Global ETD Search

21	Architektura a správa zabezpečených sítí / Architecture and management of secure networks Štangler, Jan January 2020 (has links) This work is focused on the security of small to medium-sized networks with central administration, especially on the creation of a methodology for secure network design.The design of a secure network for a start-up IT company, using open-source software, is described. Deployment of the designed secure network, with central management, is performed and the connectivity of network elements are tested. The model simulates network traffic situations and network attacks using penetration testing techniques. In terms of the severity of the impact on network security, intercepted attacks are evaluated and immediately reported to responsible persons. Finally, the results of the intercepted attacks are processed and further actions are recommended.
22	Détection d'attaques dans un système WBAN de surveillance médicale à distance / Attacks detection in a WBAN system for remote medical monitoring Makke, Ali 30 May 2014 (has links) L'un des défis majeurs du monde de ces dernières décennies a été l'augmentation continue de la population des personnes âgées dans les pays développés. D’où la nécessité de fournir des soins de qualité à une population en croissance rapide, tout en réduisant les coûts des soins de santé. Dans ce contexte, de nombreux travaux de recherche portent sur l’utilisation des réseaux de capteurs sans fil dans les systèmes WBAN (Wireless Body Area Network), pour faciliter et améliorer la qualité du soin et de surveillance médicale à distance. Ces réseaux WBAN soulèvent de nouveaux défis technologiques en termes de sécurité et de protection contre les anomalies et les attaques. Le mode de communication sans fil utilisé entre ces capteurs et l’unité de traitement accentue ces vulnérabilités. En effet les vulnérabilités dans un système WBAN se décomposent en deux parties principales. La première partie se compose des attaques possibles sur le réseau des capteurs médicaux et sur le médium de communications sans fils entre ces capteurs et l’unité de traitement. La deuxième partie se compose des attaques possibles sur les communications à haut débit entre le système WBAN et le serveur médical. L’objectif de cette thèse est de répondre en partie aux problèmes de détection des attaques dans un système WBAN de surveillance médicale à distance. Pour atteindre cet objectif, nous avons proposé un algorithme pour détecter les attaques de brouillage radio (jamming attack) qui visent le médium de communications sans fils entre les capteurs et l’unité de traitement. Ainsi nous avons proposé une méthode de mesure de divergence pour détecter les attaques de type flooding qui visent les communications à haut débit entre le système WBAN et le serveur médical. / One of the major challenges of the world in recent decades is the continued increase in the elderly population in developed countries. Hence the need to provide quality care to a rapidly growing population while reducing the costs of health care is becoming a strategic challenge. In this context, many researches focus on the use of wireless sensor networks in WBAN (Wireless Body Area Network) systems to facilitate and improve the quality of medical care and remote monitoring. These WBAN systems pose new technological challenges in terms of security and protection against faults and attacks. The wireless communication mode used between the sensors and the collection node accentuates these vulnerabilities. Indeed vulnerabilities in a WBAN system are divided into two main parts. The first part consists of the possible attacks on the network of medical sensors and on the wireless communications medium between the sensors and the processing unit. The second part consists of possible attacks on high-speed communications between the WBAN system and the medical server. The objective of this thesis is to meet some of the problems of detecting attacks in a WBAN system for remote medical monitoring. To achieve this goal, we propose an algorithm to detect the jamming attacks targeting the wireless communications medium between the sensors and the processing unit. In addition we propose a method of measuring divergence to detect the flooding attacks targeting the high-speed communications between the WBAN system and the medical server. Réseaux de capteurs médicaux sans fil Systèmes WBAN Détection des attaques Jamming Flooding Mesure de divergence Taux de détection Taux de fausses détections Wireless medical sensor networks WBAN systems Attack detection Jamming Flooding Divergence measure Detection rate False detection rate 004.6
23	Detection of attacks against cyber-physical industrial systems / Détection des attaques contre les systèmes cyber-physiques industriels Rubio Hernan, Jose Manuel 18 July 2017 (has links) Nous abordons des problèmes de sécurité dans des systèmes cyber-physiques industriels. Les attaques contre ces systèmes doivent être traitées à la fois en matière de sûreté et de sécurité. Les technologies de contrôles imposés par les normes industrielles, couvrent déjà la sûreté. Cependant, du point de vue de la sécurité, la littérature a prouvé que l’utilisation de techniques cyber pour traiter la sécurité de ces systèmes n’est pas suffisante, car les actions physiques malveillantes seront ignorées. Pour cette raison, on a besoin de mécanismes pour protéger les deux couches à la fois. Certains auteurs ont traité des attaques de rejeu et d’intégrité en utilisant une attestation physique, p. ex., le tatouage des paramètres physiques du système. Néanmoins, ces détecteurs fonctionnent correctement uniquement si les adversaires n’ont pas assez de connaissances pour tromper les deux couches. Cette thèse porte sur les limites mentionnées ci-dessus. Nous commençons en testant l’efficacité d’un détecteur qui utilise une signature stationnaire afin de détecter des actions malveillantes. Nous montrons que ce détecteur est incapable d’identifier les adversaires cyber-physiques qui tentent de connaître la dynamique du système. Nous analysons son ratio de détection sous la présence de nouveaux adversaires capables de déduire la dynamique du système. Nous revisitons le design original, en utilisant une signature non stationnaire, afin de gérer les adversaires visant à échapper à la détection. Nous proposons également une nouvelle approche qui combine des stratégies de contrôle et de communication. Toutes les solutions son validées à l’aide de simulations et maquettes d’entraînement / We address security issues in cyber-physical industrial systems. Attacks against these systems shall be handled both in terms of safety and security. Control technologies imposed by industrial standards already cover the safety dimension. From a security standpoint, the literature has shown that using only cyber information to handle the security of cyber-physical systems is not enough, since physical malicious actions are ignored. For this reason, cyber-physical systems have to be protected from threats to their cyber and physical layers. Some authors handle the attacks by using physical attestations of the underlying processes, f.i., physical watermarking to ensure the truthfulness of the process. However, these detectors work properly only if the adversaries do not have enough knowledge to mislead crosslayer data. This thesis focuses on the aforementioned limitations. It starts by testing the effectiveness of a stationary watermark-based fault detector, to detect, as well, malicious actions produced by adversaries. We show that the stationary watermark-based detector is unable to identify cyber-physical adversaries. We show that the approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection performance of the original design under the presence of adversaries that infer the system dynamics to evade detection. We revisit the original design, using a non-stationary watermark-based design, to handle those adversaries. We also propose a novel approach that combines control and communication strategies. We validate our solutions using numeric simulations and training cyber-physical testbeds Sécurité cyber-physique Théorie du contrôle Sécurité du réseau Systèmes contrôlés via un réseau Infrastructures critiques Détection d’attaques Modèle d’adversaire Adversaire cyber-physique Cyber-physical security Control theory Network security Networked-control system Critical infrastructures Attack detection Adversary model Cyber-physical adversary
24	Network layer reliability and security in energy harvesting wireless sensor networks Yang, Jing 08 December 2023 (has links) (PDF) Wireless sensor networks (WSNs) have become pivotal in precision agriculture, environmental monitoring, and smart healthcare applications. However, the challenges of energy consumption and security, particularly concerning the reliance on large battery-operated nodes, pose significant hurdles for these networks. Energy-harvesting wireless sensor networks (EH-WSNs) emerged as a solution, enabling nodes to replenish energy from the environment remotely. Yet, the transition to EH-WSNs brought forth new obstacles in ensuring reliable and secure data transmission. In our initial study, we tackled the intermittent connectivity issue prevalent in EH-WSNs due to the dynamic behavior of energy harvesting nodes. Rapid shifts between ON and OFF states led to frequent changes in network topology, causing reduced link stability. To counter this, we introduced the hybrid routing method (HRM), amalgamating grid-based and opportunistic-based routing. HRM incorporated a packet fragmentation mechanism and cooperative localization for both static and mobile networks. Simulation results demonstrated HRM's superior performance, enhancing key metrics such as throughput, packet delivery ratio, and energy consumption in comparison to existing energy-aware adaptive opportunistic routing approaches. Our second research focused on countering emerging threats, particularly the malicious energy attack (MEA), which remotely powers specific nodes to manipulate routing paths. We developed intelligent energy attack methods utilizing Q-learning and Policy Gradient techniques. These methods enhanced attacking capabilities across diverse network settings without requiring internal network information. Simulation results showcased the efficacy of our intelligent methods in diverting traffic loads through compromised nodes, highlighting their superiority over traditional approaches. In our third study, we developed a deep learning-based two-stage framework to detect MEAs. Utilizing a stacked residual network (SR-Net) for global classification and a stacked LSTM network (SL-Net) to pinpoint specific compromised nodes, our approach demonstrated high detection accuracy. By deploying trained models as defenses, our method outperformed traditional threshold filtering techniques, emphasizing its accuracy in detecting MEAs and securing EH-WSNs. In summary, our research significantly advances the reliability and security of EH-WSN, particularly focusing on enhancing the network layer. These findings offer promising avenues for securing the future of wireless sensor technologies. Hybrid Routing Method (HRM) Intermittent Connectivity Energy Harvesting Malicious Energy Attack (MEA) Reinforcement Learning (RL) Malicious Energy Attack Detection Deep Learning(DL)
25	Generation and Detection of Adversarial Attacks for Reinforcement Learning Policies Drotz, Axel, Hector, Markus January 2021 (has links) In this project we investigate the susceptibility ofreinforcement rearning (RL) algorithms to adversarial attacks.Adversarial attacks have been proven to be very effective atreducing performance of deep learning classifiers, and recently,have also been shown to reduce performance of RL agents.The goal of this project is to evaluate adversarial attacks onagents trained using deep reinforcement learning (DRL), aswell as to investigate how to detect these types of attacks. Wefirst use DRL to solve two environments from OpenAI’s gymmodule, namely Cartpole and Lunarlander, by using DQN andDDPG (DRL techniques). We then evaluate the performanceof attacks and finally we also train neural networks to detectattacks. The attacks was successful at reducing performancein the LunarLander environment and CartPole environment.The attack detector was very successful at detecting attacks onthe CartPole environment, but performed not quiet as well onLunarLander.We hypothesize that continuous action space environmentsmay pose a greater difficulty for attack detectors to identifypotential adversarial attacks. / I detta projekt undersöker vikänsligheten hos förstärknings lärda (RL) algotritmerför attacker mot förstärknings lärda agenter. Attackermot förstärknings lärda agenter har visat sig varamycket effektiva för att minska prestandan hos djuptförsärknings lärda klassifierare och har nyligen visat sigockså minska prestandan hos förstärknings lärda agenter.Målet med detta projekt är att utvärdera attacker motdjupt förstärknings lärda agenter och försöka utföraoch upptäcka attacker. Vi använder först RL för attlösa två miljöer från OpenAIs gym module CartPole-v0och ContiniousLunarLander-v0 med DQN och DDPG.Vi utvärderar sedan utförandet av attacker och avslutarslutligen med ett möjligt sätt att upptäcka attacker.Attackerna var mycket framgångsrika i att minskaprestandan i både CartPole-miljön och LunarLandermiljön. Attackdetektorn var mycket framgångsrik medatt upptäcka attacker i CartPole-miljön men presteradeinte lika bra i LunarLander-miljön.Vi hypotiserar att miljöer med kontinuerligahandlingsrum kan innebära en större svårighet fören attack identifierare att upptäcka attacker mot djuptförstärknings lärda agenter. / Kandidatexjobb i elektroteknik 2021, KTH, Stockholm Deep Reinforcement Learning Adversarial Attacks Adversarial Attack Detection Fast Gradient Sign Method Deep Deterministic Policy Gradient Deep Q-Learning Likelihood Ratio Test CUSUM Elektroteknik och elektronik
26	Advancing cyber security with a semantic path merger packet classification algorithm Thames, John Lane 30 October 2012 (has links) This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing. Computational semantics Graph theory Hardware algorithms Attack detection Distributed internet security Packet classification Intrusion detection Semantic association Semantic networks Content addressable memory SRAM-based trie pipelines Hardware-based trie pipelines Computational intelligence Neural networks Parametric optimization Genetic algorithms Self-organizing maps Ensemble intelligence Firewalls Routing Packet filters Cyber intelligence (Computer security) Algorithms Cyberterrorism Denial of service attacks Anomaly detection (Computer security)

Page generated in 0.0786 seconds