Spelling suggestions: "subject:"detection lemsystems"" "subject:"detection atemsystems""
1 |
Coherent detection for optical fibre communication systemsSteel, R. January 1983 (has links)
No description available.
|
2 |
Intrusion detection and response model to enhance security in cognitive radio networks / Ifeoma Ugochi OhaeriOhaeri, Ifeoma Ugochi January 2012 (has links)
With the rapid proliferation of new technologies and services in the wireless domain,
spectrum scarcity has become a major concern. Cognitive radios (CRs) arise as a
promising solution to the scarcity of spectrum. A basic operation of the CRs is spectrum
sensing. Whenever a primary signal is detected, CRs have to vacate the specific spectrum
band. Malicious users can mimic incumbent transmitters so as to enforce CRs to vacate
the specific band. Cognitive radio networks (CRNs) are expected to bring an evolution to
the spectrum scarcity problem through intelligent use of the fallow spectrum bands.
However, as CRNs are wireless in nature, they face all common security threats found in
the traditional wireless networks. Common security combating measures for wireless
environments consist of authorization, authentication, and access control. But CRNs face
new security threats and challenges that have arisen due to their unique cognitive (self-configuration,
self-healing, self-optimization, and self-protection) characteristics. Because
of these new security threats, the use of traditional security combating measures would be
inadequate to address the challenges. Consequently, this research work proposes an
Intrusion Detection and Response Model (IDRM) to enhance security in cognitive radio
networks. Intrusion detection monitors all the activities in order to detect the intrusion. It
searches for security violation incidents, recognizes unauthorized accesses, and identifies
information leakages. Unfortunately, system administrators neither can keep up with the
pace that an intrusion detection system is delivering responses or alerts, nor can they react
within adequate time limits. Therefore, an automatic response system has to take over this
task by reacting without human intervention within the cognitive radio network. / Thesis (M.Sc.(Computer Science) North-West University, Mafikeng Campus, 2012
|
3 |
APPLICATION OF INTRUSION DETECTION SOFTWARE TO PROTECT TELEMETRY DATA IN OPEN NETWORKED COMPUTER ENVIRONMENTS.Kalibjian, Jeffrey R. 10 1900 (has links)
International Telemetering Conference Proceedings / October 23-26, 2000 / Town & Country Hotel and Conference Center, San Diego, California / Over the past few years models for Internet based sharing and selling of telemetry data have been
presented [1] [2] [3] at ITC conferences. A key element of these sharing/selling architectures was
security. This element was needed to insure that information was not compromised while in transit or to
insure particular parties had a legitimate right to access the telemetry data. While the software managing
the telemetry data needs to be security conscious, the networked computer hosting the telemetry data to
be shared or sold also needs to be resistant to compromise. Intrusion Detection Systems (IDS) may be
used to help identify and protect computers from malicious attacks in which data can be compromised.
|
4 |
A Collaborative Architecture for Distributed Intrusion Detection System based on Lightweight ModulesZaman, Safaa 02 July 2009 (has links)
A variety of intrusion prevention techniques, such as user authentication (e.g.: using passwords), avoidance of programming errors, and information protection, have been used to protect computer systems. However, intrusion prevention alone is not sufficient to protect our systems, as those systems become ever more complex with the rapid growth and expansion of Internet technology and local network systems. Moreover, programming errors, firewall configuration errors, and ambiguous or undefined security policies add to the system’s complexity. An Intrusion Detection System (IDS) is therefore needed as another layer to protect computer systems. The IDS is one of the most important techniques of information dynamic security technology. It is defined as a process of monitoring the events occurring in a computer system or network and analyzing them to differentiate between normal activities of the system and behaviours that can be classified as suspicious or intrusive.
Current Intrusion Detection Systems have several known shortcomings, such as: low accuracy (registering high False Positives and False Negatives); low real-time performance (processing a large amount of traffic in real time); limited scalability (storing a large number of user profiles and attack signatures); an inability to detect new attacks (recognizing new attacks when they are launched for the first time); and weak system-reactive capabilities (efficiency of response). This makes the area of IDS an attractive research field. In recent years, researchers have investigated techniques such as artificial intelligence, autonomous agents, and distributed systems for detecting intrusion in network environments. This thesis presents a novel IDS distributed architecture – Collaborative Distributed Intrusion Detection System (C-dIDS), based on lightweight IDS modules – that integrates two main concepts in order to improve IDS performance and the scalability: lightweight IDS and collaborative architecture.
To accomplish the first concept, lightweight IDS, we apply two different approaches: a features selection approach and an IDS classification scheme. In the first approach, each detector (IDS module) uses smaller amounts of data in the detection process by applying a novel features selection approach called the Fuzzy Enhanced Support Vector Decision Function (Fuzzy ESVDF). This approach improves the system scalability in terms of reducing the number of needed features without degrading the overall system performance. The second approach uses a new IDS classification scheme. The proposed IDS classification scheme employs multiple specialized detectors in each layer of the TCP/IP network model. This helps collecting efficient and useful information for dIDS, increasing the system’s ability to detect different attack types and reducing the system’s scalability.
The second concept uses a novel architecture for dIDS called Collaborative Distributed Intrusion Detection System (C-dIDS) to integrate these different specialized detectors (IDS modules) that are distributed on different points in the network. This architecture is a single-level hierarchy dIDS with a non-central analyzer. To make the detection decision for a specific IDS module in the system, this module must collaborate with the previous IDS module (host) in the lower level of the hierarchy only. Collaborating with other IDS modules improves the overall system accuracy without creating a heavy system overload. Also, this architecture avoids both single point of failure and scalability bottleneck problems.
Integration of the two main concepts, lightweight IDS and a distributed collaborative architecture, has shown very good results and has addressed many IDS limitations.
|
5 |
Algorizmi: A Configurable Virtual Testbed to Generate Datasets for Offline Evaluation of Intrusion Detection SystemsAli, Karim January 2010 (has links)
Intrusion detection systems (IDSes) are an important security measure that network administrators adopt to defend computer networks against malicious attacks and intrusions. The field of IDS research includes many challenges. However, one open problem remains orthogonal to the others: IDS evaluation. In other words, researchers have not yet succeeded to agree on a general systematic methodology and/or a set of metrics to fairly evaluate different IDS algorithms. This leads to another problem: the lack of an appropriate IDS evaluation dataset that satisfies the common research needs. One major contribution in this area is the DARPA dataset offered by the Massachusetts Institute of Technology Lincoln Lab (MIT/LL), which has been extensively used to evaluate a number of IDS algorithms proposed in the literature. Despite this, the DARPA dataset received a lot of criticism concerning the way it was designed, especially concerning its obsoleteness and inability to incorporate new sorts of network attacks.
In this thesis, we survey previous research projects that attempted to provide a system for IDS offline evaluation. From the survey, we identify a set of design requirements for such a system based on the research community needs. We, then, propose Algorizmi as an open-source configurable virtual testbed for generating datasets for offline IDS evaluation. We provide an architectural overview of Algorizmi and its software and hardware components. Algorizmi provides its users with tools that allow them to create their own experimental testbed using the concepts of virtualization and cloud computing. Algorizmi users can configure the virtual machine instances running in their experiments, select what background traffic those instances will generate and what attacks will be launched against them. At any point in time, an Algorizmi user can generate a dataset (network traffic trace) for any of her experiments so that she can use this dataset afterwards to evaluate an IDS the same way the DARPA dataset is used.
Our analysis shows that Algorizmi satisfies more requirements than previous research projects that target the same research problem of generating datasets for IDS offline evaluation. Finally, we prove the utility of Algorizmi by building a sample network of machines, generate both background and attack traffic within that network. We then download a snapshot of the dataset for that experiment and run it against Snort IDS. Snort successfully detected the attacks we launched against the sample network. Additionally, we evaluate the performance of Algorizmi while processing some of the common usages of a typical user based on 5 metrics: CPU time, CPU usage, memory usage, network traffic sent/received and the execution time.
|
6 |
A Collaborative Architecture for Distributed Intrusion Detection System based on Lightweight ModulesZaman, Safaa 02 July 2009 (has links)
A variety of intrusion prevention techniques, such as user authentication (e.g.: using passwords), avoidance of programming errors, and information protection, have been used to protect computer systems. However, intrusion prevention alone is not sufficient to protect our systems, as those systems become ever more complex with the rapid growth and expansion of Internet technology and local network systems. Moreover, programming errors, firewall configuration errors, and ambiguous or undefined security policies add to the system’s complexity. An Intrusion Detection System (IDS) is therefore needed as another layer to protect computer systems. The IDS is one of the most important techniques of information dynamic security technology. It is defined as a process of monitoring the events occurring in a computer system or network and analyzing them to differentiate between normal activities of the system and behaviours that can be classified as suspicious or intrusive.
Current Intrusion Detection Systems have several known shortcomings, such as: low accuracy (registering high False Positives and False Negatives); low real-time performance (processing a large amount of traffic in real time); limited scalability (storing a large number of user profiles and attack signatures); an inability to detect new attacks (recognizing new attacks when they are launched for the first time); and weak system-reactive capabilities (efficiency of response). This makes the area of IDS an attractive research field. In recent years, researchers have investigated techniques such as artificial intelligence, autonomous agents, and distributed systems for detecting intrusion in network environments. This thesis presents a novel IDS distributed architecture – Collaborative Distributed Intrusion Detection System (C-dIDS), based on lightweight IDS modules – that integrates two main concepts in order to improve IDS performance and the scalability: lightweight IDS and collaborative architecture.
To accomplish the first concept, lightweight IDS, we apply two different approaches: a features selection approach and an IDS classification scheme. In the first approach, each detector (IDS module) uses smaller amounts of data in the detection process by applying a novel features selection approach called the Fuzzy Enhanced Support Vector Decision Function (Fuzzy ESVDF). This approach improves the system scalability in terms of reducing the number of needed features without degrading the overall system performance. The second approach uses a new IDS classification scheme. The proposed IDS classification scheme employs multiple specialized detectors in each layer of the TCP/IP network model. This helps collecting efficient and useful information for dIDS, increasing the system’s ability to detect different attack types and reducing the system’s scalability.
The second concept uses a novel architecture for dIDS called Collaborative Distributed Intrusion Detection System (C-dIDS) to integrate these different specialized detectors (IDS modules) that are distributed on different points in the network. This architecture is a single-level hierarchy dIDS with a non-central analyzer. To make the detection decision for a specific IDS module in the system, this module must collaborate with the previous IDS module (host) in the lower level of the hierarchy only. Collaborating with other IDS modules improves the overall system accuracy without creating a heavy system overload. Also, this architecture avoids both single point of failure and scalability bottleneck problems.
Integration of the two main concepts, lightweight IDS and a distributed collaborative architecture, has shown very good results and has addressed many IDS limitations.
|
7 |
Algorizmi: A Configurable Virtual Testbed to Generate Datasets for Offline Evaluation of Intrusion Detection SystemsAli, Karim January 2010 (has links)
Intrusion detection systems (IDSes) are an important security measure that network administrators adopt to defend computer networks against malicious attacks and intrusions. The field of IDS research includes many challenges. However, one open problem remains orthogonal to the others: IDS evaluation. In other words, researchers have not yet succeeded to agree on a general systematic methodology and/or a set of metrics to fairly evaluate different IDS algorithms. This leads to another problem: the lack of an appropriate IDS evaluation dataset that satisfies the common research needs. One major contribution in this area is the DARPA dataset offered by the Massachusetts Institute of Technology Lincoln Lab (MIT/LL), which has been extensively used to evaluate a number of IDS algorithms proposed in the literature. Despite this, the DARPA dataset received a lot of criticism concerning the way it was designed, especially concerning its obsoleteness and inability to incorporate new sorts of network attacks.
In this thesis, we survey previous research projects that attempted to provide a system for IDS offline evaluation. From the survey, we identify a set of design requirements for such a system based on the research community needs. We, then, propose Algorizmi as an open-source configurable virtual testbed for generating datasets for offline IDS evaluation. We provide an architectural overview of Algorizmi and its software and hardware components. Algorizmi provides its users with tools that allow them to create their own experimental testbed using the concepts of virtualization and cloud computing. Algorizmi users can configure the virtual machine instances running in their experiments, select what background traffic those instances will generate and what attacks will be launched against them. At any point in time, an Algorizmi user can generate a dataset (network traffic trace) for any of her experiments so that she can use this dataset afterwards to evaluate an IDS the same way the DARPA dataset is used.
Our analysis shows that Algorizmi satisfies more requirements than previous research projects that target the same research problem of generating datasets for IDS offline evaluation. Finally, we prove the utility of Algorizmi by building a sample network of machines, generate both background and attack traffic within that network. We then download a snapshot of the dataset for that experiment and run it against Snort IDS. Snort successfully detected the attacks we launched against the sample network. Additionally, we evaluate the performance of Algorizmi while processing some of the common usages of a typical user based on 5 metrics: CPU time, CPU usage, memory usage, network traffic sent/received and the execution time.
|
8 |
A study of the application of imaging charge-coupled devices for the detection and quantitation of luminogenic assaysHaggart, Robert January 1990 (has links)
Low light level imaging devices have the advantage that they can produce quantitative two dimensional images. The characteristics, structure and operation of different low light level imaging devices are discussed. Cooled slow scanned charged coupled device (CCD) cameras show good detector properties; very low dark noise; low system noise; good spatial resolution; therefore seem ideal for the detection and quantitation of luminogenic assays.
|
9 |
Design and Analysis of Intrusion Detection Protocols in Cyber Physical SystemsMitchel, Robert Raymondl III 23 April 2013 (has links)
In this dissertation research we aim to design and validate intrusion detection system (IDS) protocols for a cyber physical system (CPS) comprising sensors, actuators, control units, and physical objects for controlling and protecting physical infrastructures.<br />The design part includes host IDS, system IDS and IDS response designs. The validation part includes a novel model-based analysis methodology with simulation validation. Our objective is to maximize the CPS reliability or lifetime in the presence of malicious nodes performing attacks which can cause security failures. Our host IDS design results in a lightweight, accurate, autonomous and adaptive protocol that runs on every node in the CPS to detect misbehavior of neighbor nodes based on state-based behavior specifications. Our system IDS design results in a robust and resilient protocol that can cope with malicious, erroneous, partly trusted, uncertain and incomplete information in a CPS. Our IDS response design results in a highly adaptive and dynamic control protocol that can adjust detection strength in response to environment changes in attacker strength and behavior. The end result is an energy-aware and adaptive IDS that can maximize the CPS lifetime in the presence of malicious attacks, as well as malicious, erroneous, partly trusted, uncertain and incomplete information.<br />We develop a probability model based on stochastic Petri nets to describe the behavior of a CPS incorporating our proposed intrusion detection and response designs, subject to attacks by malicious nodes exhibiting a range of attacker behaviors, including reckless, random, insidious and opportunistic attacker models. We identify optimal intrusion detection settings under which the CPS reliability or lifetime is maximized for each attacker model. Adaptive control for maximizing IDS performance is achieved by dynamically adjusting detection and response strength in response to attacker strength and behavior detected at runtime. We conduct extensive analysis of our designs with four case studies, namely, a mobile group CPS, a medical CPS, a smart grid CPS and an unmanned aircraft CPS. The results show that our adaptive intrusion and response designs operating at optimizing conditions significantly outperform existing anomaly-based IDS techniques for CPSs. / Ph. D.
|
10 |
Artificial Intelligence Applications in Intrusion Detection Systems for Unmanned Aerial VehiclesHamadi, Raby 05 1900 (has links)
This master thesis focuses on the cutting-edge application of AI in developing intrusion detection systems (IDS) for unmanned aerial vehicles (UAVs) in smart cities. The objective is to address the escalating problem of UAV intrusions, which pose a significant risk to the safety and security of citizens and critical infrastructure. The thesis explores the current state of the art and provides a comprehensive understanding of recent advancements in the field, encompassing both physical and network attacks.
The literature review examines various techniques and approaches employed in the development of AI-based IDS. This includes the utilization of machine learning algorithms, computer vision technologies, and edge computing. A proposed solution leveraging computer vision technologies is presented to detect and identify intruding UAVs in the sky effectively. The system employs machine learning algorithms to analyze video feeds from city-installed cameras, enabling real-time identification of potential intrusions. The proposed approach encompasses the detection of unauthorized drones, dangerous UAVs, and UAVs carrying suspicious payloads.
Moreover, the thesis introduces a Cycle GAN network for image denoising that can translate noisy images to clean images without the need for paired training data. This approach employs two generators and two discriminators, incorporating a cycle consistency loss that ensures the generated images align with their corresponding input images.
Furthermore, a distributed architecture is proposed for processing collected images using an edge-offloading approach within the UAV network. This architecture allows flying and ground cameras to leverage the computational capabilities of their IoT peers to process captured images. A hybrid neural network is developed to predict, based on input tasks, the potential edge computers capable of real-time processing. The edge-offloading approach reduces the computational burden on the centralized system and facilitates real-time analysis of network traffic, offering an efficient solution.
In conclusion, the research outcomes of this thesis provide valuable insights into the development of secure and efficient IDS for UAVs in smart cities. The proposed solution contributes to the advancement of the UAV industry and enhances the safety and security of citizens and critical infrastructure within smart cities.
|
Page generated in 0.1235 seconds