Global ETD Search

131	Analysis of Computer System Incidents and Security Level Evaluation / Incidentų kompiuterių sistemose tyrimas ir saugumo lygio įvertinimas Paulauskas, Nerijus 10 June 2009 (has links) The problems of incidents arising in computer networks and the computer system security level evaluation are considered in the thesis. The main research objects are incidents arising in computer networks, intrusion detection systems and network scanning types. The aim of the thesis is the investigation of the incidents in the computer networks and computer system security level evaluation. The following main tasks are solved in the work: classification of attacks and numerical evaluation of the attack severity level evaluation; quantitative evaluation of the computer system security level; investigation of the dependence of the computer system performance and availability on the attacks affecting the system and defense mechanisms used in it; development of the model simulating the computer network horizontal and vertical scanning. The thesis consists of general characteristic of the research, five chapters and general conclusions. General characteristic of the thesis is dedicated to an introduction of the problem and its topicality. The aims and tasks of the work are also formulated; the used methods and novelty of solutions are described; the author‘s publications and structure of the thesis are presented. Chapter 1 covers the analysis of existing publications related to the problems of the thesis. The survey of the intrusion detection systems is presented and methods of the intrusion detection are analyzed. The currently existing techniques of the attack classification are... [to full text] / Disertacijoje nagrinėjamos incidentų kompiuterių tinkluose ir kompiuterių sistemų saugumo lygio įvertinimo problemos. Pagrindiniai tyrimo objektai yra incidentai kompiuterių tinkluose, atakų atpažinimo sistemos ir kompiuterių tinklo žvalgos būdai. Disertacijos tikslas – incidentų kompiuterių tinkluose tyrimas ir kompiuterių sistemų saugumo lygio įvertinimas. Darbe sprendžiami šie pagrindiniai uždaviniai: atakų klasifikavimas ir jų sunkumo lygio skaitinis įvertinimas; kompiuterių sistemos saugumo lygio kiekybinis įvertinimas; kompiuterių sistemos našumo ir pasiekiamumo priklausomybės nuo sistemą veikiančių atakų ir joje naudojamų apsaugos mechanizmų tyrimas; modelio, imituojančio kompiuterių tinklo horizontalią ir vertikalią žvalgą kūrimas. Disertaciją sudaro įvadas, penki skyriai ir bendrosios išvados. Įvadiniame skyriuje nagrinėjamas problemos aktualumas, formuluojamas darbo tikslas bei uždaviniai, aprašomas mokslinis darbo naujumas, pristatomi autoriaus pranešimai ir publikacijos, disertacijos struktūra. Pirmasis skyrius skirtas literatūros apžvalgai. Jame apžvelgiamos atakų atpažinimo sistemos, analizuojami atakų atpažinimo metodai. Nagrinėjami atakų klasifikavimo būdai. Didelis dėmesys skiriamas kompiuterių sistemos saugumo lygio įvertinimo metodams, kompiuterių prievadų žvalgos būdams ir žvalgos atpažinimo metodams. Skyriaus pabaigoje formuluojamos išvados ir konkretizuojami disertacijos uždaviniai. Antrajame skyriuje pateikta sudaryta atakų nukreiptų į kompiuterių... [toliau žr. visą tekstą] Electronics and Electrical Engineering Computer system security Security level evaluation Network scanning Intrusion detection system Computer system incidents Kompiuterių sistemų saugumas Saugumo lygio įvertinimas Tinklo žvalga Atakų atpažinimo sistmos Incidentai kompiuterių sistemose
132	Applying mobile agents in an immune-system-based intrusion detection system Zielinski, Marek Piotr 30 November 2004 (has links) Nearly all present-day commercial intrusion detection systems are based on a hierarchical architecture. In such an architecture, the root node is responsible for detecting intrusions and for issuing responses. However, an intrusion detection system (IDS) based on a hierarchical architecture has many single points of failure. For example, by disabling the root node, the intrusion-detection function of the IDS will also be disabled. To solve this problem, an IDS inspired by the human immune system is proposed. The proposed IDS has no single component that is responsible for detecting intrusions. Instead, the intrusion-detection function is divided and placed within mobile agents. Mobile agents act similarly to white blood cells of the human immune system and travel from host to host in the network to detect intrusions. The IDS is fault-tolerant because it can continue to detect intrusions even when most of its components have been disabled. / Computer Science (School of Computing) / M. Sc. (Computer Science) Computer security Intrusion detection system Immune system Mobile agent Fault-tolerance Anomaly detection System call monitoring Computer immunology 005.8 Computer security Mobile agents (Computer software) Computer networks -- Security measures
133	A SOM+ Diagnostic System for Network Intrusion Detection Langin, Chester Louis 01 August 2011 (has links) This research created a new theoretical Soft Computing (SC) hybridized network intrusion detection diagnostic system including complex hybridization of a 3D full color Self-Organizing Map (SOM), Artificial Immune System Danger Theory (AISDT), and a Fuzzy Inference System (FIS). This SOM+ diagnostic archetype includes newly defined intrusion types to facilitate diagnostic analysis, a descriptive computational model, and an Invisible Mobile Network Bridge (IMNB) to collect data, while maintaining compatibility with traditional packet analysis. This system is modular, multitaskable, scalable, intuitive, adaptable to quickly changing scenarios, and uses relatively few resources. 3D Full-Color Self-Organizing Map (SOM) Complex Hybridized Soft Computing (SC) Information Security Diagnostic System Network Intrusion Detection Types
134	SISTEMA DE DETECÇÃO DE INTRUSOS EM ATAQUES ORIUNDOS DE BOTNETS UTILIZANDO MÉTODO DE DETECÇÃO HÍBRIDO / Intrusion Detection System in Attacks Coming from Botnets Using Method Hybrid Detection CUNHA NETO, Raimundo Pereira da 28 July 2011 (has links) Made available in DSpace on 2016-08-17T14:53:19Z (GMT). No. of bitstreams: 1 dissertacao Raimundo.pdf: 3146531 bytes, checksum: 40d7a999c6dda565c6701f7cc4a171aa (MD5) Previous issue date: 2011-07-28 / The defense mechanisms expansion for cyber-attacks combat led to the malware evolution, which have become more structured to break these new safety barriers. Among the numerous malware, Botnet has become the biggest cyber threat due to its ability of controlling, the potentiality of making distributed attacks and because of the existing structure of control. The intrusion detection and prevention has had an increasingly important role in network computer security. In an intrusion detection system, information about the current situation and knowledge about the attacks contribute to the effectiveness of security process against this new cyber threat. The proposed solution presents an Intrusion Detection System (IDS) model which aims to expand Botnet detectors through active objects system by proposing a technology with collect by sensors, preprocessing filter and detection based on signature and anomaly, supported by the artificial intelligence method Particle Swarm Optimization (PSO) and Artificial Neural Networks. / A ampliação dos mecanismos de defesas no uso do combate de ataques ocasionou a evolução dos malwares, que se tornaram cada vez mais estruturados para o rompimento destas novas barreiras de segurança. Dentre os inúmeros malwares, a Botnet tornou-se uma grande ameaça cibernética, pela capacidade de controle e da potencialidade de ataques distribuídos e da estrutura de controle existente. A detecção e a prevenção de intrusão desempenham um papel cada vez mais importante na segurança de redes de computadores. Em um sistema de detecção de intrusão, as informações sobre a situação atual e os conhecimentos sobre os ataques tornam mais eficazes o processo de segurança diante desta nova ameaça cibernética. A solução proposta apresenta um modelo de Sistema de Detecção de Intrusos (IDS) que visa na ampliação de detectores de Botnet através da utilização de sistemas objetos ativos, propondo uma tecnologia de coleta por sensores, filtro de pré-processamento e detecção baseada em assinatura e anomalia, auxiliado pelo método de inteligência artificial Otimização de Enxame da Partícula (PSO) e Redes Neurais Artificiais. Segurança de Redes Botnets Sistema de Detecção de Intrusos - IDS Redes Neurais Artificiais Network Security Botnet Intrusion Detection System - IDS Particle Swarm Optimization - PSO Artificial Neural Networks
135	Mitteilungen des URZ 2/2004 Heide,, Richter,, Riedel,, Schier,, Kratzert,, Ziegler, 10 May 2004 (has links) (PDF) Informationen des Universitätsrechenzentrums Campusnetz Computerpools Zeichenkodierung DINI Recherche Linux Fedora Core 1 MONARCH Mail-Würmer PHP-Programmierung sichere Swish-E ddc:050 ddc:004 Unicode Windows XP Zertifizierung Sicherheit
136	Towards privacy preserving cooperative cloud based intrusion detection systems Kothapalli, Anirudh Mitreya 08 1900 (has links) Les systèmes infonuagiques deviennent de plus en plus complexes, dynamiques et vulnérables aux attaques. Par conséquent, il est de plus en plus difficile pour qu'un seul système de détection d'intrusion (IDS) basé sur le cloud puisse repérer toutes les menaces, en raison des lacunes de connaissances sur les attaques et leurs conséquences. Les études récentes dans le domaine de la cybersécurité ont démontré qu'une coopération entre les IDS d'un nuage pouvait apporter une plus grande efficacité de détection dans des systèmes informatiques aussi complexes. Grâce à cette coopération, les IDS d'un nuage peuvent se connecter et partager leurs connaissances afin d'améliorer l'exactitude de la détection et obtenir des bénéfices communs. L'anonymat des données échangées par les IDS constitue un élément crucial de l'IDS coopérative. Un IDS malveillant pourrait obtenir des informations confidentielles d'autres IDS en faisant des conclusions à partir des données observées. Pour résoudre ce problème, nous proposons un nouveau système de protection de la vie privée pour les IDS en nuage. Plus particulièrement, nous concevons un système uniforme qui intègre des techniques de protection de la vie privée dans des IDS basés sur l'apprentissage automatique pour obtenir des IDS qui respectent les informations personnelles. Ainsi, l'IDS permet de cacher des informations possédant des données confidentielles et sensibles dans les données partagées tout en améliorant ou en conservant la précision de la détection. Nous avons mis en œuvre un système basé sur plusieurs techniques d'apprentissage automatique et de protection de la vie privée. Les résultats indiquent que les IDS qui ont été étudiés peuvent détecter les intrusions sans utiliser nécessairement les données initiales. Les résultats (c'est-à-dire qu'aucune diminution significative de la précision n'a été enregistrée) peuvent être obtenus en se servant des nouvelles données générées, analogues aux données de départ sur le plan sémantique, mais pas sur le plan synthétique. / Cloud systems are becoming more sophisticated, dynamic, and vulnerable to attacks. Therefore, it's becoming increasingly difficult for a single cloud-based Intrusion Detection System (IDS) to detect all attacks, because of limited and incomplete knowledge about attacks and their implications. The recent works on cybersecurity have shown that a co-operation among cloud-based IDSs can bring higher detection accuracy in such complex computer systems. Through collaboration, cloud-based IDSs can consult and share knowledge with other IDSs to enhance detection accuracy and achieve mutual benefits. One fundamental barrier within cooperative IDS is the anonymity of the data the IDS exchanges. Malicious IDS can obtain sensitive information from other IDSs by inferring from the observed data. To address this problem, we propose a new framework for achieving a privacy-preserving cooperative cloud-based IDS. Specifically, we design a unified framework that integrates privacy-preserving techniques into machine learning-based IDSs to obtain privacy-aware cooperative IDS. Therefore, this allows IDS to hide private and sensitive information in the shared data while improving or maintaining detection accuracy. The proposed framework has been implemented by considering several machine learning and privacy-preserving techniques. The results suggest that the consulted IDSs can detect intrusions without the need to use the original data. The results (i.e., no records of significant degradation in accuracy) can be achieved using the newly generated data, similar to the original data semantically but not synthetically. Cloud Systems Cyber Attacks Privacy Intrusion Detection System Cooperative IDS Systèmes infonuagiques Cyber-attaques Intimité Système de détection d’intrusion IDS coopératif
137	Bearbetningstid och CPU-användning i Snort IPS : En jämförelse mellan ARM Cortex-A53 och Cortex-A7 / Processing time and CPU usage in Snort IPS : A comparision between ARM Cortex-A53 and Cortex-A7 Nadji, Al-Husein, Sarbast Hgi, Haval January 2020 (has links) Syftet med denna studie är att undersöka hur bearbetningstiden hos Snort intrångsskyddssystem varierar mellan två olika processorer; ARM Cortex-A53 och Cortex-A7. CPU-användningen undersöktes även för att kontrollera om bearbetningstid är beroende av hur mycket CPU Snort använder. Denna studie ska ge kunskap om hur viktig en processor är för att Snort ska kunna prestera bra när det gäller bearbetningstid och CPU användning samt visa det uppenbara valet mellan Cortex-A53 och Cortex-A7 när man ska implementera Snort IPS. Med hjälp av litteratursökning konstruerades en experimentmiljö för att kunna ge svar på studiens frågeställningar. Snort kan klassificeras som CPU-bunden vilket innebär att systemet är beroende av en snabb processor. I detta sammanhang innebär en snabb processor gör att Snort hinner bearbeta den mängd nätverkstrafik den får, annars kan trafiken passera utan att den inspekteras vilket kan skada enheten som är skyddat av Snort. Studiens resultat visar att bearbetningstiden i Snort på Cortex-A53 och Cortex-A7 skiljer sig åt och en tydlig skillnad i CPU-användning mellan processorerna observerades. Studien visar även kopplingen mellan bearbetningstiden och CPUanvändning hos Snort. Studiens slutsats är att ARM Cortex-A53 har bättre prestanda vid användning av Snort IPS avseende bearbetningstid och CPU-användning, där Cortex-A53 har 10 sekunder kortare bearbetningstid och använder 2,87 gånger mindre CPU. / The purpose of this study is to examine how the processing time of the Snort intrusion prevention system varies on two different processors; ARM Cortex-A53 and CortexA7. CPU usage was also examined to check if processing time depends on how much CPU Snort uses. This study will provide knowledge about how important a processor is for Snort to be able to perform well in terms of processing time and CPU usage. This knowledge will help choosing between Cortex-A53 and Cortex-A7 when implementing Snort IPS. To achieve the purpose of the study a literature search has been done to design an experimental environment. Snort can be classified as CPU-bound, which means that the system is dependent on a fast processor. In this context, a fast processor means that Snort is given enough time to process the amount of traffic it receives, otherwise the traffic can pass through without it being inspected, which can be harmful to the device that is protected by Snort. The results of the study show that the processing time in Snort on Cortex-A53 and Cortex-A7 differs and an obvious difference in CPU usage between the processors is shown. The study also presents the connection between processing time and CPU usage for Snort. In conclusion, ARM Cortex-A53 has better performance when using Snort IPS in terms of processing time and CPU usage, Cortex-A53 has 10 seconds less processing time and uses 2,87 times less CPU. - Snort Cortex-A53 Cortex-A7 ARM CPU Processing time IDS IPS Intrusion detection system Raspberry Pi Network Snort Cortex-A53 Cortex-A7 ARM CPU Bearbetningstid IDS IPS Intrångsdetekteringssystem Raspberry Pi Nätverk Computer Sciences Datavetenskap (datalogi)
138	Analýza automatizovaného generování signatur s využitím Honeypotu / Analysis of Automated Generation of Signatures Using Honeypots Bláha, Lukáš January 2012 (has links) In this paper, system of automatic processing of attacks using honeypots is discussed. The first goal of the thesis is to become familiar with the issue of signatures to detect malware on the network, especially the analysis and description of existing methods for automatic generation of signatures using honeypots. The main goal is to use the acquired knowledge to the design and implementation of tool which will perform the detection of new malicious software on the network or end user's workstation.
139	Přenositelné a miniaturizované separační techniky využitelné pro potravinářské a biotechnologické analýzy / Portable and Miniaturized Separation Techniques Applicable for Food and Biotechnology Analysis Dvořák, Miloš January 2016 (has links) Capillary electrophoresis was used for determination of 6 fractions of caseins. Those fractions were measured in 144 samples of cow’s milk originated from the feeding experiment focused on explanation the influence of the feeding onto casein productions. In this work were separated 6 fraction of caseins first time with total resolution of the peaks. Capillary electrophoresis was applied for determination of short-chain organic acids during fermentation of wine must. It was compared the fermentation of must fermented by different yeast. The difference of profile short-chain organic acids during fermentation were not statistically significant. The once difference was in the utilisation of the malic acid and production of the lactic acid. A portable miniaturized system for medium pressure liquid chromatography was developed. The components were tested and system was used for the isocratic and gradient elution of various analytes (food dyes, parabens). New line of electroluminescent diodes (LEDs) for deep-UV areas of wavelength based on a different materials substrate was characterised. The new line was compared with old line LEDs. The new line LEDs was incorporated in deep-UV absorbance detectors. Detectors were characterised and tested for a detection various analytes in modes flow injection analysis and chromatography separation. First time was characterised this new line of the LEDs and the origin of the parasitic emission band produced by deep-UV LEDs light sources was explained. This origin is given by disturbances of a materials substrates. This work is a contribution for an advance of low-cost and portable systems and detection devices in the field of analytical chemistry.
140	Modélisation et surveillance de systèmes Homme-Machine : application à la conduite ferroviaire / Human-Machine systems modeling and monitoring : application to rail driving Rachedi, Nedjemi Djamel Eddine 09 February 2015 (has links) Ce travail de thèse a pour contexte la surveillance des systèmes homme-machine, où l'opérateur est le conducteur d'un système de transport ferroviaire. Notre objectif est d'améliorer la sécurité du système en prévenant et en évitant les facteurs pouvant augmenter le risque d'une erreur humaine. Deux verrous majeurs sont identifiés : l'aspect caractérisation, ou comment déterminer les phases indicatives et discernables de l'activité de conduite et l'aspect représentation, ou comment décrire et codifier les actions de conduite de l'opérateur et leurs répercussions sur le système ferroviaire dans un formalisme mathématique permettant une analyse sans équivoque. Pour solutionner ces verrous, nous proposons en premier lieu un modèle comportemental de l'opérateur humain permettant de représenter son comportement de contrôle en temps continu. Afin de tenir compte des différences inter- et intra-individuelles des opérateurs humains, ainsi des changements de situations, nous proposons une transformation du modèle comportemental initialement présenté, dans un nouveau espace de représentation. Cette transformation est basée sur la théorie des chaines cachées de Markov, et sur l'adaptation d'une technique particulière de reconnaissance de formes. Par la suite, nous définissons une modélisation comportementale en temps discret de l'opérateur humain, permettant en même temps de représenter ses actions et de tenir compte des erreurs et des évènements inattendus dans l'environnement de travail. Cette modélisation est inspirée des modèles cognitifs d’opérateur. Les deux aspects permettent d'interpréter les observables par rapport à des situations de référence. Afin de caractériser l'état global de l'opérateur humain, différentes informations sont prises en considération ; ces informations sont hétérogènes et entachées d’incertitudes de mesure, nécessitant une procédure de fusion de données robuste qui est effectuée à l'aide d'un réseau Bayésien. Au final, les méthodologies de modélisation et de fusion proposées sont exploitées pour la conception d'un système de vigilance fiable et non-intrusif. Ce système permet d'interpréter les comportements de conduite et de détecter les états à risque du conducteur (ex. l'hypovigilance). L'étude théorique a été testée en simulation pour vérifier sa validité. Puis, une étude de faisabilité a été menée sur des données expérimentales obtenues lors des expériences sur la plate-forme de conduite ferroviaire COR&GEST du laboratoire LAMIH. Ces résultats ont permis de planifier et de mettre en place les expérimentations à mener sur le futur simulateur de conduite multimodal "PSCHITT-PMR". / The scope of the thesis is the monitoring of human-machine systems, where the operator is the driver of rail-based transportation system. Our objective is to improve the security of the system preventing and avoiding factors that increase the risk of a human error. Two major problems are identified: characterization, or how to determine indicative and discernible phases of driver's activity and representation, or how to describe and codify driver's actions and its repercussions on the rail system in a mathematical formalism that will allow unequivocal analysis. In order to bring a solution to those problems, we propose, first-of-all, a behavioral model of the human operator representing his control behavior in continuous-time. To consider inter- and intra-individual differences of human operators and situation changes, we propose a transformation of the latter behavioral model in a new space of representation. This transformation is based on the theory of Hidden Markov Models, and on an adaptation of a special pattern recognition technique. Then, we propose a discrete-time behavioral modeling of the human operator, which represents his actions and takes account of errors and unexpected events in work environment. This model is inspired by cognitive models of human operators. These two aspects allow us to interpret observables with respect to reference situations in order to characterize the overall human operator state. Different information sources are considered; as a result the data are heterogeneous and subject to measuring uncertainties, needing a robust data fusion approach that is performed using a Bayesian Network. Finally, the proposed modeling and fusion methodologies are used to design a reliable and unintrusive vigilance system. This system can interpret driving behaviors and to detect driver’s risky states in order to prevent drowsiness. The theoretical study was tested in simulation to check the validity. Then, a feasibility study was conducted using data obtained during experiments on the LAMIH laboratory railroad platform “COR&GEST”. These results allowed us to plan and implement experiments to be conducted on the future multimodal driving simulator “PSCHITT-PMR”. Système Homme-Machine Transport Ferroviaire Surveillance Modélisation comportementale Fusion de données Système de détection Conduite Risque Hypovigilance Sécurité. Human-Machine System Transport Rail Monitoring Behavioural modeling Data fusion Detection system Driving Risk Drowsiness Safety.

Search results