Permanent denial of service
Menu

Syvir AntiPDoS

Algorithms

AntiPDoS uses several algorithms to process data from Vector Phase Sensors.

Threshold (Times)
A percentage calculus of the highest reading from the sensor divided as a percentage with an input level value and trigger value. This is compared to the current value. If the current value exceeds this, the Threshold counter increments by 1.
Over a time base of 5 minutes a counter increments each time threshold data exceeds the current reading. Sample rate is every minute. So, the counter will return a value between 0 to 5. A higher reading indicates the sensor is working at a higher data processing level for a longer period.
This indicates potentially a higher workload on the system.
The counter is reset at 5 minutes.
Four sensors produce a maximum of 20

Difference (Times)
The difference between the first reading at 1 minute and the last reading at 5 minutes.
If the last reading is > the first reading the counter increases + 1
If the last reading is < the first reading the counter decreases – 1
The difference value over a five-minute time base can be between -20 to + 20

Magnitude
A percentage calculus of the first reading from the sensor divided as a percentage with an input level value and trigger value of 20%. This is compared to the current value. If the current value exceeds this, the Magnitude counter increments by 1.
Over a time, base of 5 minutes a counter increments each time the current reading exceeds the magnitude data. Sample rate is every minute. So, the counter will return a value between 0 to 5 for each sensor. A higher reading indicates the sensor is working at a higher data processing level for a longer period.
This indicates potentially a higher workload on the system.
The counter is reset at 5 minutes.
Four sensors produce a maximum reading of 20

High
If the current reading exceeds the highest reading the counter increments + 1
Four sensors produce a maximum of 20 over 5 minutes.
The counter is reset at 5 minutes.

Low
If the current reading is < the lowest reading the counter increments + 1
Four sensors produce a maximum of 20 over 5 minutes.
The counter is reset at 5 minutes.

Alerts
Each time a Vector Phase Sensor reaches a threshold, a trigger creates an alert.
A Phlashing Sensor triggers an alert when it detects a change in BIOS Firmware.

Next

AntiPDoS