Global ETD Search

121	Segurança em redes sem fio: estudo sobre o desenvolvimento de conjuntos de dados para comparação de IDS / Vilela, Douglas Willer Ferrari Luz. January 2014 (has links) Orientador: Aílton Akira Shinoda / Co-orientador: Ed' Wilson Tavares Ferreira / Banca: Christiane Marie Schweitzer / Banca: Valtemir Emerencio do Nascimento / Resumo: O crescimento vertiginoso da tecnologia de redes sem fio tem sido muito significativo nos últimos anos, sua utilização ocorre em diversos setores da sociedade. O padrão IEEE 802.11 destaca-se nesse cenário. No entanto, os mecanismos de proteção empregados por este padrão de rede sem fio não tem apresentado eficiência no combate a ataques de negação de serviço. Os sistemas de detecção de intrusão são vistos como uma forma eficaz de minimizar essas ameaças. Nesta pesquisa foi proposta a construção de três conjuntos de dados que represente de forma significativa o tráfego de rede sem fio. Os conjuntos gerados têm finalidade de auxiliar na avaliação de algoritmos de detecção de intrusos para redes sem fio. Para a construção dos conjuntos de dados foram implementados três cenários de redes sem fio, todos em ambientes reais e operacionais. Em cada cenário foi habilitado um mecanismo de segurança: cenário 1 protocolo WEP, cenário 2 foi utilizado IEEE 802.11i e cenário 3 o IEEE 802.11i associada à emenda IEEE 802.11w. A escolha por cenários diferentes e divisão dos conjuntos de acordo com os ambientes tem a finalidade analisar a evolução dos mecanismos de segurança. Com isto é possível categorizar cada ambiente. Após a construção dos ambientes de rede sem fio foi inoculado tráfego de rede normal e anômalo, com isto iniciou-se a coleta dos dados. Com os dados coletados foi realizado um pré-processamento de cada conjunto capturando apenas os quadros do cabeçalho Media Access Control - MAC do IEEE 802.11. A escolha foi definida em virtude de este quadro possuir características especifica das redes sem fio. Para validar os conjuntos de dados foram empregadosalgoritmos de classificação e reconhecimento de padrões. Os algoritmos empregados na validação foram Multilayer Perceptron - MLP, Radial Basis Function - RBF e Bayes Net. Os resultados obtidos com a avaliação dos conjuntos de dados gerados... / Abstract: The fast growth of wireless network technology has been very significant lately, its occurs in diverse sectors of society. The standard IEEE 802.11 stands out in this scenario. However, the protection mechanisms employed by this standard wireless network has not shown effectiveness in combating denial of service attacks. The intrusion detection systems are seen as an effective way to minimize these threats. We proposed in this research to build three data sets, which represent traffic wireless network. The sets are generated auxiliary purpose in assessing intrusion detection algorithms for wireless networks. For the construction of the data sets three scenarios of wireless networks, all in real operational environments and have been implemented. In each scenario was one enabled security mechanisms: WEP protocol scenario 1, scenario 2 was used IEEE 802.11i scenario 3 the associated IEEE 802.11i amendment to the IEEE 802.11w. The choice of different sets of scenarios and divide according to the environments aims to analyze the evolution of the security mechanisms. This makes it possible to categorize each environment. After the construction of wireless network environments normal and anomalous traffic were inoculated and thus collect the data. With the collected data pre-processing each set only extracting the frames from the MAC header was conducted. The choice was defined as this has specific characteristics of wireless networks. To validate the data sets and sorting algorithms were employed pattern recognition. The algorithms were used in the validation MLP, RBF and Bayes Net. The results obtained from the evaluation of the generated data sets demonstrate that the proposed approach is quite promising / Mestre Sistemas de comunicação sem fio. Sistemas de segurança. Algoritmos. Computer networks -- Security measures
122	Um estudo sobre métricas e quantificação em segurança da informação / On the use of metrics and quantification in information security Miani, Rodrigo Sanches, 1983- 23 August 2018 (has links) Orientadores: Leonardo de Souza Mendes, Bruno Bogaz Zarpelão / Tese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação / Made available in DSpace on 2018-08-23T07:05:01Z (GMT). No. of bitstreams: 1 Miani_RodrigoSanches_D.pdf: 2910742 bytes, checksum: e722dcc4c3bc0741a15ed5ec79cfa1ec (MD5) Previous issue date: 2013 / Resumo: Com o aumento da frequência e diversidade de ataques, uma preocupação crescente das organizações é garantir a segurança da rede. Para compreender as ações que conduziram os incidentes e como eles podem ser mitigados, pesquisadores devem identificar e medir os fatores que influenciam os atacantes e também as vítimas. A quantificação de segurança é, em particular, importante na construção de métricas relevantes para apoiar as decisões que devem ser tomadas para a proteção de sistemas e redes. O objetivo deste trabalho foi propor soluções para auxiliar o desenvolvimento de modelos de quantificação de segurança aplicados em ambientes reais. Três diferentes abordagens foram usadas para a investigação do problema: identificação de limitações nos métodos existentes na literatura, investigação de fatores que influenciam a segurança de uma organização e a criação e aplicação de um questionário para investigar o uso de métricas na prática. Os estudos foram conduzidos usando dados fornecidos pela University of Maryland e pelo Centro de Atendimento a Incidentes de Segurança (CAIS) vinculado a Rede Nacional de Pesquisa (RNP). Os resultados mostraram que as organizações podem se beneficiar de análises mais rigorosas e eficientes a partir do uso de métricas de segurança e que a continuidade das pesquisas nessa área está intimamente ligada ao desenvolvimento de estudos em sistemas reais / Abstract: With the increase in the number and diversity of attacks, a critical concern for organizations is to keep their network secure. To understand the actions that lead to successful attacks and also how they can be mitigated, researchers should identify and measure the factors that influence both attackers and victims. Quantifying security is particularly important to construct relevant metrics that support the decisions that need to be made to protect systems and networks. In this work, we aimed at proposing solutions to support the development of security quantification models applied in real environments. Three different approaches were used to investigate the problem: identifying issues on existing methods, evaluating metrics using empirical analysis and conducting a survey to investigate metrics in practice. Studies were conducted using data provided by the University of Maryland and also by the Security Incident Response Team (CAIS) from the National Education and Research Network (RNP). Our results showed that organizations could better manage security by employing security metrics and also that future directions in this field are related to the development of studies on real systems / Doutorado / Telecomunicações e Telemática / Doutor em Engenharia Elétrica Pesquisa quantitativa Sistemas de segurança Quantitative research Computer networks - Security metrics Security metrics
123	Framework de kernel para auto-proteção e administração em um sistema de segurança imunológico / A kernel framework for administration and selfprotection for a immunological security system Pereira, André Augusto da Silva, 1986- 23 August 2018 (has links) Orientador: Paulo Lício de Geus / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-23T23:09:29Z (GMT). No. of bitstreams: 1 Pereira_AndreAugustodaSilva_M.pdf: 2078139 bytes, checksum: 3b321df6a81e4d3aaa8cf753b119f8a1 (MD5) Previous issue date: 2013 / Resumo: O resumo poderá ser visualizado no texto completo da tese digital / Abstract: The complete abstract is available with the full electronic document / Mestrado / Ciência da Computação / Mestre em Ciência da Computação Sistemas operacionais (Computadores) Imunoinformática Operating systems (Computers) Computer networks - Security measures Immunoinformatics
124	Artificial intelligence and knowledge management principles in secure corporate intranets Barry, Christopher 23 February 2010 (has links) M.Sc. (Computer Science) / Corporations throughout the world are facing numerous challenges in today’s competitive marketplace and are continuously looking for new and innovative means and methods of gaining competitive advantage. One of the means used to gain this advantage is that of information technology, and all the associated technologies and principles. These are primarily used to facilitate business processes and procedures that are designed to provide this competitive advantage. Significant attention has been given to each of the individual technologies and principles of Artificial Intelligence, Knowledge Management, Information Security, and Intranets and how they can be leveraged in order to improve efficiency and functionality within a corporation. However, in order to truly reap the benefits of these technologies and principles, it is necessary to look at them as a collaborative system, rather as individual components. This dissertation therefore investigates each of these individual technologies and principles in isolation, as well as in combination with each other to outline potential advantages, associated risks, and disadvantages when combining them within the corporate world. Based on these, the Intelligently Generated Knowledge (IGK) framework is outlined to implement such a collaborative system. Thereafter, an investigation of a theoretical situation is conducted based on this framework to examine the impact of the implementation of this type of collaborative system. The potential increase in cost savings, efficiency and functionality of corporations that would employ the IGK framework is clearly outlined in the theoretical example, and should this approach be adopted, it would be able to provide significant competitive advantage for any corporation. Artificial intelligence Knowledge management Intranets (Computer networks) Computer networks security measures
125	Information security using intelligent software agents Van der Merwe, Jacobus 20 August 2012 (has links) Ph.D. / Many organisations are starting to make large parts of their information resources publicly accessible. For example, many organisations publish information using the Internet. Some organisations allow non-employees to connect to their systems and retrieve information - many banks allow customers to retrieve account statements via the Internet. There is a trend towards more open information systems and more distributed processing such as client/server processing. The above are just some of the trends in computer information processing that creates new and complex problems in providing information systems that are both secure and manageable. To add to the complexity of the information security problem, organisations use the Internet to conduct some of their business and use many different applications, each with its own unique access control mechanisms. Central management of information security in a heterogeneous and distributed environments, such as the Internet has become a nightmare. There is a need for an information security model that will allow organisations to make use of the new trends in information processing, but still have confidence that they have adequate security and that the management of their information security systems is fairly easy. In this thesis we propose a model that satisfies the above requirements. We call this model the Intelligent Security Agent Model (ISAM). The ISAM model is based on two technologies: intelligent software agents and distributed objects. The main component of the model is Intelligent Security Agents that act as security brokers for its users in a distributed environment. In chapter 2 of the thesis, we design an Intelligent Security Agent which provides various information security services in open client/server environments. The Intelligent Security Agent Model addresses certain problems/requirements, such as single sign-on, in information security. These problems and possible solutions are described in chapter 4 to chapter 10 of this thesis. An Intelligent Security Agent must be protected from unauthorised modification, theft, etc. Chapter 3 shows how an Intelligent Security Agent is secured by implementing it as a distributed object. We show that the combination of intelligent software agents and distributed objects creates an agent that was not possible before, and solves many information security problems.In short, this thesis documents the results of a study in computer information security. The result of the study is a new information security model in which intelligent software agents and distributed objects are combined to create a security agent which acts on behalf of a user in open environments such as client/server systems and the Internet. The agent provides a set of services to its user and handles all information security related requests on behalf of its user. Computer security Computer networks - Security measures Internet - Security measures Intelligent agents (Computer software)
126	Veilige indentifikasietegnieke vir gebruikers van rekenaarstelsels Rensleigh, Christopher William 07 October 2014 (has links) M.Com. (Informatics) / Please refer to full text to view abstract Computer networks - Security measures Computer security Smartcard technology Magnetic stipe card
127	Internal control with specific reference to the intranet Van Jaarsveld, J.I. 10 February 2014 (has links) M.Com. (Computer Auditing) / Intranets and related technology, can be used to solve many problems in the local computing environment. But the use of the Intranet and the related technology also raises several control concerns. Because of the increased use of Intranets within the business environment, the internal control related to the Intranet has become an issue that needs to be addressed by management and the auditor. Computerization in the accounting environment has made it virtually impossible to audit around the computer. It is therefore essential that the auditor, and more specifically the computer auditor, should assess the influence of the Intranet on the audit objectives. The objective of this short dissertation is to evaluate the influence of Intranet technology on the audit objectives (within the Intranet's different spheres of application) in terms of the risks posed for the auditor and management. It was also aimed at identifying the security risks in relationship with the audit objectives... Intranets (Computer networks) Intranets (Computer networks) - Auditing
128	Network intrusion detection system using neural networks approach in networked biometrics system Mgabile, Tinny 09 April 2014 (has links) M.Phil. (Electrical and Electronic Engineering) / Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS. Computer networks - Security measures Neural networks (Computer science) Pattern recognition systems Biometric identification
129	A framework towards effective control in information security governance Viljoen, Melanie January 2009 (has links) The importance of information in business today has made the need to properly secure this asset evident. Information security has become a responsibility for all managers of an organization. To better support more efficient management of information security, timely information security management information should be made available to all managers. Smaller organizations face special challenges with regard to information security management and reporting due to limited resources (Ross, 2008). This dissertation discusses a Framework for Information Security Management Information (FISMI) that aims to improve the visibility and contribute to better management of information security throughout an organization by enabling the provision of summarized, comprehensive information security management information to all managers in an affordable manner. Data protection Computer networks -- Security measures
130	Applying a framework for IT governance in South African higher education institutions Viljoen, Stephen January 2005 (has links) Background: Higher Education (HE), through HE Institutions, plays a very important role in society. There is thus a need for this sector to be well managed, especially with regards to planning, organising, and controlling. Corporate Governance has received a lot of attention in recent times, especially to engender trust on the part of the stakeholders. There are many similarities, but also significant differences in the governance of HE institutions and public companies. Information Technology (IT) plays an extremely important role in the modern organisation, creating huge opportunities, but also increasing the risk to the organisation. Therefore, effective governance of IT in HE Institutions is of great importance. Computer security Data protection

Search results