Global ETD Search

431	Modul pro sledování politiky sítě v datech o tocích / Module for Network Policy Monitoring in Flow Data Piecek, Adam January 2019 (has links) The aim of this master's thesis is to design a language through which it would be possible to monitor a stream of network flows in order to detect network policy violations in the local network. An analysis of the languages used in the data stream management systems and an analysis of tasks submitted by the potential administrator were both carried out. The analysis specified resulted in the language design which represents pipelining consisting of filtering and aggregation. These operations can be clearly defined and managed within security rules. The result of this thesis also results in the Policer modul being integrated in the NEMEA system, which is able to apply the main commands of the proposed language. Finally, the module meets the requirements of the specified tasks and may be used for further development in the area of monitoring network policies.
432	Automatické shlukování regulárních výrazů / Automatic Grouping of Regular Expressions Stanek, Timotej January 2011 (has links) This project is about security of computer networks using Intrusion Detection Systems. IDS contain rules for detection expressed with regular expressions, which are for detection represented by finite-state automata. The complexity of this detection with non-deterministic and deterministic finite-state automata is explained. This complexity can be reduced with help of regular expressions grouping. Grouping algorithm and approaches for speedup and improvement are introduced. One of the approches is Genetic algorithm, which can work real-time. Finally Random search algorithm for grouping of regular expressions is presented. Experiment results with these approches are shown and compared between each other.
433	PROGRAM ANOMALY DETECTION FOR INTERNET OF THINGS Akash Agarwal (13114362) 01 September 2022 (has links) <p>Program anomaly detection — modeling normal program executions to detect deviations at runtime as cues for possible exploits — has become a popular approach for software security. To leverage high performance modeling and complete tracing, existing techniques however focus on subsets of applications, e.g., on system calls or calls to predefined libraries. Due to limited scope, it is insufficient to detect subtle control-oriented and data-oriented attacks that introduces new illegal call relationships at the application level. Also such techniques are hard to apply on devices that lack a clear separation between OS and the application layer. This dissertation advances the design and implementation of program anomaly detection techniques by providing application context for library and system calls making it powerful for detecting advanced attacks targeted at manipulating intra- and inter-procedural control-flow and decision variables. </p> <p><br></p> <p>This dissertation has two main parts. The first part describes a statically initialized generic calling context program anomaly detection technique LANCET based on Hidden Markov Modeling to provide security against control-oriented attacks at program runtime. It also establishes an efficient execution tracing mechanism facilitated through source code instrumentation of applications. The second part describes a program anomaly detection framework EDISON to provide security against data-oriented attacks using graph representation learning and language models for intra and inter-procedural behavioral modeling respectively.</p> <p><br> This dissertation makes three high-level contributions. First, the concise descriptions demonstrates the design, implementation and extensive evaluation of an aggregation-based anomaly detection technique using fine-grained generic calling context-sensitive modeling that allows for scaling the detection over entire applications. Second, the precise descriptions show the design, implementation, and extensive evaluation of a detection technique that maps runtime traces to the program’s control-flow graph and leverages graphical feature representation to learn dynamic program behavior. Finally, this dissertation provides details and experience for designing program anomaly detection frameworks from high-level concepts, design, to low-level implementation techniques.</p> Software and application security System and network security Deep learning Neural networks Semi- and unsupervised learning Application Security Software security Anomaly detection (Computer security) Software instrumentation Cyber-physical systems (CPS) Deep Learning Applications IoT Security data-oriented attacks control-oriented attacks Memory Corruption Hidden Markov model, HMM
434	An Image-based ML Approach for Wi-Fi Intrusion Detection System and Education Modules for Security and Privacy in ML Rayed Suhail Ahmad (18476697) 02 May 2024 (has links) <p dir="ltr">The research work presented in this thesis focuses on two highly important topics in the modern age. The first topic of research is the development of various image-based Network Intrusion Detection Systems (NIDSs) and performing a comprehensive analysis of their performance. Wi-Fi networks have become ubiquitous in enterprise and home networks which creates opportunities for attackers to target the networks. These attackers exploit various vulnerabilities in Wi-Fi networks to gain unauthorized access to a network or extract data from end users' devices. The deployment of an NIDS helps detect these attacks before they can cause any significant damages to the network's functionalities or security. Within the scope of our research, we provide a comparative analysis of various deep learning (DL)-based NIDSs that utilize various imaging techniques to detect anomalous traffic in a Wi-Fi network. The second topic in this thesis is the development of learning modules for security and privacy in Machine Learning (ML). The increasing integration of ML in various domains raises concerns about its security and privacy. In order to effectively address such concerns, students learning about the basics of ML need to be made aware of the steps that are taken to develop robust and secure ML-based systems. As part of this, we introduce a set of hands-on learning modules designed to educate students on the importance of security and privacy in ML. The modules provide a theoretical learning experience through presentations and practical experience using Python Notebooks. The modules are developed in a manner that allows students to easily absorb the concepts regarding privacy and security of ML models and implement it in real-life scenarios. The efficacy of this process will be obtained from the results of the surveys conducted before and after providing the learning modules. Positive results from the survey will demonstrate the learning modules were effective in imparting knowledge to the students and the need to incorporate security and privacy concepts in introductory ML courses.</p> Data and information privacy Data security and protection System and network security Adversarial machine learning Deep learning adversarial machine learning (AdvML) Adversarial Machine Learning Privacy Preserving Machine Learning PPML AML Cyber Security AWID AWID3 Cybersecurity Education Intrusion Detection Wi-Fi Networks Deep Learning Wireless Intrusion Detection Security and Privacy
435	Electromagnetic Physical Security: Addressing Exploitation Risks and Building Trust Md Faizul Bari (20373786) 10 December 2024 (has links) <p dir="ltr">Unintentional electromagnetic emission (called emanation) from electronic devices and cables contains a significant correlation with the source signal and can be used to recover otherwise confidential data. In our work, EM emanation has been exploited to recover keystrokes from USB keyboards. Also, such emission has been utilized to form a covert channel for data exfiltration from air-gapped devices without being detected by IDS. To protect sensitive information, an automated emanation detection system has been proposed by developing two emanation detection algorithms (CNN-based and harmonic-based) through the characterization of emanation signals from a wide range of devices. Apart from emanation, data theft can happen due to the failure of access control methods. Traditional wireless devices are susceptible to various spoofing attacks as they only use digital signature-based authentication systems, ignoring the physical signatures completely. To circumvent that, RF-PUF was proposed to use device-specific signatures to be used for trust augmentation in traditional methods. By forming an extensive experimental dataset, we established RF-PUF as a strong PUF with a low-power overhead that outperformed the state-of-the-art methods and is robust against typical attacks. For real-time authentication, we proposed DIRAC, which forms dynamic device clusters and incrementally learns as more device data becomes available. Since our root of trust is in the physical signature of the ICs, they also need to be secured. However, counterfeited ICs may jeopardize that goal. We have proposed RF-PSF, which uses device-specific physical properties to authenticate its process technology which is a big part of the cloned IC detection.</p> Circuits and systems Engineering electromagnetics Hardware security System and network security EM Emanation RF-PUF RF-PSF Side Channel Analysis Covert Channel Data exfiltration PWM Keystroke Recovery authentication security Incremental learning Dynamic Clusters Counterfeit IC Computational Harmonic Detector Emanation Compromising Emanation TEMPEST investigators
436	The management of an information technology infrastructure in schools in the Western Cape Province / Bestuur van rekenaar tegnologie in skole van die Wes Kaapse Onderwys Departement Perkins, Catharina Elizabetha 11 1900 (has links) This research conceptualises IT infrastructure management at secondary schools in the WCED (Western Cape Education Department). This includes whether or not secondary schools in the WCED make use of a full time, on-site network administrator or whether a teacher acts as on-site network administrator. The literature review studied the effectiveness of IT infrastructure management which includes hardware, software, policies, computer network, security; staff management and BYOD (bring your own device). The management of IT infrastructure at secondary schools within the WCED differs widely from school to school, and its functionality depends on many factors. The quantitative study revealed problem areas within IT infrastructure management at secondary schools in the WCED. Furthermore the quantitative study also revealed that there is a need for best practice guidelines with regards to IT infrastructure management in order to improve service delivery. The literature review provided sources for best practice IT infrastructure management. / Rekenaar infrastruktuur by sekondere skole in die WKOD (Wes Kaapse Onderwys Departement) word in die navorsing beskryf. Die studie ondersoek verskillende strukture naamlike skole wat 'n voltydse netwerk administrateur het en skole waar 'n onderwyser die verantwoordelikheid aanneem van 'n netwerk administrateur. Die effektiewe beheer van rekenaar infrastrukture word bespreek. Dit sluit hardeware, sagteware, beleid formulasie, rekenaar netwerk, sekuriteit, personeel bestuur, en BYOD (bring jou eie toestel). Die bestuur van rekenaar infrastruktuur verskil van skool tot skool en die effektiewe bestuur daarvan word deur baie faktore beinvloed. Die kwantitatiewe studie het probleem areas vir die bestuur van rekenaar infrastruktuur by sekondere skole in die WKOD uitgewys. Die kwantitatiewe studie het verder die behoefte vir beste praktyk riglyne uitgewys om sodoende better dienslewering te verseker. Die literere studie het beste praktyk riglyne vir rekenaar infrastruktuur bestuur genoem. / Educational Leadership and Management Best Practice BYOD Cloud Computer Computer lab Facebook FITS Framework Guidelines Hardware Head of department ICT Infrastructure Information communication technology Information technology Infrastructure IT IT Infrastructure Management ITIL Management Computer network Network administrator Online survey Policies Principal Secondary school Network security Senior management team Software Teacher WCED Western Cape Education Department 373.0285
437	The management of an information technology infrastructure in schools in the Western Cape Province / Bestuur van rekenaar tegnologie in skole van die Wes Kaapse Onderwys Departement Perkins, Catharina Elizabetha 11 1900 (has links) This research conceptualises IT infrastructure management at secondary schools in the WCED (Western Cape Education Department). This includes whether or not secondary schools in the WCED make use of a full time, on-site network administrator or whether a teacher acts as on-site network administrator. The literature review studied the effectiveness of IT infrastructure management which includes hardware, software, policies, computer network, security; staff management and BYOD (bring your own device). The management of IT infrastructure at secondary schools within the WCED differs widely from school to school, and its functionality depends on many factors. The quantitative study revealed problem areas within IT infrastructure management at secondary schools in the WCED. Furthermore the quantitative study also revealed that there is a need for best practice guidelines with regards to IT infrastructure management in order to improve service delivery. The literature review provided sources for best practice IT infrastructure management. / Rekenaar infrastruktuur by sekondere skole in die WKOD (Wes Kaapse Onderwys Departement) word in die navorsing beskryf. Die studie ondersoek verskillende strukture naamlike skole wat 'n voltydse netwerk administrateur het en skole waar 'n onderwyser die verantwoordelikheid aanneem van 'n netwerk administrateur. Die effektiewe beheer van rekenaar infrastrukture word bespreek. Dit sluit hardeware, sagteware, beleid formulasie, rekenaar netwerk, sekuriteit, personeel bestuur, en BYOD (bring jou eie toestel). Die bestuur van rekenaar infrastruktuur verskil van skool tot skool en die effektiewe bestuur daarvan word deur baie faktore beinvloed. Die kwantitatiewe studie het probleem areas vir die bestuur van rekenaar infrastruktuur by sekondere skole in die WKOD uitgewys. Die kwantitatiewe studie het verder die behoefte vir beste praktyk riglyne uitgewys om sodoende better dienslewering te verseker. Die literere studie het beste praktyk riglyne vir rekenaar infrastruktuur bestuur genoem. / Educational Leadership and Management Best Practice BYOD Cloud Computer Computer lab Facebook FITS Framework Guidelines Hardware Head of department ICT Infrastructure Information communication technology Information technology Infrastructure IT IT Infrastructure Management ITIL Management Computer network Network administrator Online survey Policies Principal Secondary school Network security Senior management team Software Teacher WCED Western Cape Education Department 373.0285
438	Distribution multi-contenus sur Internet / Content distribution over Internet Mnie Filali, Imane 27 September 2016 (has links) Dans cette thèse, nous nous sommes intéressés aux protocoles pair-à-pair (P2P), qui représentent une solution prometteuse pour la diffusion et le partage de données à faible coût sur Internet. Nous avons mené, dans un premier temps, une étude comportementale de différents protocoles P2P pour le partage de fichier (distribution de contenus sans contrainte de temps) puis le live. Dans la première étude centréesur le partage de fichier, nous avons montré l’impact d’Hadopi sur le comportement des utilisateurs et discuté l’efficacité des protocoles en fonction du contenu et l’efficacité protocolaire, en se basant sur les choix des utilisateurs. BitTorrent s’est nettement démarqué au cours de cette étude, notamment pour les grands contenus. En ce qui concerne le live, nous nous sommes intéressés à la qualité de servicedu réseau de distribution live Sopcast, car plus de 60% des événements live diffusés en P2P le sont sur ce réseau. Notre analyse approfondie de ces deux modes de distribution nous a fait nous recentrer sur BitTorrent, qui est à la base de tous les protocoles P2P Live, et est efficace en partage de fichier et complètement open source. Dans la seconde partie de la thèse, nous avons proposé et implémenté dansun environnement contrôlé un nouveau protocole sur la base de BitTorrent avec des mécanismes protocolaires impliquant tous les pairs dans la gestion du réseau. Ces nouveaux mécanismes permettent d’augmenter l’efficacité du protocole via une meilleure diffusion, tant pour le live que le partage de fichier, de métadonnées (la pièce la plus rare) et via une méthode dite de push, par laquelle un client va envoyer du contenu aux pairs les plus dans le besoin / In this study, we focused on peer-to-peer protocols (P2P), which represent a promising solution for data dissemination and content delivery at low-cost in the Internet. We performed, initially, a behavioral study of various P2P protocols for file sharing (content distribution without time constraint) and live streaming. Concerning file sharing, we have shown the impact of Hadopi on users’ behavior and discussed the effectiveness of protocols according to content type, based on users’ choice. BitTorrent appeared as the most efficient approach during our study, especially when it comes to large content. As for streaming, we studied the quality of service of Sopcast, a live distribution network that accounts for more than 60% of P2P broadcast live events. Our in-depth analysis of these two distributionmodes led us to focus on the BitTorrent protocol because of its proven efficiency in file sharing and the fact that it is open source. In the second part of the thesis, we proposed and implemented a new protocol based on BitTorrent, in a controlled environment. The modifications that we proposed allow to increase the efficiency of the protocol through improved dissemination of metadata (the rarest piece), both for live and file sharing. An enhanced version is introduced with a push method, where nodes that lag behind receive an extra service so as to improve the overall performance Réseaux P2P Protocole P2P Performance protocole Loi anti-piraterie Partage de fichier Partage de données Partage de ressources Qualité des métadonnées Pair actif Pair intelligent Gestion collaborative Gestion réseau Sécurité réseau Vision locale Vision globale BitTorrent Sopcast EDonkey Gnutella Peer-to-peer computing P2P network approach P2P Protocols Protocols performance Protocol efficiency Anti-piracy laws File sharing Streaming Live sharing Data sharing Ressources sharing Meta-data quality Collaborative management Active peer Peer intelligent Network management Network security Local vision Global vision BitTorrent EDonkey Sopcast Gnutella
439	Deep Learning Based Models for Cognitive Autonomy and Cybersecurity Intelligence in Autonomous Systems Ganapathy Mani (8840606) 21 June 2022 (has links) Cognitive autonomy of an autonomous system depends on its cyber module's ability to comprehend the actions and intent of the applications and services running on that system. The autonomous system should be able to accomplish this without or with limited human intervention. These mission-critical autonomous systems are often deployed in unpredictable and dynamic environments and are vulnerable to evasive cyberattacks. In particular, some of these cyberattacks are Advanced Persistent Threats where an attacker conducts reconnaissance for a long period time to ascertain system features, learn system defenses, and adapt to successfully execute the attack while evading detection. Thus an autonomous system's cognitive autonomy and cybersecurity intelligence depend on its capability to learn, classify applications (good and bad), predict the attacker's next steps, and remain operational to carryout the mission-critical tasks even under cyberattacks. In this dissertation, we propose novel learning and prediction models for enhancing cognitive autonomy and cybersecurity in autonomous systems. We develop (1) a model using deep learning along with a model selection framework that can classify benign and malicious operating contexts of a system based on performance counters, (2) a deep learning based natural language processing model that uses instruction sequences extracted from the memory to learn and profile the behavior of evasive malware, (3) a scalable deep learning based object detection model with data pre-processing assisted by fuzzy-based clustering, (4) fundamental guiding principles for cognitive autonomy using Artificial Intelligence (AI), (5) a model for privacy-preserving autonomous data analytics, and finally (6) a model for backup and replication based on combinatorial balanced incomplete block design in order to provide continuous availability in mission-critical systems. This research provides effective and computationally efficient deep learning based solutions for detecting evasive cyberattacks and increasing autonomy of a system from application-level to hardware-level. <br> Private policing and security services Knowledge representation and reasoning Pattern recognition System and network security Data mining and knowledge discovery Artificial Intelligence Cybersecurity Deep Learning Machine Learning Cryptomining Cryptojacking Natural Language Processing Malware Combinatorics Autonomous Systems Cognitive Autonomy Applied Computer Science Computer System Security Private Policing and Security Services Pattern Recognition and Data Mining

Search results