness. Keywords electrodeformation cladding, flexible tool, coating, composite material, experiment planning, noncompositional plan, thickness, roughness. [email protected]

scholarly journals The use of cement concrete pavements for roads, depending on climatic conditions

2019 ◽  
Vol 13 (3) ◽  
pp. 235-240
Author(s):  
Iryna Solonenko
Keyword(s):  
European Union ◽  
Statistical Models ◽  
Road Network ◽  
The European Union ◽  
Rational Selection ◽  
Cement Concrete ◽  
The Road ◽  
Road Pavement ◽  
Operational Characteristics ◽  
Selection Of

The development of road network infrastructure is an important component of the economic development of the European Union. Updating of the road network contributes to the integration of the economies of countries into a coherent whole. The road network provides the free movement of citizens, the movement of goods and the effective implementation of various services. The increase in the length of the road network leads to an increase in the financial and material costs necessary to ensure its maintenance and repair. One of the ways to reduce costs is by strengthening the physic-mechanical and operational characteristics of the pavement due to the widespread use of cement concrete. The quality of the pavement of cement concrete depends largely on the rational selection of its composition. This allows a significant increase in the durability of road pavement. The purpose of the research was: the development of recommendations for the rational selection of the composition of the road pavement material of cement concrete, aimed at upgrading longevity, and taking into account its frost resistance grade. According to the goal, the following tasks were developed: the analyses of the climatic zones in which the road network of the European Union is located; the development of a research plan, a selection of the response function and influence factors; the study of physico-mechanical and operational characteristics of the researched material of road pavement; on the basis of the obtained data, the calculation of the complex of experimental-statistical models, which describe the physico-mechanical and operational characteristics of the road pavement material; on the basis of experimental statistical models, a method was proposed for selecting the rational compositions of the cement concrete pavement road material depending on the conditions of its application. The results presented in the article can be used in engineering and scientific practice for the selection of road pavement from cement concrete for highways.

Aggregate Characteristics Governing Performance of Seal Coat Highway Overlays

1996 ◽  
Vol 1547 (1) ◽  
pp. 15-22 ◽  
Author(s):  
Mohamed-Asem U. Abdul-Malak ◽  
David W. Fowler ◽  
Cesar A. Constantino
Keyword(s):  
Statistical Models ◽  
Environmental Variables ◽  
Construction Projects ◽  
Performance Data ◽  
Engineering Properties ◽  
Proper Selection ◽  
Performance Variability ◽  
Frictional Performance ◽  
Materials Used ◽  
Selection Of

A study was undertaken to identify the engineering properties of aggregates that explain the variability in the frictional performance of seal coat highway overlays. The frictional performance data of 72 test sections and section replicates collected over a period of 8 years were used in the formulation of statistical models that incorporate the significant variables. The effects of traffic, construction, and environmental variables were also considered. Formulated models were of two types: general and individual. The former type attempts to describe frictional performance using the observations collected on all aggregate materials used. The latter describes the performance of individual aggregate groups. Laboratory properties found to be significant included the polish value, impact and abrasion, and soundness properties. The coating of aggregate particles, gradation, and construction placing rates of aggregate and asphalt were also shown to be significant in explaining performance variability. The influence of traffic and region was found to be interactive with the type and properties of aggregates. The formulated models can be used as a tool for predicting the frictional performance of seal coat aggregates, thus providing a better means for the proper selection of aggregates and for the planning of future seal coat construction projects.

scholarly journals Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Mohamed Idhammad ◽  
Karim Afdel ◽  
Mustapha Belouch
Keyword(s):  
Random Forest ◽  
Network Traffic ◽  
Learning Algorithm ◽  
Detection System ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Information Theoretic ◽  
Computing Services

Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

Sign in / Sign up

Export Citation Format

Share Document