BZPEERPapers, people, evidence and research paths
Menu

Discover

SearchFind papers, people, topics, institutions and opportunities from one place.GraphSee how papers, authors, topics and evidence connect.

Research tools

HomeContinue from the papers, people and topics that matter now.CollectionsTurn saved papers into reading lists, evidence maps and shareable context.ResearchReconstruct the path that led you from search to paper to question.CollaborationMove from a paper, topic or expert request into a focused thread.PublishCreate full-text research articles with metadata, formulas and versions.

Network

ExpertsFind specialists whose work and reviews explain why they can help.CommunitiesJoin research groups organized around papers, topics and shared evidence.

Opportunities

ListingsBrowse roles, calls and collaborations connected to real research context.

Account

Log inReturn to your saved papers, graph views and active threads.Create accountStart saving papers, building a research trail and joining teams.
Log inCreate account

Source author record

Sandra Scott-Hayward

Sandra Scott-Hayward appears in the imported research catalog. Authorship, coauthor and topic links are available while profile ownership is still unclaimed.

ResearcherUnclaimed source record
Cryptography and SecurityNetworking and Internet Architecture

Catalog footprint

What is connected

3works
2topics
4close collaborators

Actions

Connect this record

Log in to claim
Open graphBrowse works

Research graph

See the researcher in context

Open full explorer

Inspect adjacent papers, topics, institutions and collaborators without losing the researcher page.

Building this map preview

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

3 published item(s)

preprint2022arXiv

GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection

Machine Learning (ML) has proven to be effective in many application domains. However, ML methods can be vulnerable to adversarial attacks, in which an attacker tries to fool the classification/prediction mechanism by crafting the input data. In the case of ML-based Network Intrusion Detection Systems (NIDSs), the attacker might use their knowledge of the intrusion detection logic to generate malicious traffic that remains undetected. One way to solve this issue is to adopt adversarial training, in which the training set is augmented with adversarial traffic samples. This paper presents an adversarial training approach called GADoT, which leverages a Generative Adversarial Network (GAN) to generate adversarial DDoS samples for training. We show that a state-of-the-art NIDS with high accuracy on popular datasets can experience more than 60% undetected malicious flows under adversarial attacks. We then demonstrate how this score drops to 1.8% or less after adversarial training using GADoT.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

Distributed Denial of Service (DDoS) attacks are one of the most harmful threats in today's Internet, disrupting the availability of essential services. The challenge of DDoS detection is the combination of attack approaches coupled with the volume of live traffic to be analysed. In this paper, we present a practical, lightweight deep learning DDoS detection system called LUCID, which exploits the properties of Convolutional Neural Networks (CNNs) to classify traffic flows as either malicious or benign. We make four main contributions; (1) an innovative application of a CNN to detect DDoS traffic with low processing overhead, (2) a dataset-agnostic preprocessing mechanism to produce traffic observations for online attack detection, (3) an activation analysis to explain LUCID's DDoS classification, and (4) an empirical validation of the solution on a resource-constrained hardware platform. Using the latest datasets, LUCID matches existing state-of-the-art detection accuracy whilst presenting a 40x reduction in processing time, as compared to the state-of-the-art. With our evaluation results, we prove that the proposed approach is suitable for effective DDoS detection in resource-constrained operational environments.

0 citations0 reviewsNo code linkedOpen access
preprint2016arXiv

Towards Policy Enforcement Point as a Service (PEPS)

In this paper, we coin the term Policy Enforcement as a Service (PEPS), which enables the provision of innovative inter-layer and inter-domain Access Control. We leverage the architecture of Software-Defined-Network (SDN) to introduce a common network-level enforcement point, which is made available to a range of access control systems. With our PEPS model, it is possible to have a `defense in depth' protection model and drop unsuccessful access requests before engaging the data provider (e.g. a database system). Moreover, the current implementation of access control within the `trusted' perimeter of an organization is no longer a restriction so that the potential for novel, distributed and cooperative security services can be realized. We conduct an analysis of the security requirements and technical challenges for implementing Policy Enforcement as a Service. To illustrate the benefits of our proposal in practice, we include a report on our prototype PEPS-enabled location-based access control.

0 citations0 reviewsNo code linkedOpen access