Protecting web applications from DDoS attacks by an active distributed defense system

In the last a few years a number of highly publicized incidents of Distributed Denial of Service (DDoS) attacks against high-profile government and commercial websites have made people aware of the importance of providing data and services security to users. A DDoS attack is an availability attack, which is characterized by an explicit attempt from an attacker to prevent legitimate users of a service from using the desired resources. This paper introduces the vulnerability of web applications to DDoS attacks, and presents an active distributed defense system that has a deployment mixture of sub-systems to protect web applications from DDoS attacks. According to the simulation experiments, this system is effective in that it is able to defend web applications against attacks. It can avoid overall network congestion and provide more resources to legitimate web users.

A defense system against DDoS attacks by large-scale IP traceback

In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.

High stakes principalship-sleepless nights, heart attacks and sudden death accountabilities: reading media representations of the United States principal shortage

The possible shortage of applicants for principal positions is news in both Australia and abroad. We subject a corpus of predominantly United states (US) news articles to deconstructive narrative analysis and find that the dominant media representation of principals' work is one of long hours Iow salary high stress and sudden death from high stakes accountabilities. However, reported US policy interventions focus predominantly on professional development for aspirants. We note that this will be insufficient to reverse the lack of applications and suggest that the dominant media picture of completely unattractive principals work, meant to leverage a policy solution, will perhaps paradoxically perpetuate the problem. The dominant media picture is also curiously at odds with research that reports high job satisfaction among principals. We suggest that there is a binary of victim and saviour principal in both media and policy which prevents some strategic re-thinking about how the principalship might be different.

Simulation of dynamic recrystallization using random grid cellular automata

Computer simulation is a powerful tool to predict microstructure and its evolution in dynamic and post-dynamic recrystallization. CAFE proposed as an appropriate approach by combining finite element (FE) method and cellular automata (CA) for recrystallization simulation. In the current study, a random grid cellular automaton (CA), as micro-scale model, based on finite element (FE), as macro-scale method, has been used to study initial and evolving microstructural features; including nuclei densities, dislocation densities, grain size and grain boundary movement during dynamic recrystallization in a C-Mn steel. An optimized relation has been established between mechanical variables and evolving microstructure features during recrystallization and grain growth. In this model, the microstructure is defined as cells located within grains and grain boundaries while dislocations are randomly dispersed throughout microstructure. Changes of dislocation density during deformation are described considering hardening, recovery and recrystallization. Recrystallization is assumed to initiate near grain boundaries and nucleation rate was considered constant (site-saturated condition). The model produced a mathematical formulation which captured the initial and evolving microstructural entities and linked their effects to measurable macroscopic variables (e.g. stress).

Using mobile agents to detect node compromise in path-based DoS attacks on wireless sensor networks

Wireless sensor networks represent a new generation of real-time  embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop endto- end communication path with either replayed packets or injected spurious packets. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily.

Using mobile agents to detect and recover from node compromise in path-based DoS attacks in wireless sensor networks

Wireless sensor networks represent a new generation of real-time embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop end-to end communication path with either replayed packets or injected spurious packets. Detection and recovery from PDoS attacks have not been given much attention in the literature. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily and efficiently and recover the compromised nodes.

Face classification by a random forest

This paper presents a random forest-based face image classification method. The random forest is an ensemble learning method that grows many classification trees. Each tree gives a classification. The forest selects the classification that has the most votes. Three experiments are performed. The random forest-based method together with several existing approaches are trained and evaluated. The experimental results are presented and discussed.

Modelling factors of square tubes in high speed bending situations

Accurate finite element crash simulations of side impact depend upon a thorough understanding of dynamic tube bending. There is a need to understand the dynamic bending mode of square sections (equivalent of automotive structural parts) to obtain a greater confidence in CAE. This work varied strain rate and material definitions, such as Cowper-Symonds vs Zerilli-Armstrong, as well as initial velocity and yield strength. The results show that most of the plastic work is done between strains rates of 30 ¿ 300/s and strains up to 0.3. Peak strain rates were marginally above 1000/s with maximum strain greater than 1. When the strain rate definition and material model were modified, it was shown that a higher yield stress produced a higher reaction force. These results would suggest that the strain rate sensitivity needs to be carefully identified for accurate crash simulations.

Decision analysis of statistically detecting distributed denial-of-service flooding attacks

There are two statistical decision making questions regarding statistically detecting sings of denial-of-service flooding attacks. One is how to represent the distributions of detection probability, false alarm probability and miss probability. The other is how to quantitatively express a decision region within which one may make a decision that has high detection probability, low false alarm probability and low miss probability. This paper gives the answers to the above questions. In addition, a case study is demonstrated.

Algebraic attacks on clock-controlled stream ciphers

We present an algebraic attack approach to a family of irregularly clock-controlled bit-based linear feedback shift register systems. In the general set-up, we assume that the output bit of one shift register controls the clocking of other registers in the system and produces a family of equations relating the output bits to the internal state bits. We then apply this general theory to four specific stream ciphers: the (strengthened) stop-and-go generator, the alternating step generator, the self-decimated generator and the step1/step2 generator. In the case of the strengthened stop-and-go generator and of the self-decimated generator, we obtain the initial state of the registers in a significantly faster time than any other known attack. In the other two situations, we do better than or as well as all attacks but the correlation attack. In all cases, we demonstrate that the degree of a functional relationship between the registers can be bounded by two. Finally, we determine the effective key length of all four systems.

Algebraic attacks on clock-controlled cascade ciphers

In this paper, we mount the first algebraic attacks against clock controlled cascade stream ciphers. We first show how to obtain relations between the internal state bits and the output bits of the Gollmann clock controlled cascade stream ciphers. We demonstrate that the initial states of the last two shift registers can be determined by the initial states of the others. An alternative attack on the Gollmann cascade is also described, which requires solving quadratic equations. We then present an algebraic analysis of Pomaranch, one of the phase two proposals to eSTREAM. A system of equations of maximum degree four that describes the full cipher is derived. We also present weaknesses in the filter functions of Pomaranch by successfully computing annihilators and low degree multiples of the functions.