Global ETD Search

301	APLICANDO A TRANSFORMADA WAVELET BIDIMENSIONAL NA DETECÇÃO DE ATAQUES WEB / APPLYING TWO-DIMENSIONAL WAVELET TRANSFORM FOR THE DETECTION OF WEB ATTACKS Mozzaquatro, Bruno Augusti 27 February 2012 (has links) Conselho Nacional de Desenvolvimento Científico e Tecnológico / With the increase web traffic of comes various threats to the security of web applications. The threats arise inherent vulnerabilities of web systems, where malicious code or content injection are the most exploited vulnerabilities in web attacks. The injection vulnerability allows the attacker to insert information or a program in improper places, causing damage to customers and organizations. Its property is to change the character frequency distribution of some requests within a set of web requests. Anomaly-based intrusion detection systems have been used to break these types of attacks, due to the diversity and complexity found in web attacks. In this context, this paper proposes a new anomaly based detection algorithm that apply the two-dimensional wavelet transform for the detection of web attacks. The algorithm eliminates the need for a training phase (which asks for reliable data) and searches for character frequency anomalies in a set of web requests, through the analysis in multiple directions and resolutions. The experiment results demonstrate the feasibility of our technique for detecting web attacks. After some adjustments on different parameters, the algorithm has obtained detection rates up to 100%, eliminating the occurrence of false positives. / O aumento do tráfego web vem acompanhado de diversas ameaças para a segurança das aplicações web. As ameaças são decorrentes das vulnerabilidades inerentes dos sistemas web, sendo a injeção de código ou conteúdo malicioso uma das vulnerabilidades mais exploradas em ataques web, pois permite que o atacante insira uma informação ou programa em locais indevidos, podendo causar danos aos clientes e organizações. Esse tipo de ataque tem sido caracterizado pela alteração na distribuição da frequência dos caracteres de algumas requisições dentro de um conjunto de requisições web. Sistemas de detecção de intrusão baseados em anomalias têm sido usados para procurar conter tais tipos de ataques, principalmente em função da diversidade e da complexidade dos ataques web. Neste contexto, o trabalho propõe um novo algoritmo para detecção de anomalias que aplica a transformada wavelet bidimensional na detecção de ataques web e elimina a necessidade de uma fase de treinamento com dados confiáveis de difícil obtenção. O algoritmo pesquisa por anomalias nas frequências dos caracteres de um conjunto de requisições web através da análise em múltiplas direções e resoluções. Os resultados obtidos nos experimentos demonstraram a viabilidade da técnica para detecção de ataques web e também que com ajustes entre diferentes parâmetros foram obtidas taxas de detecção de até 100%, eliminando a ocorrência de falsos positivos. Detecção de Anomalias Detecção de Intrusão Wavelet Ataques Web Anomaly Detection Intrusion Detection Wavelet, Web Attack
302	Um modelo dinâmico de clusterização de dados aplicado na detecção de intrusão Rogério Akiyoshi Furukawa 25 April 2003 (has links) Atualmente, a segurança computacional vem se tornando cada vez mais necessária devido ao grande crescimento das estatísticas que relatam os crimes computacionais. Uma das ferramentas utilizadas para aumentar o nível de segurança é conhecida como Sistemas de Detecção de Intrusão (SDI). A flexibilidade e usabilidade destes sistemas têm contribuído, consideravelmente, para o aumento da proteção dos ambientes computacionais. Como grande parte das intrusões seguem padrões bem definidos de comportamento em uma rede de computadores, as técnicas de classificação e clusterização de dados tendem a ser muito apropriadas para a obtenção de uma forma eficaz de resolver este tipo de problema. Neste trabalho será apresentado um modelo dinâmico de clusterização baseado em um mecanismo de movimentação dos dados. Apesar de ser uma técnica de clusterização de dados aplicável a qualquer tipo de dados, neste trabalho, este modelo será utilizado para a detecção de intrusão. A técnica apresentada neste trabalho obteve resultados de clusterização comparáveis com técnicas tradicionais. Além disso, a técnica proposta possui algumas vantagens sobre as técnicas tradicionais investigadas, como realização de clusterizações multi-escala e não necessidade de determinação do número inicial de clusters / Nowadays, the computational security is becoming more and more necessary due to the large growth of the statistics that describe computer crimes. One of the tools used to increase the safety level is named Intrusion Detection Systems (IDS). The flexibility and usability of these systems have contributed, considerably, to increase the protection of computational environments. As large part of the intrusions follows behavior patterns very well defined in a computers network, techniques for data classification and clustering tend to be very appropriate to obtain an effective solutions to this problem. In this work, a dynamic clustering model based on a data movement mechanism are presented. In spite of a clustering technique applicable to any data type, in this work, this model will be applied to the detection intrusion. The technique presented in this work obtained clustering results comparable to those obtained by traditional techniques. Besides the proposed technique presents some advantages on the traditional techniques investigated, like multi-resolution clustering and no need to previously know the number of clusters Análise dos componentes principais Clusterização de dados Sistemas de detecção de intrusão Data clustering Intrusion detection systems Principal analisys component
303	Detekce útoků na WiFi sítě pomocí získávaní znalostí / Wireless Intrusion Detection System Based on Data Mining Dvorský, Radovan January 2014 (has links) Widespread use of wireless networks has made security a serious issue. This thesis proposes misuse based intrusion detection system for wireless networks, which applies artificial neural network to captured frames for purpose of anomalous patterns recognition. To address the problem of high positive alarm rate, this thesis presents a method of applying two artificial neural networks.
304	A risk analysis and risk management methodology for mitigating wireless local area networks (WLANs) intrusion security risks Abdullah, Hanifa 12 October 2006 (has links) Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard are no exception. The most apparent risk of WLANs is the ease with which itinerant intruders obtain illicit entry into these networks. These intrusion security risks must therefore be addressed which means that information security risk analysis and risk management need to be considered as integral elements of the organisation’s business plan. A well-established qualitative risk analysis and risk management methodology, the Operationally Critical Threat Asset and Vulnerability Evaluation (OCTAVE) is selected for conducting the WLAN intrusion security risk analysis and risk management process. However, the OCTAVE risk analysis methodology is beset with a number of problems that could hamper a successful WLAN intrusion security risk analysis. The ultimate deliverable of this qualitative risk analysis methodology is the creation of an organisation-wide protection strategy and risk mitigation plan. Achieving this end using the OCTAVE risk analysis methodology requires an inordinate amount of time, ranging from months to years. Since WLANs are persistently under attack, there is a dire need for an expeditious risk analysis methodology. Furthermore, the OCTAVE risk analysis methodology stipulates the identification of assets and corresponding threat scenarios via a brainstorming session, which may be beyond the scope of a person who is not proficient in information security issues. This research was therefore inspired by the pivotal need for a risk analysis and risk management methodology to address WLAN intrusion attacks and the resulting risks they pose to the confidentiality, integrity and availability of information processed by these networks. Copyright / Dissertation (MSc (Computer Science))--University of Pretoria, 2006. / Computer Science / unrestricted Ooda cycle Risk Risk analysis Risk management Octave Risk assessment Wireless intrusion detection system Wireless local area network (WLAN) UCTD
305	Intrusion Attack & Anomaly Detection in IoT Using Honeypots Kulle, Linus January 2020 (has links) This thesis is presented as an artifact of a project conducted at MalmöUniversity IoTaP LABS. The Internet of Things (IoT) is a growing field and its usehas been adopted in many aspects of our daily lives, which has led todigitalization and the creation of smart IoT ecosystems. However, with the rapidadoption of IoT, little or no focus has been put on the security implications,device proliferations and its advancements. This thesis takes a step forward toexplore the usefulness of implementing a security mechanism that canproactively be used to aid understanding attacker behaviour in an IoTenvironment. To achieve this, this thesis has outlined a number of objectivesthat ranges from how to create a deliberate vulnerability by using honeypots inorder to lure attacker’s in order to study their modus operandi. Furthermore,an Intrusion Attack Detection (Model) has been constructed that has aided withthis implementation. The IAD model, has been successfully implemented withthe help of interaction and dependence of key modules that have allowedhoneypots to be executed in a controlled IoT environment. Detailed descriptionsregarding the technologies that have been used in this thesis have also beenexplored to a greater extent. On the same note, the implemented system withthe help of an attack scenario allowed an attacker to access the system andcircumnavigate throughout the camouflaged network, thereafter, the attacker’sfootprints are mapped based on the mode of attack. Consequently, given thatthis implementation has been conducted in MAU environment, the results thathave been generated as a result of this implementations have been reportedcorrectly. Eventually, based on the results that have been generated by thesystem, it is worth to note that the research questions and the objective posedby the thesis have been met. honeypot honeypots iot cyber cybersecurity information security infosec cybersec anomaly detection intrusion detection iot security Engineering and Technology Teknik och teknologier
306	Wireless Network Intrusion Detection and Analysis using Federated Learning Cetin, Burak 12 May 2020 (has links) No description available. Computer Science Information Science Information Systems Artificial Intelligence Federated Learning Wireless Intrusion Detection Anomaly Detection Machine Learning
307	Intrusion Detection System in Smart Home Network Using Artificial Immune System and Extreme Learning Machine Alalade, Emmanuel 16 June 2020 (has links) No description available. Information Technology Intrusion detection system smart home artificial immune system Extreme learning machine Artificial Immune System Internet of Things
308	High Performance Data Mining Techniques For Intrusion Detection Siddiqui, Muazzam Ahmed 01 January 2004 (has links) The rapid growth of computers transformed the way in which information and data was stored. With this new paradigm of data access, comes the threat of this information being exposed to unauthorized and unintended users. Many systems have been developed which scrutinize the data for a deviation from the normal behavior of a user or system, or search for a known signature within the data. These systems are termed as Intrusion Detection Systems (IDS). These systems employ different techniques varying from statistical methods to machine learning algorithms. Intrusion detection systems use audit data generated by operating systems, application softwares or network devices. These sources produce huge amount of datasets with tens of millions of records in them. To analyze this data, data mining is used which is a process to dig useful patterns from a large bulk of information. A major obstacle in the process is that the traditional data mining and learning algorithms are overwhelmed by the bulk volume and complexity of available data. This makes these algorithms impractical for time critical tasks like intrusion detection because of the large execution time. Our approach towards this issue makes use of high performance data mining techniques to expedite the process by exploiting the parallelism in the existing data mining algorithms and the underlying hardware. We will show that how high performance and parallel computing can be used to scale the data mining algorithms to handle large datasets, allowing the data mining component to search a much larger set of patterns and models than traditional computational platforms and algorithms would allow. We develop parallel data mining algorithms by parallelizing existing machine learning techniques using cluster computing. These algorithms include parallel backpropagation and parallel fuzzy ARTMAP neural networks. We evaluate the performances of the developed models in terms of speedup over traditional algorithms, prediction rate and false alarm rate. Our results showed that the traditional backpropagation and fuzzy ARTMAP algorithms can benefit from high performance computing techniques which make them well suited for time critical tasks like intrusion detection. Data mining High performance computing Intrusion detection Neural networks Parallel backpropagation Parallel fuzzy artmap Computer Sciences Engineering
309	Smart Attack Detection for IoT Networks / Smart attackdetektering för IoT-nätverk Yang, Yang January 2022 (has links) The Internet of Things (IoT) is becoming related to more and more people's daily life. It is a network that consists of resource-constrained devices. Nowadays, the application of IoT like smart wearable devices is very common. Due to the wide and important application of IoT, its security also attracts research attention without any doubt. IoT networks are exposed to various attacks, so detecting attacks is necessary to enhance IoT security, which is achieved by Intrusion Detection Systems (IDS). To build an IDS, machine learning can be used as an efficient tool to train intrusion detection models. However, machine-learning methods often consume a lot of memory and computation resources, which inspires research on implementing machine-learning-based IDS on resource-constrained devices for IoT networks. This thesis aims to design and implement a machine-learning-based IDS for IoT networks. The target IoT devices are installed with an embedded operating system called Contiki. A large dataset of IoT networks is first created, which covers numerous network topologies. Then an intrusion detection classifier is trained using the Random Forests algorithm. The IDS is implemented by integrating the trained classifier with devices with the Contiki system. We perform experiments both in simulation and on real devices to evaluate the proposed IDS. The results show that our IDS works well on Contiki nodes in IoT networks. In experiments based on simulation, the detection accuracy always achieves over 92% under different setups. In the experiments on real resource-constrained devices, the IDS gets a detection accuracy of 100% in 15 different network topologies. / Sakernas Internet (från engelskans Internet of Things, IoT) blir en del av allt fler människors vardag. Det är ett nätverk som består av resursbegränsade enheter. Numera är det mycket vanligt med tillämpningar av sakernas internet, t.ex. smarta bärbara enheter. På grund av den breda och viktiga tillämpningen av sakernas internet drar säkerheten i sakernas internet också till sig forskningens uppmärksamhet utan tvekan. IoT-nätverk utsätts för olika attacker, så det är nödvändigt att upptäcka attacker för att förbättra IoT-säkerheten, vilket uppnås med hjälp av intrångsdetekteringssystem (IDS). För att bygga ett IDS kan maskininlärning användas som ett effektivt verktyg för att träna intrångsdetekteringsmodeller. Maskininlärningsmetoder förbrukar dock ofta mycket minne och beräkningsresurser, vilket inspirerar till forskning om att genomföra maskininlärningsbaserade IDS på resursbegränsade enheter för IoT-nätverk. Syftet med denna avhandling är att utforma och genomföra en maskininlärningsbaserad IDS för IoT-nätverk. IoT-enheterna är installerade med ett inbäddat operativsystem som heter Contiki. Först skapas ett stort dataset av IoT-nätverk, som täcker många nätverkstopologier. Därefter tränas en klassificerare för intrångsdetektering med hjälp av Random Forests-algoritmen. IDS genomförs genom att integrera den tränade klassificeraren med enheter med Contiki-systemet. Vi utför experiment både i simulering och på riktiga enheter för att utvärdera den föreslagna IDS. Resultaten visar att vårt IDS fungerar bra på Contiki-noder i IoT-nätverk. I experiment baserade på simulering uppnår detektionsnoggrannheten alltid över 92% under olika inställningar. I experimenten på riktiga resursbegränsade enheter uppnår IDS en detektionsnoggrannhet på 100% i 15 olika nätverkstopologier. Internet of Things Security Machine learning Intrusion detection Sakernas Internet Säkerhet Maskininlärning Intrångsdetektering Communication Systems Kommunikationssystem Computer and Information Sciences Data- och informationsvetenskap
310	Designing an Artificial Immune inspired Intrusion Detection System Anderson, William Hosier 08 December 2023 (has links) (PDF) The domain of Intrusion Detection Systems (IDS) has witnessed growing interest in recent years due to the escalating threats posed by cyberattacks. As Internet of Things (IoT) becomes increasingly integrated into our every day lives, we widen our attack surface and expose more of our personal lives to risk. In the same way the Human Immune System (HIS) safeguards our physical self, a similar solution is needed to safeguard our digital self. This thesis presents the Artificial Immune inspired Intrusion Detection System (AIS-IDS), an IDS modeled after the HIS. This thesis proposes an architecture for AIS-IDS, instantiates an AIS-IDS model for evaluation, conducts a robust set of experiments to ascertain the efficacy of the AIS-IDS, and answers key research questions aimed at evaluating the validity of the AIS-IDS. Finally, two expansions to the AIS-IDS are proposed with the goal of further infusing the HIS into AIS-IDS design. Cybersecurity Bio-inspired Computing Intrusion Detection Human Immune System Artificial Immune System Artificial Intelligence and Robotics Information Security

Search results