Central Aggregator Intrusion Detection System for Denial of Service Attacks

Vehicle-to-grid technology is an emerging field that allows unused power from Electric Vehicles(EVs)to be used by the smart grid through the central aggregator.Since the central aggregator is connected to the smart grid through a wireless network,it is prone to cyber-attacks that can be detected and mitigated using an intrusion detection system.However,existing intrusion detection systems cannot be used in the vehicle-to-grid network because of the special requirements and characteristics of the vehicle-to-grid network.In this paper,the effect of denial-of-service attacks of malicious electric vehicles on the central aggregator of the vehicle-to-grid network is investigated and an intrusion detection system for the vehicle-to-grid network is proposed.The proposed system,central aggregator–intrusion detection system(CA-IDS),works as a security gateway for EVs to analyze andmonitor incoming traffic for possible DoS attacks.EVs are registered with a Central Aggregator(CAG)to exchange authenticated messages,and malicious EVs are added to a blacklist for violating a set of predefined policies to limit their interaction with the CAG.A denial of service(DoS)attack is simulated at CAG in a vehicle-to-grid(V2G)network manipulating various network parameters such as transmission overhead,receiving capacity of destination,average packet size,and channel availability.The proposed system is compared with existing intrusion detection systems using different parameters such as throughput,jitter,and accuracy.The analysis shows that the proposed system has a higher throughput,lower jitter,and higher accuracy as compared to the existing schemes.

A Machine Learning-Based Distributed Denial of Service Detection Approach for Early Warning in Internet Exchange Points

The Internet service provider(ISP)is the heart of any country’s Internet infrastructure and plays an important role in connecting to theWorld WideWeb.Internet exchange point(IXP)allows the interconnection of two or more separate network infrastructures.All Internet traffic entering a country should pass through its IXP.Thus,it is an ideal location for performing malicious traffic analysis.Distributed denial of service(DDoS)attacks are becoming a more serious daily threat.Malicious actors in DDoS attacks control numerous infected machines known as botnets.Botnets are used to send numerous fake requests to overwhelm the resources of victims and make them unavailable for some periods.To date,such attacks present a major devastating security threat on the Internet.This paper proposes an effective and efficient machine learning(ML)-based DDoS detection approach for the early warning and protection of the Saudi Arabia Internet exchange point(SAIXP)platform.The effectiveness and efficiency of the proposed approach are verified by selecting an accurate ML method with a small number of input features.A chi-square method is used for feature selection because it is easier to compute than other methods,and it does not require any assumption about feature distribution values.Several ML methods are assessed using holdout and 10-fold tests on a public large-size dataset.The experiments showed that the performance of the decision tree(DT)classifier achieved a high accuracy result(99.98%)with a small number of features(10 features).The experimental results confirmthe applicability of using DT and chi-square for DDoS detection and early warning in SAIXP.

Adaptive Butterfly Optimization Algorithm(ABOA)Based Feature Selection and Deep Neural Network(DNN)for Detection of Distributed Denial-of-Service(DDoS)Attacks in Cloud

Cloud computing technology provides flexible,on-demand,and completely controlled computing resources and services are highly desirable.Despite this,with its distributed and dynamic nature and shortcomings in virtualization deployment,the cloud environment is exposed to a wide variety of cyber-attacks and security difficulties.The Intrusion Detection System(IDS)is a specialized security tool that network professionals use for the safety and security of the networks against attacks launched from various sources.DDoS attacks are becoming more frequent and powerful,and their attack pathways are continually changing,which requiring the development of new detection methods.Here the purpose of the study is to improve detection accuracy.Feature Selection(FS)is critical.At the same time,the IDS’s computational problem is limited by focusing on the most relevant elements,and its performance and accuracy increase.In this research work,the suggested Adaptive butterfly optimization algorithm(ABOA)framework is used to assess the effectiveness of a reduced feature subset during the feature selection phase,that was motivated by this motive Candidates.Accurate classification is not compromised by using an ABOA technique.The design of Deep Neural Networks(DNN)has simplified the categorization of network traffic into normal and DDoS threat traffic.DNN’s parameters can be finetuned to detect DDoS attacks better using specially built algorithms.Reduced reconstruction error,no exploding or vanishing gradients,and reduced network are all benefits of the changes outlined in this paper.When it comes to performance criteria like accuracy,precision,recall,and F1-Score are the performance measures that show the suggested architecture outperforms the other existing approaches.Hence the proposed ABOA+DNN is an excellent method for obtaining accurate predictions,with an improved accuracy rate of 99.05%compared to other existing approaches.

The History, Trend, Types, and Mitigation of Distributed Denial of Service Attacks

Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.

基于合约熵判决算法的区块链网络DDoS防御优化

为针对多域协同联合防御分布式拒绝服务(DDoS)更有效发挥区块链网络优势,该文提出智能合约熵检测(SCED)算法。基于Hyperledger Fabric区块链架构,首先,通过智能合约技术构建多域协作机制,建立智能合约协作子算法;然后,针对受害域内非法流量IP生成IP黑名单,并通知所有协作域,协同防御DDoS;其次,在各单域内部署由监测、比对、分类及防御模块组成的熵判决防御子算法,检测处理域内非法流量;最后,结合多域智能合约协作和单域熵判决防御,实现区块链网络中受害域、中间域及攻击域协同防御DDoS。仿真结果表明,对比ChainSecure等算法,SCED算法在精度和效率方面有较好的表现。

GNSS拒止时基于并行CNN-BiLSTM回归和残差补偿的UAV导航误差校正方法

全球导航卫星系统(GNSS)拒止时,GNSS/惯性导航系统(INS)组合导航系统的性能严重下降,导致无人机集群导航误差快速发散.目前,利用神经网络预测位置与速度代替GNSS导航信息可校正无人机INS误差,但该方法仍存在定位误差较高且在轨迹突变时预测精度急剧下降的问题.因此,提出了一种基于卷积-双向长短时记忆网络联合残差补偿的位置与速度预测方法,用于提高位置与速度预测精度.首先,针对GNSS拒止后GNSS/INS组合导航系统定位误差较高的问题,提出卷积神经网络(CNN)与双向长短时记忆网络(BiLSTM)的融合模型,该模型可建立惯性测量单元(IMU)动力学测量数据与GNSS导航信息之间的关系,实现较准确的位置和速度预测.其次,针对轨迹突变时预测效果急剧下降的问题,提出并行CNNBiLSTM回归架构,在预测位置与速度的同时,挖掘IMU动力学测量数据、预测值与预测残差之间的关系,预测并补偿预测残差,增强模型在轨迹突变时的预测精度.仿真结果表明,所提模型在预测准确性、有效性和稳定性方面都优于CNN-LSTM、LSTM网络模型.

战略文化视阈下美国对太平洋岛国的策略与路径

第二次世界大战后,美国与太平洋岛国在互动的过程中形成了以“美国例外”“有限干预”和“战略拒止”为特征的战略文化。基于“美国例外”,美国提出需保持对“自由联系国”的“绝对权威”;基于“有限干预”,美国寻求与太平洋岛国建立机制化合作关系;基于“战略拒止”,美国对域外国家介入太平洋岛国事务保持高度警惕。在战略文化的驱动下,美国积极改善与南太平洋区域组织的政治外交关系,加强顶层设计,由美国国际开发署统筹对太平洋岛国的对外援助事务,开展公共外交活动树立美国正面积极的国际形象,并将太平洋岛国纳入伙伴关系网络,在太平洋岛国及周边地区扩大军事部署。即便如此,由于美国对太平洋岛国的发展问题缺乏认知,忽视双方历史、文化差异并与太平洋岛国存在现实利益分歧,美国在太平洋岛国的战略文化辐射效果有限。

面向网络靶场的DDoS攻击缓解方法研究

本文提出一种面向不平衡数据的DDoS攻击检测模型,提升对DDoS洪泛攻击的检测效果。以OpenStack为核心技术设计网络靶场,并使用Ceph分布式存储替换OpenStack原生存储系统,提出一种OpenStack与Ceph的超融合网络靶场方案,可以实现对计算、存储、网络资源的统一管理。首先,针对Ceph集群在存储时的数据分布不均情况对平台存储性能的影响,提出一种基于好感度的数据存储优化算法,利用好感度因子约束数据的存储位置,有效提高集群中所有OSD节点存储数据的均衡性。同时,设计了一种基于软件定义网络(Software Defined Network,SDN)的DDoS洪泛攻击检测与缓解方法,有效降低了对物理设备性能的要求,最后结合Ryu控制器的可编程性,实现DDoS洪泛攻击缓解方法。

基于引导优化的拒止环境无人系统相对定位

在卫星拒止条件下,包含无人机、无人艇等多个节点的无人系统可以基于节点间距离信息,使用相对定位方法解算所有节点的绝对地理位置。由于无人系统节点的高机动特性,节点间的距离信息具有瞬时有效性,因此需要实现快速、精确的相对定位解算。旋转矩阵的计算是相对定位解算的核心步骤,使用传统的最小二乘法、牛顿法、遗传法等无法兼顾效率与精度因素,基于自由度松弛的引导优化算法通过放松旋转矩阵的自由度能够将寻优参数的初始值一步引导至真值邻域附近,再利用迭代法进行精细寻优,从而实现旋转矩阵的短时间、高精度计算。仿真实验结果表明,在无人系统测距误差达到5 m时,基于引导优化的相对定位方法解算时间为0.014 s,产生的定位误差为25.73 m,与牛顿法的解算精度相当,同时减少了55.56%的计算时间;与最小二乘法的计算时间相当,同时减少了39.47%的定位误差。

列车控制系统的抗拒绝服务攻击弹性控制策略

当遭受拒绝服务(DoS)攻击时,分布式列车控制系统的弹性控制问题受到广泛关注.本文提出了一种基于分布式领导车状态观测器和障碍李雅普诺夫函数的弹性控制策略,不仅可以避免列车碰撞,同时实现了编队控制的目标.首先,给出了一种分布式的领导车状态观测器设计方法,用于实时估计领导车的状态.理论分析表明,在DoS攻击满足一定约束的条件下,该状态观测器的估计误差具有指数稳定特性.在此基础上,通过将列车碰撞避免问题转化为状态受限问题,提出一种基于障碍李雅普诺夫函数的状态受限控制律,解决了DoS攻击下确保碰撞避免的车队控制问题.最后,数值仿真证实了本文方法的有效性.

融合稀疏注意力机制在DDoS攻击检测中的应用

针对现有的DDoS(distributed denial of service)攻击检测模型面临大量数据时,呈现出检测效率低的问题。为适应当前网络环境,通过研究DDoS攻击检测模型、提取流量特征、计算攻击密度,提出一种基于融合稀疏注意力机制的DDoS攻击检测模型GVBNet(global variable block net),使用攻击密度自适应计算稀疏注意力。利用信息熵以及信息增益分析提取攻击流量的连续字节作为特征向量,通过构建基于GVBNet的网络模型在两种数据集上进行训练。实验结果表明,该方法具有良好的识别效果、检测速度以及抗干扰能力,在不同的环境下具有应用价值。

面向边缘计算的TCA1C DDoS检测模型

边缘计算弥补了传统云计算数据传输开销大的不足,但边缘网络中存储和计算资源受限的特殊性限制了其部署复杂安全算法的能力,更易受到分布式拒绝服务(DDoS)攻击。针对目前边缘网络中DDoS攻击检测方法性能不高、未对卸载任务分类处理、对多属性的流量处理能力弱的问题,提出一种基于任务分类的Attention-1D-CNN DDoS检测模型TCA1C,对通信链路中的流量按不同的卸载任务进行分类,使单个任务受到攻击时不会影响整个链路中计算任务卸载的安全性,再对同一任务下的流量提取属性值并进行归一化处理。处理后的数据输入到Attention-1D-CNN,通道Attention和空间Attention学习数据特征对DDoS检测的贡献度,利用筛选函数剔除低于特征阈值的冗余信息,降低模型学习过程的复杂度,使模型快速收敛。仿真结果表明:TCA1C模型在缩短DDoS检测所用时间的情况下,检测准确率高达99.73%,检测性能优于DT、ELM、LSTM和CNN;当多个卸载任务在面临特定攻击概率时,卸载任务分类能有效降低不同任务的相互影响,使终端设备的计算任务在卸载过程中保持较高的安全性。

基于CNN的5G网络切片安全分配研究

网络切片是5G网络的关键技术,在支持多种5G应用和服务方面发挥着重要作用。为确保5G网络提供更加灵活安全的按需服务,对网络切片的灵活性和安全性研究尤为重要。为此,提出一种按应用服务类型划分细粒度网络切片的方案,并通过基于卷积神经网络(Convolutional Neural Networks,CNN)的模型来安全分配网络切片。当网络流通过该模型后,先筛选出受到分布式拒绝服务(Distributed Denial of Service,DDoS)攻击的流量,然后良性流量再按应用类型分配到相应的切片上。仿真结果表明,基于CNN的网络切片分配模型,在安全分配网络切片方面有着显著的效果。与其它常见的机器学习分类算法相比,该方案中的模型在准确率、精确率、召回率和F1分数方面都有着更好的性能优势。

Adaptive Cloud Intrusion Detection System Based on Pruned Exact Linear Time Technique

Cloud computing environments,characterized by dynamic scaling,distributed architectures,and complex work-loads,are increasingly targeted by malicious actors.These threats encompass unauthorized access,data breaches,denial-of-service attacks,and evolving malware variants.Traditional security solutions often struggle with the dynamic nature of cloud environments,highlighting the need for robust Adaptive Cloud Intrusion Detection Systems(CIDS).Existing adaptive CIDS solutions,while offering improved detection capabilities,often face limitations such as reliance on approximations for change point detection,hindering their precision in identifying anomalies.This can lead to missed attacks or an abundance of false alarms,impacting overall security effectiveness.To address these challenges,we propose ACIDS(Adaptive Cloud Intrusion Detection System)-PELT.This novel Adaptive CIDS framework leverages the Pruned Exact Linear Time(PELT)algorithm and a Support Vector Machine(SVM)for enhanced accuracy and efficiency.ACIDS-PELT comprises four key components:(1)Feature Selection:Utilizing a hybrid harmony search algorithm and the symmetrical uncertainty filter(HSO-SU)to identify the most relevant features that effectively differentiate between normal and anomalous network traffic in the cloud environment.(2)Surveillance:Employing the PELT algorithm to detect change points within the network traffic data,enabling the identification of anomalies and potential security threats with improved precision compared to existing approaches.(3)Training Set:Labeled network traffic data forms the training set used to train the SVM classifier to distinguish between normal and anomalous behaviour patterns.(4)Testing Set:The testing set evaluates ACIDS-PELT’s performance by measuring its accuracy,precision,and recall in detecting security threats within the cloud environment.We evaluate the performance of ACIDS-PELT using the NSL-KDD benchmark dataset.The results demonstrate that ACIDS-PELT outperforms existing cloud intrusion detection techniques in terms of accuracy,precision,and recall.This superiority stems from ACIDS-PELT’s ability to overcome limitations associated with approximation and imprecision in change point detection while offering a more accurate and precise approach to detecting security threats in dynamic cloud environments.

Threshold-Based Software-Defined Networking(SDN)Solution for Healthcare Systems against Intrusion Attacks

The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.

基于深度特征正射匹配的无人机视觉定位方法

在卫星拒止条件下无人机安全、可靠地完成各类作业的基础是获取高精度的定位信息,传统图像匹配方法保障困难、定位精度差且匹配约束多。因此,提出一种基于深度特征正射匹配的视觉定位方法,通过深度学习网络提取正射校正后的无人机航拍图像和商业地图的深度特征,获得匹配关系,进而计算无人机高精度位置信息。根据视觉测量机理模型分析不同因素对视觉定位精度的影响,使用中空航拍图像数据集进行离线实验,实验结果表明:相比传统基于方向梯度直方图(HOG)特征的模板匹配方法,所提方法的定位精度提高了25%,位置均方根误差(RMSE)优于15 m+0.5%H(5000 m以下),具有一定的工程应用价值。

Cyberattack Ramifications, The Hidden Cost of a Security Breach

In this in-depth exploration, I delve into the complex implications and costs of cybersecurity breaches. Venturing beyond just the immediate repercussions, the research unearths both the overt and concealed long-term consequences that businesses encounter. This study integrates findings from various research, including quantitative reports, drawing upon real-world incidents faced by both small and large enterprises. This investigation emphasizes the profound intangible costs, such as trade name devaluation and potential damage to brand reputation, which can persist long after the breach. By collating insights from industry experts and a myriad of research, the study provides a comprehensive perspective on the profound, multi-dimensional impacts of cybersecurity incidents. The overarching aim is to underscore the often-underestimated scope and depth of these breaches, emphasizing the entire timeline post-incident and the urgent need for fortified preventative and reactive measures in the digital domain.

Dialogic Function of Denial Resource in Political Commentaries: A Perspective of Appraisal

Appraisal is a major kind of discourse semantic resources construing interpersonal meaning, which includes three subsystems: attitude, engagement and graduation. Engagement resources are linguistic resources of inter- subjective positioning,through which writers or speakers open up or close down dialogic space for putative reader and try to align or disalign readers on the ground of solidarity. This study applies engagement system to analyze political commentaries. It focuses on the denial resources in detail. In political commentaries, by using denial resources, the commentator invokes, and then directly rejects different opinions or beliefs the putative readers may have. Through strategy of dialogic resources, commentators try to make up for disalignments caused by denial and form the grounds for solidarity.

网络拒绝服务攻击下主动配电网的分布式弹性协同控制

受到网络拒绝服务攻击的影响,主动配电网会不可避免地发生电压、电流瞬变,导致主动配电网运行安全稳定性下降,因此提出网络拒绝服务攻击下主动配电网的分布式弹性协同控制方法。构建网络拒绝服务攻击模型,在该模型下获取主动配电网电压、电流协同控制目标,设计弹性协同控制器。结合弹性协同控制器和李雅普诺夫理论使电压恢复和电流分配均为0,并设定弹性协同控制区域,使主动配电网趋近于全局优化目标,实现主动配电网的分布式弹性协同控制的目标。由实验结果可知,该方法通过弹性协同控制能够使三相电压、三相电流立刻恢复到原始数值,可以保证主动配电网安全稳定运行。

基于深度森林的多类型DDoS攻击检测方法

分布式拒绝服务攻击(DDoS)是网络安全的主要威胁之一。近年来,基于多种不同DDoS攻击方式的混合攻击数量大幅增长,如何在保证精度的前提下同时检测多种类型的DDoS攻击成为亟待解决的问题。为此,提出一种基于深度森林的多类型DDoS攻击检测方法。该方法首先使用基于平均不纯度的特征选择算法对多类型异常流量数据集进行特征排序与特征筛选;然后使用多粒度扫描对DDoS训练集进行特征提取,并使用级联森林分层训练模型,最终生成可用于DDoS恶意流量检测与分类的深度森林模型。实验结果表明,与6种主流树类集成学习模型相比,基于改进深度森林的DDoS攻击检测方法训练得到的分类器准确率最低提升了0.8%,召回率最低提升了0.9%;与改进前相比,改进后模型准确率提升了1.3%,加权召回率提高了1.3%,训练时间减少了29.7%。模型整体性能有明显提升。