Security Analysis of OPC UA in Automation Systems for IIoT / Säkerhetsanalys av OPC UA inom automationssystem för IIoT.

Varadarajan, Vaishnavi

January 2022

Establishing secured communication among the different entities in an industrial environment is a major concern. Especially with the introduction of the Industrial Internet of Things (IIoT), industries have been susceptible to cyber threats, which makes security a critical requirement for the industries. Prevailing industrial communication standards were proven to meet the security needs to some extent, but the major issue which was yet to be addressed was interoperability. To achieve interoperability, Open Platform Communication Unified Architecture (OPC UA) was introduced as a communication protocol. OPC UA helped bridge the gap between Information Technology (IT) and Operational Technology (OT) security needs, but this also gives rise to new attack opportunities for the intruder. In this thesis, we have analysed the security challenges in OPC UA and the impact of two different cyberattacks on the OPCUA. First, we have implemented an OPC UA Network with the help of Raspberry Pis and open62541, an open-source implementation of the OPC UA client and server. Following this, to evaluate the performance of the network, we performed three cybersecurity attacks, Packet Sniffing, Man in the Middle Attack (MITM) and Denial of Service attack. We assessed the impact these attacks have on the OPC UA network. We have also discussed the detection mechanism for the same attacks. This analysis has helped us recognize the threats faced by OPC UA in an IIoT environment with respect to message flooding, packet sniffing and man in the middle attack and the countermeasures to this attack have been discussed. / Att etablera en säker kommunikation mellan de olika enheterna i en industriell miljö är en stor utmaning. Speciellt efter introduktionen av Industrial Internet of Things (IIoT) har industrier varit mottagliga för cyberhot vilket gör cybersäkerhet en prioritet. Rådande industriella kommunikationsstandarder har visats att till viss del uppfylla säkerhets- behoven, men en av de största problemen var bristen på interoperabilitet. För att uppnå interoperabiliteten skapades Open Platform Communication Unified Architecture (OPC UA) som kommun- ikationsprotokoll. OPC UA hjälper till att överbrygga gapet mellan säkerhetsbehoven av information- steknologi (IT) och Operational Technology (OT), men detta ger också upphov till nya attackmöjligheter för inkräktare. I detta examensarbete har vi analyserat säkerhetsutmaningarna i OPC UA och effekten av två olika cyberattacker på OPC UA. Först har vi implementerat ett OPC UA Network med hjälp av Raspberry Pis och open62541 som är en öppen källkodsimplementering av OPC UA klient och server. Efter detta utförde vi tre cybersäkerhetsattacker för att utvärdera nätverkets prestanda, packet sniffing, Man in the Middle Attack (MITM) och Denial of Service attack. Vi bedömde vilken effekt dessa attacker har på OPC UA-nätverket. Vi har också diskuterat detektionsmekanismen för samma attacker. Denna analys har hjälpt oss att känna igen de hot som OPC UA står inför i en IIoT-miljö med avseende på dataflöde, packet sniffing och Man in the Middle attack och även försvar mot dessa attacker har diskuterats.

Man in the Middle Attack

Denial of Service (DoS)

Industrial Internet of Things (IIoT)

Time Sensitive Networking (TSN)

Man in the Middle Attack

Denial of Service (DoS)

Industrial Internet of Things (IIoT)

Time Sensitive Networking (TSN)

Computer and Information Sciences

Data- och informationsvetenskap

The role of the Holy Spirit in actualization, denial, empowerment, renewal and consummation of the human self

Baliah, Barnabas Sundrum

30 June 2007

The content of this dissertation delineates the crucial and incisive role of the Holy Spirit in terms of God's grand and majestic acts of creation, that is the creation of the multiversity of universes, redemption that is the cross, the exemplar of Christ in self­ denial, reconciliation and restoration, and his resurrection, that is self-empowerment, self-renewal and self-fulfillment observed within the context of God, being human and the physical organic environment as it interacts with the human acts of personal and social responsibility observed within the context of a five dimensional approach of self-actualization, self-denial, self-empowerment, self-renewal and self-fulfillment, ingested into ones identity, internalised and witnessed as meaningful daily praxis, seen through the prism of the cross and the resurrection. A didactic method has been followed to engender insights into and conviction regarding the relevance of the subject for our present day and a hortatory method to exhort to an obedient response and to urge an appropriate action. / Systematic Theology and Theological Ethics / M. Th. (Systematic Theology)

Self-actualization

Self-denial

Self­ fulfillment

Consummation

Cross

Resurrection

Death

Life

Newness

Redemption

Reconciliation

Restoration

Liberation

Creation

Pentecost

234.13

Baptism in the Holy Spirit

Holy Spirit

Christian life

Creation

Gifts, Spiritual

Improved performance high speed network intrusion detection systems (NIDS) : a high speed NIDS architectures to address limitations of packet loss and low detection rate by adoption of dynamic cluster architecture and traffic anomaly filtration (IADF)

Akhlaq, Monis

January 2011

Intrusion Detection Systems (IDS) are considered as a vital component in network security architecture. The system allows the administrator to detect unauthorized use of, or attack upon a computer, network or telecommunication infrastructure. There is no second thought on the necessity of these systems however; their performance remains a critical question. This research has focussed on designing a high performance Network Intrusion Detection Systems (NIDS) model. The work begins with the evaluation of Snort, an open source NIDS considered as a de-facto IDS standard. The motive behind the evaluation strategy is to analyze the performance of Snort and ascertain the causes of limited performance. Design and implementation of high performance techniques are considered as the final objective of this research. Snort has been evaluated on highly sophisticated test bench by employing evasive and avoidance strategies to simulate real-life normal and attack-like traffic. The test-methodology is based on the concept of stressing the system and degrading its performance in terms of its packet handling capacity. This has been achieved by normal traffic generation; fussing; traffic saturation; parallel dissimilar attacks; manipulation of background traffic, e.g. fragmentation, packet sequence disturbance and illegal packet insertion. The evaluation phase has lead us to two high performance designs, first distributed hardware architecture using cluster-based adoption and second cascaded phenomena of anomaly-based filtration and signature-based detection. The first high performance mechanism is based on Dynamic Cluster adoption using refined policy routing and Comparator Logic. The design is a two tier mechanism where front end of the cluster is the load-balancer which distributes traffic on pre-defined policy routing ensuring maximum utilization of cluster resources. The traffic load sharing mechanism reduces the packet drop by exchanging state information between load-balancer and cluster nodes and implementing switchovers between nodes in case the traffic exceeds pre-defined threshold limit. Finally, the recovery evaluation concept using Comparator Logic also enhance the overall efficiency by recovering lost data in switchovers, the retrieved data is than analyzed by the recovery NIDS to identify any leftover threats. Intelligent Anomaly Detection Filtration (IADF) using cascaded architecture of anomaly-based filtration and signature-based detection process is the second high performance design. The IADF design is used to preserve resources of NIDS by eliminating large portion of the traffic on well defined logics. In addition, the filtration concept augment the detection process by eliminating the part of malicious traffic which otherwise can go undetected by most of signature-based mechanisms. We have evaluated the mechanism to detect Denial of Service (DoS) and Probe attempts based by analyzing its performance on Defence Advanced Research Projects Agency (DARPA) dataset. The concept has also been supported by time-based normalized sampling mechanisms to incorporate normal traffic variations to reduce false alarms. Finally, we have observed that the IADF has augmented the overall detection process by reducing false alarms, increasing detection rate and incurring lesser data loss.

621.382

童年情緒無效性、情緒不接納與青少年自我傷害行為之關係 / The Relationship between Childhood Emotional Invalidation, Emotional Nonacceptance, and Adolescents’ Deliberate Self-harm Behaviors

曾愛迪, Tseng, Ai Ti

Unknown Date

Linehan（1993）、Krause等人（2003）發現童年在情緒無效環境中成長的個體會產生情緒調節困難，且情緒無效性常會惡化成人時期的心理及行為問題，包含自我傷害行為。據此，研究者試圖了解童年情緒無效性是否會造成個體無法接納其負向情緒，進而增加其自我傷害行為的發生機率。本研究的目的有二：一是發展「情緒不接納量表」，並初步驗證其信效度。二為探討「童年情緒無效性」與「情緒不接納」與「青少年自我傷害行為」三者的關連性。 　　本研究採問卷調查法，研究對象為478位高中職及國中學生。研究結果發現，情緒不接納量表可分為「對情緒的自我評價」及「對情緒的否定」兩個因素。負向情緒社會化與心理虐待會使個體較容易產生對情緒的自我評價。心理虐待能預測高中職學生自我傷害發生的有無及累積頻率；對情緒的自我評價能預測兩組學生自我傷害行為發生的有無。對情緒的自我評價及對情緒的否定在負向情緒社會化與自我傷害累積頻率、心理虐待與自我傷害累積頻率之間並無中介效果。最後研究者針對國中、高中職學生心理發展階段的不同、負向情緒社會化與心理虐待在概念上的差異，及對自我傷害的影響路徑進行討論。 / Linehan (1993), Krause et al. (2003) found individuals who grow up in an emotional invalidating environment during childhood may have difficulties in emotional regulation, and emotional invalidation often deteriorate both psychological and behavior problems later on in their adulthood, including deliberate self-harm behaviors. Therefore, this study tried to investigate whether childhood emotional invalidation can cause one’s emotional nonacceptance, and therefore can increase the probability of deliberate self-harm behaviors. The purpose of this study was to develop the scale of emotional nonacceptance, and to explore the relationship between childhood emotional invalidation, emotional nonacceptance and adolescents’ deliberate self-harm behaviors. The study was based on questionnaires, and the participants were 478 high school students in Taiwan. The main results were as follows: First, the scale of emotional nonacceptance can be divided into two factors: self evaluation of emotion and denial of emotion. Second, negative emotion socialization and psychological abuse can predict adolescents’ self evaluation of emotion. Third, psychological abuse can predict the occurrence and accumulative frequency of deliberate self-harm of senior high school students, and self evaluation of emotion can predict the occurrence of deliberate self-harm of all high school students. Finally, self evaluation of emotion and denial of emotion do not play as mediators between childhood emotional invalidation and the frequency of adolescents’ deliberate self-harm behaviors. The investigator discussed the different stages of psychological development between junior and senior high school students, the differences between negative emotion socialization and psychological abuse, and their paths that influence deliberate self-harm behaviors.

負向情緒社會化

心理虐待

對情緒的自我評價

對情緒的否定

negative emotion socialization

psychological abuse

self evaluation of emotion

denial of emotion

Odepření výhod a článek 17 Dohody o Energetické Chartě / Denial of Benefits and Article 17 of the Energy Charter Treaty

Kunstýř, Jan

January 2015

The so called "Denial of Benefits" clause (DOB) gives the respondent state an opportunity to exclude third parties to the investment protection treaties from enjoying the benefits of the treaty without assuming reciprocal obligations. No less than seventy-three investor-state disputes have been brought to arbitration under the ECT since its entry into force back in 1998. The DOB clause in ECT, Art. 17 has never been successfully invoked. States have tried to exercise their right in at least ten cases without success. This paper poses two research questions. First, what are the distinguishing features of Art. 17 of the ECT that make it function differently from other DOB clauses? Second, given the arbitral decisions, can the Art. 17 of the ECT be effectively invoked by respondent states? The paper is divided into five chapters. The first chapter introduces the topic of DOB clauses and the purpose of this paper. The second chapter is theoretical and addresses the topic of DOB clauses in general and further outlines their past, present and future. The third chapter focuses specifically on the Art. 17 of the ECT it examines the ECT arbitral awards and decisions that touched upon the clause. Chapter four aims to show the procedural issues of DOB clauses from the perspective of respondent states, it...

Určování rodičovství / Determination of parenthood

Pomplová, Hana

January 2017

- Determination of Parenthood The topic of my thesis is Determination of Parenthood. With this topic are connected problems not only legal, but often also social and ethical. Parenthood affects all of us and it's an important aspect of human life. That's why there should be legal assurance in relationship between parent and child. Development in the field of medicine is still ahead (mainly thanks to methods of assisted reproduction and DNA analysis) and the rules of law should respond and deal with it. The aim of this thesis is describe and become acquainted with problematics of determination of parenthood, valorize how legislation responds to modern development and to propose possible changes. Thesis is prepared on the basis of existing legislation on the date of submission of the thesis. Thesis is divided into seven main chapters, which are divided to further subsections. First chapter deals with concept of parenthood and methods of determination. Second chapter describes historical development of legislation on Czech territory, since Roman law to recodification of civil law. Related third chapter concisely summarizes national and international legal sources of current legislation. Chapter four is about determination of maternity and problems of surrogacy, anonymous childbirth, concealed birth...

Finitude, religião e transcendência: uma análise da condição humana em Ernest Becker

Almeida, Jussara Trindade de

23 November 2011

Made available in DSpace on 2016-04-25T19:20:18Z (GMT). No. of bitstreams: 1 Jussara Trindade de Almeida.pdf: 2997922 bytes, checksum: 3b19c5030f23d612e8f6ff0e5198b0a1 (MD5) Previous issue date: 2011-11-23 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / This dissertation seeks to accomplish an analysis of the human condition in Ernest Becker (1924-1974) and the role of religion to sustain human beings in face of the fear of death and the precariousness of his creatureliness. The central object of research is his most important work, The Denial of Death. Initially, we present the main concepts of Becker used to describe the human existence: the creatureliness of human beings, torn between their animality and the self-consciousness that helped them to emerge from nature in comparison to all of the other animals; the existential paradox; the fear of life and fear of death which cause anxiety and the need to deny death; the twin ontological motives Eros and Agape that attract human beings in opposite directions; the basic need to feel a sense of self-worth and find meaning to human existence; the defense mechanisms used to repress from consciousness the fear of death and the reality of the creatureliness; the development of human character as a vital lie; the human dependence on and fascination with an external source power, related to the transference mechanism; and the oedipal transition that develops into the causa sui project, when the socialization of the individual occurs. Then we investigate Becker s view of religion and the reasons for considering it as one of the most effective ways of providing meaning to human life, as well as ideal forms of heroism that are not found in cultural hero systems and ways of transcending creatureliness symbolically. Finally, we present an outline of the heroic individual, the main reasons for Becker to glimpse the possibility of the fusion of psychology and religion, and a reflection on his expectations for this approach. It starts with the hypothesis that the possibility of heroism offered by religion is broader than the cultural forms, since religion takes into account the dimension of the invisible; also that the individuals can develop, with the support of religion, a greater strength to bear the contradictions of their human condition, together with a safer way to find meaning to their existences. We conclude that the Becker s heroic individual must have the courage that few possess to face anxiety, despite the support offered by religion and psychoanalysis / A presente dissertação busca realizar uma análise da condição humana em Ernest Becker (1924-1974) e o papel da religião para sustentar o ser humano diante do temor da morte e da precariedade de sua condição de criatura. O objeto central da pesquisa é sua mais importante obra, A Negação da Morte. Inicialmente, são apresentados os principais conceitos de Becker utilizados para descrever a existência humana: a condição de criatura do ser humano, dividido entre sua animalidade e a auto-consciência que o destacou dos outros animas na natureza; o paradoxo existencial; os temores da vida e da morte, que provocam angústia e necessidade de negar a morte; os dúplices motivos ontológicos Eros e Ágape que atraem o ser humano para direções opostas; a necessidade básica de sentir o próprio valor e encontrar sentido para a existência; os mecanismos de defesa utilizados para reprimir da consciência o temor da mortalidade e a realidade da condição de criatura; o desenvolvimento do caráter como mentira vital; a dependência e o fascínio por uma fonte de poder externo, relacionados ao mecanismo de transferência; e a transição edipiana que se desenvolve para o projeto causa sui, a partir da socialização do indivíduo. Em seguida, investiga-se a compreensão de Becker sobre a religião, e as razões para considerá-la como um dos meios mais eficientes para fornecer significado à vida humana, assim como: proporcionar formas de heroísmo ideal que não se encontram nos sistemas de heróís da cultura; e permitir uma transcendência simbólica da condição de criatura. Por último, é apresentado um esboço do indivíduo heróico, as principais razões de Becker para vislumbrar a possibilidade de uma aproximação entre psicologia e religião, e uma reflexão sobre suas expectativas em relação a essa aproximação. Parte-se da hipótese que, sendo a possibilidade de heroísmo oferecida pela religião mais abrangente que a cultural, ao levar em conta a dimensão do invisível, o ser humano pode desenvolver, com o auxílio da religião, uma maior resistência para suportar as contradições de sua condição e um meio mais seguro de encontrar significado para a existência. Conclui-se que o indivíduo heróico de Becker precisa possuir uma coragem que poucos possuem para enfrentar a angústia, apesar do suporte oferecido pela religião e pela psicanálise

Ernest Becker

Negação da morte

Condição humana

Paradoxo existencial

Finitude

Transcendência

Religião

Ernest Becker

Denial of death

Human condition

Existential paradox

Finitude

Transcendence

Religion

PACKET FILTER APPROACH TO DETECT DENIAL OF SERVICE ATTACKS

Muharish, Essa Yahya M

01 June 2016

Denial of service attacks (DoS) are a common threat to many online services. These attacks aim to overcome the availability of an online service with massive traffic from multiple sources. By spoofing legitimate users, an attacker floods a target system with a high quantity of packets or connections to crash its network resources, bandwidth, equipment, or servers. Packet filtering methods are the most known way to prevent these attacks via identifying and blocking the spoofed attack from reaching its target. In this project, the extent of the DoS attacks problem and attempts to prevent it are explored. The attacks categories and existing countermeasures based on preventing, detecting, and responding are reviewed. Henceforward, a neural network learning algorithms and statistical analysis are utilized into the designing of our proposed packet filtering system.

Information Security

OS and Networks

Systems Architecture

Theory and Algorithms

中共「反介入與區域拒止」軍事戰略之研究 / Studies on the PRC’s“ Anti-Access and Area-Denial” Strategy

慎炳倫, Shen, Pin Luen

Unknown Date

中共一直沒有放棄以武力作為解決「臺灣問題」的選項，「統一臺灣」是中共建軍備戰主要目標之一，而國軍自然是共軍的主要假想敵。但是在1996年美國派遣兩支航母戰鬥群干預臺海軍事危機後，使中共體認美軍才是解決「臺灣問題」的最強大對手，開始深入思考如何阻止擁有高科技優勢的美軍介入臺海軍事衝突。防止美軍在中國大陸周邊地區進行作戰行動，是目前中共軍事現代化的主要發展方向，美國官學界將其稱為「反介入與區域拒止」軍事戰略，一時之間已成為研究中共軍事發展者之主要觀察指標。 中共「反介入與區域拒止」軍事戰略的主要著眼，在於建構能防止美國運用軍力涉入中國大陸周邊事務的能力，中共相信即使強大如美軍也不可能擁有全方位的優勢，其「反介入與區域拒止」軍事戰略主要依據地理環境、地緣戰略、美軍作戰特性及弱點等要素，並憑藉共軍數量與質量俱增的現代化武器，希望在西太平洋地區可能的軍事衝突中壓制美軍的作戰行動，或迫使美軍由較遠的基地發起軍事行動，並且阻止美軍後續的兵力增援，這可能使美軍在西太平洋作戰中遭到中共擊敗，或是迫使美國付出其不願意承擔的重大代價，此將導致中共可以達成其軍事和政治目標，同時也阻止美國全部或部分的軍事和政治目標。 中共軍力在「反介入與區域拒止」軍事戰略的帶動下快速成長，使美軍在西太平洋地區面臨重大挑戰和風險，並使美國區域盟邦有遭受侵略或被迫接受強制手段之虞，美軍為因應中共的挑戰，已確立「空海一體戰」的新型作戰概念，並著手發展相關能力。「空海一體戰」係以美軍現有軍力優勢為基礎，再經由西太平洋軍力部署的重組、海空作戰力量的整合、新型武器裝備的研發，並且加強與盟邦的軍事合作，希望建構一個多層次立體作戰體系，俾遏制中共的軍事擴張。在中、美兩強「反介入與區域拒止」和「空海一體戰」軍事戰略的競逐下，臺灣的自處之道和所應扮演的角色，亦為吾人應予深思的課題。 / The People’s Republic of China has never given up the use of military force as an option to solve the “Taiwan issue”, and the “unification with Taiwan” has also been one of the PLA’s objectives in its military buildup, which naturally makes the ROC military as the PLA’s hypothetical enemy. However, after the US sending two of its aircraft carrier battle groups to intervene a military crisis across the Taiwan Strait in 1996, the PRC started to realize that US military is its strongest opponent in solving the Taiwan issue and began to think how to deny the high-tech US military force from stepping into a military confrontation across the Taiwan strait. The prevention of US military operation in surrounding areas of China has been leading the modernization of China’s military, and officials and academia in the US have been calling this phenomenon “anti-access and area-denial” strategy which all of a sudden becomes an observation index when studying the PRC’s military development. The main focus of China’s “anti-access and area-denial” strategy is to develop the capability of preventing the US military from intervening affairs taking place in surrounding areas of China. China believes that no matter how powerful the US military is, it is unable to gain a comprehensive advantage in this region. By the PLA’s increasing modernized weapons, the anti-access and area-denial strategy, based on the geographic environment, geostrategy, and characteristics and weakness of the US military, aims to suppress US military activities in possible military conflicts in the western Pacific region, or to compel the US military to launch its force from bases further away and to stop its reinforcement. The success of this strategy will make the US military be defeated by the PLA or force the US to pay a price that it is unwilling to afford, and then China is able to achieve its military and political objectives and at the same time stops the US, entirely or partially, from achieving its military and political objectives. The anti-access and area-denial strategy has led to a rapid military development in China, which poses a great challenge and risk to the US military in the western Pacific region and makes allies of the US in this region in the fear of being invaded or coerced. In responding to China’s challenges, the US military has developed a new operational concept -- “AirSea Battle” and begins the development relating to this new concept. The “AirSea Battle” concept, building on current US military supremacy and the integration of air-sea combat powers as well as the reorganization of US force in the western Pacific region and the development of new weapons, looks to enhance the military cooperation between the US and its allies to establish a multilevel operation system which is able to contain Chinese military expansion. Amid the competition between China’s “anti-access and area-denial” strategy and US “AirSea Battle” concept, Taiwan’s responses and the role that Taiwan should play is a subject that we must deliberate thoroughly.

軍事戰略

積極防禦

反介入

區域拒止

空海一體戰

Military strategy

Active defense

Anti-access

Area-denial

AirSea Battle

Αναγνώριση επιθέσεων άρνησης εξυπηρέτησης

Γαβρίλης, Δημήτρης

15 February 2008

Στη Διδακτορική Διατριβή μελετώνται 3 κατηγορίες επιθέσεων άρνησης εξυπηρέτησης (Denial-of-Service). Η πρώτη κατηγορία αφορά επιθέσεις τύπου SYN Flood, μια επίθεση που πραγματοποιείται σε χαμηλό επίπεδο και αποτελεί την πιο διαδεδομένη ίσως κατηγορία. Για την αναγνώριση των επιθέσεων αυτών εξήχθησαν 9 στατιστικές παράμετροι οι οποίες τροφοδότησαν τους εξής ταξινομητές: ένα νευρωνικό δίκτυο ακτινικών συναρτήσεων, ένα ταξινομητή κ-κοντινότερων γειτόνων και ένα εξελικτικό νευρωνικό δίκτυο. Ιδιαίτερη σημασία στο σύστημα αναγνώρισης έχουν οι παράμετροι που χρησιμοποιήθηκαν. Για την κατασκευή και επιλογή των παραμέτρων αυτών, προτάθηκε μια νέα τεχνική η οποία χρησιμοποιεί ένα γενετικό αλγόριθμο και μια γραμματική ελεύθερης σύνταξης για να κατασκευάζει νέα σύνολα παραμέτρων από υπάρχοντα σύνολα πρωτογενών χαρακτηριστικών. Στη δεύτερη κατηγορία επιθέσεων, μελετήθηκαν επιθέσεις άρνησης εξυπηρέτησης στην υπηρεσία του παγκόσμιου ιστού (www). Για την αντιμετώπιση των επιθέσεων αυτών προτάθηκε η χρήση υπερσυνδέσμων-παγίδων οι οποίοι τοποθετούνται στον ιστοχώρο και λειτουργούν σαν νάρκες σε ναρκοπέδιο. Οι υπερσύνδεσμοι-παγίδες δεν περιέχουν καμία σημασιολογική πληροφορία και άρα είναι αόρατοι στους πραγματικούς χρήστες ενώ είναι ορατοί στις μηχανές που πραγματοποιούν τις επιθέσεις. Στην τελευταία κατηγορία επιθέσεων, τα μηνύματα ηλεκτρονικού ταχυδρομείου spam, προτάθηκε μια μέθοδος κατασκευής ενός πολύ μικρού αριθμού παραμέτρων και χρησιμοποιήθηκαν για πρώτη φορά νευρωνικά δίκτυα για την αναγνώριση τους. / The dissertation analyzes 3 categories of denial-of-service attacks. The first category concerns SYN Flood attacks, a low level attack which is the most common. For the detection of this type of attacks 9 features were proposed which acted as inputs for the following classifiers: a radial basis function neural network, a k-nearest neighbor classifier and an evolutionary neural network. A crucial part of the proposed system is the parameters that act as inputs for the classifiers. For the selection and construction of those features a new method was proposed that automatically selects constructs new feature sets from a predefined set of primitive characteristics. This new method uses a genetic algorithm and a context-free grammar in order to find the optimal feature set. In the second category, denial-of-service attacks on the World Wide Web service were studied. For the detection of those attacks, the use of decoy-hyperlinks was proposed. Decoy hyperlinks, are hyperlinks that contain no semantic information and thus are invisible to normal users but are transparent to the programs that perform the attacks. The decoys act like mines on a minefield and are placed optimally on the web site so that the detection probability is maximized. In the last type of attack, the email spam problem, a new method was proposed for the construction of a very small number of features which are used to feed a neural network that for the first time is used to detect such attacks.

Αναγνώριση προτύπων

Άρνηση εξυπηρέτησης

Νευρωνικά δίκτυα

Γενετικοί αλγόριθμοι

Εξαγωγή παραμέτρων

Κατασκευή παραμέτρων

Θεωρία γράφων

005.82

Pattern recognition

Denial of service

Neural networks

Genetic algorithms

Grammatical evolution

Feature extraction

Feature construction

Graph theory