• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 68
  • 6
  • 6
  • 5
  • 5
  • 4
  • 3
  • 2
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 121
  • 121
  • 52
  • 44
  • 36
  • 33
  • 29
  • 29
  • 26
  • 26
  • 26
  • 19
  • 18
  • 17
  • 15
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
111

Αναγνώριση επιθέσεων άρνησης εξυπηρέτησης

Γαβρίλης, Δημήτρης 15 February 2008 (has links)
Στη Διδακτορική Διατριβή μελετώνται 3 κατηγορίες επιθέσεων άρνησης εξυπηρέτησης (Denial-of-Service). Η πρώτη κατηγορία αφορά επιθέσεις τύπου SYN Flood, μια επίθεση που πραγματοποιείται σε χαμηλό επίπεδο και αποτελεί την πιο διαδεδομένη ίσως κατηγορία. Για την αναγνώριση των επιθέσεων αυτών εξήχθησαν 9 στατιστικές παράμετροι οι οποίες τροφοδότησαν τους εξής ταξινομητές: ένα νευρωνικό δίκτυο ακτινικών συναρτήσεων, ένα ταξινομητή κ-κοντινότερων γειτόνων και ένα εξελικτικό νευρωνικό δίκτυο. Ιδιαίτερη σημασία στο σύστημα αναγνώρισης έχουν οι παράμετροι που χρησιμοποιήθηκαν. Για την κατασκευή και επιλογή των παραμέτρων αυτών, προτάθηκε μια νέα τεχνική η οποία χρησιμοποιεί ένα γενετικό αλγόριθμο και μια γραμματική ελεύθερης σύνταξης για να κατασκευάζει νέα σύνολα παραμέτρων από υπάρχοντα σύνολα πρωτογενών χαρακτηριστικών. Στη δεύτερη κατηγορία επιθέσεων, μελετήθηκαν επιθέσεις άρνησης εξυπηρέτησης στην υπηρεσία του παγκόσμιου ιστού (www). Για την αντιμετώπιση των επιθέσεων αυτών προτάθηκε η χρήση υπερσυνδέσμων-παγίδων οι οποίοι τοποθετούνται στον ιστοχώρο και λειτουργούν σαν νάρκες σε ναρκοπέδιο. Οι υπερσύνδεσμοι-παγίδες δεν περιέχουν καμία σημασιολογική πληροφορία και άρα είναι αόρατοι στους πραγματικούς χρήστες ενώ είναι ορατοί στις μηχανές που πραγματοποιούν τις επιθέσεις. Στην τελευταία κατηγορία επιθέσεων, τα μηνύματα ηλεκτρονικού ταχυδρομείου spam, προτάθηκε μια μέθοδος κατασκευής ενός πολύ μικρού αριθμού παραμέτρων και χρησιμοποιήθηκαν για πρώτη φορά νευρωνικά δίκτυα για την αναγνώριση τους. / The dissertation analyzes 3 categories of denial-of-service attacks. The first category concerns SYN Flood attacks, a low level attack which is the most common. For the detection of this type of attacks 9 features were proposed which acted as inputs for the following classifiers: a radial basis function neural network, a k-nearest neighbor classifier and an evolutionary neural network. A crucial part of the proposed system is the parameters that act as inputs for the classifiers. For the selection and construction of those features a new method was proposed that automatically selects constructs new feature sets from a predefined set of primitive characteristics. This new method uses a genetic algorithm and a context-free grammar in order to find the optimal feature set. In the second category, denial-of-service attacks on the World Wide Web service were studied. For the detection of those attacks, the use of decoy-hyperlinks was proposed. Decoy hyperlinks, are hyperlinks that contain no semantic information and thus are invisible to normal users but are transparent to the programs that perform the attacks. The decoys act like mines on a minefield and are placed optimally on the web site so that the detection probability is maximized. In the last type of attack, the email spam problem, a new method was proposed for the construction of a very small number of features which are used to feed a neural network that for the first time is used to detect such attacks.
112

Uma arquitetura para a detecção de intrusos no ambiente wireless usando redes neurais artificiais / An architecture for detecting intruders in the Wireless environment using artificial neural networks

ATAÍDE, Ricardo Luis da Rocha 27 December 2007 (has links)
Made available in DSpace on 2016-08-17T14:52:37Z (GMT). No. of bitstreams: 1 Ricardo Luis da Rocha Ataide.pdf: 1712992 bytes, checksum: 27d451c245e151370c1c17a8e89cf8bb (MD5) Previous issue date: 2007-12-27 / Most of the existing software of wireless intrusion detection identify behaviors obtrusive only taking as a basis the exploitation of known vulnerabilities commonly called of attack signatures. They analyze the activity of the system, watching sets of events that are similar to a pre-determined pattern that describes an intrusion known. Thus, only known vulnerabilities are detected, leading to the need for new techniques for detecting intrusions be constantly added to the system. It is necessary to implement a wireless IDS that can identify intrusive behaviors also based on the observation of the deflection normal behaviour of the users, hosts or network connections. This normal behaviour should be based on historical data, collected over a long period of normal operation. This present work proposes an architecture for a system to intrusion detection in wireless networks by anomalies, which is based on the application of technology to artificial neural networks, both in the processes of intrusion detection, as making countermeasures. The system can be adapted to the profile of a new community of users, and can recognize attacks with characteristics somewhat different from the already known by the system, relying only on deviations in behaviour of this new community. A prototype has been implemented and various simulations and tests were performed on it, with three denial of service attacks. The tests were to verify the effectiveness of the application of neural networks in the solution of the problem of wireless network intrusion detection, and concentrated its focus on the power of generalization of neural networks. This ensures the system detects attacks though these features slightly different from those already known. / A maioria dos sistemas de detecção de intrusos para redes wireless existentes identificam comportamentos intrusivos apenas tomando como base a exploração de vulnerabilidades conhecidas, comumente chamadas de assinaturas de ataques. Eles analisam a atividade do sistema, observando conjuntos de eventos que sejam semelhantes a um padrão pré-determinado que descreva uma intrusão conhecida. Com isso, apenas vulnerabilidades conhecidas são detectadas, trazendo a necessidade de que novas técnicas de intrusão sejam constantemente adicionadas ao sistema. Torna-se necessária a implementação de um WIDS (Wireless Intrusion Detection System) que possa identificar comportamentos intrusivos baseandose também na observação de desvios do comportamento normal dos usuários, computadores pessoais ou conexões da rede. Esse comportamento normal deve se basear em dados históricos, coletados durante um longo período normal de operação. Este trabalho propõe uma arquitetura para um sistema de detecção de intrusos em redes wireless por anomalias, que tem como base a aplicação da tecnologia de redes neurais artificiais, tanto nos processos de detecção de intrusões quanto de tomada de contramedidas. O sistema pode se adaptar ao perfil de uma nova comunidade de usuários, bem como pode reconhecer ataques com características um pouco diferentes das já conhecidas pelo sistema, baseando-se apenas nos desvios de comportamento dessa nova comunidade. Um protótipo foi implementado e várias simulações e testes desse protótipo foram realizadas, para três ataques de negação de serviço. Os testes tiveram o objetivo de verificar a eficácia da aplicacação de redes neurais na solução do problema da detecção de intrusos em redes wireless, concentrando seu foco no poder de generalização das redes neurais. Isto garante que o sistema detecte ataques ainda que estes apresentem características ligeiramente diferentes das já conhecidas. Redes Neurais Artificiais.
113

Misbehaviors detection schemes in mobile ad hoc networks / Une approche décentralisée pour la détection de comportements malveillants dans les réseaux MANETs

Rmayti, Mohammad 30 September 2016 (has links)
Avec l’évolution des besoins d’utilisateurs, plusieurs technologies de réseaux sans fil ont été développées. Parmi ces technologies, nous trouvons les réseaux mobiles ad hoc (MANETs) qui ont été conçus pour assurer la communication dans le cas où le déploiement d’une infrastructure réseaux est coûteux ou inapproprié. Dans ces réseaux, le routage est une fonction primordiale où chaque entité mobile joue le rôle d’un routeur et participe activement dans le routage. Cependant, les protocoles de routage ad hoc tel qu’ils sont conçus manquent de contrôle de sécurité. Sur un chemin emprunté, un nœud malveillant peut violemment perturber le routage en bloquant le trafic. Dans cette thèse, nous proposons une solution de détection des nœuds malveillants dans un réseau MANET basée sur l’analyse comportementale à travers les filtres bayésiens et les chaînes de Markov. L’idée de notre solution est d’évaluer le comportement d’un nœud en fonction de ses échanges avec ses voisins d’une manière complètement décentralisée. Par ailleurs, un modèle stochastique est utilisé afin de prédire la nature de comportement d’un nœud et vérifier sa fiabilité avant d’emprunter un chemin. Notre solution a été validée via de nombreuses simulations sur le simulateur NS-2. Les résultats montrent que la solution proposée permet de détecter avec précision les nœuds malveillants et d’améliorer la qualité de services de réseaux MANETs / With the evolution of user requirements, many network technologies have been developed. Among these technologies, we find mobile ad hoc networks (MANETs) that were designed to ensure communication in situations where the deployment of a network infrastructure is expensive or inappropriate. In this type of networks, routing is an important function where each mobile entity acts as a router and actively participates in routing services. However, routing protocols are not designed with security in mind and often are very vulnerable to node misbehavior. A malicious node included in a route between communicating nodes may severely disrupt the routing services and block the network traffic. In this thesis, we propose a solution for detecting malicious nodes in MANETs through a behavior-based analysis and using Bayesian filters and Markov chains. The core idea of our solution is to evaluate the behavior of a node based on its interaction with its neighbors using a completely decentralized scheme. Moreover, a stochastic model is used to predict the nature of behavior of a node and verify its reliability prior to selecting a path. Our solution has been validated through extensive simulations using the NS-2 simulator. The results show that the proposed solution ensures an accurate detection of malicious nodes and improve the quality of routing services in MANETs
114

Information-Theoretic Framework for Network Anomaly Detection: Enabling online application of statistical learning models to high-speed traffic / ITF-NAD : Ett informationsteoretiskt ramverk för realtidsdetektering av nätverksanomalier

Damour, Gabriel January 2019 (has links)
With the current proliferation of cyber attacks, safeguarding internet facing assets from network intrusions, is becoming a vital task in our increasingly digitalised economies. Although recent successes of machine learning (ML) models bode the dawn of a new generation of intrusion detection systems (IDS); current solutions struggle to implement these in an efficient manner, leaving many IDSs to rely on rule-based techniques. In this paper we begin by reviewing the different approaches to feature construction and attack source identification employed in such applications. We refer to these steps as the framework within which models are implemented, and use it as a prism through which we can identify the challenges different solutions face, when applied in modern network traffic conditions. Specifically, we discuss how the most popular framework -- the so called flow-based approach -- suffers from significant overhead being introduced by its resource heavy pre-processing step. To address these issues, we propose the Information Theoretic Framework for Network Anomaly Detection (ITF-NAD); whose purpose is to facilitate online application of statistical learning models onto high-speed network links, as well as provide a method of identifying the sources of traffic anomalies. Its development was inspired by previous work on information theoretic-based anomaly and outlier detection, and employs modern techniques of entropy estimation over data streams. Furthermore, a case study of the framework's detection performance over 5 different types of Denial of Service (DoS) attacks is undertaken, in order to illustrate its potential use for intrusion detection and mitigation. The case study resulted in state-of-the-art performance for time-anomaly detection of single source as well as distributed attacks, and show promising results regarding its ability to identify underlying sources. / I takt med att antalet cyberattacker växer snabbt blir det alltmer viktigt för våra digitaliserade ekonomier att skydda uppkopplade verksamheter från nätverksintrång. Maskininlärning (ML) porträtteras som ett kraftfullt alternativ till konventionella regelbaserade lösningar och dess anmärkningsvärda framgångar bådar för en ny generation detekteringssytem mot intrång (IDS). Trots denna utveckling, bygger många IDS:er fortfarande på signaturbaserade metoder, vilket förklaras av de stora svagheter som präglar många ML-baserade lösningar. I detta arbete utgår vi från en granskning av nuvarande forskning kring tillämpningen av ML för intrångsdetektering, med fokus på de nödvändiga steg som omger modellernas implementation inom IDS. Genom att sätta upp ett ramverk för hur variabler konstrueras och identifiering av attackkällor (ASI) utförs i olika lösningar, kan vi identifiera de flaskhalsar och begränsningar som förhindrar deras praktiska implementation. Särskild vikt läggs vid analysen av de populära flödesbaserade modellerna, vars resurskrävande bearbetning av rådata leder till signifikant tidsfördröjning, vilket omöjliggör deras användning i realtidssystem. För att bemöta dessa svagheter föreslår vi ett nytt ramverk -- det informationsteoretiska ramverket för detektering av nätverksanomalier (ITF-NAD) -- vars syfte är att möjliggöra direktanslutning av ML-modeller över nätverkslänkar med höghastighetstrafik, samt tillhandahåller en metod för identifiering av de bakomliggande källorna till attacken. Ramverket bygger på modern entropiestimeringsteknik, designad för att tillämpas över dataströmmar, samt en ASI-metod inspirerad av entropibaserad detektering av avvikande punkter i kategoriska rum. Utöver detta presenteras en studie av ramverkets prestanda över verklig internettrafik, vilken innehåller 5 olika typer av överbelastningsattacker (DoS) genererad från populära DDoS-verktyg, vilket i sin tur illustrerar ramverkets användning med en enkel semi-övervakad ML-modell. Resultaten visar på hög nivå av noggrannhet för detektion av samtliga attacktyper samt lovande prestanda gällande ramverkets förmåga att identifiera de bakomliggande aktörerna.
115

Students’ Perception of Cyber Threat Severity : Investigating Alignment with Actual Risk Levels

Erfani Torbaghani, Ramtin January 2023 (has links)
This study aims to investigate the alignment between students’ perception of cyber threats and their actual risk levels. A mixed-method approach was used, where data was collected from Swedish university students through questionnaires, capturing their perception, familiarity, experience, and protective behaviors. Information regarding the actual risk levels of cyber attacks was obtained from interviews with cyber security professionals and other expert sources, such as cyber security reports. The results showed that students perceive malware, ransomware, phishing, and insecure passwords as the most dangerous threats to society, while denial of service (DoS) attacks and packet sniffing were considered less severe. These findings align somewhat with the suggested threat levels. However, notable proportions of students perceived these threats as moderately dangerous or less severe, suggesting room for improvement in their understanding. The results also showed that protective behaviors among students are generally low, particularly in regards to IoT security. Future work should therefore explore the public’s perception, protective behavior and knowledge of IoT security, but also attacks that are common against such devices. / Denna studie jämför universitetsstudenters uppfattning om hur farliga olika cyberhot är med de faktiska risknivåerna för dessa hot. Data på studenternas uppfattning, bekantskap, erfarenhet och beteenden samlades in genom frågeformulär, medans information om cyberhotens faktiska risknivåer inhämtades från intervjuer med cybersäkerhetsproffs och andra experskällor som cybersäkerhetsrapporter och artiklar. Resultaten visade att studenterna uppfattar malware, ransomware, phishing och osäkra lösenord som de farligaste hoten mot samhället, medan denial of service (DoS)-attacker och packet sniffing ansågs vara mindre allvarliga. Dessa fynd överensstämde något med de föreslagna risknivåerna. Dock ansåg en anmärkningsvärd andel av studenterna dessa hot som måttligt farliga eller mindre allvarliga, vilket tyder på utrymme för förbättringar i deras förståelse. Resultaten visade också att skyddande beteenden bland studenter generellt är låga, särskilt när det gäller IoT-säkerhet. Framtida studier bör därför utforska allmänhetens uppfattning, skyddsbeteende och kunskap om IoT-säkerhet, men även attacker som är vanliga mot sådana enheter.
116

Cyber crime: a comparative law analysis

Maat, Sandra Mariana 11 1900 (has links)
The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter alia hacking, rogue code, unauthorised modification of data and denial of service attacks have now been criminalised. Specific criminal provisions in relation to spamming, computer-related fraud and extortion have also been included in the Act. It is argued that theft of incorporeal items such as information has already been recognised in our law, but has not been taken to its logical conclusion in our case law. However, there are instances where neither the common law nor our statutory provisions are applicable and where there is still a need for legislative intervention. The Act sufficiently deals with jurisdiction, the admissibility of data messages, the admissibility of electronic signatures and the regulation of cryptography. Cyber inspectors are a new addition to law enforcement. / Jurisprudence / L. L. M.
117

Advancing cyber security with a semantic path merger packet classification algorithm

Thames, John Lane 30 October 2012 (has links)
This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing.
118

Αρχιτεκτονικές επεξεργαστών και μνημών ειδικού σκοπού για την υποστήριξη φερέγγυων (ασφαλών) δικτυακών υπηρεσιών / Processor and memory architectures for trusted computing platforms

Κεραμίδας, Γεώργιος 27 October 2008 (has links)
Η ασφάλεια των υπολογιστικών συστημάτων αποτελεί πλέον μια πολύ ενεργή περιοχή και αναμένεται να γίνει μια νέα παράμετρος σχεδίασης ισάξια μάλιστα με τις κλασσικές παραμέτρους σχεδίασης των συστημάτων, όπως είναι η απόδοση, η κατανάλωση ισχύος και το κόστος. Οι φερέγγυες υπολογιστικές πλατφόρμες έχουν προταθεί σαν μια υποσχόμενη λύση, ώστε να αυξήσουν τα επίπεδα ασφάλειας των συστημάτων και να παρέχουν προστασία από μη εξουσιοδοτημένη άδεια χρήσης των πληροφοριών που είναι αποθηκευμένες σε ένα σύστημα. Ένα φερέγγυο σύστημα θα πρέπει να διαθέτει τους κατάλληλους μηχανισμούς, ώστε να είναι ικανό να αντιστέκεται στο σύνολο, τόσο γνωστών όσο και νέων, επιθέσεων άρνησης υπηρεσίας. Οι επιθέσεις αυτές μπορεί να έχουν ως στόχο να βλάψουν το υλικό ή/και το λογισμικό του συστήματος. Ωστόσο, η μεγαλύτερη βαρύτητα στην περιοχή έχει δοθεί στην αποτροπή επιθέσεων σε επίπεδο λογισμικού. Στην παρούσα διατριβή προτείνονται έξι μεθοδολογίες σχεδίασης ικανές να θωρακίσουν ένα υπολογιστικό σύστημα από επιθέσεις άρνησης υπηρεσίας που έχουν ως στόχο να πλήξουν το υλικό του συστήματος. Η κύρια έμφαση δίνεται στο υποσύστημα της μνήμης (κρυφές μνήμες). Στις κρυφές μνήμες αφιερώνεται ένα μεγάλο μέρος της επιφάνειας του ολοκληρωμένου, είναι αυτές που καλούνται να "αποκρύψουν" τους αργούς χρόνους απόκρισης της κύριας μνήμης και ταυτόχρονα σε αυτές οφείλεται ένα μεγάλο μέρος της συνολικής κατανάλωσης ισχύος. Ως εκ τούτου, παρέχοντας βελτιστοποιήσεις στις κρυφές μνήμες καταφέρνουμε τελικά να μειώσουμε τον χρόνο εκτέλεσης του λογισμικού, να αυξήσουμε το ρυθμό μετάδοσης των ψηφιακών δεδομένων και να θωρακίσουμε το σύστημα από επιθέσεις άρνησης υπηρεσίας σε επίπεδο υλικού. / Data security concerns have recently become very important, and it can be expected that security will join performance, power and cost as a key distinguish factor in computer systems. Trusted platforms have been proposed as a promising approach to enhance the security of the modern computer system and prevent unauthorized accesses and modifications of the sensitive information stored in the system. Unfortunately, previous approaches only provide a level of security against software-based attacks and leave the system wide open to hardware attacks. This dissertation thesis proposes six design methodologies to shield a uniprocessor or a multiprocessor system against a various number of Denial of Service (DoS) attacks at the architectural and the operating system level. Specific focus is given to the memory subsystem (i.e. cache memories). The cache memories account for a large portion of the silicon area, they are greedy power consumers and they seriously determine system performance due to the even growing gap between the processor speed and main memory access latency. As a result, in this thesis we propose methodologies to optimize the functionality and lower the power consumption of the cache memories. The goal in all cases is to increase the performance of the system, the achieved packet throughput and to enhance the protection against a various number of passive and Denial of Service attacks.
119

Cyber crime: a comparative law analysis

Maat, Sandra Mariana 11 1900 (has links)
The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter alia hacking, rogue code, unauthorised modification of data and denial of service attacks have now been criminalised. Specific criminal provisions in relation to spamming, computer-related fraud and extortion have also been included in the Act. It is argued that theft of incorporeal items such as information has already been recognised in our law, but has not been taken to its logical conclusion in our case law. However, there are instances where neither the common law nor our statutory provisions are applicable and where there is still a need for legislative intervention. The Act sufficiently deals with jurisdiction, the admissibility of data messages, the admissibility of electronic signatures and the regulation of cryptography. Cyber inspectors are a new addition to law enforcement. / Jurisprudence / L. L. M.
120

E-crimes and e-authentication - a legal perspective

Njotini, Mzukisi Niven 27 October 2016 (has links)
E-crimes continue to generate grave challenges to the ICT regulatory agenda. Because e-crimes involve a wrongful appropriation of information online, it is enquired whether information is property which is capable of being stolen. This then requires an investigation to be made of the law of property. The basis for this scrutiny is to establish if information is property for purposes of the law. Following a study of the Roman-Dutch law approach to property, it is argued that the emergence of an information society makes real rights in information possible. This is the position because information is one of the indispensable assets of an information society. Given the fact that information can be the object of property, its position in the law of theft is investigated. This study is followed by an examination of the conventional risks that ICTs generate. For example, a risk exists that ICTs may be used as the object of e-crimes. Furthermore, there is a risk that ICTs may become a tool in order to appropriate information unlawfully. Accordingly, the scale and impact of e-crimes is more than those of the offline crimes, for example theft or fraud. The severe challenges that ICTs pose to an information society are likely to continue if clarity is not sought regarding: whether ICTs can be regulated or not, if ICTs can be regulated, how should an ICT regulatory framework be structured? A study of the law and regulation for regulatory purposes reveals that ICTs are spheres where regulations apply or should apply. However, better regulations are appropriate in dealing with the dynamics of these technologies. Smart-regulations, meta-regulations or reflexive regulations, self-regulations and co-regulations are concepts that support better regulations. Better regulations enjoin the regulatory industries, for example the state, businesses and computer users to be involved in establishing ICT regulations. These ICT regulations should specifically be in keeping with the existing e-authentication measures. Furthermore, the codes-based theory, the Danger or Artificial Immune Systems (the AIS) theory, the Systems theory and the Good Regulator Theorem ought to inform ICT regulations. The basis for all this should be to establish a holistic approach to e-authentication. This approach must conform to the Precautionary Approach to E-Authentication or PAEA. PAEA accepts the importance of legal rules in the ICT regulatory agenda. However, it argues that flexible regulations could provide a suitable framework within which ICTs and the ICT risks are controlled. In addition, PAEA submit that a state should not be the single role-player in ICT regulations. Social norms, the market and nature or architecture of the technology to be regulated are also fundamental to the ICT regulatory agenda. / Jurisprudence / LL. D.

Page generated in 0.0899 seconds