Global ETD Search

401	Segurança em redes sem fio: estudo sobre o desenvolvimento de conjuntos de dados para comparação de IDS / Vilela, Douglas Willer Ferrari Luz. January 2014 (has links) Orientador: Aílton Akira Shinoda / Co-orientador: Ed' Wilson Tavares Ferreira / Banca: Christiane Marie Schweitzer / Banca: Valtemir Emerencio do Nascimento / Resumo: O crescimento vertiginoso da tecnologia de redes sem fio tem sido muito significativo nos últimos anos, sua utilização ocorre em diversos setores da sociedade. O padrão IEEE 802.11 destaca-se nesse cenário. No entanto, os mecanismos de proteção empregados por este padrão de rede sem fio não tem apresentado eficiência no combate a ataques de negação de serviço. Os sistemas de detecção de intrusão são vistos como uma forma eficaz de minimizar essas ameaças. Nesta pesquisa foi proposta a construção de três conjuntos de dados que represente de forma significativa o tráfego de rede sem fio. Os conjuntos gerados têm finalidade de auxiliar na avaliação de algoritmos de detecção de intrusos para redes sem fio. Para a construção dos conjuntos de dados foram implementados três cenários de redes sem fio, todos em ambientes reais e operacionais. Em cada cenário foi habilitado um mecanismo de segurança: cenário 1 protocolo WEP, cenário 2 foi utilizado IEEE 802.11i e cenário 3 o IEEE 802.11i associada à emenda IEEE 802.11w. A escolha por cenários diferentes e divisão dos conjuntos de acordo com os ambientes tem a finalidade analisar a evolução dos mecanismos de segurança. Com isto é possível categorizar cada ambiente. Após a construção dos ambientes de rede sem fio foi inoculado tráfego de rede normal e anômalo, com isto iniciou-se a coleta dos dados. Com os dados coletados foi realizado um pré-processamento de cada conjunto capturando apenas os quadros do cabeçalho Media Access Control - MAC do IEEE 802.11. A escolha foi definida em virtude de este quadro possuir características especifica das redes sem fio. Para validar os conjuntos de dados foram empregadosalgoritmos de classificação e reconhecimento de padrões. Os algoritmos empregados na validação foram Multilayer Perceptron - MLP, Radial Basis Function - RBF e Bayes Net. Os resultados obtidos com a avaliação dos conjuntos de dados gerados... / Abstract: The fast growth of wireless network technology has been very significant lately, its occurs in diverse sectors of society. The standard IEEE 802.11 stands out in this scenario. However, the protection mechanisms employed by this standard wireless network has not shown effectiveness in combating denial of service attacks. The intrusion detection systems are seen as an effective way to minimize these threats. We proposed in this research to build three data sets, which represent traffic wireless network. The sets are generated auxiliary purpose in assessing intrusion detection algorithms for wireless networks. For the construction of the data sets three scenarios of wireless networks, all in real operational environments and have been implemented. In each scenario was one enabled security mechanisms: WEP protocol scenario 1, scenario 2 was used IEEE 802.11i scenario 3 the associated IEEE 802.11i amendment to the IEEE 802.11w. The choice of different sets of scenarios and divide according to the environments aims to analyze the evolution of the security mechanisms. This makes it possible to categorize each environment. After the construction of wireless network environments normal and anomalous traffic were inoculated and thus collect the data. With the collected data pre-processing each set only extracting the frames from the MAC header was conducted. The choice was defined as this has specific characteristics of wireless networks. To validate the data sets and sorting algorithms were employed pattern recognition. The algorithms were used in the validation MLP, RBF and Bayes Net. The results obtained from the evaluation of the generated data sets demonstrate that the proposed approach is quite promising / Mestre Sistemas de comunicação sem fio. Sistemas de segurança. Algoritmos. Computer networks -- Security measures
402	AvaliaÃÃo da aplicaÃÃo das boas prÃticas de laboratÃrio e sistemas da qualidade, em InstituiÃÃes PÃblicas de Pesquisa e Ensino Superior na Ãrea de SaÃde no Brasil / Evaluation of the application of good practices in laboratory and quality systems in public institutions of research and superior education in health care area in Brazil Ernestina Maria Nunes CamurÃa 17 February 2006 (has links) CoordenaÃÃo de AperfeiÃoamento de Pessoal de NÃvel Superior / Este trabalho teve como objetivo incentivar a implantaÃÃo de tÃcnicas de gerenciamento e procedimentos de boas prÃticas de laboratÃrio junto a Rede Brasileira de LaboratÃrios - REBLAS a partir da avaliaÃÃo de diagnÃstico situacional, a qual foi realizada atravÃs da aplicaÃÃo de questionÃrios em laboratÃrios de instituiÃÃes pÃblicas de ensino superior e pesquisa na Ãrea da saÃde em quatro capitais brasileiras. Metodologia: A pesquisa de campo foi realizada atravÃs de visitas em laboratÃrios de instituiÃÃes de ensino superior e pesquisa para diagnosticar a situaÃÃo dos mesmos por meio de entrevistas com aplicaÃÃo de questionÃrios. O tamanho da amostra foi estabelecido em cinqÃenta (50) pesquisadores, distribuÃdos em instituiÃÃes de ensino e pesquisa de quatro (04) capitais brasileiras. Em cada instituiÃÃo foram selecionados laboratÃrios e identificados os pesquisadores responsÃveis para serem entrevistados. Em seguida foi elaborado um diagnÃstico situacional dos laboratÃrios atravÃs dos quais foram comparados modelos de boas prÃticas de laboratÃrio previamente existentes na literatura com aqueles dos laboratÃrios entrevistados, os quais foram avaliados e conduzidos sob sigilo absoluto, de modo a manter a integridade dos laboratÃrios e instituiÃÃes em questÃo. Resultados: atravÃs do diagnÃstico situacional dos laboratÃrios foram desenvolvidos modelos de procedimentos de boas prÃticas de laboratÃrio e garantia da qualidade (procedimentos operacionais padrÃo e formulÃrios), os quais poderÃo ser implantados e implementados em laboratÃrios de instituiÃÃes pÃblicas de ensino superior e pesquisa existente no Brasil. ConclusÃo: As concepÃÃes teÃricas que fundamentaram a dissertaÃÃo foram analisadas e comparadas com as pesquisas teÃricas e de campo e viabilizaram a escolha e elaboraÃÃo de tÃcnicas de gerenciamento e procedimentos padronizados em funÃÃo do diagnÃstico situacional dos laboratÃrios entrevistados. Isso poderÃ refletir na comunidade cientÃfica uma confiabilidade em decorrÃncia da implantaÃÃo de procedimentos e tÃcnicas padronizadas e no futuro permitirÃ que os laboratÃrios possam ser credenciados na - REBLAS, conferindo seguranÃa aos pesquisadores, bem como, reprodutibilidade dos resultados. / To make possible the implantation of management techniques and good practice of laboratory on the Brazilian Net of Laboratories - REBLAS from an evaluation of diagnosis, for the application of questionnaires in laboratories of public institutions of superior education and health research, in four Brazilian capitals. Methodology: The research was carried through visits in laboratories of institutions of superior education and health research, to diagnosis the situation of them by interviews with application of questionnaires. The size of the sample was in fifty (50) researchers, distributed in institutions of education and research of four (04) Brazilian capitals. In each institution had been selected a laboratories and identified the responsible researchers to be interviewed. After that, a diagnosis of the situation of the laboratories was elaborated, and been compared with previously existing models of good practice of laboratory in literature, which had been evaluated and lead under absolute secrecy, in order to keep the integrity of the laboratories and institutions in question. Results: through the diagnosis of the laboratories were developed models of good practice of laboratory and quality warranty (operational procedures standard and forms), which could be implanted and be implemented in laboratories of institutions of existing health education and research in Brazil. Conclusion: The theoretical conceptions that had based the study had been analyzed and compared with the theoretical research and on field and had made possible the choice and elaboration of management techniques and standardized procedures in function of the diagnosis of the interviewed laboratories. This will be able to reflect trust in the scientific community through the implantation of procedures and standardized techniques and in the future those laboratories may be credential in the REBLAS, conferring security to the researchers, as well as, credibility of the results. Medidas de SeguranÃa Qualidade LaboratÃrios Security Measures Laboratory Techniques and Procedures Quality Laboratories FARMACOLOGIA CLINICA
403	Framework de kernel para auto-proteção e administração em um sistema de segurança imunológico / A kernel framework for administration and selfprotection for a immunological security system Pereira, André Augusto da Silva, 1986- 23 August 2018 (has links) Orientador: Paulo Lício de Geus / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-23T23:09:29Z (GMT). No. of bitstreams: 1 Pereira_AndreAugustodaSilva_M.pdf: 2078139 bytes, checksum: 3b321df6a81e4d3aaa8cf753b119f8a1 (MD5) Previous issue date: 2013 / Resumo: O resumo poderá ser visualizado no texto completo da tese digital / Abstract: The complete abstract is available with the full electronic document / Mestrado / Ciência da Computação / Mestre em Ciência da Computação Sistemas operacionais (Computadores) Imunoinformática Operating systems (Computers) Computer networks - Security measures Immunoinformatics
404	The application of artificial intelligence within information security. De Ru, Willem Gerhardus 17 August 2012 (has links) D.Phil. / Computer-based information systems will probably always have to contend with security issues. Much research have already gone into the field of information security. These research results have yielded some very sophisticated and effective security mechanisms and procedures. However, due to the ever increasing sophistication of criminals, combined with the ever changing and evolving information technology environment, some limitations still exist within the field of information security. Recent years have seen the proliferation of products embracing so-called artificial intelligence technologies. These products are in fields as diverse as engineering, business and medicine. The successes achieved in these fields pose the question whether artificial intelligence has a role to play within the field of information security. This thesis discusses limitations within information security and proposes ways in which artificial intelligence can be effectively applied to address these limitations. Specifically, the fields of authentication and risk analysis are identified as research fields where artificial intelligence has much to offer. These fields are explored in the context of their limitations and ways in which artificial intelligence can be applied to address these limitations. This thesis identifies two mainstream approaches in the attainment of artificial intelligence. These mainstream approaches are referred to as the "traditional" approach and the "non-traditional" approach. The traditional approach is based on symbolic processing, as opposed to the non-traditional approach, which is based on an abstraction of human reasoning. A representative technology from each of these mainstream approaches is selected to research their applicability within information security. Actual working prototypes of artificial intelligence techniques were developed to substantiate the results obtained in this research. Artificial intelligence Computer security Fuzzy logic Information resources management
405	Artificial intelligence and knowledge management principles in secure corporate intranets Barry, Christopher 23 February 2010 (has links) M.Sc. (Computer Science) / Corporations throughout the world are facing numerous challenges in today’s competitive marketplace and are continuously looking for new and innovative means and methods of gaining competitive advantage. One of the means used to gain this advantage is that of information technology, and all the associated technologies and principles. These are primarily used to facilitate business processes and procedures that are designed to provide this competitive advantage. Significant attention has been given to each of the individual technologies and principles of Artificial Intelligence, Knowledge Management, Information Security, and Intranets and how they can be leveraged in order to improve efficiency and functionality within a corporation. However, in order to truly reap the benefits of these technologies and principles, it is necessary to look at them as a collaborative system, rather as individual components. This dissertation therefore investigates each of these individual technologies and principles in isolation, as well as in combination with each other to outline potential advantages, associated risks, and disadvantages when combining them within the corporate world. Based on these, the Intelligently Generated Knowledge (IGK) framework is outlined to implement such a collaborative system. Thereafter, an investigation of a theoretical situation is conducted based on this framework to examine the impact of the implementation of this type of collaborative system. The potential increase in cost savings, efficiency and functionality of corporations that would employ the IGK framework is clearly outlined in the theoretical example, and should this approach be adopted, it would be able to provide significant competitive advantage for any corporation. Artificial intelligence Knowledge management Intranets (Computer networks) Computer networks security measures
406	Objek-georiënteerde en rolgebaseerde verspreide inligtingsekerheid in 'n oop transaksieverwerking omgewing Van der Merwe, Jacobus 07 October 2014 (has links) M.Sc. (Computer Science) / Information is a valuable resource in any organisation and more and more organisations are realising this and want efficient means to protect it against disclosure, modification or destruction. Although relatively efficient security methods have been available almost as long as information databases, they all provide additional cost. This cost does not only involve money but also cost in terms of system performance and management of information security. Any new information security model must also provide better management of information security. In this dissertation we present a model that provides information security and aims to lower the technical skills required to manage information security using this approach. In any business organisation we can describe each employee's duties. Put in other words, we can say that each employee has a specific business role in the organisation. In organisations with many employees there are typically many employees that have more or less the same duties in the organisation. This means that employees can be grouped according to their business roles. We use an employee's role as a description of his/her duties in a business organisation. ' Each role needs resources to perform its duties in the organisation. In terms of computer systems, each role needs computer resources such as printers. Most roles need access to data files in the organisation's database but it is not desirable to give all roles access to all data files. It is obvious that roles have specific privileges and restrictions in terms of information resources. Information security can be achieved by identifying the business roles in an organisation and giving these roles only the privileges needed to fulfill their business function and then assigning these roles to people (users of the organisation's computer system). This is called role-based security. People's business functions are related, for example clerks and clerk-managers are related in the sense that a clerk-manager is a manager of clerks. Business roles are related in the same way. For an information security manager to assign roles to users it is important to see this relationship between roles. In this dissertation we present this relationship using a lattice graph which we call a role lattice. The main advantage of this is that it is eases information security management... Computers - Access control Data protection Computer security
407	Veilige indentifikasietegnieke vir gebruikers van rekenaarstelsels Rensleigh, Christopher William 07 October 2014 (has links) M.Com. (Informatics) / Please refer to full text to view abstract Computer networks - Security measures Computer security Smartcard technology Magnetic stipe card
408	Information security risk management in the South African small, medium and micro enterprise environment Van Niekerk, Liesel 07 July 2008 (has links) The small, medium and micro enterprise (SMME) environment of South Africa contributes 42% to the national gross domestic product. This is a high number for a largely under-regulated environment. The corporate governance and IT governance standards that apply to South African companies are not feasible for SMMEs, and neither are they enforced, although 80% of failures of SMMEs are attributable to lack of enterprise management skill. The first objective of this dissertation is to examine the South African SMME, and in so doing determine whether local regulatory standards can be used for this unique enterprise formation. The second objective of this dissertation is to determine whether international methodologies for information security risk management, as an inclusive of IT governance, may be used in the unique local SMME formation. The result of these two objectives creates a gap in a typical information security risk management methodology that is suitable for the South African regulatory and economic environment for SMMEs. A model has been created as a possible answer for filling the gap. The dissertation includes the Peculium Model, which answers the regulatory and economic requirements that resulted from the second objective. The Model allows the small enterprise a simple but effective method for managing risks to its information assets, with the control of corporate governance and IT governance included in its framework. The Model answers the methods for identifying and assessing risk in a tradition-based but feasible new qualitative technique. / Labuschagne, L., Prof. Small business Risk management Computer security management Information technology security measures
409	Internal control with specific reference to the intranet Van Jaarsveld, J.I. 10 February 2014 (has links) M.Com. (Computer Auditing) / Intranets and related technology, can be used to solve many problems in the local computing environment. But the use of the Intranet and the related technology also raises several control concerns. Because of the increased use of Intranets within the business environment, the internal control related to the Intranet has become an issue that needs to be addressed by management and the auditor. Computerization in the accounting environment has made it virtually impossible to audit around the computer. It is therefore essential that the auditor, and more specifically the computer auditor, should assess the influence of the Intranet on the audit objectives. The objective of this short dissertation is to evaluate the influence of Intranet technology on the audit objectives (within the Intranet's different spheres of application) in terms of the risks posed for the auditor and management. It was also aimed at identifying the security risks in relationship with the audit objectives... Intranets (Computer networks) Intranets (Computer networks) - Auditing
410	Network intrusion detection system using neural networks approach in networked biometrics system Mgabile, Tinny 09 April 2014 (has links) M.Phil. (Electrical and Electronic Engineering) / Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS. Computer networks - Security measures Neural networks (Computer science) Pattern recognition systems Biometric identification

Search results