In this paper, we propose a traffic feature-based botnet detection scheme emphasizing the importance of long patterns. Since the communication sequences of bots are not easily changed, the long communication patterns of botnets are useful for detection. The proposed scheme emphasizes the long pattern's importance by improving the feature extraction algorithms and giving weights to the long patterns with large occurrences. By the computer simulation with real dataset, we show the effectiveness of our scheme.
The flooding DDoS attack is a serious problem these days. In order to detect the flooding DDoS attack, the survival approaches and the mitigation approaches have been investigated. Since the survival approach occurs the burden on the victims, the mitigation approach is mainly studied. As for the mitigation approaches, to detect the flooding DDoS attack, the conventional schemes using the bloom filter, machine learning, and pattern analyzation have been investigated. However, those schemes are not effective to ensure the high accuracy (ACC), the high true positive rate (TPR), and the low false positive rate (FPR). In addition, the data size and calculation time are high. Moreover, the performance is not effective from the fluctuant attack packet per second (pps). In order to effectively detect the flooding DDoS attack, we propose the lightweight detection using bloom filter against flooding DDoS attack. To detect the flooding DDoS attack and ensure the high accuracy, the high true positive rate, and the low false positive rate, the dec-all (decrement-all) operation and the checkpoint are flexibly changed from the fluctuant pps in the bloom filter. Since we only consider the IP address, all kinds of flooding attacks can be detected without the blacklist and whitelist. Moreover, there is no complexity to recognize the attack. By the computer simulation with the datasets, we show our scheme achieves an accuracy of 97.5%. True positive rate and false positive rate show 97.8% and 6.3%, respectively. The data size for processing is much small as 280bytes. Furthermore, our scheme can detect the flooding DDoS attack at once in 11.1sec calculation time.
The S reservoir in the X Oilfield in Iraq has great development potential due to its rich geological reserves. However, the low permeability and strong heterogeneity of the reservoir lead to great differences in reservoir stimulation performance. In this study, an integrated reservoir model and differential stimulation mode are put forward to solve the above problems. First, the feasibility of fracturing is evaluated by laboratory experiments. Second, an integrated reservoir model is established, which mainly includes a rock mechanics model, fracturing simulation model, and numerical simulation model, and correct the integrated model by fracturing operation curves and production dynamic curves. Third, three types of stimulation areas are classified according to the combination of sweet spot types, and three different stimulation modes are proposed. In conclusion, a small-scale stimulation mode should be applied in the Type I area to maximize economic benefits. In the Type II area, the medium-scale stimulation mode should be performed to ensure certain productivity while achieving certain economic benefits. In the Type III area, the large-scale stimulation mode should be employed to obtain certain productivity while economic benefits must be above a limit. The differential stimulation model proposed in this paper has made a great reference for the efficient development of low-permeability carbonate rocks.
Sanghun CHOI †a) , Shuichiro HARUTA †b) , Yichen AN †c) , Student Members, and Iwao SASASE †d) , Fellow SUMMARY Since the owner's data might be leaked from the centralized server storage, the distributed storage schemes with the server storage have been investigated. To ensure the owner's data in those schemes, they use Reed Solomon code. However, those schemes occur the burden of data capacity since the parity data are increased by how much the disconnected data can be restored. Moreover, the calculation time for the restoration will be higher since many parity data are needed to restore the disconnected data. In order to reduce the burden of data capacity and the calculation time, we proposed the server-based distributed storage using Secret Sharing with AES-256 for lightweight safety restoration. Although we use Secret Sharing, the owner's data will be safely kept in the distributed storage since all of the divided data are divided into two pieces with the AES-256 and stored in the peer storage and the server storage. Even though the server storage keeps the divided data, the server and the peer storages might know the pair of divided data via Secret Sharing, the owner's data are secure in the proposed scheme from the inner attack of Secret Sharing. Furthermore, the owner's data can be restored by a few parity data. The evaluations show that our proposed scheme is improved for lightweight, stability, and safety.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.