Can we beat DDoS attacks in clouds?

Cloud is becoming a dominant computing platform. Naturally, a question that arises is whether we can beat notorious DDoS attacks in a cloud environment. Researchers have demonstrated that the essential issue of DDoS attack and defense is resource competition between defenders and attackers. A cloud usually possesses profound resources and has full control and dynamic allocation capability of its resources. Therefore, cloud offers us the potential to overcome DDoS attacks. However, individual cloud hosted servers are still vulnerable to DDoS attacks if they still run in the traditional way. In this paper, we propose a dynamic resource allocation strategy to counter DDoS attacks against individual cloud customers. When a DDoS attack occurs, we employ the idle resources of the cloud to clone sufficient intrusion prevention servers for the victim in order to quickly filter out attack packets and guarantee the quality of the service for benign users simultaneously. We establish a mathematical model to approximate the needs of our resource investment based on queueing theory. Through careful system analysis and real-world data set experiments, we conclude that we can defeat DDoS attacks in a cloud environment. © 2013 IEEE.

Spam Trapping System: Novel security framework to fight against spam botnets

In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to tackle the issue of spam botnet detection. We add a new line of defense to the defense-in-depth model called the third line. This line is represented by a security framework, named the Spam Trapping System (STS) and adopts the prevent-then-detect approach to fight against spam botnets. The framework exploits the application sandboxing principle to prevent the spam from going out of the host and detect the corresponding malware bot. We show that the proposed framework can ensure better security against malware bots. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and computational cost in comparison to intrusion detection systems based on static and dynamic analysis. © 2014 IEEE.

Simulated impacts of climate change on current farming locations of striped catfish (Pangasianodon hypophthalmus; Sauvage) in the Mekong Delta, Vietnam

In Vietnam, culturing striped catfish makes an important contribution to the Mekong Delta's economy. Water level rise during rainy season and salt intrusion during dry season affect the water exchange and quality for this culture. Sea level rise as a consequence of climate change will worsen these influences. In this study, water level rise and salt water intrusion for three sea level rise (SLR) scenarios (i.e., +30, +50, and +75 cm) were simulated. The results showed that at SLR +50, the 3-m-flood level would spread downstream and threaten farms located in AnGiang, DongThap and CanTho provinces. Rising salinity levels for SLR +75 would reduce the window appropriate for the culture in SocTrang and BenTre provinces, and in TienGiang's coastal districts. Next to increasing dikes to reduce the impacts, the most tenable and least disruptive option to the farming community would be to shift to a salinity tolerant strain of catfish.

Fluctuations of redox conditions across the Permian–Triassic boundary : new evidence from the GSSP section in Meishan of South China

Oceanic anoxia has long been considered as one of the main causes for the end-Permian mass extinction. However, the results obtained by different researchers are rather divergent from different sections, or even on the same section using the same redox proxy. This study aims to examine the causes for some of these divergent results using high-resolution pyrite framboid sampling at the Meishan GSSP section in South China. Detailed microfacies analysis shows that the uppermost Late Permian strata comprises two significantly different sedimentary facies: one characterized by silicious muddy limestone and recognized as representing autochthonous background sediments; the other distinguished by bioclastic grainstone, interpreted to be allochthonous in origin and have been transported from the nearby platform margin. These two different sedimentary facies represent two distinctly different redox conditions. Together with the facies analysis, a statistical analysis of pyrite framboids was carried out to evaluate the redox evolution across the Permian-Triassic boundary. Abundant framboids with average diameters of about 6μm are found in background sediments beneath the extinction boundary, indicating generally anoxic bottom water conditions. But this condition was punctuated by transient intervals of rapid oxygenation interpreted to have been caused by intrusion of intermittent turbidity flows. Our study also showed that anoxic conditions persisted into the immediate aftermath of the mass extinction, thereafter it was quickly followed by a relatively long period of oxic conditions (with rare framboids). However, the redox conditions returned to anoxia (with abundant pyrite framboids averaging about 5μm in diameter), accompanied by a rapid global transgression. The oxygenation manifested near the Permian-Triassic boundary coincides with the negative excursion of carbon isotope. This would imply that, contrary to previous interpretations, this great δ13C negative excursion was probably not caused by the upwelling of anoxic deep ocean waters.

Detecting stepping stones by abnormal causality probability

Locating the real source of the Internet attacks has long been an important but difficult problem to be addressed. In the real world, attackers can easily hide their identities and evade punishment by relaying their attacks through a series of compromised systems or devices called stepping stones. Currently, researchers mainly use similar features from the network traffic, such as packet timestamps and frequencies, to detect stepping stones. However, these features can be easily destroyed by attackers using evasive techniques. In addition, it is also difficult to implement an appropriate threshold of similarity that can help justify the stepping stones. In order to counter these problems, in this paper, we introduce the consistent causality probability to detect the stepping stones. We formulate the ranges of abnormal causality probabilities according to the different network conditions, and on the basis of it, we further implement to self-adaptive methods to capture stepping stones. To evaluate our proposed detection methods, we adopt theoretic analysis and empirical studies, which demonstrate accuracy of the abnormal causality probability. Moreover, we compare our proposed methods with previous works. The result shows that our methods in this paper significantly outperform previous works in the accuracy of detection malicious stepping stones, even when evasive techniques are adopted by attackers.