Global ETD Search

81	Monte Carlo modelling of an X-ray fluorescence detection system by the MCNP code Xia, Xiaolei January 2018 (has links) This survey has shown, using the Monte Carlo N-Particle(MCNP) code to model a detection system, to demonstrate that it is possible to design a system to measure hazard elements in polluted water. At first, the measurement method needs to be determined. For measuring the specimen component without knowing the accuracy concentration in a short time, when compared with other methods, the Energy-dispersive X-ray fluorescence (ED-XRF) is a good choice for solving this problem. Then, a basic part of this method and actual experiment setting is using the simulation to find the suitable parameters such as the input X-ray energy level, the detector thickness, etc. At last, the polluted water has been measured for evaluating the system function. MCNP Monte Carlo modelling XRF detection system Annan elektroteknik och elektronik
82	Um Sistema de Detecção de Intrusão para Detecção de Ataques de Negação de Serviço na Internet das Coisas. / An Intrusion Detection System for Detection of Attacks Service Denial on the Internet of Things. SOUSA, Breno Fabrício Lira Melo 21 December 2016 (has links) Submitted by Maria Aparecida (cidazen@gmail.com) on 2017-08-01T15:17:20Z No. of bitstreams: 1 Breno Fabricio.pdf: 3022898 bytes, checksum: d3e376b3280034170ef737c756a8bb30 (MD5) / Made available in DSpace on 2017-08-01T15:17:20Z (GMT). No. of bitstreams: 1 Breno Fabricio.pdf: 3022898 bytes, checksum: d3e376b3280034170ef737c756a8bb30 (MD5) Previous issue date: 2016-12-21 / The paradigm of the Internet of Things (in english, Internet of Things - IoT) came to allow intercommunication between different objects via Internet, and thereby facilitate the form of how the end user will interact with a wide variety of devices that surround him in everyday life. The availability of features that these devices have is a factor that deserves great attention because the use of such resources inappropriately can cause serious damage. Therefore, since such devices are connected to the internet, they are vulnerable to various threats, such as, denial-of-service attack (DoS). In order to tackle DoS type threats in IoT, an Intrusion Detection System (IDS) is proposed for IoT, aiming at detecting some types of DoS attacks. / O paradigma da Internet das Coisas (em inglês, Internet of Things - IoT) surgiu para possibilitar a intercomunicação entre os diferentes objetos através da Internet, e, com isso, facilitar a forma de como o usuário final interagirá com a grande variedade de dispositivos que o cerca no dia a dia. A disponibilidade de recursos que estes dispositivos possuem é um fator que merece uma grande atenção, pois o uso de tais recursos de forma não apropriada pode gerar graves danos. Para tanto, uma vez que tais dispositivos estão conectados à Internet, estes estão vulneráveis a diversas ameaças, como, por exemplo, ataque de negação de serviço (DoS). A fim de enfrentar ameaças do tipo DoS em IoT, propõe-se um IDS (Intrusion Detection System) para IoT, objetivando a detecção de alguns ataques do tipo DoS. Arquitetura de Sistemas de Computação
83	Empirically Driven Investigation of Dependability and Security Issues in Internet-Centric Systems Huynh, Toan Nguyen Duc 06 1900 (has links) The Web, being the most popular component of the Internet, has been transformed from a static information-serving medium into a fully interactive platform. This platform has been used by developers to create web applications rivaling traditional desktop systems. Designing, developing and evaluating these applications require new or modified methodologies, techniques and tools because of the different characteristics they exhibit. This dissertation discusses two important areas for developing and evaluating these applications: security and data mining. In the security area, a survey using a process similar to the Goal Question Metric approach examines the properties of web application vulnerabilities. Using results from the survey, a white-box approach to identify web applications vulnerabilities is proposed. Although the approach eliminates vulnerabilities during the development process, it does not protect existing web applications that have not utilized the approach. Hence, an Anomaly-based Network Intrusion Detection System, called AIWAS, is introduced. AIWAS protects web applications through the analysis of interactions between the users and the web applications. These interactions are classified as either benign or malicious; malicious interactions are prevented from reaching the web applications under protection. In the data mining area, the method of reliability estimation from server logs is examined in detail. This examination reveals the fact that the session workload is currently obtained using a constant Session Timeout Threshold (STT) value. However, each website is unique and should have its own STT value. Hence, an initial model for estimating the STT is introduced to encourage future research on sessions to use a customized STT value per website. This research on the STT leads to a deeper investigation of the actual session workload unit. More specifically, the distributional properties of the session workload are re-examined to determine whether the session workload can be described as a heavy-tailed distribution. / Software Engineering and Intelligent Systems web application security data mining web application vulnerabilities network intrusion detection system web system reliability session timeout threshold session workload
84	Comparison of GPS-Equipped Vehicles and Its Archived Data for the Estimation of Freeway Speeds Lee, Jaesup 09 April 2007 (has links) Video image detection system (VDS) equipment provides real-time traffic data for monitored highways directly to the traffic management center (TMC) of the Georgia Department of Transportation. However, at any given time, approximately 30 to 35% of the 1,600 camera stations (STNs) fail to work properly. The main reasons for malfunctions in the VDS system include long term road construction activity and operational limitations. Thus, providing alternative data sources for offline VDS stations and developing tools that can help detect problems with VDS stations can facilitate the successful operation of the TMC. To estimate the travel speed of non-working STNs, this research examined global positioning system (GPS) data from vehicles using the ATMS-monitored freeway system as a potential alternative measure to VDS. The goal of this study is to compare VDS speed data for the estimation of the travel speed on freeways with GPS-equipped vehicle trip data, and to assess the differences between these measurements as a potential function of traffic and roadway conditions, environmental, conditions, and driver/vehicle characteristics. The difference between GPS and VDS speeds is affected by various factors such as congestion level (expressed as level of service), onroad truck percentage, facility design (number of lanes and freeway sub-type), posted speed limit, weather, daylight, and time of day. The relationship between monitored speed difference and congestion level was particularly large and was observed to interact with most other factors. Classification and regression tree (CART) analysis results indicated that driver age was the most relevant variable in explaining variation for the southbound of freeway dataset and freeway sub-type, speed limit, driver age, and number of lane were the most influential variables for the northbound of freeway dataset. The combination of several variables had significant contribution in the reduction of the deviation for both the northbound and the southbound dataset. Although this study identifies potential relationships between speed difference and various factors, the results of the CART analysis should be considered with the driver sample size to yield statistically significant results. Expanded sampling with larger number of drivers would enrich this study results. GPS-equipped vehicle data Video image detection system data Traffic management center Cart analysis Speed comparison VDS data accuracy
85	Improving the Efficiency and Robustness of Intrusion Detection Systems Fogla, Prahlad 20 August 2007 (has links) With the increase in the complexity of computer systems, existing security measures are not enough to prevent attacks. Intrusion detection systems have become an integral part of computer security to detect attempted intrusions. Intrusion detection systems need to be fast in order to detect intrusions in real time. Furthermore, intrusion detection systems need to be robust against the attacks which are disguised to evade them. We improve the runtime complexity and space requirements of a host-based anomaly detection system that uses q-gram matching. q-gram matching is often used for approximate substring matching problems in a wide range of application areas, including intrusion detection. During the text pre-processing phase, we store all the q-grams present in the text in a tree. We use a tree redundancy pruning algorithm to reduce the size of the tree without losing any information. We also use suffix links for fast linear-time q-gram search during query matching. We compare our work with the Rabin-Karp based hash-table technique, commonly used for multiple q-gram matching. To analyze the robustness of network anomaly detection systems, we develop a new class of polymorphic attacks called polymorphic blending attacks, that can effectively evade payload-based network anomaly IDSs by carefully matching the statistics of the mutated attack instances to the normal profile. Using PAYL anomaly detection system for our case study, we show that these attacks are practically feasible. We develop a formal framework which is used to analyze polymorphic blending attacks for several network anomaly detection systems. We show that generating an optimal polymorphic blending attack is NP-hard for these anomaly detection systems. However, we can generate polymorphic blending attacks using the proposed approximation algorithms. The framework can also be used to improve the robustness of an intrusion detector. We suggest some possible countermeasures one can take to improve the robustness of an intrusion detection system against polymorphic blending attacks. Computer security Network security Intrusion detection system Approximate string matching Q-gram matching Anomaly detection (Computer security)
86	Empirically Driven Investigation of Dependability and Security Issues in Internet-Centric Systems Huynh, Toan Nguyen Duc Unknown Date No description available. web application security data mining web application vulnerabilities network intrusion detection system web system reliability session timeout threshold session workload
87	An intrusion detection system for supervisory control and data acquisition systems Hansen, Sinclair D. January 2008 (has links) Despite increased awareness of threats against Critical Infrastructure (CI), securing of Supervisory Control and Data Acquisition (SCADA) systems remains incomplete. The majority of research focuses on preventative measures such as improving communication protocols and implementing security policies. New attempts are being made to use commercial Intrusion Detection System (IDS) software to protect SCADA systems. These have limited effectiveness because the ability to detect specific threats requires the context of the SCADA system. SCADA context is defined as any information that can be used to characterise the current status and function of the SCADA system. In this thesis the standard IDS model will be used with the varying SCADA data sources to provide SCADA context to a signature and anomaly detection engine. A novel addition to enhance the IDS model will be to use the SCADA data sources to simulate the remote SCADA site. The data resulting from the simulation is used by the IDS to make behavioural comparison between the real and simulated SCADA site. To evaluate the enhanced IDS model the specific context of a water and wastewater system is used to develop a prototype. Using this context it was found that the inflow between sites has similar diurnal characteristic to network traffic. This introduced the idea of using inflow data to detect abnormal behaviour for a remote wastewater site. Several experiments are proposed to validate the prototype using data from a real SCADA site. Initial results show good promise for detecting abnormal behaviour and specific threats against water and wastewater SCADA systems. Information security intrusion detection system (IDS) remote telemetry device (RTU) anomaly detection signature detection
88	Establishing the Software-Defined Networking Based Defensive System in Clouds January 2014 (has links) abstract: Cloud computing is regarded as one of the most revolutionary technologies in the past decades. It provides scalable, flexible and secure resource provisioning services, which is also the reason why users prefer to migrate their locally processing workloads onto remote clouds. Besides commercial cloud system (i.e., Amazon EC2), ProtoGENI and PlanetLab have further improved the current Internet-based resource provisioning system by allowing end users to construct a virtual networking environment. By archiving the similar goal but with more flexible and efficient performance, I present the design and implementation of MobiCloud that is a geo-distributed mobile cloud computing platform, and G-PLaNE that focuses on how to construct the virtual networking environment upon the self-designed resource provisioning system consisting of multiple geo-distributed clusters. Furthermore, I conduct a comprehensive study to layout existing Mobile Cloud Computing (MCC) service models and corresponding representative related work. A new user-centric mobile cloud computing service model is proposed to advance the existing mobile cloud computing research. After building the MobiCloud, G-PLaNE and studying the MCC model, I have been using Software Defined Networking (SDN) approaches to enhance the system security in the cloud virtual networking environment. I present an OpenFlow based IPS solution called SDNIPS that includes a new IPS architecture based on Open vSwitch (OVS) in the cloud software-based networking environment. It is enabled with elasticity service provisioning and Network Reconfiguration (NR) features based on POX controller. Finally, SDNIPS demonstrates the feasibility and shows more efficiency than traditional approaches through a thorough evaluation. At last, I propose an OpenFlow-based defensive module composition framework called CloudArmour that is able to perform query, aggregation, analysis, and control function over distributed OpenFlow-enabled devices. I propose several modules and use the DDoS attack as an example to illustrate how to composite the comprehensive defensive solution based on CloudArmour framework. I introduce total 20 Python-based CloudArmour APIs. Finally, evaluation results prove the feasibility and efficiency of CloudArmour framework. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2014 Computer science Intrusion Detection System Intrusion Prevention System Mobile Cloud Computing Network Security OpenFlow Software-Defined Networking
89	Avaliação de ambientes servidores para agentes móveis. / Evaluation of mobile agents server environments. Stenio Firmino Pereira Filho 01 June 2001 (has links) Agentes móveis são programas que podem ser disparados de um computador (cliente) e transmitidos através de uma rede de comunicação para uma outra maquina (servidor) com o objetivo de executar tarefas a eles designadas. Esta dissertação apresenta uma avaliação de plataformas de desenvolvimento e servidores para agentes móveis. A tecnologia de agentes móveis tem sido alvo de grandes pesquisas, inclusive nos setores de Segurança da Informação e Comércio Eletrônico. Foram executados testes e com as informações foi feita uma análise comparativa, levando-se em consideração questões como características de desempenho dos agentes, desempenho e segurança. Para efetuar os testes foram necessários o entendimento do funcionamento do servidor e o desenvolvimento de seus agentes. Os testes de desempenho serviram para definir quais agentes são mais ágeis e quais são os gastos de processamento dos servidores. Já o teste de segurança teve a finalidade de classificar os servidores quanto à segurança. Os resultados obtidos serviram para indicar qual a melhor plataforma a ser utilizada no desenvolvimento do Sistema de Detecção de Intrusão (SDI) do ICMC. As plataformas que obtiveram destaques nos testes foram o ASDK 1.1 e Grasshopper. A plataforma escolhida para o SDI foi o ASDK 1.1. / Mobile agents are programs able to migrate from a client computer to a server computer through communication networks. There are several mobile agent technologis application, includind Information Security and Eletronic Commerce. This work describes the valuation of mobile agent plataforms. A test environment was desired and 5 plataforms were compared in terms of the security and performance provided. To make the assessment it was necessary to understand the server functionality an the methodologies to develop the agents. The test of performace helped to define which agents are more agile and what are their processing needs while in the server. The security test aimed to classify the servers in them security. The results were used to determine which is better mobile agente plataform to be used in the on going ICMCs Intrusion Detection System (IDS). The best performance plataforms were the ASDK 1.1 and the Grasshopper. The chosen plataform for the IDS was the ASDK 1.1. agentes móveis avaliação de desempenho segurança da informação sistemas de detecção de intrusos sistemas distribuidos distribuited systems information security intrusion detection system mobile agent
90	A study of Centralized Network Intrusion Detection System using low end single board computers Andersson, Michael, Mickols, Andreas January 2017 (has links) The use of Intrusion Detection Systems is a normal thing today in bigger companies, butthe solutions that are to be found in market is often too expensive for the smallercompany. Therefore, we saw the need in investigating if there is a more affordablesolution. In this report, we will show that it is possible to use low cost single boardcomputers as part of a bigger centralized Intrusion Detection System. To investigate this,we set up a test system including 2 Raspberry Pi 3 Model B, a cloud server and the use oftwo home networks, one with port mirroring implemented in firmware and the other withdedicated span port. The report will show how we set up the environment and the testingwe have done to prove that this is a working solution. IDS NIDS Network Intrusion Detection System Raspberry Pi Distributed NIDS Single Board Computer Computer and Information Sciences Data- och informationsvetenskap

Search results