BITS Faculty Publications

Permanent URI for this communityhttp://localhost:4000/handle/123456789/1867

Browse

Author: search.filters.author.Gupta, Vishal

Search Results

Now showing 1 - 10 of 25
  • No Thumbnail Available
    Item
    Detection of Distributed Denial of Service Attacks Using Entropy on Sliding Window with Dynamic Threshold
    (Springer, 2022-03) Gupta, Vishal
    The Internet has become an integral part of our day-to-day lives, from remaining connected to accessing information from any part of the world. Distributed Denial of service (DDoS) attacks disrupts the normal functioning of the Internet. Because of DDoS attacks, services over the Internet become inaccessible; regular hosts lose connectivity, etc. DDoS attacks are more dangerous because it is not always possible to differentiate whether an organization is under attack or its’ just normal traffic. Therefore, an effective detection mechanism is needed that is computationally less expensive and can detect different types of attacks with good accuracy. Hence, in this paper, we propose Entropy with Dynamic Thresholds to detect DDoS attacks. A dynamic threshold helps us accurately detect an attack in different rates of traffic. To validate our approach, we have used the CICDDoS-2019 attack dataset.
  • No Thumbnail Available
    Item
    Prevention of DDoS Attacks with Reliable-Dynamic Path Identifiers
    (Springer, 2022-03) Gupta, Vishal
    As per the reports of McAfee and Google, DDoS attacks are ranked the third-most dangerous network attacks, and their intensity is expected to increase in the future. To defend against these DDoS attacks, we propose a preventive approach in this paper. This approach aims to stop the DDoS attack traffic from reaching the victim’s network. Our proposed technique is based upon the use of Path Identifiers (PIDs), primarily used in Information-Centric Networks, to force the forwarding of response packets on these Path IDs and not IP forwarding. As against static PIDs, we use reliable dynamic PIDs (RDPID, two for each link) to refrain the attackers from learning these PIDs and launching the attack. With the proposed RDPID technique, the PID negotiation time is reduced to 6 ms for 99% of the cases, as against 23 ms with the use of Dynamic PIDs (DPIDs) proposed in the literature. Furthermore, the attack mitigation time is reduced by (approx) 40% compared with similar techniques using DPID available in the literature.
  • No Thumbnail Available
    Item
    SymSDN: A DRDoS Attack Prevention Approach
    (IEEE, 2023) Gupta, Vishal
    Distributed Denial of Service (DDoS) attacks are hostile attempts toward the normal functioning of a system. The attacker exploits vulnerabilities present in various systems to convert them into botnets or bots. These bots generate massive amount of internet traffic towards the victim, choking its bandwidth, and disrupting its connectivity to the internet. Distributed Reflection Denial of Service (DRDoS) attack, a type of DDoS attack, exploit vulnerable servers to generate huge attack traffic towards the target by source IP spoofing, making them even worse. In this paper, we present a mechanism to defend against DRDoS attacks. The mechanism is based on symmetric routing that forces response packets to take the same path as that of request packets. This causes the attack to divert back to the attacker, saving the client from it and also hampering the attacker’s ability to launch further attacks. The proposed methodology, SymSDN, also optimizes flow entries to deal with the overflow of routing tables by DDoS attacks. The percentage of packet loss and the throughput calculation in the result section prove the authenticity of our proposed approach.
  • No Thumbnail Available
    Item
    Prevention of DDoS attacks: a comprehensive review and future directions
    (Taylor & Francis, 2024-05) Gupta, Vishal
    Distributed Denial of Service (DDoS) attacks constitute a formidable threat, obstructing access to legitimate internet services and disrupting the seamless provision of services by organizations. Despite extensive research dedicated to developing defense mechanisms against DDoS attacks, their persistence remains a challenge. The majority of research in DDoS defense can be categorized into attack detection, mitigation, and prevention. Notably, defense strategies falling within the purview of attack detection and mitigation are reactive in nature, often activated after some level of damage has already occurred. In addition, the terms “detection” and “mitigation,” maintain consistent meanings in the literature. However, the term “prevention” in the context of DDoS attacks has been associated with varying interpretations in the literature. This paper undertakes a comprehensive review of techniques labeled as “prevention” in the realm of DDoS attacks. In addition, because prevention techniques do not have a standard meaning in the literature, we further classify these techniques into Ideal Prevention, True Prevention, and Partial Prevention. By scrutinizing these techniques and their implications, we shed light on the complexity of mitigating DDoS threats effectively. In particular, we advocate for increased focus on True Prevention techniques, emphasizing the need for dynamism, computational efficiency, scalability, and practical deployability.
  • No Thumbnail Available
    Item
    Wind speed prediction using empirical wavelet transform and bidirectional gated recurrent unit based hybrid model
    (IEEE, 2024) Pasari, Sumanta; Gupta, Vishal
    Accurate forecasting of wind speed is crucial for optimal extraction of energy, enabling integration of power grid, planning and management of renewable energy resources. To overcome the unpredictability of long-term trends and seasonal variation of wind, this study proposes a deterministic framework utilizing a hybrid model based on empirical wavelet transform (EWT), bidirectional gated recurrent neural network (BiGRU), and Bayesian optimization algorithm (BOA) for an hour-ahead wind speed prediction. Firstly, the EWT is used for preprocessing the wind speed data with enabling wavelet charaterticstics. Then, the BiGRU model is employed for regression using optimal values determined by the BOA method. The robustness of the proposed integrative framework is regressively evaluated over seven years (2015-2021) of hourly wind speed data across four locations in India. The evidence of numerical results of the proposed model demonstrates its effectiveness with a maximum improvement of 70%−80% in terms of RMSE values across all the studied regions. Furthermore, the model evaluation and pictorial results indicate that the proposed model is a potent tool for generating wind energy and its integration into the smart grid.
  • No Thumbnail Available
    Item
    A Keyword Searching Algorithm For Search Engines
    (IEEE, 2007) Gupta, Vishal
    Search engines prominently use inverted indexing technique to locate the Web pages having the keyword contained in the users query. The performance of inverted index, fundamentally, depends upon the searching of keyword in the list maintained by search engines. This paper presents a new technique for keyword searching. It uses a trie data structure to index the keyword up to a certain optimum level. While searching a keyword, this index is used to get two offset values, in constant amount of time for every keyword, within which the keyword might lie. Using the two offsets, a binary search is initiated to locate the keyword in the list, and hence the Web pages containing the keyword. Research shows that subsequently increasing the levels of trie will increase the performance of retrieval but also increase the required memory. It also shows that on an average with indexing up to level 2 requires 56% less number of comparisons, as required by binary search, to search a keyword in the list.
  • No Thumbnail Available
    Item
    Handover procedure using probability based mobility patterns in 3G-WLAN interworking environment
    (IEEE, 2012) Gupta, Vishal
    With the projected increase of 3G network traffic in near future, telecom operators are looking for the alternative means of satisfying the data needs of mobile subscribers without scaling the existing 3G network infrastructure. Over the last decade, IEEE 802.11 network (better called as Wi-Fi network) has emerged as one of the most competitive technology for it. It can function with the macro cellular network, as an adjunct network, to provide an alternative path with the best performance capability. On the other hand, several studies have reported the discovery of fundamental statistical features of human mobility. Studies show that human trajectories show a high degree of temporal and spatial regularity, thus following simple reproducible patterns. This paper proposes a probability based approach to find the mobility patterns of users and then use the information to effectively decrease the handover latency and increase throughput.
  • No Thumbnail Available
    Item
    Network discovery and user preferences for network selection in 3G-WLAN interworking environment
    (IEEE, 2013) Gupta, Vishal
    In a heterogeneous networking environment vertical handover decision plays a very crucial role in the overall handover process as wrongly selected network spoils the overall purpose of Always Best Connected (ABC). For it many decision models, based on diverse parameters and techniques, have been proposed. In this paper, following two requirements which most of such models require are emphasized: a) Network information other than that available in the corresponding network advertising frame to get the values of the decision parameters considered and b) User Preferences because it is the user satisfaction which is one of the ultimate aim of vertical handover process and different users can have different preferences on the same parameter. It is shown that how additional information can be stuffed in the Information Element's LENGTH field of 802.11 compatible beacon frame. Also, capturing user preferences is modeled primarily on the parameters derived from the fields added by IEEE 802.11u to the beacon frame. The proposed technique for it, called Analytic Hierarchy Process (AHP), is also made more effective by measuring its criticisms.
  • No Thumbnail Available
    Item
    Network selection in 3G-WLAN interworking environment using TOPSIS
    (IEEE, 2016) Gupta, Vishal
    The expansion of wireless technologies and their pervasiveness has resulted in various network interfaces in mobile terminals. Therefore it is necessary for mobile terminals to implement vertical handover techniques which encourage the clients to move effectively and seamlessly among different diverse network systems. In vertical handover, selection of appropriate network is an extremely critical stage as wrongly chosen destination network ruins the entire novel purpose of vertical handover. This can successively lead to ping pong effect, under utilization of network resources, and dissatisfaction among users. This problem of network selection is very much related to Multiple Criteria Decision Making (MCDM) and can be modeled on various techniques given for it. In this paper, utilizing a MCDM technique called TOPSIS, an approach for destination network selection is proposed. The scope is limited to 802.11 destination networks. As a novel contribution, the list of parameters is selected from the perspective that either they are the part of IEEE 802.11 beacon frame or can be embedded in it using some beacon stuffing technique. In the later case we also give how many additional bits are required for stuffing them in the beacon frame. This makes our technique a practically usable one.
  • No Thumbnail Available
    Item
    Link Changes with Change in Demand in Flow Distribution Networks
    (IEEE, 2016) Gupta, Vishal
    Water Distribution Networks (WDNs) are the foundation and backbone of any city. There maintenance and energy costs demand a significant amount of planning. Judicious scheduling operations can prompt significant savings in energy and prevent disruptions in supply and damages. Water passes through a great deal of system hubs (like pumps, valves, tanks, and so on) while moving from source (reservoir) to individual customers. Such system turn into an uncommon instance of packet switched network, and can be modeled based on networking theory. Similar to bandwidth of each network link, every link in a WDN has a fixed and predefined capacity. Given a source and destination node, there can be a specific estimation of most extreme stream of water which is possible between them. In this paper, our aim is to study the link changes in WDN. Depending upon the change in demand at the destination node, the proposed algorithms recommend optimal modifications in the connecting links of the existing network to increase the maximum possible flow.