Global ETD Search

71	Security related self-protected networks: autonomous threat detection and response (ATDR) Havenga, Wessel Johannes Jacobus January 2021 (has links) Doctor Educationis / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human expert. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time. In this thesis, Autonomous Threat Detection and Response (ATDR) is a proposed general method aimed at contributing toward security related self-protected networks. Through a combination of unsupervised machine learning and Deep learning, ATDR is designed as an intelligent and autonomous decision-making system that uses big data processing requirements and data frame pattern identification layers to learn sequences of patterns and derive real-time data formations. This system enhances threat detection and response capabilities, accuracy and speed. Research provided a solid foundation for the proposed method around the scope of existing methods and the unanimous problem statements and findings by other authors. (Distributed) denial of service attacks Traffic capture and packet analysis Queueing theory Machine learning Neural networking Multi-vector attack detection
72	A three-layered robustness analysis of cybersecurity: Attacks and insights Schweitzer, David 11 December 2019 (has links) Cybersecurity has become an increasingly important concern for both military and civilian infrastructure globally. Because of the complexity that comes with wireless networks, adversaries have many means of infiltration and disruption of wireless networks. While there is much research done in defending these networks, understanding the robustness of these networks is tantamount for both designing new networks and examining possible security deficiencies in preexisting networks. This dissertation proposes to examine the robustness of wireless networks on three major fronts: the physical layer, the data-link layer, and the network layer. At the physical layer, denial-of-service jamming attacks are considered, and both additive interference and no interference are modeled in an optimal configuration and five common network topologies. At the data-link layer, data transmission efficacy and denial-of-sleep attacks are considered with the goal of maximizing throughput under a constrained lifetime. At the network layer, valid and anomalous communications are considered with the goal of classifying those anomalous communications apart from valid ones. This dissertation proposes that a thorough analysis of the aforementioned three layers provides valuable insights to robustness on general wireless networks. cybersecurity deep learning mathematical programming mixed-integer programming network flow Jamming attacks denial-of-service attacks denial-of-sleep attacks botnet detection
73	Denial-of-service attacks against the Parrot ANAFI drone / DoS- attacker mot drönaren Parrot ANAFI. Feng, Jesse, Tornert, Joakim January 2021 (has links) As the IoT market continues to grow, so does the need for secure wireless communication. Drones have become a popular gadget among both individuals and various industries during the last decade, and the popularity continues to grow. Some drones use Wi-Fi technology for communication, such as the Parrot ANAFI, which introduces many of the same security threats that are frequently found in general IoT. Therefore, this report covers a common group of cyberattacks, known as denial-of-service attacks, their effects on the Parrot ANAFI, and their ease of use. A threat model was created to have an overview of the system architecture, and all of the identified threats were assessed using DREAD. All of the software tools used in this report can be found for free on the Internet using search engines and simple key words. The results showed that the drone is generally secure, but it is vulnerable to a certain denial-of-service attack, which can open the door to multiple attack surfaces if the password for the drone’s Wi-Fi is not strong enough. Some suggestions for mitigating these threats are presented at the end of the report. / I takt med att IoT-marknaden fortsätter att växa ökar också behovet av säker trådlös kommunikation. Drönare har blivit en populär pryl bland såväl privatpersoner som diverse industrier under det senaste decenniet, och populariteten fortsätter att växa. Vissa drönare använder Wi-Fi-teknik för kommunikation, till exempel Parrot ANAFI, vilket introducerar många av de säkerhetshot som ofta existerar bland IoT i allmänhet. Den här rapporten täcker därför en välkänd grupp av cyberattacker, som kallas denial-of-service-attacker, deras effekter på Parrot ANAFI och deras användarvänlighet. En hotmodell skapades för att ha en överblick över systemarkitekturen och alla identifierade hot rangordnades med hjälp av DREAD. Alla programvaruverktyg som används i denna rapport kan hittas gratis på Internet med hjälp av enkla sökningar på nyckelord. Resultaten påvisar att drönaren i allmänhet är säker, men att den är sårbar för en viss typ av denial-of-service-attack, vilket kan öppna dörren till flera attackytor om lösenordet för drönarens Wi-Fi inte är tillräckligt starkt. Några förslag för att mildra dessa hot presenteras i slutet av rapporten. Penetration testing cyber security drone denial-of-service attacks Wi-Fi IEEE 802.11. Computer and Information Sciences Data- och informationsvetenskap
74	Αναγνώριση επιθέσεων web σε web-servers Στυλιανού, Γεώργιος 09 July 2013 (has links) Οι επιθέσεις στο Διαδίκτυο και ειδικά οι επιθέσεις άρνησης εξυπηρέτησης (Denial of Service, DoS) αποτελούν ένα πολύ σοβαρό πρόβλημα για την ομαλή λειτουργία του Διαδικτύου. Αυτό το είδος επιθέσεων στοχεύει στην διατάραξη της καλής λειτουργίας ενός συστήματος, καταναλώνοντας τους πόρους του ή προκαλώντας υπερφόρτωση στο δίκτυο, καθιστώντας το ανίκανο να παρέχει στους πελάτες του τις υπηρεσίες για τις οποίες προορίζεται. Η αντιμετώπιση των επιθέσεων αυτών έχει απασχολήσει πολλούς ερευνητές τα τελευταία χρόνια και έχουν προταθεί πολλές διαφορετικές μέθοδοι πρόληψης, ανίχνευσης, και απόκρισης. Στα πλαίσια της παρούσας διπλωματικής επιχειρείται αρχικά ο ορισμός και η ταξινόμηση των επιθέσεων DoS και DDoS, με ιδιαίτερη αναφορά στις επιθέσεις DoS στον Παγκόσμιο Ιστό. Στη συνέχεια αναλύονται διάφοροι τρόποι αναγνώρισης επιθέσεων, με κύριους άξονες την αναγνώριση υπογραφής και την ανίχνευση ανωμαλιών. Γίνεται εμβάθυνση στο πεδίο της ανίχνευσης ανωμαλιών και πραγματοποιείται η μελέτη ενός συστήματος που ανιχνεύει ανωμαλίες σε δεδομένα κίνησης δικτύου που περιέχουν επιθέσεις. / Attacks in the Internet, and especially Denial of Service attacks, are a very serious threat to the normal function of the Internet. This kind of attack aims to the disruption of the normal function of a system, by consuming its resources or overloading the network, making it incapable to provide services, that is designed for, to the clients. In recent years many researchers have tried to propose solutions to prevent, detect and respond effectively to attacks. In this thesis, first a definition, and then a classification of DoS and DDoS attacks is proposed, with distinctive reference to attacks in the World Wide Web. Several ways of attack detection are analyzed, with signature detection and anomaly detection being the most significant. Afterwards, the field of anomaly detection is thoroughly analyzed, and a system that detects anomalies to a dataset of network traffic that contains attacks, is examined. Αναγνώριση επιθέσεων Ανίχνευση ανωμαλιών 005.8 Internet attacks Attack detection Anomaly detection Security anomalies
75	A multifold approach to address the security issues of stateful forwarding mechanisms in Information-Centric Networks / Une approche multidimensionnelle pour aborder les problèmes de sécurité des mécanismes d'acheminement à états dans les réseaux orientés contenus Signorello, Salvatore 21 June 2018 (has links) Ce travail illustre comment les tendances actuelles d'utilisation dominantes sur Internet motivent la recherche sur des architectures futures de réseau plus orientées vers le contenu. Parmi les architectures émergentes pour l'Internet du futur, le paradigme du Information-Centric Networking (ICN) est présenté. ICN vise à redéfinir les protocoles de base d'Internet afin d'y introduire un changement sémantique des hôtes vers les contenus. Parmi les architectures ICN, le Named-Data Networking (NDN) prévoit que les demandes nommées de contenus des utilisateurs soient transmises par leur nom dans les routeurs le long du chemin d'un consommateur à une ou plusieurs sources de contenus. Ces demandes de contenus laissent des traces dans les routeurs traversés qui sont ensuite suivis par les paquets de contenus demandés. La table d'intérêt en attente (PIT) est le composant du plan de données de l'NDN qui enregistre temporairement les demandes de contenus acheminés dans les routeurs. D'une part, ce travail explique que le mécanisme d'acheminement à états de la PIT permet des propriétés comme l'agrégation de requêtes, le multicast de réponses et le contrôle natif de flux hop-by-hop. D'autre part, ce travail illustre comment l'acheminement à états de la PIT peut facilement être mal utilisé par des attaquants pour monter des attaques de déni de service distribué (DDoS) disruptives, appelées Interest Flooding Attacks (IFAs). Dans les IFAs, des botnets vaguement coordonnés peuvent inonder le réseau d'une grande quantité de demandes difficiles à satisfaire dans le but de surcharger soit l'infrastructure du réseau soit les producteurs de contenus. Ce travail de thèse prouve que bien que des contre-mesures contre les IFAs aient été proposées, il manque une compréhension complète de leur efficacité réelle puisque celles-ci ont été testées sous des hypothèses simplistes sur les scénarios d'évaluation. Dans l'ensemble, le travail présenté dans ce manuscrit permet de mieux comprendre les implications des IFAs et les opportunités d'améliorer les mécanismes de défense existants contre ces attaques. Les principales contributions de ce travail de thèse tournent autour d'une analyse de sécurité du plan d'acheminement dans l'architecture NDN. En particulier, ce travail définit un modèle d'attaquant plus robuste pour les IFAs à travers l'identification des failles dans les contre-mesures IFA existantes. Ce travail introduit un nouvel ensemble d'IFAs basé sur le modèle d'attaquant proposé. Les nouveaux IFAs sont utilisés pour réévaluer les plus efficaces contre-mesures IFA existantes. Les résultats de cette évaluation réfutent l'efficacité universelle des mécanismes de défense existants contre l'IFA et, par conséquent, appellent à différentes contre-mesures pour protéger le NDN contre cette menace de sécurité. Pour surmonter le problème révélé, ce travail définit également des contre-mesures proactives contre l'IFA, qui sont de nouveaux mécanismes de défense contre les IFA inspirés par les problèmes rencontrés dans l'état de l'art. Ce travail présente Charon, une nouvelle contre-mesure proactive contre l'IFA, et la teste contre les nouvelles IFAs. Ce travail montre que Charon est plus efficace que les contre-mesures IFA réactives existantes. Enfin, ce travail illustre la conception NDN.p4, c'est-à-dire la première implémentation d'un protocole ICN écrit dans le langage de haut niveau pour les processeurs de paquets P4. Le travail NDN.p4 est la première tentative dans la littérature visant à tirer parti des nouveaux techniques de réseaux programmables pour tester et évaluer différentes conceptions de plan de données NDN. Cette dernière contribution classe également les mécanismes alternatifs d'acheminement par rapport à un ensemble de propriétés cardinales de la PIT. Le travail souligne qu'il vaut la peine d'explorer d'autres mécanismes d'acheminement visant à concevoir un plan de données NDN moins vulnérable à la menace IFA / This work illustrates how today's Internet dominant usage trends motivate research on more content-oriented future network architectures. Among the emerging future Internet proposals, the promising Information-Centric Networking (ICN) research paradigm is presented. ICN aims to redesign Internet's core protocols to promote a shift in focus from hosts to contents. Among the ICN architectures, the Named-Data Networking (NDN) envisions users' named content requests to be forwarded by their names in routers along the path from one consumer to 1-or-many sources. NDN's requests leave trails in traversed routers which are then followed backwards by the requested contents. The Pending Interest Table (PIT) is the NDN's data-plane component which temporarily records forwarded content requests in routers. On one hand, this work explains that the PIT stateful mechanism enables properties like requests aggregation, multicast responses delivery and native hop-by-hop control flow. On the other hand, this work illustrates how the PIT stateful forwarding behavior can be easily abused by malicious users to mount disruptive distributed denial of service attacks (DDoS), named Interest Flooding Attacks (IFAs). In IFAs, loosely coordinated botnets can flood the network with a large amount of hard to satisfy requests with the aim to overload both the network infrastructure and the content producers. This work proves that although countermeasures against IFAs have been proposed, a fair understanding of their real efficacy is missing since those have been tested under simplistic assumptions about the evaluation scenarios. Overall, the work presented in this manuscript shapes a better understanding of both the implications of IFAs and the possibilities of improving the state-of-the-art defense mechanisms against these attacks. The main contributions of this work revolves around a security analysis of the NDN's forwarding plane. In particular, this work defines a more robust attacker model for IFAs by identifying flaws in the state-of-the-art IFA countermeasures. This work introduces a new set of IFAs built upon the proposed attacker model. The novel IFAs are used to re-assess the most effective existing IFA countermeasures. Results of this evaluation disproves the universal efficacy of the state-of-the-art IFA defense mechanisms and so, call for different countermeasures to protect the NDN against this threat. To overcome the revealed issue, this work also defines proactive IFA countermeasures, which are novel defense mechanisms against IFAs inspired by the issues with the state-of-the-art ones. This work introduces Charon, a novel proactive IFA countermeasure, and tests it against the novel IFA attacks. This work shows Charon counteracts latest stealthy IFAs better than the state-of-the-art reactive countermeasures. Finally, this work illustrates the NDN.p4 design, that is, the first implementation of an ICN protocol written in the high-level language for packet processors P4. The NDN.p4 work is the first attempt in the related literature to leverage novel programmable-networks technologies to test and evaluate different NDN forwarding plane designs. This last contribution also classifies existing alternative forwarding mechanisms with respect to a set of PIT cardinal properties. The work outlines that it is worth to explore alternative forwarding mechanisms aiming to design an NDN forwarding plane less vulnerable to the IFA threat Information-Centric Networking Named-Data Networking Securité Déni de service Attaque par saturation de réseau Information-Centric Networking Named-Data Networking Security Denial of Service Interest Flooding Attack 005.8
76	Mitigando Ataques de Negação de Serviço em Infraestruturas de Computação em Nuvem. / Mitigating denial-of-service attacks on infrastructure Cloud computing. MEDEIROS, Gleison de Oliveira 04 September 2014 (has links) Submitted by Maria Aparecida (cidazen@gmail.com) on 2017-09-04T14:37:04Z No. of bitstreams: 1 Gleison.pdf: 3054404 bytes, checksum: 11aa5497fadacc31dbe5c2817f241266 (MD5) / Made available in DSpace on 2017-09-04T14:37:04Z (GMT). No. of bitstreams: 1 Gleison.pdf: 3054404 bytes, checksum: 11aa5497fadacc31dbe5c2817f241266 (MD5) Previous issue date: 2014-09-04 / Cloud computing has been widely used as an ultimate solution for the growing demands of users of Information Technology services. Concomitant to the rapid development of this technology, new forms of intrusion (and intruders) have emerged. In this context, it is proposed in this dissertation, an architecture of intrusion detection system based on Multi-agent systems associated with the use of techniques for encryption and digital signature to detect and treat the attempted denial of service attacks in an Infrastructure Service. The partial results obtained with the implementation of a prototype are considered satisfactory in view of the performance presented by the tool. / A Computação em Nuvem tem sido bastante utilizada como uma solução recente para as demandas crescentes de usuários de serviços de Tecnologia da Informação. Concomitante ao desenvolvimento acelerado desta tecnologia, novas formas de intrusão (e de intrusos) acabam emergindo. Nesse contexto, é proposta nesta dissertação, uma arquitetura de sistema de detecção de intrusão, baseada em sistemas Multiagentes, associadas ao uso de técnicas de criptografia e assinatura digital, para detectar e tratar as tentativas de ataques de DoS (Denial of Service) em uma Infraestrutura de Nuvem IaaS (Infrastructure as a Service). Os resultados parciais obtidos com a implementação de um protótipo são considerados satisfatórios, tendo em vista o desempenho apresentado pela ferramenta. Sistemas de Informação.
77	Distributed Denial of Service Attacks (DDoS)- Consequences and Future Namuduri, Sarita January 2006 (has links) <p>Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible.</p> Denial of Service attack DoS DDoS Distributed Deinal of Service Attack Seriouness of DDoS Defences against DoS attack Effects of DoS and DDoS Defending against DoS and DDoS Electrical engineering Elektroteknik
78	Distributed Denial of Service Attacks (DDoS)- Consequences and Future Namuduri, Sarita January 2006 (has links) Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible. Denial of Service attack DoS DDoS Distributed Deinal of Service Attack Seriouness of DDoS Defences against DoS attack Effects of DoS and DDoS Defending against DoS and DDoS Electrical engineering Elektroteknik
79	Anti-sensor Network: Distortion-based Distributed Attack In Wireless Sensor Networks Karaaslan, Ibrahim 01 February 2008 (has links) (PDF) In this thesis, a novel anti-sensor network paradigm is introduced against wireless sensor networks (WSN). Anti-sensor network (ASN) aims to destroy application reliability by adaptively and anonymously introducing adequate level of artificial distortion into the communication of the event features transported from the sensor nodes (SN) to the sink. ASN is composed of anti-sensor nodes (aSN) randomly distributed over the sensor network field. aSNs pretend to be SNs tomaintain anonymity and so improve resiliency against attack detection and prevention mechanisms. Performance evaluations via mathematical analysis and simulation experiments show that ASN can effectively reduce the application reliability of WSN.
80	Recovery From DoS Attacks In MIPv6 : Modelling And Validation Kumar, Manish C 03 1900 (has links) Denial-of-Service (DoS) attacks form a very important category of security threats that are possible in MIPv6 (Mobile Internet Protocol version 6). This thesis proposes a scheme for participants (Mobile Node, Home Agent, and Correspondent Node) in MIPv6 to recover from DoS attacks in the event of any of them being subjected to a DoS attack. We propose a threshold based scheme for participants in MIPv6 to detect presence of DoS attacks and to recover from DoS attacks in the event of any of them being subjected to a DoS attack. This is achieved using an infrastructure for MIPv6 that makes such a solution practical even in the absence of IPsec infrastructure. We propose a protocol that uses concepts like Cryptographically Generated Addresses (CGA), short-term IP addresses using a Lamport hash like mechanism and a hierarchy based trust management infrastructure for key distribution. However, reasoning about correctness of such protocols is not trivial. In addition, new solutions to mitigate attacks may need to be deployed in the network on a frequent basis as and when attacks are detected, as it is practically impossible to anticipate all attacks and provide solutions in advance. This makes it necessary to validate solutions in a timely manner before deployment in real network. However, threshold schemes needed in group protocols make analysis complex. Model checking threshold-based group protocols that employ cryptography have been not successful so far. The testing in a real network or a test bed also will not be feasible if faster and frequent deployment of DoS mitigation solutions is needed. Hence, there is a need for an approach that lies between automated/manual verification and an actual implementation. It is evident from existing literature that not many simulations for doing security analysis of MIP/MIPv6 have been done. This research is a step in that direction. We propose a simulation based approach for validation using a tool called FRAMOGR [40] that supports executable specification of group protocols that use cryptography. FRAMOGR allows one to specify attackers and track probability distributions of values or paths. This work deals with simulation of DoS attacks and their mitigation solutions for MIP in FRAMOGR. This makes validation of solutions possible without mandating a complete deployment of the protocol to detect vulnerabilities in a solution. This does away with the need for a formal theoretical verification of a DoS mitigation solution. In the course of this work, some DoS attacks and recovery mechanisms are simulated and validated using FRAMOGR. We obtained encouraging results for the performance of the detection scheme. We believe that infrastructure such as FRAMOGR would be required in future for validating new group based threshold protocols that are needed for making MIPv6 more robust. Mobile Internet Protocol Computer Access Control Computer Security FRAMOGR Denial-of-Service (DoS) Attacks Communication Engineering

Search results