Seemab Latif

Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques

Software-Defined Networking (SDN) is an emerging concept that intends to replace traditional networks by breaking vertical integration. It does so by separating the control logic of network from the underlying switches and routers, suggesting logical centralization of network control, and allowing to program the network. Although SDN promises more flexible network management, there are numerous security threats accompanied with its deployment. This paper aims at studying SDN accompanied with OpenFlow protocol from the perspective of intrusion and Distributed Denial of Service (DDoS) attacks and suggest machine learning based techniques for mitigation of such attacks.

EVFDT: An Enhanced Very Fast Decision Tree Algorithm for Detecting Distributed Denial of Service Attack in Cloud-Assisted Wireless Body Area Network

Due to the scattered nature of DDoS attacks and advancement of new technologies such as cloud-assisted WBAN, it becomes challenging to detect malicious activities by relying on conventional security mechanisms. The detection of such attacks demands an adaptive and incremental learning classifier capable of accurate decision making with less computation. Hence, the DDoS attack detection using existing machine learning techniques requires full data set to be stored in the memory and are not appropriate for real-time network traffic. To overcome these shortcomings, Very Fast Decision Tree (VFDT) algorithm has been proposed in the past that can handle high speed streaming data efficiently. Whilst considering the data generated by WBAN sensors, noise is an obvious aspect that severely affects the accuracy and increases false alarms. In this paper, an enhanced VFDT (EVFDT) is proposed to efficiently detect the occurrence of DDoS attack in cloud-assisted WBAN. EVFDT uses an adaptive tie-breaking threshold for node splitting. To resolve the tree size expansion under extreme noise, a lightweight iterative pruning technique is proposed. To analyze the performance of EVFDT, four metrics are evaluated: classification accuracy, tree size, time, and memory. Simulation results show that EVFDT attains significantly high detection accuracy with fewer false alarms.

Analyzing Feasibility for Deploying Very Fast Decision Tree for DDoS Attack Detection in Cloud-Assisted WBAN

In cloud-assisted wireless body area networks (WBAN), the data gathered by sensor nodes are delivered to a gateway node that collects and aggregates data and transfer it to cloud storage; making it vulnerable to numerous security attacks. Among these, Distributed Denial of Service (DDoS) attack could be considered as one of the major security threats against cloud-assisted WBAN security. To overcome the effects of DDoS attack in cloud-assisted WBAN environment various techniques have been explored during this research. Among these, data mining classification techniques have proven itself as a valuable tool to identify misbehaving nodes and thus for detecting DDoS attacks. Further classifying data mining techniques, Very Fast Decision Tree (VFDT) is considered as the most promising solution for real-time data mining of high speed and non- stationary data streams gathered from WBAN sensors and therefore is selected, studied and explored for efficiently analyzing and detecting DDoS attack in cloud-assisted WBAN environment.

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment

Security and privacy are the first and foremost concerns that should be given special attention when dealing with Wireless Body Area Networks (WBANs). As WBAN sensors operate in an unattended environment and carry critical patient health information, Distributed Denial of Service (DDoS) attack is one of the major attacks in WBAN environment that not only exhausts the available resources but also influence the reliability of information being transmitted. This research work is an extension of our previous work in which a machine learning based attack detection algorithm is proposed to detect DDoS attack in WBAN environment. However, in order to avoid complexity, no consideration was given to the traceback mechanism. During traceback, the challenge lies in reconstructing the attack path leading to identify the attack source. Among existing traceback techniques, Probabilistic Packet Marking (PPM) approach is the most commonly used technique in conventional IP- based networks. However, since marking probability assignment has significant effect on both the convergence time and performance of a scheme, it is not directly applicable in WBAN environment due to high convergence time and overhead on intermediate nodes. Therefore, in this paper we have proposed a new scheme called Efficient Traceback Technique (ETT) based on Dynamic Probability Packet Marking (DPPM) approach and uses MAC header in place of IP header. Instead of using fixed marking probability, the proposed scheme uses variable marking probability based on the number of hops travelled by a packet to reach the target node. Finally, path reconstruction algorithms are proposed to traceback an attacker. Evaluation and simulation results indicate that the proposed solution outperforms fixed PPM in terms of convergence time and computational overhead on nodes.

Performance evaluation of Enhanced Very Fast Decision Tree (EVFDT) mechanism for distributed denial-of-service attack detection in health care systems

Securing cloud-assisted Wireless Body Area Network (WBAN) environment by applying security mechanism that consumes less resources is still a challenging task. This research makes an attempt to address the same. One of the most prominent attacks in cloud-assisted WBAN is Distributed Denial of Service (DDoS) attack that not only disrupts the communication but also diminishes the network bandwidth and capacity. This work is an extension of our previous research work in which an Enhanced Very Fast Decision Tree (EVFDT) was proposed which could detect DDoS attack successfully. However, in our previous work, the proposed algorithm is evaluated on the dataset generated by implementing LEACH protocol in NS-2. In this paper, a real-time cloud-assisted WBAN test bed is deployed to investigate the efficiency and accuracy of proposed EVFDT algorithm for real-time sensor network traffic. To evaluate the performance of proposed algorithm on real-time WBAN, four metrics are used including classification accuracy, time, memory, and computational cost. It was observed that EVFDT outperforms the existing algorithms by maintaining better results for these metrics even in the presence of extreme noise. Experimental results show that the EVFDT algorithm attains significantly high detection accuracy with less false alarm rate.

A Dictionary Based Urdu Word Segmentation Using Maximum Matching Algorithm for Space Omission Problem

The foremost step in any Natural Language Processing system is Word Segmentation. Word segmentation means dividing a sentence into the words it consists. For this research purpose Urdu is selected because very less work has been done. In Urdu space cannot be used in marking word boundary because it is not consistently used. Urdu word segmentation is different from other Asian languages in that it consist both Space Omission and Space Insertion problem. This paper discusses these problems and suggests a technique that solves both of these problems. It uses simple and already used basic techniques in a different way to develop an efficient Segmentation Algorithm. Morphological analysis of Urdu Text is also taken into account. Dictionary is used for verification and identification of Urdu Words. This work has been tested on words collected from Geo, Jang, BBC news sites and other online documents available on internet. The proposed algorithm has been tested on 11,995 words and 97.2% of these words are segmented correctly.

Malicious insiders attack in IoT based Multi-Cloud e-Healthcare environment: A Systematic Literature Review

The emergence of Internet of Things (IoT) has introduced smart objects as the fundamental building blocks for developing a smart cyber-physical universal environment. The IoTs have innumerable daily life applications. The healthcare industry particularly has been benefited due to the provision of ubiquitous health monitoring, emergency response services, electronic medical billing, etc. Since IoT devices possess limited storage and processing power, therefore these intelligent objects are unable to efficiently provide the e-health facilities, or process and store enormous amount of collected data. IoTs are merged with Cloud Computing technology in Multi-Cloud form that basically helps cover the limitations of IoTs by offering a secure and on-demand shared pool of resources i.e., networks, servers, storage, applications, etc., to deliver effective and well-organized e-health amenities. Although the framework based on the integration of IoT and Multi-Cloud is contributing towards better patient care, yet on the contrary, it is challenging the privacy and reliability of the patients’ information. The purpose of this systematic literature review is to identify the top security threat and to evaluate the existing security techniques used to combat this attack and their applicability in IoT and Multi-Cloud based e-Healthcare environment.

Distributed denial of service DDoS attack detection using data mining approach in cloud-assisted wireless body area networks

Nowadays, wireless body area networks WBANs is emerging as a promising technology with a considerable potential in improving patients healthcare services. The integration of WBAN and cloud computing technology provides a platform to create a new digital paradigm with leading features called cloud-assisted WBAN. The foremost concern of cloud-assisted WBAN is the security and privacy of data either collected and stored by WBAN sensors or transmitted to cloud over an insecure network. Among these, data availability is the most nagging security issue. The major threat to data availability is distributed denial of service attack DDoS normally launched from various distributed locations. In order to assure the all time availability of patients data, we propose a distributed victim based DDoS attack detection mechanism based on very fast decision tree VFDT learning model in cloud-assisted WBAN. The evaluation and performance analysis shows that the proposed mechanism could detect DDoS attack with high accuracy, and reduced false positive and false negative ratio.

Pakistan Sign Language Recognition and Translation System using Leap Motion Device

The recent innovation in the technology and introduction of new gesture control based devices, like leap motion controller, have revolutionized computing. Technology that can track finger and hand gestures accurately at very low cost can reshape the gesture control industry. Leap motion controller, a little USB device, has an ability to obtain accurate description of the hand and figures pose that can be used for Recognition of Pakistan Sign Language. Sign Language is very crucial to facilitate deaf and mute children to communicate with the society. This paper proposes a gesture based recognition system for Pakistan Sign Language using leap motion device. Our proposed system compromises of two modules training module and communication module. In training module motion data received from leap motion controller is used to train the system for Pakistan Sign Language. Than in communication module motion data is acquired through leap motion controller and fed into correlation algorithm to detect and recognize the sign and then convert it into text form. The proposed system provides an efficient and cost effective solution to communication problem of deaf and mute children.

Synthesis of an adaptive CPR filter for identification of vehicle make & type

A methodology for recognition of vehicle make and type by identifying logo images is proposed in this paper. Angular displacements in the target images, add complexity to the identification process in real time scenario. Slight deviations in the input scene render the output invariably meaningless. The correlation pattern recognition based CPR filters, if amicably trained for the images containing requisite trend of angular distortions, can produce remarkable identification results invariant to the speculated angular rotations. Maximum Average Correlation Height MACH Filter being a major development in CPR field, duly trained with images of various classes in parallel, carries adequate statistical information and intelligence to ensure correct classification results. A supervised learning process of the proposed filter enables us to have an adaptive design to cater for misclassifications tagged as false positives in the first instance of training. Synthesis of a flexible, constantly evolving and an adaptive classifier can conveniently manage correct detection of target images irrespective of acute angular shifts in the input scenes.