P. Nithyanandam

Bio: P. Nithyanandam is an academic researcher from VIT University. The author has contributed to research in topics: Denial-of-service attack & Cloud computing. The author has an hindex of 5, co-authored 11 publications receiving 49 citations. Previous affiliations of P. Nithyanandam include Sri Sivasubramaniya Nadar College of Engineering.

An effective mechanism to regenerate HTTP flooding DDoS attack using real time data set

Abstract: Application Layer Distributed Denial of Service (DDoS) attacks are very challenging to detect and mitigate. The various possible application layer attacks are HTTP flooding, XML attack, DNS attacks, etc. The most common and renowned application layer attack is HTTP flooding. The HTTP flooding detection and mitigation is an interesting research topic in computer networks. There are various research solutions proposed by validating against HTTP flooding; using tools such as Golden Eye, LOIC, proprietary tools, etc. HTTP flooding attacks generated using any existing tools may not exhibit similar characteristics of the real time HTTP flooding attack. The real time HTTP flooding attack data sets available in the internet, for example FIFA World Cup 1998 data set. The data sets are stored in processed log format due to security and confidential reasons. So, it cannot be directly used to regenerate real time attacks to test research solution. Also, there is no proper way or mechanism to regenerate attacks from data set log files. The proposed work gives a solution for regenerating HTTP flooding attack using WORLD CUP 1998 data set log files. The paper further augments detailed discussion, steps involved in conversion of the log files into HTTP requests, logging captures, performance analysis of the work and future enhancements.

An Accurate Facial Component Detection Using Gabor Filter

Abstract: Face detection is a critical task to be resolved in a variety of applications. Since faces include various expressions it becomes a difficult task to detect the exact output. Face detection not only play a main role in personal identification but also in various fields which includes but not limited to image processing, pattern recognition, graphics and other application areas. The proposed system performs the face detection and facial components using Gabor filter. The results show accurate detection of facial components

The Slow HTTP Distributed Denial of Service Attack Detection in Cloud

Abstract: Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.

An OpenStack based cloud testbed framework for evaluating HTTP flooding attacks

Abstract: The cloud computing has inherent challenges to detect the Hyper Text Transfer Protocol (HTTP) flooding Distributed Denial of Service (DDoS) attack due to its natural characteristics like virtualization, elasticity and multi-tenancy. The usage of cloud computing is user-friendly, but the implementation of the cloud infrastructure such as compute node, networking, cloud storage is very complex in order to achieve its various characteristics. Similarly, detecting the HTTP flooding attack in the cloud is also very complex as it requires an understanding of various potential attack paths in such a complex environment. So, designing the cloud testbed framework to detect the HTTP flooding attacks is a challenging problem to be solved. The cloud testbed framework has to consider several aspects of attack scenarios while accounting the cloud characteristics. This paper reviews the existing DDoS attack detection framework and their gaps and proposes a cloud testbed framework for evaluating the HTTP flooding DDoS attack solution. The proposed framework is implemented using the OpenStack cloud environment. The Federation Internationale de Football Association (FIFA) World Cup 1998 real-time dataset is used to generate the HTTP flooding attack to the OpenStack cloud testbed framework for the experimentation.

Edge Computing Security: State of the Art and Challenges

Abstract: The rapid developments of the Internet of Things (IoT) and smart mobile devices in recent years have been dramatically incentivizing the advancement of edge computing. On the one hand, edge computing has provided a great assistance for lightweight devices to accomplish complicated tasks in an efficient way; on the other hand, its hasty development leads to the neglection of security threats to a large extent in edge computing platforms and their enabled applications. In this paper, we provide a comprehensive survey on the most influential and basic attacks as well as the corresponding defense mechanisms that have edge computing specific characteristics and can be practically applied to real-world edge computing systems. More specifically, we focus on the following four types of attacks that account for 82% of the edge computing attacks recently reported by Statista: distributed denial of service attacks, side-channel attacks, malware injection attacks, and authentication and authorization attacks. We also analyze the root causes of these attacks, present the status quo and grand challenges in edge computing security, and propose future research directions.

Modelling Behavioural Dynamics for Asymmetric Application Layer DDoS Detection

Abstract: Asymmetric application layer DDoS attacks using computationally intensive HTTP requests are an extremely dangerous class of attacks capable of taking down web servers with relatively few attacking connections These attacks consume limited network bandwidth and are similar to legitimate traffic, which makes their detection difficult Existing detection mechanisms for these attacks use indirect representations of actual user behaviour and complex modelling techniques, which leads to a higher false positive rate (FPR) and longer detection time, which makes them unsuitable for real time use There is a need for simple, efficient and adaptable detection mechanisms for asymmetric DDoS attacks In this work, an attempt is made to model the actual behavioural dynamics of legitimate users using a simple annotated Probabilistic Timed Automata (PTA) along with a suspicion scoring mechanism for differentiating between legitimate and malicious users This allows the detection mechanism to be extremely fast and have a low FPR In addition, the model can incrementally learn from run-time traces, which makes it adaptable and reduces the FPR further Experiments on public datasets reveal that our proposed approach has a high detection rate and low FPR and adds negligible overhead to the web server, which makes it ideal for real time use

Steganography on RGB Images Based on a “Matrix Pattern” using Random Blocks

Abstract: In this paper, we describe a novel spatial domain method for steganography in RGB images where a secret message is embedded in the blue layer of certain blocks. In this algorithm, each block first chooses a unique t1xt2 matrix of pixels as a "matrix pattern" for each keyboard character, using the bit difference of neighbourhood pixels. Next, a secret message is embedded in the remaining part of the block, those without any role in the "matrix pattern" selection procedure. In this procedure, each pattern sums up with the blue layer of the image. For increasing the security, blocks are chosen randomly using a random generator. The results show that this algorithm is highly resistant against the frequency and spatial domain attacks including RS, Sample pair, X 2 and DCT based attacks. In addition, the proposed algorithm could provide more than 84.26 times of capacity comparing with a competitive method. Moreover, the results indicated that stego-image has almost 1.73 times better transparency than the competitive algorithm. Index Terms—Steganography, Stego-image, Matrix pattern, Stego-matrix.

Security of Distributed Intelligence in Edge Computing: Threats and Countermeasures

Abstract: Rapid growth in the amount of data produced by IoT sensors and devices has led to the advent of edge computing wherein the data is processed at a point at or near to its origin. This facilitates lower latency, as well as data security and privacy by keeping the data localized to the edge node. However, due to the issues of resource-constrained hardware and software heterogeneities, most edge computing systems are prone to a large variety of attacks. Furthermore, the recent trend of incorporating intelligence in edge computing systems has led to its own security issues such as data and model poisoning, and evasion attacks. This chapter presents a discussion on the most pertinent threats to edge intelligence. Countermeasures to deal with the threats are then discussed. Lastly, avenues for future research are highlighted.

A image steganography scheme based on discrete wavelet transform using lattice vector quantization and reed-solomon encoding

Abstract: Steganography is art, a science or a practical attempt that through it some information can be hidden in a cover. The cover can be in audio, image, etc. formats. In this research, a new method for steganography based on lattice vector quantization and DWT is introduced that provides a suitable security level in addition to the hiding possibility as well as complete and accurate extraction of data and makes appropriate level of security by using error correction coding Reed-Solomon (63, 11). The proposed method, using the 3-level lifting wavelet transform and Blocking and then embedding in selected coefficients with using lattice vector quantization, greatly reduces the likelihood of success of mining hidden. The results show that the assessment indicators PSNR, MSE and SSIM better and more appropriate than the same methods and have the previous.