CBF : A packet filtering method for DDoS attack defense in cloud environment

Distributed Denial-of-Service attack (DDoS) is a major threat for cloud environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low efficiency, large storage, to name a few. In view of this challenge, a Confidence-Based Filtering method, named CBF, is investigated for cloud computing environment, in this paper. Concretely speaking, the method is deployed by two periods, i.e., non-attack period and attack period. More specially, legitimate packets are collected at non-attack period, for extracting attribute pairs to generate a nominal profile. With the nominal profile, the CBF method is promoted by calculating the score of a particular packet at attack period, to determine whether to discard it or not. At last, extensive simulations are conducted to evaluate the feasibility of the CBF method. The result shows that CBF has a high scoring speed, a small storage requirement and an acceptable filtering accuracy, making it suitable for real-time filtering in cloud environment.

Patchwork-based stereo audio watermarking against de-synchronization attack

Audio watermarking schemes using patchworkbased algorithm have good robustness against majority of the watermarking attacks. However, these watermarking schemes are vulnerable to de-synchronization attack. This paper proposes a patchwork-based watermarking scheme for stereo audio signals to address this problem. To improve the robustness, the proposed method exploits the similarities of both channels in the stereo audio signals. Given a stereo audio signal, we first compute the discrete cosine transform (DCT) of both channels, which gives two sets of DCT coefficients. Then DCT segments are formed form DCT coefficients belong to a certain frequency range. The DCT segment formation is determined by a pseudonoise (PN) sequence which acts as a secret key. Then watermark bits are embedded into DCT segments by modifying the DCT coefficients. In the decoding process the secret key is used to extract the watermark bits embedded in the DCT segments. Simulation results illustrate the effectiveness of the proposed method against de-synchronization attack, compared to latest patchwork-based audio watermarking scheme. Besides, the proposed algorithm also gives better robustness against other conventional attacks.

Why is the tetrahedral bond angle 109°? The tetrahedron-in-a-cube

The common question of why the tetrahedral angle is 109.471° can be answered using a tetrahedron-in-a-cube, along with some Year 10 level mathematics. The tetrahedron-in-a-cube can also be used to demonstrate the non-polarity of tetrahedral molecules, the relationship between different types of lattice structures, and to demonstrate that inductive reasoning does not always provide the correct answer.

A modified moment-based image watermarking method robust to cropping attack

Developing a watermarking method that is robust to cropping attack is a challenging task in image watermarking. The moment-based watermarking schemes show good robustness to common signal processing attacks and some geometric attacks but are sensitive to cropping attack. In this paper, we modify the moment-based approach to deal with cropping attack. Firstly, we find the probability density function (pdf) of the pixel value distribution from the original image. Secondly, we reshape and normalize the pdf of the pixel value distribution (PPVD) to form a two dimensional image. Then, the moment invariants are calculated from the PPVD image. Since PPVD is insensitive to cropping, the proposed method is robust to cropping attack. Besides, it also has high robustness against other common attacks. Experimental results demonstrate the effectiveness of the proposed method.

An attack-resistant hybrid data-privatization method with low information loss

We examine a recent proposal for data-privatization by testing it against well-known attacks, we show that all of these attacks successfully retrieve a relatively large (and unacceptable) portion of the original data. We then indicate how the data-privatization method examined can be modified to assist it to withstand these attacks and compare the performance of the two approaches. We also show that the new method has better privacy and lower information loss than the former method.

A recognition tool for transient ischaemic attack

Background: Scoring systems exist to assist rapid identification of acute stroke but not for the more challenging diagnosis of transient ischaemic attack (TIA). Aim: To develop a clinical scoring system to assist with diagnosis of TIA. Methods: We developed and validated a clinical scoring system for identification of TIA patients. Logistic regression analysis was employed. Results: Our development cohort comprised 3216 patients. The scoring system included nine clinically useful predictive variables. After adjustment to reflect the greater seriousness of missing true TIA patients (a 2:1 cost ratio), 97% of TIA and 24% of non-TIA patients were accurately identified. Our results were confirmed during prospective validation. Conclusions: This simple scoring system performs well and could be used to facilitate accurate detection of TIA.

DDoS attack detection at local area networks using information theoretical metrics

DDoS attacks are one of the major threats to Internet services. Sophisticated hackers are mimicking the features of legitimate network events, such as flash crowds, to fly under the radar. This poses great challenges to detect DDoS attacks. In this paper, we propose an attack feature independent DDoS flooding attack detection method at local area networks. We employ flow entropy on local area network routers to supervise the network traffic and raise potential DDoS flooding attack alarms when the flow entropy drops significantly in a short period of time. Furthermore, information distance is employed to differentiate DDoS attacks from flash crowds. In general, the attack traffic of one DDoS flooding attack session is generated by many bots from one botnet, and all of these bots are executing the same attack program. As a result, the similarity among attack traffic should higher than that among flash crowds, which are generated by many random users. Mathematical models have been established for the proposed detection strategies. Analysis based on the models indicates that the proposed methods can raise the alarm for potential DDoS flooding attacks and can differentiate DDoS flooding attacks from flash crowds with conditions. The extensive experiments and simulations confirmed the effectiveness of our proposed detection strategies.

Neighbourhood-pair attack in social network data publishing

Vertex re-identification is one of the significant and challenging problems in social network. In this paper, we show a new type of vertex reidentification attack called neighbourhood-pair attack. This attack utilizes the neighbourhood topologies of two connected vertices. We show both theoretically and empirically that this attack is possible on anonymized social network and has higher re-identification rate than the existing structural attacks.

Packet faking attack: a novel attack and detection mechanism in OppNets

 Security is a major challenge in Opportunistic Networks (OppNets) due to its characteristics of being an open medium with dynamic topology, there is neither a centralized management nor clear lines of defence. A packet dropping attack is one of the major security threats in OppNets as neither source nodes nor destination nodes have any knowledge of when or where a packet will be dropped. In this paper, we present a novel attack and detection mechanism against a special type of packet dropping where the malicious node drops one packet or more and injects a new fake packet instead. Our novel detection mechanism is very powerful and has very high accuracy. It relies on a very simple yet powerful idea; the creation time of each packet. Significant results show this robust mechanism achieves a very high accuracy and detection rate.

Analysis of insiders attack mitigation strategies

Insider threat has become a serious information security issues within organizations. In this paper, we analyze the problem of insider threats with emphases on the Cloud computing platform. Security is one of the major anxieties when planning to adopt the Cloud. This paper will contribute towards the conception of mitigation strategies that can be relied on to solve the malicious insider threats. While Cloud computing relieves organizations from the burden of the data management and storage costs, security in general and the malicious insider threats in particular is the main concern in cloud environments. We will analyses the existing mitigation strategies to reduce malicious insiders threats in Cloud computing.

An efficient detection mechanism against packet faking attack in opportunistic networks

Security is a major challenge in Opportunistic Networks (OppNets) because of its characteristics, such as open medium, dynamic topology, no centralized management and absent clear lines of defense. A packet dropping attack is one of the major security threats in OppNets since neither source nodes nor destination nodes have the knowledge of where or when the packet will be dropped. In our previous novel attack (Packet Faking Attack [1]) we presented a special type of packet dropping where the malicious node drops one or more packets and then injects new fake packets instead. In this paper, we present an efficient detection mechanism against this type of attack where each node can detect the attack instead of the destination node. Our detection mechanism is very powerful and has very high accuracy. It relies on a very simple yet powerful idea, that is, the packet creation time of each packet. Simulation results show this robust mechanism achieves a very high accuracy, detection rate and good network traffic reduction.