Global ETD Search

171	Contributions à la sécurité dans les réseaux mobiles ad Hoc Rachedi, Abderrezak 26 November 2008 (has links) (PDF) La thèse se focalise sur la sécurité dans les réseaux mobiles ad hoc (MANET : Mobile Ad hoc NETwork) [RFC 2501]. L'absence d'une gestion centrale des fonctionnalités du réseau rend ces réseaux beaucoup plus vulnérables aux attaques que les réseaux sans ﬁl (WLAN) et ﬁlaires (LAN). Malheureusement, les protocoles de sécurité qui existent actuellement ne sont pas conçus pour un tel environnement (dynamique). Ils ne prennent pas la contrainte des ressources en considération car non seulement l'environnement est dynamique, mais les ressources sont aussi limitées (mémoire, capacité de calcul et surtout énergie), ce qui complique davantage la problématique, car on sait bien que les solutions de sécurité sont gourmandes en terme de ressources. Cependant, en raison de l'importance des domaines d'application des réseaux mobiles ad hoc comme les opérations militaires (communication entre les avions, les voitures et le personnel et opérations de secours, situations d'urgence en cas de sinistre, etc . . .), il faut relever le déﬁ, car concevoir un mécanisme de sécurité infaillible pour les réseaux mobiles ad hoc est nécessaire. L'objectif principal de la thèse consiste à étudier les solutions susceptibles d'assurer la sécurité dans les réseaux mobiles ad hoc, en proposant une architecture hiérarchique distribuée qui permet d'établir une infrastructure dynamique à clé publique. Cette architecture doit supporter les différentes caractéristiques de ces réseaux (absence d'une unité centrale de gestion de réseau, topologie réseau dynamique, etc . . .). Dans ce but, un modèle de conﬁance adapté à l'environnement dynamique pour assurer l'évolution des niveaux de conﬁance des nœuds est établi. De plus, les vulnérabilités au niveau des autorités de certiﬁcation sont prises en compte dans le nouveau concept de DDMZ (zone dynamique démilitarisée) que nous proposons. Dans le but de sécuriser les nœuds dont le rôle est crucial au sein du réseau, leur identité doit être cachée. C'est pourquoi le concept d'anonymat est introduit. Un protocole d'authentiﬁcation anonyme est proposé. De plus, nous nous inspirons du modèle militaire pour mettre en place un mécanisme de camouﬂage qui cache le rôle des nœuds sensibles. Pour entretenir le modèle de conﬁance, un mécanisme de surveillance est indispensable. Il est adapté aux contraintes de l'environnement sans ﬁl dynamique et réduit le taux de fausses alarmes (faux positifs). Il est fondé sur une approche inter-couches et un modèle probabiliste pour améliorer l'observation du nœud surveillant. Pour faire face aux attaques intelligentes de type inter-couches, une étude des vulnérabilités au niveau des couches inférieures comme la couche MAC est menée. Ensuite, des mécanismes de prévention et de détection sont analysés et évalués. La performance de ces mécanismes est évaluée avec la prise en compte des métriques primordiales pour les réseaux mobiles ad hoc, telles que la consommation d'énergie, la mobilité, la densité des nœuds et du traﬁc, etc . . . Réseaux mobiles Ad hoc Sécurité Algorithmes distribués Mécanisme de surveillance IEEE 802.11 Infrastructure à clé publique (PKI) Zone dynamique démilitarisée (DDMZ) Anonymat Attaques inter-couches
172	A SOM+ Diagnostic System for Network Intrusion Detection Langin, Chester Louis 01 August 2011 (has links) This research created a new theoretical Soft Computing (SC) hybridized network intrusion detection diagnostic system including complex hybridization of a 3D full color Self-Organizing Map (SOM), Artificial Immune System Danger Theory (AISDT), and a Fuzzy Inference System (FIS). This SOM+ diagnostic archetype includes newly defined intrusion types to facilitate diagnostic analysis, a descriptive computational model, and an Invisible Mobile Network Bridge (IMNB) to collect data, while maintaining compatibility with traditional packet analysis. This system is modular, multitaskable, scalable, intuitive, adaptable to quickly changing scenarios, and uses relatively few resources. 3D Full-Color Self-Organizing Map (SOM) Complex Hybridized Soft Computing (SC) Information Security Diagnostic System Network Intrusion Detection Types
173	Paralelização em CUDA do algoritmo Aho-Corasick utilizando as hierarquias de memórias da GPU e nova compactação da Tabela de Transcrição de Estados Silva Júnior, José Bonifácio da 21 June 2017 (has links) The Intrusion Detection System (IDS) needs to compare the contents of all packets arriving at the network interface with a set of signatures for indicating possible attacks, a task that consumes much CPU processing time. In order to alleviate this problem, some researchers have tried to parallelize the IDS's comparison engine, transferring execution from the CPU to GPU. This This dissertation aims to parallelize the Brute Force and Aho-Corasick string matching algorithms and to propose a new compression of the State Transition Table of the Aho-Corasick algorithm in order to make it possible to use it in shared memory and accelerate the comparison of strings. The two algorithms were parallelized using the NVIDIA CUDA platform and executed in the GPU memories to allow a comparative analysis of the performance of these memories. Initially, the AC algorithm proved to be faster than the Brute Force algorithm and so it was followed for optimization. The AC algorithm was compressed and executed in parallel in shared memory, achieving a performance gain of 15% over other GPU memories and being 48 times faster than its serial version when testing with real network packets. When the tests were done with synthetic data (less random data) the gain reached 73% and the parallel algorithm was 56 times faster than its serial version. Thus, it can be seen that the use of compression in shared memory becomes a suitable solution to accelerate the processing of IDSs that need agility in the search for patterns. / Um Sistema de Detecção de Intrusão (IDS) necessita comparar o conteúdo de todos os pacotes que chegam na interface da rede com um conjunto de assinaturas que indicam possíveis ataques, tarefa esta que consome bastante tempo de processamento da CPU. Para amenizar esse problema, tem-se tentado paralelizar o motor de comparação dos IDSs transferindo sua execução da CPU para a GPU. Esta dissertação tem como objetivo fazer a paralelização dos algoritmos de comparação de strings Força-Bruta e Aho-Corasick e propor uma nova compactação da Tabela de Transição de Estados do algoritmo Aho-Corasick a fim de possibilitar o uso dela na memória compartilhada e acelerar a comparação de strings. Os dois algoritmos foram paralelizados utilizando a plataforma CUDA da NVIDIA e executados nas memórias da GPU a fim de possibilitar uma análise comparativa de desempenho dessas memórias. Inicialmente, o algoritmo AC mostrou-se mais veloz do que o algoritmo Força-Bruta e por isso seguiu-se para sua otimização. O algoritmo AC foi compactado e executado de forma paralela na memória compartilhada, alcançando um ganho de desempenho de 15% em relação às outras memórias da GPU e sendo 48 vezes mais rápido que sua versão na CPU quando os testes foram feitos com pacotes de redes reais. Já quando os testes foram feitos com dados sintéticos (dados menos aleatórios) o ganho chegou a 73% e o algoritmo paralelo chegou a ser 56 vezes mais rápido que sua versão serial. Com isso, pode-se perceber que o uso da compactação na memória compartilhada torna-se uma solução adequada para acelerar o processamento de IDSs que necessitem de agilidade na busca por padrões. Ciência da computação Computação de alto desempenho Arquitetura de computador Segurança da informação GPUS CUDA Algoritmos de comparação de strings Aho-Corasick IDS Hierarquia de memória da GPU Técnicas de compactação String matching algorithms Aho-Corasick GPU memory hierarchy Compaction techniques
174	Gerenciamento e Integração das Bases de Dados de Sistemas de Detecção de Intrusões / MANAGEMENT AND INTEGRATION OF BASES DATA SYSTEMS FOR DETECTING INVASION SILVA, Emanoel Costa Claudino 19 December 2006 (has links) Made available in DSpace on 2016-08-17T14:53:13Z (GMT). No. of bitstreams: 1 Emanoel Claudino.pdf: 1555729 bytes, checksum: b4ba5604a13f7f5cbe0d556a5a9eedf8 (MD5) Previous issue date: 2006-12-19 / The digital security has become an important factor for institutions of diverse domains. The Intrusion Detection Systems (IDS) have appeared as a solution for detention and correction of intrusion of pro-active way. Thus, some models of SDIs have appeared to diminish the probability of compromising of on computational systems connected in net, identifying, reporting and answering to these incidents. In face to that diversity of solutions, they lack proposals of standardization of the information used for these Systems, as well as of mechanisms of interoperability and exchange of information between the solutions in use. This dissertation, proposes a model, an architecture and an implementation of a SDI´s Information Manager, using the technologies of Multi- Agents Systems and Web Services. The objective of the Information Manager is to keep the information that are necessary to the development of the inherent functions of a SDI, in a safe and updated way. We also propose a standard of format for storage of these data to insert requirements in the environment, as: Unified Storage, Transparent Access, Uniform Generation of Data and Friendly Interaction. / A Segurança digital tem se tornado fator inegociável para instituições de diversos domínios. Os Sistemas de Detecção de Intrusão (SDIs) têm surgido como uma solução para detecção e correção de intrusão de forma próativa. Assim, vários modelos de SDIs têm surgido para, identificando, reportando e respondendo a estes incidentes, diminuir a probabilidade de comprometimento dos sistemas computacionais ligados em rede. Diante desta diversidade de soluções, faltam propostas de padronização das informações utilizadas por estes Sistemas, bem como de mecanismos de interoperabilidade e troca de informações entre as soluções em uso. Esta dissertação, propõem um modelo, uma arquitetura e uma implementação de um Gerenciador de Informações para SDIs, usando as tecnologias de Sistemas Multiagentes e Web Services. O objetivo do Gerenciador de Informações é manter de forma segura e atualizada as informações que são necessárias ao desenvolvimento das funções inerentes a um SDI. É proposto também, um padrão de formato para armazenamento desses dados, de forma a inserir no ambiente requisitos como: Armazenamento Unificado, Acesso Transparente, Geração de Dados Uniforme e Facilidade de Interoperabilidade. Gerenciamento de Informações Sistemas Multiagentes Segurança de Redes Information Manager Intrusion Detection Systems Multi-Agents Systems Data Integration Systems for IDS Net Security
175	Provendo segurança em redes definidas por software através da integração com sistemas de detecção e prevenção de intrusão Fernandes, Henrique Santos 03 July 2017 (has links) Submitted by Patrícia Cerveira (pcerveira1@gmail.com) on 2017-06-07T20:29:49Z No. of bitstreams: 1 Henrique_Fernandes Dissertação.pdf: 2826928 bytes, checksum: f7388a5396e90a8444a4aac05feada53 (MD5) / Approved for entry into archive by Biblioteca da Escola de Engenharia (bee@ndc.uff.br) on 2017-07-03T14:05:51Z (GMT) No. of bitstreams: 1 Henrique_Fernandes Dissertação.pdf: 2826928 bytes, checksum: f7388a5396e90a8444a4aac05feada53 (MD5) / Made available in DSpace on 2017-07-03T14:05:51Z (GMT). No. of bitstreams: 1 Henrique_Fernandes Dissertação.pdf: 2826928 bytes, checksum: f7388a5396e90a8444a4aac05feada53 (MD5) / Os Sistemas de Detecção e Prevenção de Intrusão são fundamentais para a segurança da rede de computadores, inspecionar o tráfego da rede em tempo real em busca de intrusos para garantir uma rede confiável é um dos seus papéis. Porém a falta de integração com os ativos da rede é um dos principais fatores que limitam sua atuação. O conceito de Redes Definidas por Software visa diminuir a falta de integração entre os ativos de rede devido a separação do plano de dados do plano de controle. Diante da limitação da integração entre os ativos de redes e os Sistemas de Detecção e Prevenção de Intrusão, o presente estudo propõe, desenvolve e demonstra o IDSFlow, um modelo de integração de sistemas de detecção de intrusão em redes definidas por software. Para validar o IDSFlow, foram realizados testes utilizando o Openflow, o Mininet, CPqD e o Snort. Os resultados obtidos pelos algorítimos desenvolvidos e apresentados mostram a capacidade de integração proposta, é possível verificar a viabilidade de utilizar as regras já existentes e funcionais para o Snort assim como utilizar o histórico de utilização da rede para aumentar a efetividade da detecção e dos bloqueios de intrusos. / Intrusion Detection and Prevention Systems are fundamental to the network security, to inspect the traffic in real time seeking intruders to ensure a reliable network is one of it’s roles. However the lack of integration between the network equipments, is one of the biggest factors to limit its operations. The concept of Software Defined Networks aims to reduce the lack of integration among network assets due to the separation of the data plan from the control plan. Given the limitation of integration between networks assets and Intrusion Detection and Prevention Systems, the present study proposes, develops and demonstrates IDSFlow, an integration model of intrusion detection systems in softwaredefined networks. To validate IDSFlow, tests were run using Openflow, Mininet, CPqD and Snort. The results obtained by the algorithms developed and presented show the proposed integration capacity, it is possible to verify the feasibility of using the existing and functional rules for Snort as well as to use the network usage history to increase the effectiveness of intrusion detection and block. SDN Openflow Snort IDS Rede de Computadores IPS NIDS Segurança Análise de tráfego Redes definidas por software Rede de computadores Segurança de dados on-line Fluxo contínuo Sistema de telecomunicação Software defined networks Networks Network Security Security
176	Optimalizace IDS/IPS systému Suricata / Optimization of the Suricata IDS/IPS Šišmiš, Lukáš January 2021 (has links) V dnešnom svete zrýchľujúcej sa sieťovej prevádzky je potrebné držať krok v jej monitorovaní . Dostatočný prehľad o dianí v sieti dokáže zabrániť rozličným útokom na ciele nachádzajúce sa v nej . S tým nám pomáhajú systémy IDS, ktoré upozorňujú na udalosti nájdené v analyzovanej prevádzke . Pre túto prácu bol vybraný systém Suricata . Cieľom práce je vyladiť nastavenia systému Suricata s rozhraním AF_PACKET pre optimálnu výkonnosť a následne navrhnúť a implementovať optimalizáciu Suricaty . Výsledky z meraní AF_PACKET majú slúžiť ako základ pre porovnanie s navrhnutým vylepšením . Navrhovaná optimalizácia implementuje nové rozhranie založené na projekte Data Plane Development Kit ( DPDK ). DPDK je schopné akcelerovať príjem paketov a preto sa predpokladá , že zvýši výkon Suricaty . Zhodnotenie výsledkov a porovnanie rozhraní AF_PACKET a DPDK je možné nájsť na konci diplomovej práce .
177	Erschließungssysteme in der Schweiz und in der ETH-Bibliothek: CH: Topographische Bibliogeographie im Schnellflug Pika, Jiri 02 February 2011 (has links) Die schweizerische Bibliothekslandschaft, ihre Vernetzung und Gewichtung ihrer inhaltlichen Erschließung können anhand der Organisations-und Struktur-Analyse der 1. Bibliotheksverbünde 2. Spezialbibliotheken 3. Universitäts-und Technischen Universitätsbibliotheken parametrisiert werden Quellen: •Internet-Zugang zu allen schweizerischen Hochschulbibliotheken http://www.ub.unibas.ch/lib/schweiz.htm •Schweizer Virtueller Katalog http://www.chvk.ch/ info:eu-repo/classification/ddc/020 ddc:020
178	Combining Anomaly- and Signaturebased Algorithms for IntrusionDetection in CAN-bus : A suggested approach for building precise and adaptiveintrusion detection systems to controller area networks Andersson, Robin January 2021 (has links) With the digitalization and the ever more computerization of personal vehicles, new attack surfaces are introduced, challenging the security of the in-vehicle network. There is never such a thing as fully securing any computer system, nor learning all the methods of attack in order to prevent a break-in into a system. Instead, with sophisticated methods, we can focus on detecting and preventing attacks from being performed inside a system. The current state of the art of such methods, named intrusion detection systems (IDS), is divided into two main approaches. One approach makes its models very confident of detecting malicious activity, however only on activities that has been previously learned by this model. The second approach is very good at constructing models for detecting any type of malicious activity, even if never studied by the model before, but with less confidence. In this thesis, a new approach is suggested with a redesigned architecture for an intrusion detection system called Multi-mixed IDS. Where we take a middle ground between the two standardized approaches, trying to find a combination of both sides strengths and eliminating its weaknesses. This thesis aims to deliver a proof of concept for a new approach in the current state of the art in the CAN-bus security research field. This thesis also brings up some background knowledge about CAN and intrusion detection systems, discussing their strengths and weaknesses in further detail. Additionally, a brief overview from a handpick of research contributions from the field are discussed. Further, a simple architecture is suggested, three individual detection models are trained and combined to be tested against a CAN-bus dataset. Finally, the results are examined and evaluated. The results from the suggested approach shows somewhat poor results compared to other suggested algorithms within the field. However, it also shows some good potential, if better decision methods between the individual algorithms that constructs the model can be found. CAN Controller Area Network IDS Intrusion detection personal vehicles machine learning hybrid proof of concept embeded systems software architecture malicious security Engineering and Technology Teknik och teknologier Computer Systems Datorsystem Embedded Systems Inbäddad systemteknik
179	Detection of aberrant events in RNA for clinical diagnostics Wu, Mei January 2021 (has links) Rare diseases are estimated to affect 3.75% of the global population, which roughly translates to 300 million affected individuals. A large proportion of patients still do not have their diagnosis and current approaches such as chromosomal microarray (CMA), whole exome sequencing (WES), and whole genome sequencing (WGS) that targets DNA and the exome aims to resolve that very first step. RNA-seq serves as a powerful approach complementing the aforementioned methods that have reached a plateau in the diagnostic yield. RNA-seq can facilitate the finding of aberrant events that appear during transcription e.g., splicing, changes in gene expression and monoallelic expression. In this study, we aimed to establish RNA-seq analysis pipelines and evaluate whether RNA-seq could be utilized to enhance diagnostic yield. A total of 47 clinical samples were analysed along with the publicly controlled GEAUVADIS dataset to evaluate the potential of RNA-seq in a clinical setting. The pilot pipeline used, an RNA-seq analysis wrapper around Detection of RNA Outlier Pipeline (DROP), used detected a highly ranked splicing variant in a positive control control sample that was hard to identify in a WGS analysis. The remaining two other positive control other two control samples with aberrant expression were also detected by the pipeline. Additionally, the pipeline gave a manageable list of candidate genes per affected sample in the population along with corroborating graphs that can support the decision-making for clinicians. The results of this pipeline proved successful for integrating RNA-seq and thustherefore, we expect anticipate an increase in diagnosis. rare disease clinical bioinformatics pipeline analysis variants IDS OPA3 wgs transcriptome rna diagnosis Medical and Health Sciences Medicin och hälsovetenskap Clinical Medicine Klinisk medicin Biological Sciences Biologiska vetenskaper Computer and Information Sciences Data- och informationsvetenskap
180	Vyhledávání spojů v jízdních řádech / Traffic Connection Searching in Transport Schedules Žižka, Ondřej January 2008 (has links) Everyday need of modern society is a mass personal transit on a regular basis. For this purpose, mass transit systems exist which obey aforethought schedule. This thesis' goal is to examine the means of automatic search of connections from one place to another, implement such search, and to advance the search algorithm using the soft-computing paradigms. Minor goal would be a research of SQL language procedural capabilities, which could support mass pseudo-parallel computations.

Search results