Jagan Mohan Reddy

Bio: Jagan Mohan Reddy is an academic researcher from Birla Institute of Technology and Science. The author has contributed to research in topics: Computer science & Naive Bayes classifier. The author has an hindex of 4, co-authored 6 publications receiving 153 citations. Previous affiliations of Jagan Mohan Reddy include Jadavpur University.

A statistical-topological feature combination for recognition of handwritten numerals

Abstract: Principal Component Analysis (PCA) and Modular PCA (MPCA) are well known statistical methods for recognition of facial images. But only PCA/MPCA is found to be insufficient to achieve high classification accuracy required for handwritten character recognition application. This is due to the shortcomings of those methods to represent certain local morphometric information present in the character patterns. On the other hand Quad-tree based hierarchically derived Longest-Run (QTLR) features, a type of popularly used topological features for character recognition, miss some global statistical information of the characters. In this paper, we have introduced a new combination of PCA/MPCA and QTLR features for OCR of handwritten numerals. The performance of the designed feature-combination is evaluated on handwritten numerals of five popular scripts of Indian sub-continent, viz., Arabic, Bangla, Devanagari, Latin and Telugu with Support Vector Machine (SVM) based classifier. From the results it has been observed that MPCA+QTLR feature combination outperforms PCA+QTLR feature combination and most other conventional features available in the literature.

Feature selection for detection of peer-to-peer botnet traffic

Abstract: The use of anomaly-based classification of intrusions has increased significantly for Intrusion Detection Systems. Large number of training data samples and a good 'feature set' are two primary requirements to build effective classification models with machine learning algorithms. Since the amount of data available for malicious traffic will often be small compared to the available traces of benign traffic, extraction of 'good' features which enable detection of malicious traffic is a challenging area of work.This research work presents preliminary results of comparison of performance of three different feature selection algorithms - Correlation based feature selection, Consistency based subset evaluation and Principal component analysis-on three different Machine learning techniques- namely Decision trees, Naive Bayes classifier, and Bayesian Network classifier. These algorithms are evaluated for the detection of Peer-to-Peer (P2P) based botnet traffic.

P2P traffic classification using ensemble learning

Abstract: Early Peer-to-Peer overlay network traffic classification schemes were based on port-based and payload based inspection. In recent years researchers have focused on alternate machine learning approaches. This paper presents ensemble learning which combines multiple models to improve prediction accuracy over a single classifier or semi-supervised learning techniques. In this paper, statistical characteristics of TCP and UDP flows are extracted from the network traces to construct a feature set first. We then apply feature selection techniques to reduce the number of features required to train the model, hence reducing the build time. We used Stacking and Voting ensemble learning techniques to improve prediction accuracy with base classifiers modelled using Machine Learning (ML) algorithms: Naive Bayes classifier, Bayesian Network, Decision trees. We used meta classifiers to further improve classification accuracy to 99.9%. Our experimental results show that Stacking perform better over Voting in identifying P2P traffic.

Heuristic-Based Real-Time P2P Traffic Identification

Abstract: Peer-to-Peer (P2P) networks have seen a rapid growth, spanning diverse applications like online anonymity (Tor), online payment (Bit coin), file sharing (Bit Torrent), etc. However, the success of these applications has raised concerns among ISPs and Network administrators. These types of traffic worsen the congestion of the network, and create security vulnerabilities. Hence, P2P traffic identification has been researched actively in recent times. Early P2P traffic identification approaches were based on port-based inspection. Presently, Deep Packet Inspection (DPI) is a prominent technique used to identify P2P traffic. But it relies on payload signatures which are not resilient against port masquerading, traffic encryption and NATing. In this paper, we propose a novel P2P traffic identification mechanism based on the host behaviour from the transport layer headers. A set of heuristics was identified by analysing the off-line datasets collected in our test bed. This approach is privacy preserving as it does not examine the payload content. The usefulness of these heuristics is shown on real-time traffic traces received from our campus backbone, where in the best case only 0.20% of flows were unknown.

Unwanted Traffic Identification in Large-Scale University Networks: A Case Study

Abstract: To mitigate the malicious impact of P2P traffic on University networks, in this article the authors have proposed the design of payload-oblivious privacy-preserving P2P traffic detectors. The proposed detectors do not rely on payload signatures, and hence, are resilient to P2P client and protocol changes—a phenomenon which is now becoming increasingly frequent with newer, more popular P2P clients/protocols. The article also discusses newer designs to accurately distinguish P2P botnets from benign P2P applications. The datasets gathered from the testbed and other sources range from Gigabytes to Terabytes containing both unstructured and structured data assimilated through running of various applications within the University network. The approaches proposed in this article describe novel ways to handle large amounts of data that is collected at unprecedented scale in authors’ University network.

Towards effective feature selection in machine learning-based botnet detection approaches

Abstract: Botnets, as one of the most formidable cyber security threats, are becoming more sophisticated and resistant to detection. In spite of specific behaviors each botnet has, there exist adequate similarities inside each botnet that separate its behavior from benign traffic. Several botnet detection systems have been proposed based on these similarities. However, offering a solution for differentiating botnet traffic (even those using same protocol, e.g. IRC) from normal traffic is not trivial. Extraction of features in either host or network level to model a botnet has been one of the most popular methods in botnet detection. A subset of features, usually selected based on some intuitive understanding of botnets, is used by the machine learning algorithms to classify/ cluster botnet traffic. These approaches, tested against two or three botnet traces, have mostly showed satisfactory detection results. Even though, their effectiveness in detection of other botnets or real traffic remains in doubt. Additionally, effectiveness of different combination of features in terms of providing more detection coverage has not been fully studied. In this paper we revisit flow-based features employed in the existing botnet detection studies and evaluate their relative effectiveness. To ensure a proper evaluation we create a dataset containing a diverse set of botnet traces and background traffic.

Botnet in DDoS Attacks: Trends and Challenges

Abstract: Threats of distributed denial of service (DDoS) attacks have been increasing day-by-day due to rapid development of computer networks and associated infrastructure, and millions of software applications, large and small, addressing all varieties of tasks. Botnets pose a major threat to network security as they are widely used for many Internet crimes such as DDoS attacks, identity theft, email spamming, and click fraud. Botnet based DDoS attacks are catastrophic to the victim network as they can exhaust both network bandwidth and resources of the victim machine. This survey presents a comprehensive overview of DDoS attacks, their causes, types with a taxonomy, and technical details of various attack launching tools. A detailed discussion of several botnet architectures, tools developed using botnet architectures, and pros and cons analysis are also included. Furthermore, a list of important issues and research challenges is also reported.

Managing real-time handwriting recognition

Abstract: Methods, systems, and computer-readable media related to a technique for providing handwriting input functionality on a user device A handwriting recognition module is trained to have a repertoire comprising multiple non-overlapping scripts and capable of recognizing tens of thousands of characters using a single handwriting recognition model The handwriting input module provides real-time, stroke-order and stroke-direction independent handwriting recognition for multi-character handwriting input In particular, real-time, stroke-order and stroke-direction independent handwriting recognition is provided for multi-character, or sentence level Chinese handwriting recognition User interfaces for providing the handwriting input functionality are also disclosed