• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 214
  • 61
  • 32
  • 11
  • 6
  • 5
  • 3
  • 3
  • 3
  • 2
  • 1
  • 1
  • Tagged with
  • 438
  • 438
  • 222
  • 177
  • 144
  • 141
  • 121
  • 94
  • 87
  • 84
  • 69
  • 63
  • 59
  • 59
  • 58
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
81

Smart Home Security Using Intrusion Detection and Prevention Systems

Nalubowa, Vivian Gloria January 2019 (has links)
As the connectivity of home devices elevates so does the volume and sophistication of cyber attacks consistently grow. Therefore, the need for network security and availability becomes more significant. Numerous sorts of countermeasures like firewalls and router-based packet filtering have been put in place, although these alone are not enough to brace the network from unauthorised access. One of the most efficient methods of stopping network adversaries is using Intrusion Detection and Prevention Systems (IDPS). The goal of an IDPS is to stop security attacks before they can be successfully carried out. In this paper, I looked at four network attacks namely; probing, denial of service, remote to user and user to root and improved their respective Snort rules to optimize processing time and capturing capacity using regular expressions and fast pattern. Snort with improved rules captured 100% of the attacks launched to the network while without the improved rules, Snort captured between 0% to 60% of the attacks launched to the network making an improvement of 40%.
82

Blackhole Attack Detection in Low-Power IoT Mesh Networks Using Machine Learning Algorithms

Keipour, Hossein January 2022 (has links)
Low-Power Lossy Networks (LLNs) are a type of Internet of Things (IoT) meshnetwork that collaboratively interact and perform various tasks autonomously. TheRouting Protocol for Low-power and Lossy Network (RPL) is the most used rout-ing protocol for LLNs. Recently, we have been witnessing a tremendous increasein attacks on Internet infrastructures using IoT devices as a botnet (IoT botnet).This thesis focuses on two parts: designing an ML-based IDS for 6LoWPAN, andgenerating a new larger labeled RPL attack dataset by implementing various non-attack and attack IoT network scenarios in the Cooja simulator. The collected rawdata from simulations is preprocessed and labeled to train the Machine Learningmodel for Intrusion Detection System (IDS). We used Deep Neural Network (DNN),Random Forest Classifier (RFC), and Support Vector Machines with Radial-BasisFunction kernel (SVM-RBF) learning algorithms to detect attack in RPL based IoTmesh networks. We achieved a high accuracy (96.7%) and precision (95.7%) usingthe RFC model. The thesis also reviewed the possible placement strategy of IDSfrom cloud to edge.
83

Anomaly-based Intrusion Detection Using Convolutional Neural Networks for IoT Devices

Söderström, Albin January 2021 (has links)
Background. The rapid growth of IoT devices in homes put people at risk of cyberattacks and the low power and computing capabilities in IoT devices make it difficultto design a security solution for them. One method of preventing cyber attacks isan Intrusion Detection System (IDS) that can identify incoming attacks so that anappropriate action can be taken. Previous attempts have been made using machinelearning and deep learning however these attempts have struggled at detecting newattacks.Objectives. In this work we use a convolutional neural network IoTNet designed forIoT devices to classify network attacks. In order to evaluate the use of deep learningin intrusion detection systems on IoT.Methods. The neural network was trained on the NF-UNSW-NB15-v2 datasetwhich contains 9 different types of attacks. We used a method that transformedthe network flow data into RGB images which were fed to the neural network forclassification. We compared IoTNet to a basic convolutional neural network as abaseline.Results. The results show that IoTNet did not perform better at classifying networkattacks when compared to a basic convolutional neural network. It also showed thatboth network had low precision for most classes.Conclusions. We found that IoTNet is unfit to be used as an intrusion detectionsystem in the general case and that further research must be done in order to improvethe precision of the neural network.
84

Development and Validation of a Proof-of-Concept Prototype for Analytics-based Malicious Cybersecurity Insider Threat in a Real-Time Identification System

Hueca, Angel L. 01 January 2018 (has links)
Insider threat has continued to be one of the most difficult cybersecurity threat vectors detectable by contemporary technologies. Most organizations apply standard technology-based practices to detect unusual network activity. While there have been significant advances in intrusion detection systems (IDS) as well as security incident and event management solutions (SIEM), these technologies fail to take into consideration the human aspects of personality and emotion in computer use and network activity, since insider threats are human-initiated. External influencers impact how an end-user interacts with both colleagues and organizational resources. Taking into consideration external influencers, such as personality, changes in organizational polices and structure, along with unusual technical activity analysis, would be an improvement over contemporary detection tools used for identifying at-risk employees. This would allow upper management or other organizational units to intervene before a malicious cybersecurity insider threat event occurs, or mitigate it quickly, once initiated. The main goal of this research study was to design, develop, and validate a proof-of-concept prototype for a malicious cybersecurity insider threat alerting system that will assist in the rapid detection and prediction of human-centric precursors to malicious cybersecurity insider threat activity. Disgruntled employees or end-users wishing to cause harm to the organization may do so by abusing the trust given to them in their access to available network and organizational resources. Reports on malicious insider threat actions indicated that insider threat attacks make up roughly 23% of all cybercrime incidents, resulting in $2.9 trillion in employee fraud losses globally. The damage and negative impact that insider threats cause was reported to be higher than that of outsider or other types of cybercrime incidents. Consequently, this study utilized weighted indicators to measure and correlate simulated user activity to possible precursors to malicious cybersecurity insider threat attacks. This study consisted of a mixed method approach utilizing an expert panel, developmental research, and quantitative data analysis using the developed tool on simulated data set. To assure validity and reliability of the indicators, a panel of subject matter experts (SMEs) reviewed the indicators and indicator categorizations that were collected from prior literature following the Delphi technique. The SMEs’ responses were incorporated into the development of a proof-of-concept prototype. Once the proof-of-concept prototype was completed and fully tested, an empirical simulation research study was conducted utilizing simulated user activity within a 16-month time frame. The results of the empirical simulation study were analyzed and presented. Recommendations resulting from the study also be provided.
85

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Solomon, Adam 01 January 2018 (has links)
Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process.
86

A New SCADA Dataset for Intrusion Detection System Research

Turnipseed, Ian P 14 August 2015 (has links)
Supervisory Control and Data Acquisition (SCADA) systems monitor and control industrial control systems in many industrials and economic sectors which are considered critical infrastructure. In the past, most SCADA systems were isolated from all other networks, but recently connections to corporate enterprise networks and the Internet have increased. Security concerns have risen from this new found connectivity. This thesis makes one primary contribution to researchers and industry. Two datasets have been introduced to support intrusion detection system research for SCADA systems. The datasets include network traffic captured on a gas pipeline SCADA system in Mississippi State University’s SCADA lab. IDS researchers lack a common framework to train and test proposed algorithms. This leads to an inability to properly compare IDS presented in literature and limits research progress. The datasets created for this thesis are available to be used to aid researchers in assessing the performance of SCADA IDS systems.
87

Cyberthreats, Attacks and Intrusion Detection in Supervisory Control and Data Acquisition Networks

Gao, Wei 14 December 2013 (has links)
Supervisory Control and Data Acquisition (SCADA) systems are computer-based process control systems that interconnect and monitor remote physical processes. There have been many real world documented incidents and cyber-attacks affecting SCADA systems, which clearly illustrate critical infrastructure vulnerabilities. These reported incidents demonstrate that cyber-attacks against SCADA systems might produce a variety of financial damage and harmful events to humans and their environment. This dissertation documents four contributions towards increased security for SCADA systems. First, a set of cyber-attacks was developed. Second, each attack was executed against two fully functional SCADA systems in a laboratory environment; a gas pipeline and a water storage tank. Third, signature based intrusion detection system rules were developed and tested which can be used to generate alerts when the aforementioned attacks are executed against a SCADA system. Fourth, a set of features was developed for a decision tree based anomaly based intrusion detection system. The features were tested using the datasets developed for this work. This dissertation documents cyber-attacks on both serial based and Ethernet based SCADA networks. Four categories of attacks against SCADA systems are discussed: reconnaissance, malicious response injection, malicious command injection and denial of service. In order to evaluate performance of data mining and machine learning algorithms for intrusion detection systems in SCADA systems, a network dataset to be used for benchmarking intrusion detection systemswas generated. This network dataset includes different classes of attacks that simulate different attack scenarios on process control systems. This dissertation describes four SCADA network intrusion detection datasets; a full and abbreviated dataset for both the gas pipeline and water storage tank systems. Each feature in the dataset is captured from network flow records. This dataset groups two different categories of features that can be used as input to an intrusion detection system. First, network traffic features describe the communication patterns in a SCADA system. This research developed both signature based IDS and anomaly based IDS for the gas pipeline and water storage tank serial based SCADA systems. The performance of both types of IDS were evaluates by measuring detection rate and the prevalence of false positives.
88

Data Fusion Process Refinement in intrusion Detection Alert Correlation Systems

Sheets, David January 2008 (has links)
No description available.
89

Intrusion Detection in the Internet of Things : From Sniffing to a Border Router’s Point of View

Bull, Victoria January 2023 (has links)
The Internet of Things is expanding, and with the increasing numbers of connected devices,exploitation of those devices also becomes more common. Since IoT devices and IoT networksare used in many crucial areas in modern societies, ranging from everything between securityand militrary applications to healthcare monitoring and production efficiency, the need to securethese devices is of great importance for researchers and businesses. This project explores howan intrusion detection system called DETONAR can be used on border router logs, instead of itsoriginal use of sniffer devices. Using DETONAR in this way allows us to detect many differentattacks, without contributing to the additional cost of deploying sniffer devices and the additionalrisk of the sniffer devices themselves becoming the target of attack
90

Intrusion Detection In Wireless Sensor Networks

Nguyen, Hong Nhung 01 January 2006 (has links)
There are several applications that use sensor motes and researchers continue to explore additional applications. For this particular application of detecting the movement of humans through the sensor field, a set of Berkley mica2 motes on TinyOS operating system is used. Different sensors such as pressure, light, and so on can be used to identify the presence of an intruder in the field. In our case, the light sensor is chosen for the detection. When an intruder crosses the monitored environment, the system detects the changes of the light values, and any significant change meaning that a change greater than a pre-defined threshold. This indicates the presence of an intruder. An integrated web cam is used to take snapshot of the intruder and transmit the picture through the network to a remote station. The basic motivation of this thesis is that a sensor web system can be used to monitor and detect any intruder in a specific area from a remote location.

Page generated in 0.1201 seconds