Global ETD Search

501	Design och implementation av övervakningssystem med Nagios / Design and implementation of monitoring systems with Nagios Lundqvist, Måns January 2017 (has links) Sherpas behöver en ny plattform för att kunna övervaka enheter på deras nätverk. Plattformen de ville använda sig av var Nagios Core och skulle kunna övervaka resurser som CPU, disk, minne, bandbredd, webbservrar och SQL servrar. Lösningen skulle även förenkla konfiguration av nya värdar. Tillägg för en översiktspanel och grafer skulle också installeras för att ge en bättre överblick. Lösningen installerades i en testmiljö med en stationär dator, bärbar dator med 3 virtuella maskiner och en switch. Nagios Core installerades på den stationära datorn. NRPE användes som Linux agent och installerades på Nagios servern och även på alla Linux servrar som skulle övervakas. Nagios insticksprogram installerades ocksåför att kunna övervaka de nödvändiga resurserna. Övervakning av Windows maskiner utfördes via WMI. För att övervaka switchar och routrar skapades ett eget insticksprogram iBash för att kunna ge de funktioner som krävdes. För att förenkla konfigurationerna av nya värdar användes värdgrupper. Varje värdgrupp är länkad till en tjänst och när en ny värd ska övervakas är det möjligt att skriva in de värdgrupper som hör till respektive tjänst. Lösningen användes endast i en liten miljö och insticksprogrammet som skapades kan innehålla eventuella problem som inte har upptäckts än. Programmet skapades också med ett programmeringsspråk som inte var lämplig i situationen och bör bytas ut i framtiden. Inget fokus på säkerhet gjordes och är något som måste implementeras i framtiden. / Sherpas needed a new platform to monitor machines on their network. The platform they wanted to use was Nagios Core to monitor resources like CPU, disk, memory, bandwidth, webservers and SQL servers. The monitor solution also needed a simple way to add new hosts. Addons for a dashboard and graphs was also needed for a better overview. The monitor platform was installed on a test environment with a stationary computer, laptop with 3 virtual machines and a switch. Nagios Core was installed on the stationary computer. NRPE was used as the agent and was installed on all Linux servers. Nagios plugins was also installed to be able to monitor the required resources. Monitoring of Windows machines was done with WMI. To monitor switches and routers a plugin was created with Bash. To simplify configuration for new hosts, host groups were used. All host groups are linked to a service and when new hosts are created the required services are monitored by selecting all the host groups which the services are linked to. This decreased the time required for configuring new hosts. The solution was only done with a very small environment and the plugin that was created could contain a few bugs that can be detected in the future. The program also used a programming language not suited for the situation and should be changed in the future. No focus on security was done and is something that should be implemented in the future. Övervakninssystem övervakning Nagios Nagios Core NRPE SNMP WMI Nagdash Nagiosgraph Computer Systems Datorsystem
502	Visual SLAM using sparse maps based on feature points Brunnegård, Oliver, Wikestad, Daniel January 2017 (has links) Visual Simultaneous Localisation And Mapping is a useful tool forcreating 3D environments with feature points. These visual systemscould be very valuable in autonomous vehicles to improve the localisation.Cameras being a fairly cheap sensor with the capabilityto gather a large amount of data. More efficient algorithms are stillneeded to better interpret the most valuable information. This paperanalyses how much a feature based map can be reduced without losingsignificant accuracy during localising. Semantic segmentation created by a deep neural network is used toclassify the features used to create the map, the map is reduced by removingcertain classes. The results show that feature based maps cansignificantly be reduced without losing accuracy. The use of classesresulted in promising results, large amounts of feature were removedbut the system could still localise accurately. Removing some classesgave the same results or even better in certain weather conditionscompared to localisation with a full-scale map. ORB-SLAM2 Reduced map Localisation Computer Systems Datorsystem Robotics Robotteknik och automation
503	Discovery of temporal association rules in multivariate time series Zhao, Yi January 2017 (has links) This thesis focuses on mining association rules on multivariate time series. Com-mon association rule mining algorithms can usually only be applied to transactional data, and a typical application is market basket analysis. If we want to mine temporal association rules on time series data, changes need to be made. During temporal association rule mining, the temporal ordering nature of data and the temporal interval between the left and right patterns of a rule need to be considered. This thesis reviews some mining methods for temporal association rule mining, and proposes two similar algorithms for the mining of frequent patterns in single and multivariate time series. Both algorithms are scalable and efficient. In addition, temporal association rules are generated from the patterns found. Finally, the usability and efficiency of the algorithms are demonstrated by evaluating the results. Computer Systems Datorsystem
504	Performance evaluation of scalable and distributed iot platforms for smart regions Araujo Soto, Víctor Estuardo January 2017 (has links) As the vision of the Internet of Things (IoT) becomes a reality, thousands of devices will beconnected to IoT platforms in smart cities and regions. These devices will actively send dataupdates to cloud-based platforms, as part of smart applications in domains like healthcare, trafficand pollution monitoring. Therefore, it is important to study the ability of modern IoT systemsto handle high rates of data updates coming from devices. In this work we evaluated the per-formance of components of the Internet of Things Services Enablement Architecture of theEuropean initiative FIWARE. We developed a testbed that is able to inject data updates usingMQTT and the CoAP-based Lightweight M2M protocols, simulating large scale IoT deploy-ments. Our extensive tests considered the vertical and horizontal scalability of the componentsof the platform. Our results found the limits of the components when handling the load, and thescaling strategies that should be targeted by implementers. We found that vertical scaling is notan effective strategy in comparison to the gains achieved by horizontally scaling the databaselayer. We reflect about the load testing methodology for IoT systems, the scalability needs ofdifferent layers and conclude with future challenges in this topic. IOT performance FIWARE Internet of Things QoS testbed monitoring Computer Systems Datorsystem
505	A Framework To Implement OpenID Connect Protocol For Federated Identity Management In Enterprises Rasiwasia, Akshay January 2017 (has links) Federated Identity Management (FIM) and Single-Sign-On (SSO) concepts improve both productivity andsecurity for organizations by assigning the responsibility of user data management and authentication toone single central entity called identity provider, and consequently, the users have to maintain only oneset of credential to access resources at multiple service provider. The implementation of any FIM and SSOprotocol is complex due to the involvement of multiple organizations, sensitive user data, and myriadsecurity issues. There are many instances of faulty implementations that compromised on security forease of implementation due to lack of proper guidance. OpenID Connect (OIDC) is the latest protocolwhich is an open standard, lightweight and platform independent to implement Federated IdentityManagement; it offers several advantages over the legacy protocols and is expected to have widespreaduse. An implementation framework that addresses all the important aspects of the FIM lifecycle isrequired to ensure the proper application of the OIDC protocol at the enterprise level. In this researchwork, an implementation framework was designed for OIDC protocol by incorporating all the importantrequirements from a managerial, technical and security perspective of an enterprise level federatedidentity management. The research work closely follows the design science research process, and theframework was evaluated for its completeness, efficiency, and usability. FIM SSO OpenID Connect OIDC Single Sign On Federated Identity Management Computer Systems Datorsystem
506	Neuroevolution med tävlingsinriktad samevolution i flera miljöer med ökande komplexitet / Neuroevolution with competitive coevolution in multiple scenes of increasing complexity Hesselbom, Anton January 2017 (has links) NEAT är en neuroevolutionsteknik som kan användas för att träna upp AI-kontrollerade robotar utan att behöva tillföra någon mänsklig expertis eller tidigare kunskap till systemet. Detta arbete undersöker hur väl denna teknik fungerar tillsammans med samevolution för att utveckla robotar i en tävlingsmiljö, med fokus på att testa tekniken på flera olika nivåer med varierande mängd komplexitet i form av väggar och hinder. Tekniken utvärderas genom att låta robotarna tävla mot varandra, deras kompetens mäts sedan från resultaten av dessa tävlingar. Exempelvis deras förmåga att vinna matcher. Resultaten visar att tekniken fungerade bra på nivån med låg komplexitet, men att robotarna har vissa svårigheter att lära sig kompetenta strategier på nivåerna med högre komplexitet. Tekniken har dock potential för flera olika varianter och förbättringar som potentiellt kan förbättra resultatet även på de mer komplexa nivåerna. Neuroevolution Coevolution AI Games Neuroevolution Samevolution AI Spel Computer Systems Datorsystem
507	Integrating Computational and Participatory Simulations for Design in Complex Systems Raghothama, Jayanth January 2017 (has links) The understanding and conceptualization of cities and its constituent systems such as transportation and healthcare as open and complex is shifting the debates around the technical and communicative rationales of planning. Viewing cities in a holistic manner presents methodological challenges, where our understanding of complexity is applied in a tangible fashion to planning processes. Bridging the two rationales in the tools and methodologies of planning is necessary for the emergence of a 'non-linear rationality' of planning, one that accounts for and is premised upon complexity. Simulations representing complex systems provide evidence and support for planning, and have the potential to serve as an interface between the more abstract and political decision making and the material city systems. Moving beyond current planning methods, this thesis explores the role of simulations in planning. Recognizing the need for holistic representations, the thesis integrates multiple disparate simulations into a holistic whole achieving complex representations of systems. These representations are then applied and studied in an interactive environment to address planning problems in different contexts. The thesis contributes an approach towards the development of complex representations of systems; improvements on participatory methods to integrate computational simulations; a nuanced understanding of the relative value of simulation constructs; technologies and frameworks that facilitate the easy development of integrated simulations that can support participatory planning processes. The thesis develops contributions through experiments which involved problems and stakeholders from real world systems. The approach towards development of integrated simulations is realized in an open source framework. The framework creates computationally efficient, scalable and interactive simulations of complex systems, which used in a participatory manner delivers tangible plans and designs. / <p>QC 20170602</p> distributed simulations interactive participatory gaming complexity theory fidelity Computer Systems Datorsystem
508	Packetfence och Cisco ISE : En jämförelse av NAC Engfors, Emil, Markstedt, Jens January 2017 (has links) Syftet med detta arbete var att jämföra de två mjukvarorna Packetfence och Cisco Identity Services Engine. Målet är att bilda en förståelse kring hur den här typen av mjukvaror kan implementeras i ett nätverk av olika storlekar och även en insikt över hur detta kan minska den administrativa belastningen. Den här typen av system kan även användas för att centralt styra åtkomst till ett företags resurser och kan säkra upp olika typ av enheter och program. Det genomfördes en installation för att upptäcka skillnader mellan systemen, därefter konfigurerades de så likt varandra som möjligt för att upptäcka om det finns några olikheter i den här delen av mjukvaran. Rapporten tar upp grundläggande information kring de tjänster som systemen innehåller och beskriver även de steg som krävs för att utföra konfiguration. Rapporten redovisar den metod gruppen arbetat efter under dessa veckor för att uppnå ett tillfredsställande resultat för uppdragsgivaren. Resultatet presenterar arbetet gruppen utfört under arbetet och visar hur de olika systemen kan konfigureras för att uppnå ett säkert nätverk hos ett företag. Diskussionen tar upp att det är viktigt att vara flexibel i sin planering för att arbeta runt uppkomna problem. / The purpose of this study was to compare two security softwares, Packetfence and Cisco Identity Services Engin. The goal was to provide an understanding of how this kind of software can be implemented in a network of different sizes and also an insight into how this can reduce the administrative burden. This type of system can also be used to centrally control access to a company's resources and can secure different types of devices and applications. An installation was completed to detect differences between the systems, then they were configured as similarly as possible to detect if there were any differences in this part of the software. The report summarizes basic information about the services that the systems contain and also describes the steps required to perform configuration. The report presents the methodology the group worked for these weeks to achieve a satisfactory result for the client. The result presents the work the group completed during the study and shows how the various systems can be configured to achieve a secure network for a company. The discussion states that it is important to be flexible in its planning to work around problems that arise. Security NAC Cisco opensource dot1x wireless Security NAC Cisco opensource dot1x wireless Computer Systems Datorsystem
509	Evaluation of Low-Interaction Honeypots on the University Network Ponten, Austin January 2017 (has links) This project studies the three honeypot solutions Honeyd,Dionaea, and Kippo. Eval-uating the solutions themselves, and observing their implementation into the university campus network. The investigation begins with the understanding of how a honeypot works and is useful as an extra security layer, following with an implementation of said three honeypot solutions and the results that follow after a period of days. After the data has been collected, it shows that the majority of malicious activity surrounded communication services, and an evaluation of the three honeypot solutions showed Honeyd as the best with its scalability and reconfigurability. Honeypot Networking Computer Security Elektroteknik och elektronik Computer Systems Datorsystem
510	Säkerhet i CAN-bussen : Riskerna som medföljer Internet of Vehicles Lindmark, Anton, Hall, Fredrik January 2017 (has links) I denna rapport undersöks säkerheten i de inbyggda systemen i ett fordon. Är CAN-bussen och enheterna som kommunicerar med den verkligen säkra? Vilka svagheter finns det inom säkerheten när ny teknik implementeras i fordon och ansluts till CAN-bussen?Om ett fordon blir angripet så är riskerna att angriparen lyckas med attacken ganska stora. Speciellt så finns det flera risker och säkerhetshål med ny teknik t.ex. inbyggda mediasystem i fordon.Vi har forskat i hur lätt det är att hämta information ur fordonet, samt vad som kan göras med denna information, detta med hjälp av både andra vetenskapliga rapporter samt en fysisk undersökning med hjälp av en applikation som utvecklades.Genom avläsning med hjälp av Bluetooth från OBD2 kontakten så kan information såsom signaler för att låsa upp fordonet eller trycka på gasen läsas av från fordonet. Viss information är dold för den normala användaren, såsom ett tryck på gaspedalen. Denna information måste erhållas genom exempelvis avläsning av dolda paket. Detta kan göras genom att spåra paket med hjälp av diverse program, t.ex. Wireshark. Hade denna information varit enkel att tillgå så kan den användas på ett skadligt sätt. Skulle exempelvis kommandot för att trycka på gasen kunna styras trådlöst så skulle detta kunna skapa stora och farliga problem. Detta är något som undersöks i rapporten, hur man kan gå tillväga och vilka sätt ett fordon kan angripas på.En applikation utvecklades för att undersöka vilken information som kan relativt enkelt extraheras. Parametrar som t.ex. hastighet eller varvtal på motorn är exempel på denna information. Med hjälp av en OBD2 enhet så kommunicerar applikationen med fordonet. Applikationen hämtar ut informationen om en bilresa från start till stopp för att sedan kunna redovisa denna information. Information visas till användaren i applikationen både under tiden fordonet färdas och sedan en sammanfattning av hela resan. Applikationen kan användas för att spara sina resor om man till exempel vill redovisa tjänsteresor för sin arbetsgivare. Resorna sparas både i databas och lokalt på din telefon med möjlighet för uppladdning till en webbserver eller liknande.iiApplikationen sparar all information du valt om din resa och kan även skräddarsys med mer eller mindre parametrar beroende på behov.Den har även ett användningsområde för att övervaka sitt körande, om man till exempel någon gång under resans gång uppnår onormala värden, som t.ex. alldeles för höga varvtal eller liknande. / In this report, the security in integrated systems within vehicles is evaluated. Is the CAN bus and the devices that communicate with it secure? What are the weaknesses in security when modern technologies are implemented in vehicles and connected to the CAN bus?If a vehicle is attacked, the risk of the attacker's success with the attack is quite large. There are several risks and security holes with modern technology, for example. built-in media system in vehicles.We have researched how easy it is to retrieve information from the vehicle and what can be done with this information, using both other scientific reports and a physical examination using an application that were developed.By reading using Bluetooth from the OBD2 connector, information such as signals to unlock the vehicle or press the gas pedal can be read from the vehicle. Certain information is hidden for the normal user, such as a press of the gas pedal. This information must be obtained by for example, reading hidden packages. This can be done by tracing packages through various applications, such as Wireshark. Had this information been easy to access, it could be used in a malicious way. Should the command to press the gas be controlled wirelessly, this could create major and dangerous problems. This is something that is being investigated in the report, how to proceed and what ways a vehicle can be attacked.An application was developed to investigate what information that can be relatively easily extracted. Parameters such as speed or rounds per minute on the engine are examples of this information. Using an OBD2 device, the application communicates with the vehicle. The application retrieves information about a trip from start to stop and then it’s able to report this information. Information is displayed to the user in the application both while the vehicle is traveling and then a summary of the entire trip. The application can be used to save one’s journey, if for example, you want to report your trips to your employer. The trips are stored both in a database and locally on your phone with the possibility of uploading to a web server.ivThe application saves all information you selected about your trip and can also be customized with parameters depending on your needs. It also has a field of use for monitoring your driving, for example if you at some time during the trip reach abnormal values, such as far too high rounds per minute or something similar. CAN-Bus OBD2 Security Bluetooth CAN-buss OBD2 Säkerhet Bluetooth Computer Systems Datorsystem

Search results