UTS site search

Dr Priyadarsi Nanda

Biography

Dr Nanda joined UTS in 2001. His roles have combined research, teaching and administration. Dr. Nanda is a core research member of UTS Research Centre for Innovation in IT Services and Applications (iNEXT). iNEXT is a world-class research environment for developing and nurturing innovation for the NEXT generation IT services and applications, including Internet-enabled business applications, network security, mobile health services, high-end visualisation technologies, novel image processing architectures and advanced video surveillance systems.

Dr Nanda has expanded his research activities through active participation with research students, research academics and industry researchers in the area of network quality of service, network security, assisted health care using sensor networks, and wireless sensor networks. Dr. Nanda is the leader of Network Security and Application research group within the iNEXT research center. He is currently supervising Five PhD students. Dr. Nanda has published over 40 refereed research publications including 9 journal articles, 7 book chapters, 1 conference tutorial and 24 refereed conference papers.

Professional

Dr. Nanda is an academic staff at the University of Technology, Sydney (UTS), Australia, in the Faculty of Engineering and Information Technology since January 2001. He is also the Program Director for Bachelor of Information Technology (BIT) Program.Prior to UTS Dr. Nanda served at the University of New South Wales (UNSW), School of Computer Science and Engineering (September 1999 - January 2001) and Regional Engineering College (REC, name changed to NIT), Rourkela, India in the Department of Computer Science and Engineering (September 1991- September 1999) both as an academic staff.

In the past he held several Visiting Professor and Research Visitor positions at:
1. INRIA-Nancy, France, July 2011 - December 2011
2. University of Auckland, April 2008 - June 2008
3. University of Minnesota (UoM), Minneapolis, USA, January 2004 - June 2004

Dr. Nanda has over 23 years of experience in Teaching and Research. He is a Core Research member in Research Centre for Innovation in IT Services and Applications iNEXT and steering committee member in IPv6 work Group committee in Australia's Academic and Research Network (AARNET). Dr. Nanda is a Senior Member of IEEE.

Image of Priyadarsi Nanda
Senior Lecturer, School of Computing and Communications
Core Member, Centre for Innovation in IT Services Applications
Associate Member, Centre for Real-Time Information Networks
BEng, MEng (UOW), PhD(UTS)
Senior Member, Institute of Electrical and Electronics Engineers
 
Phone
+61 2 9514 1853
Room
CB11.08.209

Research Interests

  • Internet QoS
  • Wireless and Sensor Networks
  • Network Security
  • Cloud Security
  • Health Informatics

Can supervise: Yes

Current Research students:

Five PhD Students (3 as Principal Supervisor and 2 as Co-Supervisor)

Past Research Students:

Aruna Jamdagni, PhD, Graduated in 2013, Co-Supervisor

Zhiyuan (Thomas) Tan, PhD, Graduated 2014, Co-Supervisor

Muhammad Mujtaba, Masters by Research, 2013, Principal Supervisor

Dong Yu, Masters by Research, 2013, Principal Supervisor

  • Computer Networks
  • Network Security
  • Digital Forensics
  • Internet QoS
  • Network Management
  • Network Design

Book Chapters

Nanda, P. & He, X.S. 2010, 'Scalable Internet Architecture Supporting Quality of Service (QoS)' in Kuan-Ching Li etal. (ed), The Handbook of Research on Scalable Computing Technologies, IGI Global, USA, pp. 339-357.
View/Download from: OPUS |
The evolution of Internet and its successful technologies has brought a tremendous growth in business, education, research etc. over the last four decades. With the dramatic advances in multimedia technologies and the increasing popularity of real-time applications, recently Quality of Service (QoS) support in the Internet has been in great demand. Deployment of such applications over the Internet in recent years, and the trend to manage them efficiently with a desired QoS in mind, researchers have been trying for a major shift from its Best Effort (BE) model to a service oriented model. Such efforts have resulted in Integrated Services (Intserv), Differentiated Services (Diffserv), Multi Protocol Label Switching (MPLS), Policy Based Networking (PBN) and many more technologies. But the reality is that such models have been implemented only in certain areas in the Internet not everywhere and many of them also faces scalability problem while dealing with huge number of traffic flows with varied priority levels in the Internet. As a result, an architecture addressing scalability problem and satisfying end-to-end QoS still remains a big issue in the Internet. In this chapter the authors propose a policy based architecture which they believe can achieve scalability while offering end to end QoS in the Internet.

Conference Papers

Hoang, D.B., Elliott, D., McKinley, S.M., Nanda, P., Schulte, J. & Duc, N.A. 2013, 'Tele-monitoring techniques to support recovery at home for survivors of a critical illness', IEEE International Symposium on Signal Processing and Information Technology, Ho Chi Minh City, Vietnam, December 2012 in Signal Processing and Information Technology 2012, ed Jie Wu, IEEE Computer Society, Ho Chi Minh City - Vietnam, IEEE, Piscataway, USA, pp. 1-6.
View/Download from: OPUS | Publisher's site
This paper proposes and explores the design of a system that includes sensor-based procedures and techniques for remote physiological sensing and functional assessment for these individuals.
Hugo Cruz, S., Ciarletta, L., Song, Y. & Nanda, P. 2013, 'Routing Scheme for a Wireless Sensor Network Real-Time Locating System', IWCMC 2013, Cagliari, Italy, July 2013 in The 9th International Wireless Communications and Mobile Computing Conference, ed Nidal Nasser, Tomohiko Taniguchi & Dajana Cassioli, IEEE Computer Society, Italy, pp. 159-164.
View/Download from: OPUS | Publisher's site
This work contains a routing proposition to be used over a Wireless Sensor Network (WSN) location system based on the IEEE 802.15.4 standard. The technical solution for communication consists of an n-ary tree algorithm for routing using a 16 bit addressing scheme. It is compared to a binary routing scheme originally used on a real system which suffers from coverage, routing and addressing problem. An analysis of the coverage aspects is driven by a geometric study. It includes an analysis of a generated topology for different coverage areas and different routing topologies. The geometric analysis is validated by a simulation work. We observe that the proposed scheme outperforms the existing routing solution in terms of hop-count, delay and association process time. The work puts in evidence that the Connectivity of the network is an important parameter to be considered during the network deployment and for the routing scheme
Jan, M.A., Nanda, P. & He, X.S. 2013, 'Energy Evaluation Model for an Improved Centralized Clustering Hierarchical Algorithm in WSN', 11th International Conference Wired/Wireless Internet Communication, WWIC 2013, St. Petersburg, Russia, June 2013 in Lecture Notes in Computer Science, ed Abdelhamid Mellouk, Springer-Verlag Berlin Heidelberg, London New York, pp. 154-167.
View/Download from: OPUS | Publisher's site
Wireless Sensor Networks (WSN) consists of battery-powered sensor nodes which collect data and route the data to the Base Station. Centralized Cluster-based routing protocols efficiently utilize limited energy of the nodes by selecting Cluster Heads (CHs) in each round. Selection of CHs and Cluster formation is performed by the Base Station. In each round, nodes transmit their location information and their residual energy to the Base Station. This operation is a considerable burden on these resource hungry sensor nodes. In this paper we propose a scheme whereby a small number of High-Energy nodes gather location information and residual energy status of the sensing nodes and transmit to the Base Station. This scheme eliminates CH advertisement phase in order to conserve energy. Based on the energy consumption by various types of nodes, we have derived an energy model for our algorithm which depicts the total energy consumption in the network.
Jan, M.A., Nanda, P., He, X.S. & Liu, R. 2013, 'Enhancing Lifetime and Quality of Data in Cluster-based Hierarchical Routing Protocol for Wireless Sensor Network', 2013 IEEE International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing, Zhangjiajie, Hunan Province, P.R. China, November 2013 in 2013 IEEE International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing, ed Prof. Albert Zomaya, CPS, Zhangjiajie, Hunan Province, P.R. China, pp. 1400-1407.
View/Download from: OPUS
Wireless Sensor Network (WSN) performs energyextensive tasks and it is essential to rotate sensor nodes frequently so that Cluster Head selections can be made efficiently. In this paper, we aim to improve the lifetime of sensor network by using LEACH based protocols and efficiently utilizing the limited energy available in these sensor nodes. In sensor network, the amount of data delivered at the base station is not important but it is the quality of the data which is of utmost importance. Our proposed approach significantly improves the life time and quality of data being delivered at the base station in sensor network. We evaluate our proposed approach using different sets of node energy levels and in each case our approach shows significant improvement over existing cluster-based hierarchical routing protocols. We evaluate our scheme in terms of energy consumption, life time and quality of data delivered at the base station.
Mujtaba, M., Nanda, P. & He, X.S. 2012, 'Border Gateway Protocol Anomaly Detection using Failure Quality Control Method', Liverpool UK, June 2012 in 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, ed Geyong Min, Yulei Wu, Lei (Chris) Liu, Xiaolong Jin, Stephen Jarvis, Ahmed Y. Al-Dubai, CPS (Conference Publishing Services), Liverpool UK, pp. 1239-1244.
Border Gateway Protocol (BGP) is the de-facto inter-domain routing protocol used across thousands of Autonomous Systems (AS) joined together in the Internet. Security has been a major issue for BGP. Nevertheless, BGP suffers from serious threats even today, like Denial of Service (DoS) attack and misconfiguration of routing information. BGP is one of the complex routing protocols and hard to configure against malicious attacks. However, it is important to detect such malicious activities in a network, which could otherwise cause problems for availability of services in the Internet. In this paper we use the Failure Quality Control (FQC), a technique to detect anomaly packets in the network for real time intrusion detection.
Tan, Z., Jamdagni, A., He, X.S., Nanda, P. & Liu, R. 2012, 'Triangle-Area-Based Multivariate Correlation Analysis for Effective Denial-of-Service Attack Detection', IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool UK, June 2012 in 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, ed Geyong Min, Yulei Wu, Lei (Chris) Liu, Xiaolong Jin, Stephen Jarvis, Ahmed Y. Al-Dubai, IEEE Computer Society, Piscataway, USA, pp. 33-40.
View/Download from: OPUS | Publisher's site
Cloud computing plays an important role in current converged networks. It brings convenience of accessing services and information to users regardless of location and time. However, there are some critical security issues residing in cloud computing, such as availability of services. Denial of service occurring on cloud computing has even more serious impact on the Internet. Therefore, this paper studies the techniques for detecting Denial-of-Service (DoS) attacks to network services and proposes an effective system for DoS attack detection. The proposed system applies the idea of Multivariate Correlation Analysis (MCA) to network traffic characterization and employs the principal of anomaly-based detection in attack recognition. This makes our solution capable of detecting known and unknown DoS attacks effectively by learning the patterns of legitimate network traffic only. Furthermore, a triangle area technique is proposed to enhance and speed up the process of MCA. The effectiveness of our proposed detection system is evaluated on the KDD Cup 99 dataset, and the influence of both non-normalized and normalized data on the performance of the detection system is examined. The results presented in the system evaluation section illustrate that our DoS attack detection system outperforms two state-of-theart approaches
Tan, Z., Jamdagni, A., Nanda, P., He, X.S. & Liu, R. 2012, 'Evaluation on Multivariate Correlation Analysis Based Denial-of-Service Attack Detection System', 1st International Conference on Security of Internet of Things, India, August 2012 in 1st International Conference on Security of Internet of Things, ed Bob Kahn; Marvin Minsky; Esther Dyson, ACM, India, pp. 1-5.
In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.
Myint, H., Nanda, P. & He, X.S. 2012, 'Evaluation of billing and charging architecture for the Internet service provisioning', 2012 International Symposium on Communications and Information Technologies (ISCIT), Goldcoast Australia, October 2012 in 2012 International Symposium on Communications and Information Technologies (ISCIT), ed Hla Myint, Priyadarsi Nanda and Xiangjian He, IEEE Computer Society, Goldcoast Australia, pp. 900-905.
This article develops a charging scheme that is simple and easily usable for the users and provides them with the incentives to use only the resources they require. Our scheme has been developed and based on the use of Internet resource and demonstrates how the contributing providers can share the total charge earned by each mobile and wireless services in a fair way. We made a comparison of our architecture with existing architectures and demonstrated that our architecture adopts an accommodating approach for customer which is economically viable for the ISP provider.
Ambu Saidi, M.A., Lu, L., Tan, Z., He, X.S., Jamdagni, A. & Nanda, P. 2012, 'A Nonlinear Correlation Measure for Intrusion Detection', Suzhou, China, November 2012 in The 7th International Conference on Frontier of Computer Science and Technology (FCST-12), ed Mohammed Ambusaidi, Liang Fu Lu, Xiangjian He*, Zhiyuan Tan, Aruna Jamdagni, Priyadarsi Nanda, IEEE Computer Society, Suzhou, China, pp. 1-7.
The popularity of the Internet supplies attackers with a new means to violate any organizations and individuals. This raises the concerns of the Internet users and research community. One of the effective solutions of addressing this issue is Intrusion Detection System (IDS), which is defined as a type of security tools used to detect any malicious behaviors on computer networks. However, IDSs are commonly prone to high false positive rates. In order to solve this technical challenge, this paper proposes an effective Nonlinear Correlation Coefficient (NCC) based measure, which can accurately extract both linear and nonlinear correlations between network traffic records, for intrusion detection. Then, we demonstrate the effectiveness of our proposed NCC-based measure in extracting correlations by comparing against the Pearson++s Correlation Coefficient (PCC) based measure. The demonstration is conducted on KDD Cup 99 data set, and the experimental results show that our proposed NCC-based measure not only helps reduce false alarm rate, but also helps distinguish normal and abnormal behaviors efficiently.
Schulte, J., Nguyen, V., Hoang, D.B., Elliott, D., McKinley, S.M. & Nanda, P. 2012, 'A remote sensor-based 6-minute functional walking ability test', IEEE Sensors, Taipei, Taiwan, October 2012 in IEEE Sensors 2012, ed NA, IEEE, IEEE Xplore, pp. 1-4.
View/Download from: OPUS | Publisher's site
This paper proposes and implements an integrated remote sensor-based 6-minute walk test (6MWT) for monitoring a patient's clinical condition and correlate this data to the walking activity that the patient is performing to assess his/her functional ability and physical performance. The 6MWT is known to be one of the most effective rehabilitation tests for a clinician to assess individuals with a variety of clinical conditions including survivors of a critical illness. Our method deploys body sensors for measuring health conditions and an on-body accelerometer for detecting motion. An intelligent algorithm was developed to detect a walk step, count the number of steps, and dynamically derive the step distance based on an individual's real-time walking parameters. The path and the derived walk distance are then related to their vital signs to assess their functional ability under various walk conditions. Our remote 6MWT is being considered for a telehealth rehabilitation procedure in an integrated assistive healthcare system.
Yu, D., Nanda, P. & He, X.S. 2012, 'Performance Uncertainty Impact on WSNs Design Evaluation', 2012 International Conference on Control Engineering and Communication Technology, Shenyang China, December 2012 in 2012 International Conference on Control Engineering and Communication Technology, ed Joe Ashby, IEEE Computer Society, Shenyang China, pp. 723-726.
View/Download from: Publisher's site
In this paper we try to characterize wireless sensor network (WSNs) performance uncertainty (PU) attribute, identify the source and cause of PU, then we challenge that performance stability should treated seriously as one metric among other important metric depending application scenario. We further classify PU impacts on system evaluation and comparison process. Finally, we propose PU mitigation strategy
Myint, H. & Nanda, P. 2011, 'An Integrated Model Supporting Billing and QOS in the internet', ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, Sydney Australia, July 2011 in 12th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD 2011), ed Morshed Chowdhury; Sid Ray; Roger Lee, IEEE Computer Society, Sydney Australia, pp. 38-44.
View/Download from: OPUS | Publisher's site
This article develops a charging scheme that is simple and easily usable for the users and provides them with the incentives to use only the resources they need. This scheme is developed on the time-volume charging approach to show how the contributing providers can share the total charge earned by each mobile and wireless service instance in a fair way, with each provider collecting the portion of charge that corresponds to the consumption of its own resources for the service. This is alos an important issue for the commercial viability of mobile service to mobile users, given that its provision spans multiple domains. Our proposed architecture is compliant to the relevant standards and can serve as a basis for applying other internet charging schemes as well
Yang, A. & Nanda, P. 2011, 'Building Content Distribution Network : A Solution to achieve QoS on Internet', International Conference on Internet Technology and Applications iTAP, Wuhan, China, August 2011 in 2011 International Conference on Internet Technology and Applications iTAP 2011, ed Dr Priyadarsi Nanda, Yang Yang, IEEE Computer Society, Sydney Australia, pp. 1-3.
View/Download from: OPUS | Publisher's site
Content Distribution Network (CDN) involves several technologies, rather than just one technology working alone. CDN is another method to provide Quality of Service (QoS) to different applications and deliver different types of media content to end-users over the Internet. Since it is important to improve Internet performance in recent years, CDN has been an approach providing better Internet services. There are a number of technologies and components included in the CDN, and also several challenges needed to be considered for its performance. This paper presents basiccomponents of CDN and summarizes the challenges and issues analyzing the development of CDNs towards QoS.
Yu, D., Nanda, P. & Braun, R.M. 2011, 'Credibility Problems and Tradeoff between Realistic and Abstraction in WANET and WSN Simulation', International Conference on Wireless Communications, Networking and Mobile Computing, Wuhan, China, September 2011 in The 7th International Conference on Wireless Communications, Networking and Mobile Computing (WICOM 2011), ed Dong Yu, Priyardarsi Nanda, Robin Braun, IEEE Computer Society, Piscataway, USA, pp. 1-4.
View/Download from: OPUS | Publisher's site
Wireless network Simulation is challenging due to the effect of the dynamic and fading channel. The task is even more challenging in Wireless Sensor Network (WSN), adding the factor of energy source limitation. Validating simulation results with real implementation are still an unresolved question in wireless research in general and in particular WSN. There are few standard procedures to follow which guarantee accuracy and credibility in terms of answering the question in hands. On one hand, simulation results are aimed towards as realistic as possible conforming to real world implementation. On the other hand, abstraction can eliminate the fragmentation of hardware prototypes, operating system models and different simulation tools. In our research we try to tackle credibility problem in WSN with tradeoffs between realistic and abstraction, and setup the principles and guideline for practical simulations in WSN.
Tan, Z., Jamdagni, A., He, X.S., Nanda, P. & Liu, R. 2011, 'Multivariate Correlation Analysis Technique Based on Euclidean Distance Map for Network Traffic Characterization', Beijing/China, November 2011 in Information and Communications Security 13th International Conference, ICICS 2011, ed Sihan Qing, Willy Susilo, Guilin Wang, Dongmei Liu, Springer Verlag, Berlin/Heidelberg, pp. 388-398.
View/Download from: OPUS | Publisher's site
The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.
Tan, Z., Jamdagni, A., He, X.S., Nanda, P. & Liu, R. 2011, 'Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis', International Conference on Neural Information Processing, Shanghai, China, November 2011 in Neural Information Processing 18th International Conference, ICONIP 2011, ed Bao-Liang Lu, Liqing Zhang, James Kwok, Springer-Verlag, Berlin/Heidelberg, pp. 756-765.
View/Download from: OPUS | Publisher's site
The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.
Nanda, P. & Mujtaba, M. 2011, 'Analysis of BGP Security Vulnerabilities', Citigate Hotel, Perth, December 2011 in 9th Australian Information Security Management Conference, ed Dr Trish Williams and Prof. Craig Valli, SECAU- Security Research Centre, Edith Cowan University, Perth, Perth, pp. 204-214.
View/Download from: OPUS
Border Gateway Protocol (BGP) is a dynamic routing protocol in the Internet that allows Autonomous System (AS) to exchange information with other networks. The main goal of BGP is to provide a loop free path to the destination. Security has been a major issue for BGP and due to a large number of attacks on routers; it has resulted in router misconfiguration, power failure and Denial of Service (DoS) attacks. Detection and prevention of attacks in router at early stages of implementation has been a major research focus in the past few years. In this research paper, we compare three statistical based anomaly detection algorithms (CUSUM, adaptive threshold and k-mean cluster) through experiment. We then carry out analysis, based on detection probability, false alarm rate and capture intensity (high & low) on the attacked routers.
Mujtaba, M. & Nanda, P. 2011, 'Analysis of the BGP Security Vulnerabilities', Australian Information Security Management Conference, Perth, Western Australia, December 2011 in 9th Australian Information Security Management Conference, ed Dr Trish Williams and Professor Craig Valli, Security Research Centre, Edith Cowan University, Perth, Australia, pp. 204-214.
View/Download from: OPUS
Border Gateway Protocol (BGP) is a dynamic routing protocol in the Internet that allows Autonomous System (AS) to exchange information with other networks. The main goal of BGP is to provide a loop free path to the destination. Security has been a major issue for BGP and due to a large number of attacks on routers; it has resulted in router misconfiguration, power failure and Denial of Service (DoS) attacks. Detection and prevention of attacks in router at early stages of implementation has been a major research focus in the past few years. In this research paper, we compare three statistical based anomaly detection algorithms (CUSUM, adaptive threshold and k-mean cluster) through experiment. We then carry out analysis, based on detection probability, false alarm rate and capture intensity (high & low) on the attacked routers.
Jamdagni, A., Tan, Z., Nanda, P., He, X.S. & Liu, R. 2010, 'Intrusion Detection Using GSAD Model for HTTP Traffic on Web Services', International Wireless Communications and Mobile Computing Conference, Caen, France, June 2010 in 2010 IWCMC - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, ed Yan Zhang, et al, Association for Computing Machinery, Inc. (ACM), USA, pp. 1193-1197.
View/Download from: OPUS | Publisher's site
Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.
Anwar, T. & Nanda, P. 2010, 'Wireless Device Location Sensing In a Museum Project', Annual International Conference on Network Technologies and Communications, Phuket Thailand, November 2010 in Annual International Conference on Network Technologies and Communications (NTC 2010), ed Program Committee, Global Science an Technology Forum (GSTF), Phuket Thailand, pp. N-49-N-54.
View/Download from: OPUS |
Indoor navigation can be implemented with Bluetooth technology as sensons. We use RTT (Round Trip Time) as an attribute towards the navigation of an object. Designing the scheme for indoor networks with the introduction of pre-fixed co-ordinates has been used as a database. This paper presents a new algorithm that incorporate real life signal strength measurement from access point and peers to estimate position and distance using Bluetooth sensor network. The main feature of this paper is to see how RTT behaves with distance and then what approach we must take to make RTT more robust. We conducted several experiments to validate our proposed algorithm and study RTT behaviour in real life application.
Jamdagni, A., Tan, Z., Nanda, P., He, X.S. & Liu, R. 2010, 'Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks', Australian Information Security Management Conference, Perth, Western Australia, November 2010 in The Proceedings of the 8th Australian Information Security Management Conference, ed Christopher Bolan, SECAU - Security Research Centre, Perth, WA, pp. 8-17.
View/Download from: OPUS | Publisher's site
Web servers and web-based applications are commonly used as attack targets. The main issues ar how to prevent unauthorised access and to protect web servers from the attack. Intrusion Detection Systems (IDSs) are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. In this paper, we focus on the detection of various web-based attacks using Geometrical Structure Anomaly Detection (GSAD) model and we also propose a novel algorithm for the selection of most discriminating features to improve the computational complexity of payload-based GSAD model. Linear Discriminant method (LDA) is used for the feature reduction and classification of the incoming network traffic. GSAD model is based on a pattern recognition technique used in image processing. It analyses te correlations between various payload fetures and uses Mahalanobis Distance Map (MDM) to calculate the difference between normal and abnormal network traffic. We focus on the detection of generic attacks, shell code attacks, polymorphic attacks and polymorphic blending attacks. We evaluate accuracy of GSAD model experimentally on the real world attacks dataset created at Georgia Institute of Technology. We conducted preliminary experiments on the DARPA 99 dataset to evaluate the accuracy of feature reduction.
Tan, Z., Jamdagni, A., He, X.S., Nanda, P., Liu, R., Jia, W. & Yeh, W. 2010, 'A Two-Tier System for Web Attack Detection Using Linear Discriminant Method', Information and Communications Security, Barcelona, Spain, December 2010 in Information and Communications Security - Lecture Notes in Computer Science 6476, ed Soriano, M; Qing, Sand; Lopez, J., Springer, Berlin Heidelberg, pp. 459-471.
View/Download from: OPUS | Publisher's site
Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.
Tan, Z., Jamdagni, A., He, X.S. & Nanda, P. 2010, 'Network Intrusion Detection Based on LDA for Payload Feature Selection', IEEE Globecom Workshop on Web and Pervasive Security, Miami USA, December 2010 in IEEE Globecom 2010 Workshop on Web and Pervasive Security (WPS 2010), ed Xiaobo Zhou, IEEE Computer Society, Miami USA, pp. 1590-1594.
View/Download from: OPUS | Publisher's site
Anomaly Intrusion Detection System (IDS) is a statistical based network IDS which can detect attack variants and nove attacks without a priori knowledge. Current anomaly IDSs are inefficient for real-time detection because of their complex computation. This paper proposes a novel approach to reduce the heavy computational cost of an anomaly IDS. Linear Discriminant Analysis (LDA) and difference distance map are used for selection of significant features. This approach is able to transform high-dimensional features. This approach is able to transform high-dimensional feature vectors into a low-dimensional domain. The similarity between new incoming packets and a normal profile is determined using Euclidean distance o the simple, low dimensional feature domain. The final decision will be made according to a pre-calculated threshold to diffferentiate normal and abnormal network packets. The proposed approach is evaluated using DARPA 1999 IDS dataset.
Jamdagni, A., Tan, Z., Liu, R., Nanda, P. & He, X.S. 2010, 'Pattern Recognition Approach for Anomaly Detection of Web-based Attacks', Annual CSIRO ICT Centre Science and Engineering Conference, Australian Technology Park, Eveleigh, NSW, Australia, November 2010 in The Seventh Annual CSIRO ICT Centre Science and Engineering Conference, ed Trevor Bird, CSIRO, CSIRO, NSW, Australia, pp. 1-2.
View/Download from: OPUS |
The universal use of the Internet has made it more difficult to achieve high security. Attackers target web applications instead of Telnet ports. Cyber-attacks and breaches of information security are increasing in frequency. The goal of Intrusion Detection Systems (IDSs) is to monitor network traffic and detect web-based attacks. Common IDSs are either signature based or anomaly based. Signature based IDS is unable to detect novel attack (Le., zero-day) or polymorphic attacks, until the signature database is updated. On the other hand, an anomaly-based IDS can detect new attacks and polymorphic attacks. However, anomaly based system has a relatively high number of false positives.
Jamdagni, A., Tan, Z., Liu, R., Nanda, P. & He, X.S. 2009, 'A Frame Work for Geometrical Structure Anomaly Detection Model', Centre Science and Engineering Conference, Australian Technology Park, NSW, Australia, November 2009 in The sixth annual CSIRO ICT Centre Science and Engineering Conference, ed Alex Zelinsky, Trevor Bird, CSIRO, Australia, pp. 109-110.
View/Download from: OPUS |
The growth of Internet offers quality and convenience to human life, but at the same time provides a platform for hackers and criminals. The Internet security hence becomes an important issue. Intrusion Detection System (IDS) is designed to detect intrusion and also to prevent a system from being compromised. In this paper, we present a novel Geometrical Structure Anomaly Detection (GSAD) model. GSAD employs pattern recognition techniques previously used in human detection [2}.
Tan, Z., He, X.S. & Nanda, P. 2009, 'Web Service Locating Unit in RFID-centric Anti-counterfeit System', IEEE International Symposium on Parallel and Distributed Processing with Applications, Chengdu, Sichuan, China, August 2009 in Proceeding of 2009 IEEE International Symposium on Parallel and Distributed Processing with Applications, ed Liao, X; Jin, H; Zheng, R; Zou, D, IEEE Computer Society, China, pp. 389-393.
View/Download from: OPUS | Publisher's site
Web Service Locating Unit (WSLU) is able to simplify the deployment of RFID-centric anti-counterfeit system over the Internet.
Jamdagni, A., Tan, Z., Nanda, P., He, X.S. & Liu, R. 2009, 'Intrusion Detection Using Geometrical Structure', International Conference on Frontier of Computer Science and Technology, Shanghai, China, December 2009 in Proceeding of 2009 International Conference on Frontier of Computer Science and Technology, ed Guo, M; Tang, F; Shen, Y, IEEE Computer Society, China, pp. 327-333.
View/Download from: OPUS | Publisher's site
Geometrical Structure Anomaly Detection (GSAD) model to detect intrusion using the packet payload in the network. GSAD takes into account the correlations among the packet payload features arranged in a geometrical structure. The representation is based on statistical analysis of Mahalanobis distances among payload features, which calculate the similarity of new data against precomputed profile.
Nanda, P. 2008, 'Supporting QoS guarantees using Traffic Engineering and Policy based Routing', International Conference on Computer Science and Software Engineering, Wuhan, Hubei, China, December 2008 in 2008 International Conference on Computer Science and Software Engineering, ed Zhou, H B;, IEEE Computer Society, Wuhan China, pp. 137-142.
View/Download from: OPUS | Publisher's site
Nanda, P. & Simmonds, A.J. 2007, 'Effect of Network Policies on Internet Traffic Engineering', Asian Applied Computing Conference, Kathmandu, Nepal, December 2005 in Innovative Applications of Information Technology for Developing World: Proceedings of the Third Asian Applied Computing Conference, ed Patnaik, L.M., Imperial College Press, London, UK, pp. 300-307.
View/Download from: OPUS
Nanda, P. & Fernandes, R.C. 2007, 'Quality of Service in Telemedicine', International Conference on Digital Society, Guadaloupe, French Carribean, January 2007 in Proceeding of International Conference on Digital Society (ICDS) 2007, ed Dini, P., IEEE Computer Society, Los Alamitos, CA, USA, pp. 1-6.
View/Download from: OPUS | Publisher's site
Telemedicine is one of the fastest growing fields with several innovations happening in managed health-care. With Internet and its infrastructures playing important role in the success of this field, it is not advisable to run some of the critical applications like high quality audio and video involved in telemedicine without proper Quality of Service (QoS) built on to the network. This paper focuses on two telemedicine setups that have been implemented on different backbone technologies. The first case discusses a virtual critical care unit that is setup for communication on an Asynchronous Transfer Mode (ATM) backbone and a possible model on how QoS for important traffic streams can be achieved in ATM. The second case discusses a minimal access operation that was remotely conducted on a patient with the help of telerobotics on a Multi Protocol Label Switching (MPLS) setup and provides a possible solution for achieving quality of service through MPLS in that scenario.
Nanda, P. & Simmonds, A.J. 2006, 'Policy based QOS support using BGP routing', International Conference on Communications in Computing, Las Vegas, USA, June 2006 in 2006 international conference on communications in computing - CIC 06, ed Auriol, B; Arabrina, H; Pescare, A, CSREA Press, Las Vegas, USA, pp. 63-69.
View/Download from: OPUS
Nanda, P. & Simmonds, A.J. 2003, 'Policy Based Architecture for QoS over Differentiated Services Network', International Conference on Internet Computing, Las Vegas, USA, June 2003 in Proceedings of the International Conference on Internet Computing IC'03, ed Langendoerfer, P; Droegehorn, O, CSREA Press, USA, pp. 866-872.
View/Download from: OPUS
Nanda, P., Simmonds, A.J. & Rajput, K. 2003, 'Policy Based Network Architectures in Support for Guaranteed QoS', ITPC - 2003, Kathmandu, Nepal, May 2003 in Proc of the International Conference on Information Technology, ed Sinha, B; Bagga, K; Manandhar, S, Unknown, Unknown, pp. 3-10.
Nanda, P. & Simmonds, A.J. 2002, 'Providing End-to-End Guaranteed Quality of Service Over The Internet: A Survey on Bandwidth Broker Architecture For Differentiated Services Network', CIT 2001, Berhampur, India, December 2001 in Proceedings of The 4th International Conference on Information Technology, ed Pujari AK; Mohapatra P, Tata McGraw Hill Publishing Company Limited, New Delhi, India, pp. 211-216.
View/Download from: OPUS
Nanda, P., Simmonds, A.J. & Lee, S. 2002, 'Measuring Quality of Service in A Differentiated Services Domain With Linux', CIT 2002, Bhubaneswar, India, May 2002 in Proceedings of 5th International Conference on Information Technology, ed Iyer S; Naik S, Tata McGraw Hill Publishing Company Limited, New Delhi, India, pp. 183-188.
View/Download from: OPUS
Simmonds, A.J. & Nanda, P. 2002, 'Resource Management in Differentiated Services Networks', 6th International Symposium on Communication Networking, Perth, Australia, October 2002 in Proceedings of the 6th International Symposium on Communication Networking, ed McDonald C, Kluwer Academic Publishers, Perth, Australia, pp. 313-323.
View/Download from: OPUS

Journal Articles

Nanda, P. 2014, 'A Dystem for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis', IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 2, pp. 447-456.
Nanda, P. 2014, 'Improving Cloud Network Security using the Tree-Rule Firewall', Future Generation Computer Systems, vol. 30, pp. 116-126.
View/Download from: Publisher's site
Jamdagni, A., Tan, Z., He, X.S., Nanda, P. & Liu, R. 2013, 'RePIDS: A multi tier Real-time Payload-based Intrusion Detection System', Computer Networks, vol. 57, no. 3, pp. 811-824.
View/Download from: OPUS | Publisher's site
Intrusion Detection System (IDS) deals with huge amount of network traffic and uses large feature set to discriminate normal pattern and intrusive pattern. However, most of existing systems lack the ability to process data for real-time anomaly detection. In this paper, we propose a 3-Tier Iterative Feature Selection Engine (IFSEng) for feature subspace selection. Principal Component Analysis (PCA) technique is used for the pre-processing of data. Mahalanobis Distance Map (MDM) is used to discover hidden correlations between the features and between the packets. We also propose a novel Real-time Payload-based Intrusion Detection System (RePIDS) that integrates a 3-Tier IFSEng and the MDM approach. Mahalanobis Distance (MD) dissimilarity criterion is used to classify each packet as either a normal or an attack packet. The effectiveness of the proposed RePIDS is evaluated using DARPA 99 dataset and Georgia Institute of Technology attack dataset. The traffic for Web-based application is considered for validating our model. F-value, a criterion, is used to evaluate the detection performance of RePIDS. Experimental results show that RePIDS achieves better performance (high F-values, 0.9958 for DARPA 99 dataset and 0.976 for Georgia Institute of Technology attack dataset respectively, with only 0.85% false alarm rate) and lower computational complexity when compared against two state-of-the-art payload-based intrusion detection systems. Additionally, it has 1.3 time higher throughput in comparison with real scenario of medium sized enterprise network.
Yu, D., Nanda, P. & He, X.S. 2013, 'Wireless Sensor Network (WSN) Energy Efficiency Challenge from Implementation Perspectives', Advanced Science Letters, vol. 19, no. 2, pp. 642-645.
View/Download from: OPUS | Publisher's site
Through review of current Wireless Sensor Network (WSN) energy preserving techniques used in industry and academic research, we recognize that the integration of various techniques through implementation is a challenging task due to application specific nature of system integration. On one hand, most researches on energy efficiency focus on one single layer with perfect assumptions about other layers and environment parameters. While this methodology will simplify the design process and provide valuable insight into single layer solution, such approach cannot provide information on layer incompatibilities between different sets of protocols, nor will give information on the overall performance of a network based on the protocols under test. Further more, under various non-standard assumptions, the real contribution of these proposed optimization methods are difficult to be achieved if not impossible. Hence industry professionals become very cautious to integrate diverse and advance ad hoc solutions into their products and standards. To show credibility of the ad hoc solutions and their implications on industry applications, researchers have to evaluate their solutions under a generic architecture which can test different scenarios and evaluate performance based on a wide range of metrics.
Yu, D., Nanda, P., Cao, L. & He, X.S. 2013, 'TCTM: an evaluation framework for architecture design on wireless sensor networks', International Journal of Sensor Networks, vol. 14, no. 3, pp. 168-177.
View/Download from: OPUS | Publisher's site
This paper presents an evaluation framework for architecture designs on wireless sensor networks (WSNs). We introduce a simple evaluation model: triangular constraint tradeoffs model (TCTM) to grasp the essence of the architecture design consideration under transient wireless media characteristic and stringent limitation on energy and computing resource of WSNs. Based on this evaluation framework, we investigate the existing architectures proposed in literature from three main competing constraint aspects, namely generality, cost, and performance. Two important concepts: performance efficiency and deployment efficiency are identified and distinguished in overall architecture efficiency. With this powerful abstract and simple model, we describe the motivations of major body of WSNs architectures proposed in current literature. We also analyse the fundamental advantage and limitations of each class of architectures from TCTM perspective. We foresee the influence of evolving technology to futuristic architecture design. We believe our efforts will serve as a reference to orient researchers and system designers in this area
Chomsiri, T., He, X.S. & Nanda, P. 2012, 'Limitation of Listed-Rule Firewall and the Design of Tree-Rule Firewall', Lecture Notes in Computer Science, vol. 7646, pp. 275-287.
View/Download from: OPUS | Publisher's site
This research will illustrate that firewalls today (Listed-Rule Firewall) have five important limitations which may lead to security problem, speed problem and "difficult to use" problem. These limitations consist of, firstly, limitation about "Shadowed rules" (the rule that cannot match with any packet because a packet will be matched with other rules above) which can lead to security and speed problem. Secondly, limitatin about swapping position between rules can bring a change in firewall policy and cause security problem. The third limitation is about "Redundant rules" which can cause speed problem. Next,limitation of rule design; firewall administrators have to put "Bigger Rules" only at the bottom or lower positions can result in a "difficult to use" problem. Lastly, limitation from sequential computation can lead to speed problem. Moreover, we also propose design of the new firewall named "Tree-Rule Firewall" which does not have above limitations.
Jamdagni, A., Tan, Z., Nanda, P., He, X.S. & Liu, R. 2011, 'Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks', Journal of Network Forensics, vol. 2, no. 2, pp. 25-39.
Web serverss and web-based applications are commonly used attack targets. The main issue are how to prevent unauthorized access and to protect web server from the attack. Intrusion Detection Systems and networks. This paper focuses on the detection of various web-based attacks using Geometrical Structure Anomaly Detectin (GSAD) model. Further, a novel algorithm is proposed using Linear Discriminant Analysis (LDA) for the selection of most discriminating features to reduce the computational complexity of payload-based GSAD model. GSAD model is based on a pattern recognition technique used in image payload features to calculate the difference between normal and abnormal network traffice. GSAD model is evaluated experimentally on the real attacks (GATECH) dataset and on the DARPA 1999 dataset.
Pathak, N., Nanda, P. & Mahanti, G.K. 2009, 'Synthesis of Thinned Multiple Concentric Circular Ring Array Antennas using Particle Swarm Optimization', Journal of Infrared, Millimeter and Terahertz Waves, vol. 30, no. 7, pp. 709-716.
View/Download from: OPUS | Publisher's site
Abstract: In this paper, we propose an optimization method based on Particle Swarm Optimization (PSO) algorithm for thinning a large multiple concentric circular ring array of uniformly excited isotropic antennas and generate a pencil beam in the vertical plane with minimum relative side lobe level (SLL). The half-power beam width of the pattern is attempted to make equal to that of a fully populated array of same size and shape. The synthesis is performed with a standard particle swarm optimization technique as well as with an improved version of standard PSO. Simulation results of the proposed thinned array are compared with a fully populated array to illustrate the effectiveness of our proposed method.
Nanda, P. & Simmonds, A.J. 2009, 'A Scalable Architecture Supporting QoS Guarantees Using Traffic Engineering and Policy Based Routing in the Internet', International Journal of Communications, Network and System Sciences, vol. 2, no. 7, pp. 583-591.
View/Download from: OPUS
The study of Quality of Service (QoS) has become of great importance since the Internet is used to support a wide variety of new services and applications with its legacy structure. Current Internet architecture is based on the Best Effort (BE) model, which attempts to deliver all traffic as soon as possible within the limits of its abilities, but without any guarantee about throughput, delay, packet loss, etc. We develop a three-layer policy based architecture which can be deployed to control network resources intelligently and support QoS sensi-tive applications such as real-time voice and video streams along with standard applications in the Internet. In order to achieve selected QoS parameter values (e.g. loss, delay and PDV) within the bounds set through SLAs for high priority voice traffic in the Internet, we used traffic engineering techniques and policy based routing supported by Border Gateway Protocol (BGP). Use of prototype and simulations validates function-ality of our architecture

Institut National de Recherche en Informatique et Automatique (INRIA), Nancy, France

Kaspersky Lab, Russia