842 resultados para Flash Events
Resumo:
A Flash Event (FE) represents a period of time when a web-server experiences a dramatic increase in incoming traffic, either following a newsworthy event that has prompted users to locate and access it, or as a result of redirection from other popular web or social media sites. This usually leads to network congestion and Quality-of-Service (QoS) degradation. These events can be mistaken for Distributed Denial-of-Service (DDoS) attacks aimed at disrupting the server. Accurate detection of FEs and their distinction from DDoS attacks is important, since different actions need to be undertaken by network administrators in these two cases. However, lack of public domain FE datasets hinders research in this area. In this paper we present a detailed study of flash events and classify them into three broad categories. In addition, the paper describes FEs in terms of three key components: the volume of incoming traffic, the related source IP-addresses, and the resources being accessed. We present such a FE model with minimal parameters and use publicly available datasets to analyse and validate our proposed model. The model can be used to generate different types of FE traffic, closely approximating real-world scenarios, in order to facilitate research into distinguishing FEs from DDoS attacks.
Resumo:
This thesis investigates and develops techniques for accurately detecting Internet-based Distributed Denial-of-Service (DDoS) Attacks where an adversary harnesses the power of thousands of compromised machines to disrupt the normal operations of a Web-service provider, resulting in significant down-time and financial losses. This thesis also develops methods to differentiate these attacks from similar-looking benign surges in web-traffic known as Flash Events (FEs). This thesis also addresses an intrinsic challenge in research associated with DDoS attacks, namely, the extreme scarcity of public domain datasets (due to legal and privacy issues) by developing techniques to realistically emulate DDoS attack and FE traffic.
Resumo:
An intrinsic challenge associated with evaluating proposed techniques for detecting Distributed Denial-of-Service (DDoS) attacks and distinguishing them from Flash Events (FEs) is the extreme scarcity of publicly available real-word traffic traces. Those available are either heavily anonymised or too old to accurately reflect the current trends in DDoS attacks and FEs. This paper proposes a traffic generation and testbed framework for synthetically generating different types of realistic DDoS attacks, FEs and other benign traffic traces, and monitoring their effects on the target. Using only modest hardware resources, the proposed framework, consisting of a customised software traffic generator, ‘Botloader’, is capable of generating a configurable mix of two-way traffic, for emulating either large-scale DDoS attacks, FEs or benign traffic traces that are experimentally reproducible. Botloader uses IP-aliasing, a well-known technique available on most computing platforms, to create thousands of interactive UDP/TCP endpoints on a single computer, each bound to a unique IP-address, to emulate large numbers of simultaneous attackers or benign clients.
Resumo:
Distributed Denial-of-Service (DDoS) attacks continue to be one of the most pernicious threats to the delivery of services over the Internet. Not only are DDoS attacks present in many guises, they are also continuously evolving as new vulnerabilities are exploited. Hence accurate detection of these attacks still remains a challenging problem and a necessity for ensuring high-end network security. An intrinsic challenge in addressing this problem is to effectively distinguish these Denial-of-Service attacks from similar looking Flash Events (FEs) created by legitimate clients. A considerable overlap between the general characteristics of FEs and DDoS attacks makes it difficult to precisely separate these two classes of Internet activity. In this paper we propose parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate our proposal. Our analysis shows that even though FEs appear very similar to DDoS attacks, there are several subtle dissimilarities which can be exploited to separate these two classes of events.
Resumo:
This work-in-progress paper presents an ensemble-based model for detecting and mitigating Distributed Denial-of-Service (DDoS) attacks, and its partial implementation. The model utilises network traffic analysis and MIB (Management Information Base) server load analysis features for detecting a wide range of network and application layer DDoS attacks and distinguishing them from Flash Events. The proposed model will be evaluated against realistic synthetic network traffic generated using a software-based traffic generator that we have developed as part of this research. In this paper, we summarise our previous work, highlight the current work being undertaken along with preliminary results obtained and outline the future directions of our work.
Resumo:
Practice-led journalism research techniques were used in this study to produce a ‘first draft of history’ recording the human experience of survivors and rescuers during the January 2011 flash flood disaster in Toowoomba and the Lockyer Valley in Queensland, Australia. The study aimed to discover what can be learnt from engaging in journalistic reporting of natural disasters. This exegesis demonstrates that journalism can be both a creative practice and a research methodology. About 120 survivors, rescuers and family members of victims participated in extended interviews about what happened to them and how they survived. Their stories are the basis for two creative outputs of the study: a radio documentary and a non-fiction book, that document how and why people died, or survived, or were rescued. Listeners and readers are taken "into the flood" where they feel anxious for those in peril, relief when people are saved, and devastated when babies, children and adults are swept away to their deaths. In undertaking reporting about the human experience of the floods, several significant elements about journalistic reportage of disasters were exposed. The first related to the vital role that the online social media played during the disaster for individuals, citizen reporters, journalists and emergency services organisations. Online social media offer reporters powerful new reporting tools for both gathering and disseminating news. The second related to the performance of journalists in covering events involving traumatic experiences. Journalists are often required to cover trauma and are often amongst the first-responders to disasters. This study found that almost all of the disaster survivors who were approached were willing to talk in detail about their traumatic experiences. A finding of this project is that journalists who interview trauma survivors can develop techniques for improving their ability to interview people who have experienced traumatic events. These include being flexible with interview timing and selecting a location; empowering interviewees to understand they don’t have to answer every question they are asked; providing emotional security for interviewees; and by being committed to accuracy. Survivors may exhibit posttraumatic stress symptoms but some exhibit and report posttraumatic growth. The willingness of a high proportion of the flood survivors to participate in the flood research made it possible to document a relatively unstudied question within the literature about journalism and trauma – when and why disaster survivors will want to speak to reporters. The study sheds light on the reasons why a group of traumatised people chose to speak about their experiences. Their reasons fell into six categories: lessons need to be learned from the disaster; a desire for the public to know what had happened; a sense of duty to make sure warning systems and disaster responses to be improved in future; personal recovery; the financial disinterest of reporters in listening to survivors; and the timing of the request for an interview. Feedback to the creative-practice component of this thesis - the book and radio documentary - shows that these issues are not purely matters of ethics. By following appropriate protocols, it is possible to produce stories that engender strong audience responses such as that the program was "amazing and deeply emotional" and "community storytelling at its most important". Participants reported that the experience of the interview process was "healing" and that the creative outcome resulted in "a very precious record of an afternoon of tragedy and triumph and the bitter-sweetness of survival".
Resumo:
In the last 4 years Worcester, UK has been hit by several intense convective rainstorms, which caused flash floods outside of existing surface drainage networks. This paper addresses two questions related to such events: Firstly to what extent can the occurrence of flash flood flow accumulation can be determined using only commonly available data and tools, assuming the rainfall events caused mainly surface runoff due to their tropical intensity and the relatively impermeable urban catchment surface? Secondly, are the flood in-cidents in Worcester aggravated by roads serving as preferential flow paths under these conditions? The as-sessment results indicated that roads do not have an influence on the flow path of flash flood rainfall in Worcester. Flow accumulation calculated with a 10m DEM, corresponds well with reported flood incidents. This basic assessment method can be used to inform the implementation of non structural flood mitigation and public awareness.
Resumo:
This paper presents a new approach to modelling flash floods in dryland catchments by integrating remote sensing and digital elevation model (DEM) data in a geographical information system (GIS). The spectral reflectance of channels affected by recent flash floods exhibit a marked increase, due to the deposition of fine sediments in these channels as the flood recedes. This allows the parts of a catchment that have been affected by a recent flood event to be discriminated from unaffected parts, using a time series of Landsat images. Using images of the Wadi Hudain catchment in southern Egypt, the hillslope areas contributing flow were inferred for different flood events. The SRTM3 DEM was used to derive flow direction, flow length, active channel cross-sectional areas and slope. The Manning Equation was used to estimate the channel flow velocities, and hence the time-area zones of the catchment. A channel reach that was active during a 1985 runoff event, that does not receive any tributary flow, was used to estimate a transmission loss rate of 7·5 mm h−1, given the maximum peak discharge estimate. Runoff patterns resulting from different flood events are quite variable; however the southern part of the catchment appears to have experienced more floods during the period of study (1984–2000), perhaps because the bedrock hillslopes in this area are more effective at runoff production than other parts of the catchment which are underlain by unconsolidated Quaternary sands and gravels. Due to high transmission loss, runoff generated within the upper reaches is rarely delivered to the alluvial fan and Shalateen city situated at the catchment outlet. The synthetic GIS-based time area zones, on their own, cannot be relied on to model the hydrographs reliably; physical parameters, such as rainfall intensity, distribution, and transmission loss, must also be considered.
Resumo:
The Cévennes–Vivarais Mediterranean Hydrometeorological Observatory (OHM-CV) is a research initiative aimed at improving the understanding and modeling of the Mediterranean intense rain events that frequently result in devastating flash floods in southern France. A primary objective is to bring together the skills of meteorologists and hydrologists, modelers and instrumentalists, researchers and practitioners, to cope with these rather unpredictable events. In line with previously published flash-flood monographs, the present paper aims at documenting the 8–9 September 2002 catastrophic event, which resulted in 24 casualties and an economic damage evaluated at 1.2 billion euros (i.e., about 1 billion U.S. dollars) in the Gard region, France. A description of the synoptic meteorological situation is first given and shows that no particular precursor indicated the imminence of such an extreme event. Then, radar and rain gauge analyses are used to assess the magnitude of the rain event, which was particularly remarkable for its spatial extent with rain amounts greater than 200 mm in 24 h over 5500 km2. The maximum values of 600–700 mm observed locally are among the highest daily records in the region. The preliminary results of the postevent hydrological investigation show that the hydrologic response of the upstream watersheds of the Gard and Vidourle Rivers is consistent with the marked space–time structure of the rain event. It is noteworthy that peak specific discharges were very high over most of the affected areas (5–10 m3 s−1 km−2) and reached locally extraordinary values of more than 20 m3 s−1 km−2. A preliminary analysis indicates contrasting hydrological behaviors that seem to be related to geomorphological factors, notably the influence of karst in part of the region. An overview of the ongoing meteorological and hydrological research projects devoted to this case study within the OHM-CV is finally presented.
Resumo:
With the possible exception of meteor impacts, high-energy astrophysical events such as supernovae, gamma-ray bursts (GRB) and flares are usually not taken into account for biological and evolutionary studies due to their low rates of occurrence. We show that a class of these events may occur at distances and time scales in which their biological effects are non-negligible, maybe more frequent than the impacts of large asteroids. We review the effects of four transient astrophysical sources of ionizing radiation on biospheres - stellar flares, giant flares from soft gamma repeaters (SGR), supernovae and GRB. The main damaging features of them are briefly discussed and illustrated. We point out some open problems and ongoing work. Received 28 February 2012, accepted 6 July 2012, first published online 10 August 2012
Resumo:
The arid regions are dominated to a much larger degree than humid regions by major catastrophic events. Although most of Egypt lies within the great hot desert belt; it experiences especially in the north some torrential rainfall, which causes flash floods all over Sinai Peninsula. Flash floods in hot deserts are characterized by high velocity and low duration with a sharp discharge peak. Large sediment loads may be carried by floods threatening fields and settlements in the wadis and even people who are living there. The extreme spottiness of rare heavy rainfall, well known to desert people everywhere, precludes any efficient forecasting. Thus, although the limitation of data still reflects pre-satellite methods, chances of developing a warning system for floods in the desert seem remote. The relatively short flood-to-peak interval, a characteristic of desert floods, presents an additional impediment to the efficient use of warning systems. The present thesis contains introduction and five chapters, chapter one points out the physical settings of the study area. There are the geological settings such as outcrop lithology of the study area and the deposits. The alluvial deposits of Wadi Moreikh had been analyzed using OSL dating to know deposits and palaeoclimatic conditions. The chapter points out as well the stratigraphy and the structure geology containing main faults and folds. In addition, it manifests the pesent climate conditions such as temperature, humidity, wind and evaporation. Besides, it presents type of soils and natural vegetation cover of the study area using unsupervised classification for ETM+ images. Chapter two points out the morphometric analysis of the main basins and their drainage network in the study area. It is divided into three parts: The first part manifests the morphometric analysis of the drainage networks which had been extracted from two main sources, topographic maps and DEM images. Basins and drainage networks are considered as major influencing factors on the flash floods; Most of elements were studied which affect the network such as stream order, bifurcation ratio, stream lengths, stream frequency, drainage density, and drainage patterns. The second part of this chapter shows the morphometric analysis of basins such as area, dimensions, shape and surface. Whereas, the third part points the morphometric analysis of alluvial fans which form most of El-Qaá plain. Chapter three manifests the surface runoff through rainfall and losses analysis. The main subject in this chapter is rainfall which has been studied in detail; it is the main reason for runoff. Therefore, all rainfall characteristics are regarded here such as rainfall types, distribution, rainfall intensity, duration, frequency, and the relationship between rainfall and runoff. While the second part of this chapter concerns with water losses estimation by evaporation and infiltration which are together the main losses with direct effect on the high of runoff. Finally, chapter three points out the factors influencing desert runoff and runoff generation mechanism. Chapter four is concerned with assessment of flood hazard, it is important to estimate runoff and tocreate a map of affected areas. Therefore, the chapter consists of four main parts; first part manifests the runoff estimation, the different methods to estimate runoff and its variables such as runoff coefficient lag time, time of concentration, runoff volume, and frequency analysis of flash flood. While the second part points out the extreme event analysis. The third part shows the map of affected areas for every basin and the flash floods degrees. In this point, it has been depending on the DEM to extract the drainage networks and to determine the main streams which are normally more dangerous than others. Finally, part four presets the risk zone map of total study area which is of high inerest for planning activities. Chapter five as the last chapter concerns with flash flood Hazard mitigation. It consists of three main parts. First flood prediction and the method which can be used to predict and forecast the flood. The second part aims to determine the best methods which can be helpful to mitigate flood hazard in the arid zone and especially the study area. Whereas, the third part points out the development perspective for the study area indicating the suitable places in El-Qaá plain for using in economic activities.
Resumo:
One of the main problems of flood hazard assessment in ungauged or poorly gauged basins is the lack of runoff data. In an attempt to overcome this problem we have combined archival records, dendrogeomorphic time series and instrumental data (daily rainfall and discharge) from four ungauged and poorly gauged mountain basins in Central Spain with the aim of reconstructing and compiling information on 41 flash flood events since the end of the 19th century. Estimation of historical discharge and the incorporation of uncertainty for the at-site and regional flood frequency analysis were performed with an empirical rainfall–runoff assessment as well as stochastic and Bayesian Markov Chain Monte Carlo (MCMC) approaches. Results for each of the ungauged basins include flood frequency, severity, seasonality and triggers (synoptic meteorological situations). The reconstructed data series clearly demonstrates how uncertainty can be reduced by including historical information, but also points to the considerable influence of different approaches on quantile estimation. This uncertainty should be taken into account when these data are used for flood risk management.
Unravelling past flash flood activity in a forested mountain catchment of the Spanish Central System
Resumo:
Flash floods represent one of the most common natural hazards in mountain catchments, and are frequent in Mediterranean environments. As a result of the widespread lack of reliable data on past events, the understanding of their spatio-temporal occurrence and their climatic triggers remains rather limited. Here, we present a dendrogeomorphic reconstruction of past flash flood activity in the Arroyo de los Puentes stream (Sierra de Guadarrama, Spanish Central System). We analyze a total of 287 increment cores from 178 disturbed Scots pine trees (Pinus sylvestris L.) which yielded indications on 212 growth disturbances related to past flash flood impact. In combination with local archives, meteorological data, annual forest management records and highly-resolved terrestrial data (i.e., LiDAR data and aerial imagery), the dendrogeomorphic time series allowed dating 25 flash floods over the last three centuries, with a major event leaving an intense geomorphic footprint throughout the catchment in 1936. The analysis of meteorological records suggests that the rainfall thresholds of flash floods vary with the seasonality of events. Dated flash floods in the 20th century were primarily related with synoptic troughs owing to the arrival of air masses from north and west on the Iberian Peninsula during negative indices of the North Atlantic Oscillation. The results of this study contribute considerably to a better understanding of hazards related with hydrogeomorphic processes in central Spain in general and in the Sierra de Guadarrama National Park in particular.