Global ETD Search

1	DNIDS: A dependable network intrusion detection system using the CSI-KNN algorithm Kuang, Liwei 14 September 2007 (has links) The dependability of an Intrusion Detection System (IDS) relies on two factors: ability to detect intrusions and survivability in hostile environments. Machine learning-based anomaly detection approaches are gaining increasing attention in the network intrusion detection community because of their intrinsic ability to discover novel attacks. This ability has become critical since the number of new attacks has kept growing in recent years. However, most of today’s anomaly-based IDSs generate high false positive rates and miss many attacks because of a deficiency in their ability to discriminate attacks from legitimate behaviors. These unreliable results damage the dependability of IDSs. In addition, even if the detection method is sound and effective, the IDS might still be unable to deliver detection service when under attack. With the increasing importance of the IDS, some attackers attempt to disable the IDS before they launch a thorough attack. In this thesis, we propose a Dependable Network Intrusion Detection System (DNIDS) based on the Combined Strangeness and Isolation measure K-Nearest Neighbor (CSI-KNN) algorithm. The DNIDS can effectively detect network intrusions while providing continued service even under attacks. The intrusion detection algorithm analyzes different characteristics of network data by employing two measures: strangeness and isolation. Based on these measures, a correlation unit raises intrusion alerts with associated confidence estimates. In the DNIDS, multiple CSI-KNN classifiers work in parallel to deal with different types of network traffic. An intrusion-tolerant mechanism monitors the classifiers and the hosts on which the classifiers reside and enables the IDS to survive component failure due to intrusions. As soon as a failed IDS component is discovered, a copy of the component is installed to replace it and the detection service continues. We evaluate our detection approach over the KDD’99 benchmark dataset. The experimental results show that the performance of our approach is better than the best result of KDD’99 contest winner’s. In addition, the intrusion alerts generated by our algorithm provide graded confidence that offers some insight into the reliability of the intrusion detection. To verify the survivability of the DNIDS, we test the prototype in simulated attack scenarios. In addition, we evaluate the performance of the intrusion-tolerant mechanism and analyze the system reliability. The results demonstrate that the mechanism can effectively tolerate intrusions and achieve high dependability. / Thesis (Master, Computing) -- Queen's University, 2007-09-05 14:36:57.128 Intrusion detection CSI-KNN Intrusion-tolerant IDS
2	Artificial Intelligence Applications in Intrusion Detection Systems for Unmanned Aerial Vehicles Hamadi, Raby 05 1900 (has links) This master thesis focuses on the cutting-edge application of AI in developing intrusion detection systems (IDS) for unmanned aerial vehicles (UAVs) in smart cities. The objective is to address the escalating problem of UAV intrusions, which pose a significant risk to the safety and security of citizens and critical infrastructure. The thesis explores the current state of the art and provides a comprehensive understanding of recent advancements in the field, encompassing both physical and network attacks. The literature review examines various techniques and approaches employed in the development of AI-based IDS. This includes the utilization of machine learning algorithms, computer vision technologies, and edge computing. A proposed solution leveraging computer vision technologies is presented to detect and identify intruding UAVs in the sky effectively. The system employs machine learning algorithms to analyze video feeds from city-installed cameras, enabling real-time identification of potential intrusions. The proposed approach encompasses the detection of unauthorized drones, dangerous UAVs, and UAVs carrying suspicious payloads. Moreover, the thesis introduces a Cycle GAN network for image denoising that can translate noisy images to clean images without the need for paired training data. This approach employs two generators and two discriminators, incorporating a cycle consistency loss that ensures the generated images align with their corresponding input images. Furthermore, a distributed architecture is proposed for processing collected images using an edge-offloading approach within the UAV network. This architecture allows flying and ground cameras to leverage the computational capabilities of their IoT peers to process captured images. A hybrid neural network is developed to predict, based on input tasks, the potential edge computers capable of real-time processing. The edge-offloading approach reduces the computational burden on the centralized system and facilitates real-time analysis of network traffic, offering an efficient solution. In conclusion, the research outcomes of this thesis provide valuable insights into the development of secure and efficient IDS for UAVs in smart cities. The proposed solution contributes to the advancement of the UAV industry and enhances the safety and security of citizens and critical infrastructure within smart cities. AI UAVs Intrusion Detection Systems Intrusion detection
3	Computer aided visibility studies Johnson, Stewart Martin January 1989 (has links) No description available. 622 Visual intrusion/mining
4	Detecção autônoma de intrusões utilizando aprendizado de máquina / Autonomous intrusion detection via machine learning Ferreira, Eduardo Alves 05 May 2011 (has links) A evolução da tecnologia da informação popularizou o uso de sistemas computacionais para a automação de tarefas operacionais. As tarefas de implantação e manutenção desses sistemas computacionais, por outro lado, não acompanharam essa tendência de forma ágil, tendo sido, por anos, efetuadas de forma manual, implicando alto custo, baixa produtividade e pouca qualidade de serviço. A fim de preencher essa lacuna foi proposta uma iniciativa denominada Computação Autônoma, a qual visa prover capacidade de autogerenciamento a sistemas computacionais. Dentre os aspectos necessários para a construção de um sistema autônomo está a detecção de intrusão, responsável por monitorar o funcionamento e fluxos de dados de sistemas em busca de indícios de operações maliciosas. Dado esse contexto, este trabalho apresenta um sistema autônomo de detecção de intrusões em aplicações Web, baseado em técnicas de aprendizado de máquina com complexidade computacional próxima de linear. Esse sistema utiliza técnicas de agrupamento de dados e de detecção de novidades para caracterizar o comportamento normal de uma aplicação, buscando posteriormente por anomalias no funcionamento das aplicações. Observou-se que a técnica é capaz de detectar ataques com maior autonomia e menor dependência sobre contextos específicos em relação a trabalhos anteriores / The use of computers to automatically perform operational tasks is commonplace, thanks to the information technology evolution. The maintenance of computer systems, on the other hand, is commonly performed manually, resulting in high costs, low productivity and low quality of service. The Autonomous Computing initiative aims to approach this limitation, through selfmanagement of computer systems. In order to assemble a fully autonomous system, an intrusion detection application is needed to monitor the behavior and data flows on applications. Considering this context, an autonomous Web intrusion detection system is proposed, based on machine-learning techniques with near-linear computational complexity. This system is based on clustering and novelty detection techniques, characterizing an application behavior, to later pinpoint anomalies in live applications. By conducting experiments, we observed that this new approach is capable of detecting anomalies with less dependency on specific contexts than previous solutions Detecção de intrusão Intrusion detection
5	Detecção autônoma de intrusões utilizando aprendizado de máquina / Autonomous intrusion detection via machine learning Eduardo Alves Ferreira 05 May 2011 (has links) A evolução da tecnologia da informação popularizou o uso de sistemas computacionais para a automação de tarefas operacionais. As tarefas de implantação e manutenção desses sistemas computacionais, por outro lado, não acompanharam essa tendência de forma ágil, tendo sido, por anos, efetuadas de forma manual, implicando alto custo, baixa produtividade e pouca qualidade de serviço. A fim de preencher essa lacuna foi proposta uma iniciativa denominada Computação Autônoma, a qual visa prover capacidade de autogerenciamento a sistemas computacionais. Dentre os aspectos necessários para a construção de um sistema autônomo está a detecção de intrusão, responsável por monitorar o funcionamento e fluxos de dados de sistemas em busca de indícios de operações maliciosas. Dado esse contexto, este trabalho apresenta um sistema autônomo de detecção de intrusões em aplicações Web, baseado em técnicas de aprendizado de máquina com complexidade computacional próxima de linear. Esse sistema utiliza técnicas de agrupamento de dados e de detecção de novidades para caracterizar o comportamento normal de uma aplicação, buscando posteriormente por anomalias no funcionamento das aplicações. Observou-se que a técnica é capaz de detectar ataques com maior autonomia e menor dependência sobre contextos específicos em relação a trabalhos anteriores / The use of computers to automatically perform operational tasks is commonplace, thanks to the information technology evolution. The maintenance of computer systems, on the other hand, is commonly performed manually, resulting in high costs, low productivity and low quality of service. The Autonomous Computing initiative aims to approach this limitation, through selfmanagement of computer systems. In order to assemble a fully autonomous system, an intrusion detection application is needed to monitor the behavior and data flows on applications. Considering this context, an autonomous Web intrusion detection system is proposed, based on machine-learning techniques with near-linear computational complexity. This system is based on clustering and novelty detection techniques, characterizing an application behavior, to later pinpoint anomalies in live applications. By conducting experiments, we observed that this new approach is capable of detecting anomalies with less dependency on specific contexts than previous solutions Detecção de intrusão Intrusion detection
6	Numerical study of wave effect on seawater intrusion Lin, Cheng-Wei 29 July 2006 (has links) A two-dimensional finite difference model is developed for the simulation of saltwater intrusion in wave-induced aquifer system with either a confined or phreatic aquifer. The model considers many important factors, such as the dynamic pressure induced by wave motion, the pressure wave equation, the density-dependent Darcy¡¦s Law, and the salt transport equation. This paper presents numerical study of the effect of wave motion, resulting salinity structure responses and phreatic surface fluctuation on the process of seawater intrusion ¡K etc. wave seawater intrusion
7	Embedding Network Information for Machine Learning-based Intrusion Detection DeFreeuw, Jonathan Daniel 18 January 2019 (has links) As computer networks grow and demonstrate more complicated and intricate behaviors, traditional intrusion detections systems have fallen behind in their ability to protect network resources. Machine learning has stepped to the forefront of intrusion detection research due to its potential to predict future behaviors. However, training these systems requires network data such as NetFlow that contains information regarding relationships between hosts, but requires human understanding to extract. Additionally, standard methods of encoding this categorical data struggles to capture similarities between points. To counteract this, we evaluate a method of embedding IP addresses and transport-layer ports into a continuous space, called IP2Vec. We demonstrate this embedding on two separate datasets, CTU'13 and UGR'16, and combine the UGR'16 embedding with several machine learning methods. We compare the models with and without the embedding to evaluate the benefits of including network behavior into an intrusion detection system. We show that the addition of embeddings improve the F1-scores for all models in the multiclassification problem given in the UGR'16 data. / MS / As computer networks grow and demonstrate more complicated and intricate behaviors, traditional network protection tools like firewalls struggle to protect personal computers and servers. Machine learning has stepped to the forefront to counteract this by learning and predicting behavior on a network. However, this learned behavior fails to capture much of the information regarding relationships between computers on a network. Additionally, standard techniques to convert network information into numbers struggles to capture many of the similarities between machines. To counteract this, we evaluate a method to capture relationships between IP addresses and ports, called an embedding. We demonstrate this embedding on two different datasets of network traffic, and evaluate the embedding on one dataset with several machine learning methods. We compare the models with and without the embedding to evaluate the benefits of including network behavior into an intrusion detection system. We show that including network behavior into machine learning models improves the performance of classifying attacks found in the UGR’16 data. word embeddings intrusion detection
8	Policies Based Intrusion Response System for DBMS Nayeem, Fatima, Vijayakamal, M. 01 December 2012 (has links) Relational databases are built on Relational Model proposed by Dr. E. F. Codd. The relational model has become a consistent and widely used DBMS in the world. The databases in this model are efficient in storing and retrieval of data besides providing authentication through credentials. However, there might be many other attacks apart from stealing credentials and intruding database. Adversaries may always try to intrude into the relational database for monetary or other gains [1]. The relational databases are subjected to malicious attacks as they hold the valuable business data which is sensitive in nature. Monitoring such database continuously is a task which is inevitable keeping the importance of database in mind. This is a strategy that is in top five database strategies as identified by Gartner research which are meant for getting rid of data leaks in organizations [2]. There are regulations from governments like US with respect to managing data securely. The data management like HIAPP, GLBA, and PCI etc. is mentioned in the regulations as examples. / Intrusion detection systems play an important role in detecting online intrusions and provide necessary alerts. Intrusion detection can also be done for relational databases. Intrusion response system for a relational database is essential to protect it from external and internal attacks. We propose a new intrusion response system for relational databases based on the database response policies. We have developed an interactive language that helps database administrators to determine the responses to be provided by the response system based on the malicious requests encountered by relational database. We also maintain a policy database that maintains policies with respect to response system. For searching the suitable policies algorithms are designed and implemented. Matching the right policies and policy administration are the two problems that are addressed in this paper to ensure faster action and prevent any malicious changes to be made to policy objects. Cryptography is also used in the process of protecting the relational database from attacks. The experimental results reveal that the proposed response system is effective and useful. Intrusion detection intrusion response system policies relational database
9	The geology and geochemistry of the Agnew Intrusion: implications for the petrogenesis of early Huronian mafic igneous rocks in Central Ontario, Canada Vogel, Derek Christian Unknown Date (has links) The Early Proterozoic Agnew Intrusion is a well-preserved leucogabbronoritic to gabbronoritic layered intrusion that is a member of the East Bull Lake suite of layered intrusions (ca. 2490-2470 Ma) occurring in central Ontario. These intrusions are related to the development of the Huronian Rift Zone, which may be part of a much more widespread rifting event that involved the Fennoscandian Shield. Structural data suggest that these intrusions have been subjected to ductile deformation and are erosional remnants of one or more sill-like bodies originally emplaced along the contact between Archaean granitic rocks of the Superior Province and an Early Proterozoic Huronian continental flood basalt sequence in the Southern Province.
10	The geology and geochemistry of the Agnew Intrusion: implications for the petrogenesis of early Huronian mafic igneous rocks in Central Ontario, Canada Vogel, Derek Christian Unknown Date (has links) The Early Proterozoic Agnew Intrusion is a well-preserved leucogabbronoritic to gabbronoritic layered intrusion that is a member of the East Bull Lake suite of layered intrusions (ca. 2490-2470 Ma) occurring in central Ontario. These intrusions are related to the development of the Huronian Rift Zone, which may be part of a much more widespread rifting event that involved the Fennoscandian Shield. Structural data suggest that these intrusions have been subjected to ductile deformation and are erosional remnants of one or more sill-like bodies originally emplaced along the contact between Archaean granitic rocks of the Superior Province and an Early Proterozoic Huronian continental flood basalt sequence in the Southern Province.

Search results