Página 7 dos resultados de 8247 itens digitais encontrados em 0.017 segundos

An Optimum-Path Forest framework for intrusion detection in computer networks

Pereira, Clayton R.; Nakamura, Rodrigo Y. M.; Costa, Kelton A. P.; Papa, Joao P.
Fonte: Pergamon-Elsevier B.V. Ltd Publicador: Pergamon-Elsevier B.V. Ltd
Tipo: Artigo de Revista Científica Formato: 1226-1234
Português
Relevância na Pesquisa
46.64397%
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP); Processo FAPESP: 09/16206-1; Processo FAPESP: 10/02045-3; Processo FAPESP: 10/11676-7; Intrusion detection systems that make use of artificial intelligence techniques in order to improve effectiveness have been actively pursued in the last decade. However, their complexity to learn new attacks has become very expensive, making them inviable for a real time retraining. In order to overcome such limitations, we have introduced a new pattern recognition technique called optimum-path forest (OPF) to this task. Our proposal is composed of three main contributions: to apply OPF for intrusion detection, to identify redundancy in some public datasets and also to perform feature selection over them. The experiments have been carried out on three datasets aiming to compare OPF against Support Vector Machines, Self Organizing Maps and a Bayesian classifier. We have showed that OPF has been the fastest classifier and the always one with the top results. Thus, it can be a suitable tool to detect intrusions on computer networks, as well as to allow the algorithm to learn new attacks faster than other techniques. (C) 2012 Elsevier Ltd. All rights reserved.

Interdigital dielectrometry based detection and identification of dangerous materials for security applications

Sears, Jason, 1978-
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 137 p.; 2179275 bytes; 15358149 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
46.7112%
Recent terrorist threats have increased the attention paid to searching airline passengers for dangerous and explosive materials. In particular, the possibility that terrorists might hide explosives in shoes has prompted most airline screening stations to require that shoes be removed for x-ray inspection. This thesis is a preliminary investigation of an interdigital dielectrometry based method that could safely and accurately determine the material content within shoes while they are worn. Theoretical modeling of the sensor and the representative materials under test were conducted with the finite element analysis package Maxwell from Ansoft Corp. and analytic/numerical mathematical models for material property estimation. The studies show that dangerous materials hidden in the sole of a shoe could be detected and identified if they lie within the penetration depth of the sensor and if they are sufficiently different in their complex dielectric properties from the normal shoe material. Preliminary finite element computer simulations were also performed to show the effects of sensing electrode segmentation on improving the penetration depth of the electric field, but at the cost of reduced signal strength. Experiments using interdigital sensors with wavelengths ranging from 1 mm to 40 mm in the frequency range of 0.005 Hz to 10 kHz first on homogeneous materials such as air...

Foundations of Quantitative Information Flow: Channels, Cascades, and the Information Order

Espinoza Becerra, Barbara
Fonte: FIU Digital Commons Publicador: FIU Digital Commons
Tipo: Artigo de Revista Científica Formato: application/pdf
Português
Relevância na Pesquisa
46.82344%
Secrecy is fundamental to computer security, but real systems often cannot avoid leaking some secret information. For this reason, the past decade has seen growing interest in quantitative theories of information flow that allow us to quantify the information being leaked. Within these theories, the system is modeled as an information-theoretic channel that specifies the probability of each output, given each input. Given a prior distribution on those inputs, entropy-like measures quantify the amount of information leakage caused by the channel. This thesis presents new results in the theory of min-entropy leakage. First, we study the perspective of secrecy as a resource that is gradually consumed by a system. We explore this intuition through various models of min-entropy consumption. Next, we consider several composition operators that allow smaller systems to be combined into larger systems, and explore the extent to which the leakage of a combined system is constrained by the leakage of its constituents. Most significantly, we prove upper bounds on the leakage of a cascade of two channels, where the output of the first channel is used as input to the second. In addition, we show how to decompose a channel into a cascade of channels. We also establish fundamental new results about the recently-proposed g-leakage family of measures. These results further highlight the significance of channel cascading. We prove that whenever channel A is composition refined by channel B...

Case Study in Security Requirements Engineering for a High Assurance System

Irvine, Cynthia E.; Levin, Timothy E.; Wilson, Jeffery D.; Shifflett, David; Pereira, Bereira
Fonte: Proceedings of the 1st Symposium on Requirements Engineering for Information Security Publicador: Proceedings of the 1st Symposium on Requirements Engineering for Information Security
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.859175%
Requirements specifications for high assurance secure systems are rare in the open literature. This paper presents a case study in the development of a requirements document for a multilevel secure system that must meet stringent assurance and evaluation requirements. The system is secure, yet combines popular commercial components with specialized high assurance ones. Functional and non-functional requirements pertinent to security are discussed. A multi-dimensional threat model is presented. The threat model accounts for the developmental and operational phases of system evolution and for each phase accounts for both physical and non-physical threats. We describe our team-based method for developing a requirements document and relate that process to techniques in requirements engineering. The system requirements document presents a calibration point for future security requirements engineering techniques intended to meet both functional and assurance goals.

A Security Architecture for Transient Trust

Irvine, Cynthia E.; Levin, Timothy E.; Clark, Paul C.; Nguyen, Thuy D.
Fonte: Proceedings of the Modeling Security Workshop, Toulouse, France Publicador: Proceedings of the Modeling Security Workshop, Toulouse, France
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.766104%
In extraordinary situations, certain individuals may require access to information for which they are not normally authorized. For example, to facilitate rescue of people trapped inside of a burning building, firefighters may need its detailed floor plan -- information that may not typically be accessible to emergency responders. Thus, it is necessary to provide transient trust so that such sensitive information is available to selected individuals only during the emergency. The architecture presented here is designed to support transient trust. It encompasses pre-positioned, updatable domains for use exclusively during emergencies along with a set of normal domains with different sensitivity levels. Allocated to partitions, these domains are entered via a high integrity trusted path service located in a separate trusted partition. Interaction among subjects in different partitions is controlled by a high assurance separation kernel, and efficient use of devices is achieved through the application of a three-part device model. The resulting architecture enforces mandatory security policies, yet ensures secure and revocable access to a class of information during declared emergencies.

Building Trust Into A Multilevel File System

Irvine, Cynthia E.
Fonte: Proceedings, 13th National Computer Security Conference Publicador: Proceedings, 13th National Computer Security Conference
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.82344%
File systems are an intrinsic part of any operating system providing support for a general application environment. To help provide general operating system functionality, a multilevel file system is being built to run on the GEMSOS TCB. The process of designing a file system for a multilevel environment, although similar in many respects to that for its untrusted counterpart, should include consideration of factors which will render its structure consistent with the trusted environment upon which it is built. The file system should take advantage of the security mechanisms available from the TCB. In this paper, two techniques are described which contribute to building trust into a file system design. The first is the use of mandatory access controls as a constraining design guide, and the second is the use of the intended discretionary access control policy as a driver for design choices.

Practical and Experimental Approaches to Information Security Education

Irvine, Cynthia
Fonte: Escola de Pós-Graduação Naval Publicador: Escola de Pós-Graduação Naval
Português
Relevância na Pesquisa
46.766104%
Seventh Workshop on Education in Computer Security (WECS7)

Plan-based simulation of malicious intruders on a computer system [electronic resource]

Roberts, Christopher C.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
46.7112%
The problem addressed by this work was to reduce the time taken to train system administrators in detecting computer security problems in system audit logs. The approach taken was to develop a simulator which generates realistic audit logs that illustrate both non-malicious and malicious behavior. These logs can be used to train system administrators. The simulator was written in Prolog and used means-ends analysis to simulate seventeen combinations of general system functions which includes the following: logins, editing, file deletions, file copying, changing file access rights, obtaining superuser privileges, sending mail and logouts. The simulation manipulates virtual system files analogously to what real users do. This creates realistic audit file logs that include a mixture of normal and malicious activity. More impressive is that the entire source program requires only 19.1 kbytes of space, making it small enough to be compatible with a personal computer.

Security evaluation of Unix networks

Brown, Thomas L.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
37.595388%
Approved for public release, distribution is unlimited.; In recent years, computer networks have significantly increased in both complexity and number, and these networks are attractive targets for attack and intrusion. Unix networks being managed by the government and providing access to unclassified sensitive information are particularly vulnerable to attack. Ensuring the security of sensitive information will be one of the single most important management issues in computer/information security in the foreseeable future. Unfortunately, the number of automated security tools for Unix, as well as the number of computer security experts within DOD, has not increased sufficiently to keep up with the improvements in technology. The author proposes the concept of a security toolbox, containing a proposed standard set of automated security tools, to support Unix networks. The toolbox can be used to enhance system security, automating many of the security related tasks required of the network administrator. Additionally, organizational changes will be necessary to improve the availability of computer security advice and assistance. It is recommended that a study of the function and organization of computer security expertise be conducted...

Avoiding fear, uncertainty and doubt through effective security education

Irvine, Cynthia; Rose, Matthew
Fonte: Escola de Pós-Graduação Naval Publicador: Escola de Pós-Graduação Naval
Tipo: Conference Paper
Português
Relevância na Pesquisa
46.82344%
Sixth Workshop on Education in Computer Security (WECS6)

Open-source intelligence em sistemas SIEM

Rodrigues, Bernardo de Simas Gaspar
Fonte: Universidade de Lisboa Publicador: Universidade de Lisboa
Tipo: Dissertação de Mestrado
Publicado em //2015 Português
Relevância na Pesquisa
46.82344%
Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2015; A OSINT é uma interminável fonte de informação valiosa, em qualquer que seja o contexto, no qual exista a necessidade de lidar com ameaças humanas e imprevisíveis. A segurança informática não é excepção a esta regra e o uso de informação proveniente de canais OSINT tem-se, como temos vindo a observar com o advento da Threat Intelligence, firmado como um componente fundamental. Propomo-nos, com este trabalho, a integrar este canal de valioso conhecimento no SIEM (um paradigma também indispensável da área) de uma forma automatizada, através de uma ferramenta/framework que visa estabelecer a fundação de um instrumento extensível para recolher e reduzir grandes quantidades de informação a conjuntos, utilizáveis e úteis, de valiosos dados e conhecimentos sobre ameaças. Essa ferramenta irá recolher dados e, servindo-se de uma técnica simplista de aprendizagem de máquinas supervisionada, refiná-los, garantindo que ao SIEM apenas é passada informação relevante. Por forma a validar os nossos esforços, providenciamos provas empíricas da aplicabilidade da nossa solução, em contexto prático e real, demonstrando...

Master of Science in Computer Engineering (MSCE) description

Fonte: Monterey, California: Naval Postgraduate School Publicador: Monterey, California: Naval Postgraduate School
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.75675%
Description of the requirements for the MSCE program.; Purpose: The MSCE program provides both a broad-based education in traditional computer hardware and software related subjects while at the same time concentrating on military-relevant Computer Engineering tops such as Computer Security, High-Speed Networking, Distributed and Parallel computing, and Fault Tolerant computing.

A legal reasoning component of a network security command and control system

Sousa, Goncalo.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xvi, 79 p. : ill. ;
Português
Relevância na Pesquisa
46.7112%
Approved for public release; distribution is unlimited; There are numerous computer-aided tools to enable Computer Network Defense. However, their effectiveness in countering attacks is less than optimal when they are used independently of one another. Research has identified the requirements for an integrated command and control (C2) system that is able to conduct full-spectrum operations in the cyberspace environment. The most notable of that research revolves around the development and experimentation with the prototype system known as Cyber Command, Control and Information Operations System (C3IOS). C3IOS provides for a loose confederation of the cooperating systems with interaction between systems going through C2 interfaces. In this thesis, the authors introduce into C3IOS a means to support the commander's ability to take measured responses to coercive actions in a timely manner, specifically to facilitate the interaction between experts in the law of information conflict and information warriors responding to a cyber attack. The authors' research results in a set of use cases and requirements for the C2 understanding, planning, and deciding activities involved in such a capability, using Schmitt's analysis as an example.; Portuguese Navy author

Improved network security and disguising TCP/IP fingerprint through dynamic stack modification

Judd, Aaron C.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xvi, 41 p. ;
Português
Relevância na Pesquisa
46.64397%
"Each computer on a network has an OS Fingerprint that can be collected through various applications. Because of the complexity of network systems, vulnerabilities and exploitations of the same to gain access to systems will always be a problem. Those wishing to attack a system can use the OS Fingerprint to identify the types of vulnerabilities and software exploits that will be effective against the system. This paper discusses how system vulnerabilities become exploited and used by network attackers. Because OS Fingerprints are one of many tools network attackers will use to identify and attack a system, concealing a system's OS Fingerprint becomes an important part of securing that system. To demonstrate the capability of concealing the OS Fingerprint of a system, a prototype system was developed. This prototype changed the OS Fingerprint of a Linux system so that it matched a Windows NT system.

An Enterprise Information System for the Naval Security Group

Stevenson, James V.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: ix, 103 p.
Português
Relevância na Pesquisa
46.859175%
Approved for public release; distribution is unlimited; U.S. Naval Security Group (NSG) community data resides in disassociated systems with no clear data hierarchy. The NSG's lack of a central information framework wastes money, consumes manpower, and underutilizes claimancy resources. To improve NSG data operations, an Enterprise Information System (EIS) was designed and implemented using Commercial Off The Shelf hardware and software. First, an Internet browser-based, client server architecture was selected that optimizes performance, interoperability, and cost. Next, a database schema was designed and instantiated using relational technology. Then, web server database access files were created that emphasize connectivity and utility. Finally, EIS integrity and privacy concerns were examined. The prototype NSG EIS optimizes personnel and resources, improves data accuracy and timeliness, and enhances the Naval Security Group's aggressive pursuit of information dominance. The proposed NSG EIS provides the NSG with an affordable and efficient method to bring timely and accurate information to bear in an increasingly information dependent military.; http://www.archive.org/details/enterpriseinform00stev; Lieutenant Commander, United States Navy

Preliminary analysis of a trusted platform module (TPM) initialization process

Wiese, Brian K.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xxii, 129 p. ; ills.;
Português
Relevância na Pesquisa
46.64397%
As distributed system architectures such as peer-to-peer, grid computing and MANET become more popular, there is an increasing need for robust and scalable mechanisms to establish trust between entities. The Trusted Platform Module (TPM), provides for the possibility to establish trust at the hardware level for commercial hardware. While work has been done to leverage TPMs for Digital Rights Management (DRM) and other schemes, application of TPMs for robust identification and authentication in a MANET or other distributed environment have not been addressed. This research provides a simple analysis on the applicability of leveraging TPMs for enhanced computer security in today's military environment. A military convoy using laptops in a MANET is used as a hypothetical concept of operations. The problem of TPM initialization of a laptop, in particular, at a depot prior to deployment is addressed. The initialization steps that must be performed before using a TPM in any deployment have been studied and described, and suggestions are provided to address possible DoD concerns in using this technology.; Naval Postgraduate School author (civilian).

A Security Simulation Game Scenario Definition Language

Falby, Naomi; Thompson, Michael F.; Irvine, Cynthia E.
Fonte: IEEE Publicador: IEEE
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
37.571826%
The Center for the Information Systems Studies and Research (CISR) at the Naval Postgraduate School has established a broad program in computer and network security education. The program, founded on a core in traditional computer science, is extended by a progression of specialized courses and a broad set of information assurance research projects. A CISR objective has been improvement of information assurance education and training for the U.S. military and government. Pursuant to that objective, CISR is developing a computer simulation game, CyberCIEGE, to teach computer security principles. CyberCIEGE players construct computer networks and make choices effecting the ability of these networks and the game's virtual users to protect valuable assets from attack by both vandals and well-motivated Professionals [1]. A key CyberCIEGE innovative is a scenario definition language that permits educators to generate many different security scenarios, each playable as an independent game. Every scenario includes a briefing that describes an enterprise (e.g., a business that depends on the secrecy of proprietary information) and gives the player information about what must be done to help make the enterprise successful. The scenario language is used to define a set of users and assets. Users are typically enterprise employees whose productive work makes money for the enterprise. Assets are various kinds of information required for user productivity. Example assets are secret formulas...

Optimizing neural networks for enhancing air traffic security; Building an optimized neural network for enhancing air safety

Cooney, Geoffrey T. (Geoffrey Thomas), 1980-
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 163 leaves; 7390393 bytes; 7412147 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
46.64397%
This thesis contains the process and results related to optimizing a neural network to predict future positions of airplanes in the vicinity of airports. These predicted positions are then used to calculate future separation distances between pairs of airplanes. The predicted values of the separation distance are used to ensure adequate distances between adjacent aircrafts in the air and, if necessary, to create early warning alarms to alert air traffic control tower personnel about planes that may pass too near each other in the immediate future. The thesis covers three areas of work on this topic. The first section involves optimizing a neural network for Chicago O'Hare Airport. The second is related to gathering data on the performance of this network in different scenarios. These data can be used to determine if the different days/runways have different characteristics. The final phase of this document describes how to generalize the process used to build an optimized neural network for Chicago O'Hare airport in order to provide the capability to easily recreate the process for another airport.; by Geoffrey T. Cooney.; Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science...

Video CAPTCHAs: usability vs. security

Kluever, Kurt Alfred; Zanibbi, Richard
Fonte: IEEE Western New York Image Processing Workshop Publicador: IEEE Western New York Image Processing Workshop
Tipo: Proceeding
Português
Relevância na Pesquisa
46.766104%
©2008 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. "Video CAPTCHAs: Usability vs. Security" IEEE Western New York Image Processing Workshop. Held at Rochester Institute of Technology: Rochester, NY: 26 September 2008

Detecting Simulated Attacks in Computer Networks Using Resilient Propagation Artificial Neural Networks

Garcia,Mario A.; Trinh,Tung
Fonte: Instituto Politécnico Nacional, Centro de Innovación y Desarrollo Tecnológico en Cómputo Publicador: Instituto Politécnico Nacional, Centro de Innovación y Desarrollo Tecnológico en Cómputo
Tipo: Artigo de Revista Científica Formato: text/html
Publicado em 01/06/2015 Português
Relevância na Pesquisa
46.82344%
In a large network, it is extremely difficult for an administrator or security personnel to detect which computers are being attacked and from where intrusions come. Intrusion detection systems using neural networks have been deemed a promising solution to detect such attacks. The reason is that neural networks have some advantages such as learning from training and being able to categorize data. Many studies have been done on applying neural networks in intrusion detection systems. This work presents a study of applying resilient propagation neural networks to detect simulated attacks. The approach includes two main components: the Data Preprocessing module and the Neural Network. The Data Preprocessing module performs normalizing data function while the Neural Network processes and categorizes each connection to find out attacks. The results produced by this approach are compared with present approaches.