Detection and prevention of distributed denial of services attacks by collaborative effort of software agents, first prototype implementation

Distributed Denial of Services DDoS, attacks has become one of the biggest threats for resources over Internet. Purpose of these attacks is to make servers deny from providing services to legitimate users. These attacks are also used for occupying media bandwidth. Currently intrusion detection systems can just detect the attacks but cannot prevent / track the location of intruders. Some schemes also prevent the attacks by simply discarding attack packets, which saves victim from attack, but still network bandwidth is wasted. In our opinion, DDoS requires a distributed solution to save wastage of resources. The paper, presents a system that helps us not only in detecting such attacks but also helps in tracing and blocking (to save the bandwidth as well) the multiple intruders using Intelligent Software Agents. The system gives dynamic response and can be integrated with the existing network defense systems without disturbing existing Internet model. We have implemented an agent based networking monitoring system in this regard.

Monitoring and analysis of internet traffic targeting unused address spaces

Today’s evolving networks are experiencing a large number of different attacks ranging from system break-ins, infection from automatic attack tools such as worms, viruses, trojan horses and denial of service (DoS). One important aspect of such attacks is that they are often indiscriminate and target Internet addresses without regard to whether they are bona fide allocated or not. Due to the absence of any advertised host services the traffic observed on unused IP addresses is by definition unsolicited and likely to be either opportunistic or malicious. The analysis of large repositories of such traffic can be used to extract useful information about both ongoing and new attack patterns and unearth unusual attack behaviors. However, such an analysis is difficult due to the size and nature of the collected traffic on unused address spaces. In this dissertation, we present a network traffic analysis technique which uses traffic collected from unused address spaces and relies on the statistical properties of the collected traffic, in order to accurately and quickly detect new and ongoing network anomalies. Detection of network anomalies is based on the concept that an anomalous activity usually transforms the network parameters in such a way that their statistical properties no longer remain constant, resulting in abrupt changes. In this dissertation, we use sequential analysis techniques to identify changes in the behavior of network traffic targeting unused address spaces to unveil both ongoing and new attack patterns. Specifically, we have developed a dynamic sliding window based non-parametric cumulative sum change detection techniques for identification of changes in network traffic. Furthermore we have introduced dynamic thresholds to detect changes in network traffic behavior and also detect when a particular change has ended. Experimental results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach, using both synthetically generated datasets and real network traces collected from a dedicated block of unused IP addresses.

Use of IP addresses for high rate flooding attack detection

High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.

The morphology of service bundling settings

The purpose of this paper is to advance our understanding of what contextual factors influence the service bundling process in an organizational setting. Although previous literature contains insights into the mechanisms underlying bundling and the artefacts for performing the bundling task itself, the body of knowledge seems to lack a comprehensive framework for analysing the actual scenario in which the bundling process is performed. This is required as the scenario will influence the bundling method and the IT support. We address this need by designing a morphological box for analysing bundling scenarios in different organizational settings. The factors featured in the box are systematised into a set of four categories of bundling layers which we identify from reviewing literature. The two core layers in the framework are the service bundling on a type level and on an instance level (i.e. configuration). To demonstrate the applicability and utility of the proposed morphological box, we apply it to assess the underlying differences and commonalities of two different bundling scenarios from the B2B and G2C sectors which stress the differences between bundling on a type and instance level. In addition, we identify several prospects for future research that can benefit from the proposed morphological box.

Enterprise architecture and the integration of service-oriented architecture

In recent years, enterprise architecture (EA) has captured a growing attention as a means to systematically consolidate and interrelate diverse business and IT artefacts in order to provide holistic decision support. The recent popularity of a service-orientation has added “service “and related constructs as a new element that requires consideration within an Enterprise Architecture. Since the emergence of the Service-Oriented Architecture (SOA), many attempts have been made to incorporate SOA artefacts in existing EA frameworks. Yet, the approaches taken to achieve this goal differ substantially for the most commonly used EA frameworks to date. SOA in the context of enterprise architecture is one of the future research challenges. Several authors argue that further research is needed in order to understand how SOA impacts prior enterprise architecture frameworks. This study explores SOA integration within EA, identifies SOA integration approaches within EA and identifies factors that impact SOA integration within Enterprise Architecture.

Conformance checking of service behavior

A service-oriented system is composed of independent software units, namely services, that interact with one another exclusively through message exchanges. The proper functioning of such system depends on whether or not each individual service behaves as the other services expect it to behave. Since services may be developed and operated independently, it is unrealistic to assume that this is always the case. This article addresses the problem of checking and quantifying how much the actual behavior of a service, as recorded in message logs, conforms to the expected behavior as specified in a process model.We consider the case where the expected behavior is defined using the BPEL industry standard (Business Process Execution Language for Web Services). BPEL process definitions are translated into Petri nets and Petri net-based conformance checking techniques are applied to derive two complementary indicators of conformance: fitness and appropriateness. The approach has been implemented in a toolset for business process analysis and mining, namely ProM, and has been tested in an environment comprising multiple Oracle BPEL servers.

Occupational therapy students’ contribution to occasions of service during practice placements in health settings

Currently in the Australian higher education sector, the productivity benefits of occupational therapy clinical education placements are a contested issue. This article will report results of a study that developed a methodology for documenting time use during placements and investigated the productivity changes associated with occupational therapy clinical education placements in Queensland, Australia. Supervisors’ and students’ time use during placements and how this changed for supervisors compared to pre- and post-placement is also presented. Methods: Using a cohort survey design, participants were students from two Queensland universities, and their supervisors employed by Queensland Health. Time use was recorded in 30 minute blocks according to particular categories. Results: There was a significant increase in supervisors’ time spent in patient care activities (F = 94.0112,12.37 df, P < 0.001) between pre- and during placement (P < 0.001) and decrease between during and post-placement (P < 0.001). Supervisors’ time spent in all non-patient care activities was also significant (F = 4.5802,16 df, P = 0.027) increasing between pre- and during placement (P = 0.028). There was a significant decrease in supervisors’ time spent in placement activities (F = 5.1332,19.18 df, P = 0.016) from during to post-placement. Students spent more time than supervisors in patient care activities while on placement. Discussion: A novel method for reporting productivity and time-use changes during clinical education programs for occupational therapy has been applied. Supervisors spent considerable time in assessing and managing students and their clinical education role should be seen as core business in standard occupational therapy practice. This paper will contribute to future assessments of the economic.

The influence of service quality and trade show effectiveness on post-show purchase intention

Purpose The purpose of this paper is to develop and test an integrative services framework to investigate the role of perceived trade show effectiveness on overall trade show service outcome, conceptualised as the intention to purchase a related product after, rather than during, a show. Design/methodology/approach Drawing on the services marketing and trade show literature, the authors test a model of trade show effectiveness with data collected from 592 attendees at a major automotive trade show in a large metropolitan centre. Findings Results show that improving trade show visitors' perceived service quality positively affects visitor perceptions of trade show effectiveness. Furthermore, both trade show effectiveness and service quality directly influence future purchase intention. Research limitations/implications Employing a services theoretical framework to evaluate trade show visitor experiences provides an alternative to the traditional marketing communications approach. By viewing such visits as service encounters, managers must inevitably consider the effects of service quality and service outcomes in determining the likely success of their shows. The study primarily focuses on one large consumer show and therefore does not constitute a complete, nor necessarily representative, sample of the trade show industry. Originality/value The original contribution of the paper stems from the paucity of research conceptualising trade shows as services and the comparative lack of emphasis placed on visitors rather than exhibitors in the literature. The research not only has utility for trade show organisers but also provides necessary theory-based research in the trade show domain.

Handbook of service description

With the growth in number and sophistication of services widely available, there is a new urgency for comprehensive service descriptions that take into account both technical and business aspects. The last years have seen a number of efforts for best-of-breed service description focusing on specific aspects of services. The Handbook of Service Description provides the most advanced state of the art insights into these. The main parts of the book provide the most detailed documentation of the Unified Service Description Language (USDL) to date. USDL has been developed across several research institutes and publicly funded projects across Europe and Australia, currently extending to the Americas as part of a standardization push through W3C. The scope of services extends across IT and business, i.e., the socio-technical sense of services scaled to business networks. In this respect, purely human, purely automated and mixed human/automated services were considered, that have a boundary of cognizance that is available through the tasks of service provisioning, discovery, access and delivery. Taken together, the Handbook of Service Description provides a comprehensive reference suitable for a wide-reaching audience including researchers, practitioners, managers, and students who aspire to learn about or to create a deeper scientific foundation for service description and its methodological aspects.

The influence of online reviews on consumers’ attributions of service quality and control for service standards in hotels

Online travel reviews are emerging as a powerful source of information affecting tourists' pre-purchase evaluation of a hotel organization. This trend has highlighted the need for a greater understanding of the impact of online reviews on consumer attitudes and behaviors. In view of this need, we investigate the influence of online hotel reviews on consumers' attributions of service quality and firms' ability to control service delivery. An experimental design was used to examine the effects of four independent variables: framing; valence; ratings; and target. The results suggest that in reviews evaluating a hotel, remarks related to core services are more likely to induce positive service quality attributions. Recent reviews affect customers' attributions of controllability for service delivery, with negative reviews exerting an unfavorable influence on consumers' perceptions. The findings highlight the importance of managing the core service and the need for managers to act promptly in addressing customer service problems.

Setting aside default judgment - whether judgment regularly or irregularly entered - service under Corporations Act 2001 (Cth) s109X(1) - requirements for affadavit of service

In Hill v Robertson Suspension Systems Pty Ltd [2009] QDC 165 McGill DCJ considered the procedural requirements for the service of originating process on a company, and for proving that service for the purpose of obtaining default judgment.The judge’s views adopt a strict and technical construction of the requirements for an affidavit of service under r 120(1)(b). Though clearly obiter, they may well affect the approach taken on applications to enter or set aside default judgments in the lower courts. Pending further judicial consideration of the issue, it is suggested the prudent course is to ensure that the deponent of an affidavit for service effected under s 109X(1)(a) of the Act deposes not only to the location of the registered office of the company but also, at a minimum, provides the source of that information.

Identification and evaluation of service bundles for governmental one-stop portals

Recent advances in the area of ‘Transformational Government’ position the citizen at the centre of focus. This paradigm shift from a department-centric to a citizen-centric focus requires governments to re-think their approach to service delivery, thereby decreasing costs and increasing citizen satisfaction. The introduction of franchises as a virtual business layer between the departments and their citizens is intended to provide a solution. Franchises are structured to address the needs of citizens independent of internal departmental structures. For delivering services online, governments pursue the development of a One-Stop Portal, which structures information and services through those franchises. Thus, each franchise can be mapped to a specific service bundle, which groups together services that are deemed to be of relevance to a specific citizen need. This study focuses on the development and evaluation of these service bundles. In particular, two research questions guide the line of investigation of this study: Research Question 1): What methods can be used by governments to identify service bundles as part of governmental One-Stop Portals? Research Question 2): How can the quality of service bundles in governmental One-Stop Portals be evaluated? The first research question asks about the identification of suitable service bundle identification methods. A literature review was conducted, to, initially, conceptualise the service bundling task, in general. As a consequence, a 4-layer model of service bundling and a morphological box were created, detailing characteristics that are of relevance when identifying service bundles. Furthermore, a literature review of Decision-Support Systems was conducted to identify approaches of relevance in different bundling scenarios. These initial findings were complemented by targeted studies of multiple leading governments in the e-government domain, as well as with a local expert in the field. Here, the aim was to identify the current status of online service delivery and service bundling in practice. These findings led to the conceptualising of two service bundle identification methods, applicable in the context of Queensland Government: On the one hand, a provider-driven approach, based on service description languages, attributes, and relationships between services was conceptualised. As well, a citizen-driven approach, based on analysing the outcomes from content identification and grouping workshops with citizens, was also conceptualised. Both methods were then applied and evaluated in practice. The conceptualisation of the provider-driven method for service bundling required the initial specification of relevant attributes that could be used to identify similarities between services called relationships; these relationships then formed the basis for the identification of service bundles. This study conceptualised and defined seven relationships, namely ‘Co-location’, ‘Resource’, ‘Co-occurrence’, ‘Event’, ‘Consumer’, ‘Provider’, and ‘Type’. The relationships, and the bundling method itself, were applied and refined as part of six Action Research cycles in collaboration with the Queensland Government. The findings show that attributes and relationships can be used effectively as a means for bundle identification, if distinct decision rules are in place to prescribe how services are to be identified. For the conceptualisation of the citizen-driven method, insights from the case studies led to the decision to involve citizens, through card sorting activities. Based on an initial list of services, relevant for a certain franchise, participating citizens grouped services according to their liking. The card sorting activity, as well as the required analysis and aggregation of the individual card sorting results, was analysed in depth as part of this study. A framework was developed that can be used as a decision-support tool to assist with the decision of what card sorting analysis method should be utilised in a given scenario. The characteristic features associated with card sorting in a government context led to the decision to utilise statistical analysis approaches, such as cluster analysis and factor analysis, to aggregate card sorting results. The second research question asks how the quality of service bundles can be assessed. An extensive literature review was conducted focussing on bundle, portal, and e-service quality. It was found that different studies use different constructs, terminology, and units of analysis, which makes comparing these models a difficult task. As a direct result, a framework was conceptualised, that can be used to position past and future studies in this research domain. Complementing the literature review, interviews conducted as part of the case studies with leaders in e-government, indicated that, typically, satisfaction is evaluated for the overall portal once the portal is online, but quality tests are not conducted during the development phase. Consequently, a research model which appropriately defines perceived service bundle quality would need to be developed from scratch. Based on existing theory, such as Theory of Reasoned Action, Expectation Confirmation Theory, and Theory of Affordances, perceived service bundle quality was defined as an inferential belief. Perceived service bundle quality was positioned within the nomological net of services. Based on the literature analysis on quality, and on the subsequent work of a focus group, the hypothesised antecedents (descriptive beliefs) of the construct and the associated question items were defined and the research model conceptualised. The model was then tested, refined, and finally validated during six Action Research cycles. Results show no significant difference in higher quality or higher satisfaction among users for either the provider-driven method or for the citizen-driven method. The decision on which method to choose, it was found, should be based on contextual factors, such as objectives, resources, and the need for visibility. The constructs of the bundle quality model were examined. While the quality of bundles identified through the citizen-centric approach could be explained through the constructs ‘Navigation’, ‘Ease of Understanding’, and ‘Organisation’, bundles identified through the provider-driven approach could be explained solely through the constructs ‘Navigation’ and ‘Ease of Understanding’. An active labelling style for bundles, as part of the provider-driven Information Architecture, had a larger impact on ‘Quality’ than the topical labelling style used in the citizen-centric Information Architecture. However, ‘Organisation’, reflecting the internal, logical structure of the Information Architecture, was a significant factor impacting on ‘Quality’ only in the citizen-driven Information Architecture. Hence, it was concluded that active labelling can compensate for a lack of logical structure. Further studies are needed to further test this conjecture. Such studies may involve building alternative models and conducting additional empirical research (e.g. use of an active labelling style for the citizen-driven Information Architecture). This thesis contributes to the body of knowledge in several ways. Firstly, it presents an empirically validated model of the factors explaining and predicting a citizen’s perception of service bundle quality. Secondly, it provides two alternative methods that can be used by governments to identify service bundles in structuring the content of a One-Stop Portal. Thirdly, this thesis provides a detailed narrative to suggest how the recent paradigm shift in the public domain, towards a citizen-centric focus, can be pursued by governments; the research methodology followed by this study can serve as an exemplar for governments seeking to achieve a citizen-centric approach to service delivery.