Dissertations / Theses on the topic 'Attack on the network'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Attack on the network.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
Avidan, Lenoy. "Dynamic Shifting of Virtual Network Topologies for Network Attack Prevention." DigitalCommons@CalPoly, 2019. https://digitalcommons.calpoly.edu/theses/1986.
Full textKaraaslan, Ibrahim. "Anti-sensor Network: Distortion-based Distributed Attack In Wireless Sensor Networks." Master's thesis, METU, 2008. http://etd.lib.metu.edu.tr/upload/3/12609276/index.pdf.
Full textGerbert, Oscar. "Attack on the Chaos Sensor Network Protocol." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-260480.
Full textVan, Heerden Renier Pelser. "A formalised ontology for network attack classification." Thesis, Rhodes University, 2014. http://hdl.handle.net/10962/d1011603.
Full textTan, Hailun Computer Science & Engineering Faculty of Engineering UNSW. "Secure network programming in wireless sensor networks." Awarded By:University of New South Wales. Computer Science & Engineering, 2010. http://handle.unsw.edu.au/1959.4/44835.
Full textHamid, Thaier K. A. "Attack graph approach to dynamic network vulnerability analysis and countermeasures." Thesis, University of Bedfordshire, 2014. http://hdl.handle.net/10547/576432.
Full textSchuhart, Russell G. "Hacking social networks examining the viability of using computer network attack against social networks." Thesis, Monterey, Calif. : Naval Postgraduate School, 2007. http://bosun.nps.edu/uhtbin/hyperion.exe/07Mar%5FSchuhart.pdf.
Full textThesis Advisor(s): David Tucker. "March 2007." Includes bibliographical references (p. 55-56). Also available in print.
Klaus, Christian. "Network design for reliability and resilience to attack." Thesis, Monterey, California: Naval Postgraduate School, 2014. http://hdl.handle.net/10945/41406.
Full textWe define and solve two network-design problems. In the first, (1) a defender uses limited resources to select a portfolio of paths or design a sub-network; (2) an attacker then uses limited attack resources to destroy network arcs, and then (3) the defender operates the damaged network optimally by ending a shortest path. The solution identifies a network design that minimizes post-attack path length. We show how the tri-level problem is equivalent to a single-level mixed integer program (MIP) with an exponential number of rows and columns, and solve that MIP using simultaneous row and column generation. Methods extend to network operations denied through general now constructs. The second problem considers a stochastic logistics network where arcs are present randomly and independently. Shipping from a source to a destination may be delayed until a path connecting the two is available. In the presence of storage capacity, cargo can be shipped partway. The problem's solution identifies the storage locations that minimize the cargo's waiting time for shipment. We develop and demonstrate practical methods to solve this #P-complete problem on a model instance derived from a Department of Defense humanitarian shipping network.
Mohammadnia, Hamzeh. "IoT-NETZ: Spoong Attack Mitigation in IoT Network." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-260250.
Full textDen fenomenala tillväxten av IoT och populariteten hos mobilstationerna har snabbt ökat efterfrågan på WLAN-nätverk (känd som IEEE 802.11 och WiFi). WLAN är ett billigt alternativ för mobilnätet och är ett olicensierat spektrum för att bygga huvudplanen för att bädda in Internet i allt-och-var som helst. Samtidigt är det inte trivialt att övervaka antalet IoT och WiFi-aktiverade enheter över bostäder och företag. Därför kräver framtida WiFi nätverksarkitektur ett smidigt hantering paradigm för att tillhandahålla internt stöd och säkerhet för WiFi-nätverk.Användningen av IoT och mobilanvändningsapplikationer är beroende av skalbarhet och högpresterande beräkningar av moln. Cloud computing har helt centraliserat den nuvarande datacenters nätverksarkitektur och det ger beräkningsintensiva, höghastighetsnätverk och realtidssvar påbegäran från IoT. IoT-till-moln kommunikationen är kärnan i nätverkssäkerhetshänsyn och de har ett allvarligt behov av ständig förbättring och säkerhetshärdning inom deras internätverk. Baserat på antalet undersökningar och analyser av genererad trafik av IoT har det observerats. Det finns det betydande antalet massiva spoofing-orienterade attacker som riktar sig mot molntjänster, lanseras från komprometterad IoT.På grundval av att granska tidigare undersökningar om IoTs mest genomförda nätverksattacker finns det en utmanande och gemensam egenskap som ofta utnyttjats i de många massiva internetattackerna. Detta arbete kommer att undersöka de befintliga lösningarna som har implementerats för att skydda både traditionella och mjukvariga nätverksparadigmer. Därefter föreslår det tillvägagångssättet för detta arbete som möjliggör IoT-värdnät skyddade genom att använda SDWN inom den föreslagna modellen för att mildra poofing-orienterade nätverksattacker. Dessutom erbjuder den föreslagna lösningen miljöhållbarhet genom att spara strömförbrukning i nätverksenheter under nätverksdrift. Den praktiska förbättringen av den föreslagna modellen mäts och utvärderas inom den omgivande miljön av Mininet-WiFi.
Kenar, Serkan. "An Extensible Framework For Automated Network Attack Signature Generation." Master's thesis, METU, 2010. http://etd.lib.metu.edu.tr/upload/2/12611418/index.pdf.
Full textNazari, Mahmood, and Kun Zhou. "Campus Network Design and Man-In-The-Middle Attack." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-25683.
Full textOguz, Saziye Deniz. "Protein Domain Networks: Analysis Of Attack Tolerance Under Varied Circumstances." Master's thesis, METU, 2010. http://etd.lib.metu.edu.tr/upload/12612518/index.pdf.
Full textAlmohri, Hussain. "Security risk prioritization for logical attack graphs." Thesis, Manhattan, Kan. : Kansas State University, 2008. http://hdl.handle.net/2097/1114.
Full textSuraev, Maxim. "Denial-of-service attack resilience of the GSM access network." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2011. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-13313.
Full textWilliams, Leevar (Leevar Christoff). "GARNET : a Graphical Attack graph and Reachability Network Evaluation Tool." Thesis, Massachusetts Institute of Technology, 2008. http://hdl.handle.net/1721.1/46367.
Full textThis electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Includes bibliographical references (p. 101-102).
Attack graphs are valuable tools in the assessment of network security, revealing potential attack paths an adversary could use to gain control of network assets. Creating an effective visualization for attack graphs is essential to their utility, but many previous efforts produce complex displays that are difficult to relate to the underlying networks. This thesis presents GARNET (Graphical Attack graph and Reachability Network Evaluation Tool), an interactive visualization tool intended to facilitate the task of attack graph analysis. The tool provides a simplified view of critical steps that can be taken by an attacker and of host-to-host network reachability that enables these exploits. It allows users to perform "what-if" experiments including adding new zero-day attacks, following recommendations to patch software vulnerabilities, and changing the attacker starting location to analyze external and internal attackers. Users are able to view a set of attack graph metrics that summarize different aspects of overall network security for a specific set of attacker models. An initial user evaluation of GARNET identified problematic areas of the interface that assisted in the development of a more functional design.
by Leevar Williams.
M.Eng.
Ikusan, Ademola A. "Collaboratively Detecting HTTP-based Distributed Denial of Service Attack using Software Defined Network." Wright State University / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1515067456228498.
Full textShafley, William K. "Business architecture model for network centric surface combatant land attack warfare." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2001. http://handle.dtic.mil/100.2/ADA397350.
Full textThesis advisor(s): Jansen, Erik; Brock, Floyd. "September 2001." Includes bibliographical references (p.115-116). Also available in print.
Chen, Ruiliang. "Enhancing Attack Resilience in Cognitive Radio Networks." Diss., Virginia Tech, 2008. http://hdl.handle.net/10919/26330.
Full textPh. D.
Giannini, Beatrice. "Attack and Mitigation Modelling for Software-Defined Networks." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2020. http://amslaurea.unibo.it/19817/.
Full textLu, Song. "Auto Red Team a network attack automation framework based on Decision Tree /." [Ames, Iowa : Iowa State University], 2008.
Find full textJavaid, Ahmad Yazdan. "Cyber Security Threat Analysis and Attack Simulation for Unmanned Aerial Vehicle Network." University of Toledo / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1438816219.
Full textYieh, Pierson. "Vehicle Pseudonym Association Attack Model." DigitalCommons@CalPoly, 2018. https://digitalcommons.calpoly.edu/theses/1840.
Full textKhanal, Sandarva, and Ciara Lynton. "Packet Simulation of Distributed Denial of Service (DDoS) Attack and Recovery." International Foundation for Telemetering, 2013. http://hdl.handle.net/10150/579511.
Full textDistributed Denial of Service (DDoS) attacks have been gaining popularity in recent years. Most research developed to defend against DDoS attacks have focused on analytical studies. However, because of the inherent nature of a DDoS attack and the scale of a network involved in the attack, analytical simulations are not always the best way to study DDoS attacks. Moreover, because DDoS attacks are considered illicit, performing real attacks to study their defense mechanisms is not an alternative. For this reason, using packet/network simulators, such as OPNET Modeler, is the best option for research purposes. Detection of an ongoing DDoS attack, as well as simulation of a defense mechanism against the attack, is beyond the scope of this paper. However, this paper includes design recommendations to simulate an effective defense strategy to mitigate DDoS attacks. Finally, this paper introduces network links failure during simulation in an attempt to demonstrate how the network recovers during and following an attack.
Costantini, Kevin C. "Development of a cyber attack simulator for network modeling and cyber security analysis /." Online version of thesis, 2007. http://hdl.handle.net/1850/5440.
Full textJayashankaraShridevi, Rajesh. "Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-Chip." DigitalCommons@USU, 2015. https://digitalcommons.usu.edu/etd/4548.
Full textNanda, Sanjeeb. "GRAPH THEORETIC MODELING: CASE STUDIES IN REDUNDANT ARRAYS OF INDEPENDENT DISKS AND NETWORK DEFENSE." Doctoral diss., University of Central Florida, 2007. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/3165.
Full textPh.D.
School of Electrical Engineering and Computer Science
Engineering and Computer Science
Computer Science PhD
Chen, Xiangqian. "Defense Against Node Compromise in Sensor Network Security." FIU Digital Commons, 2007. http://digitalcommons.fiu.edu/etd/7.
Full textde, Waern Henrik. "Computer Network Attack som olovligt våld : en fråga om association, effekt, aktör och mål." Thesis, Swedish National Defence College, Swedish National Defence College, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:fhs:diva-22.
Full textI Estland 2007 utbröt vad som kommit att kallas ”Cyberwar I”, vari ett stort antal centrala myndigheters, tillika finansiella institutioners servrar attackerades av massiva så kallade Computer Network Attacks (CNA), utfört av framförallt ryska aktörer. Estland protesterade högljutt, men frågan huruvida CNA är att beteckna som olovligt är allt annat än klar. Prövningen sker mot den folkrättsliga regimen Jus ad Bellum, och huruvida metoden uppfyller vissa centrala begrepp. Men hur skall denna regim appliceras CNA?
De frågeställningar som avses besvaras är: hur kan CNA utgöra våld eller hot om våld i enlighet med FN-stadgans artikel 2(4) samt hur kan CNA utgöra väpnat angrepp i enlighet med FN-stadgans artikel 51? Detta avses göras genom en studie inbegripande flertalet folkrättsliga experters teorier på området CNA och våldsanvändning, samt applicering av desamma på en fallstudie av händelserna i Estland 2007.
Sammanfattningsvis konstateras att flertalet variabler har bärighet i hur CNA kan uppfylla artiklarnas centrala begrepp, vari frågan om association, effekt, aktör och mål tydligast faller ut. I en efterföljande diskussion påvisas dock hur variablerna endast är att betrakta som indicier på hur CNA kan klassas så som olovligt, varvid endast statspraxis kan ge den slutgiltiga bedömningen.
Arikan, Erinc. "Attack profiling for DDoS benchmarks." Access to citation, abstract and download form provided by ProQuest Information and Learning Company; downloadable PDF file Mb., 96 p, 2006. http://gateway.proquest.com/openurl?url_ver=Z39.88-2004&res_dat=xri:pqdiss&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&rft_dat=xri:pqdiss:1435821.
Full textPagna, Disso Jules F. "A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/5248.
Full textBhattacherjee, Debopam. "Stepping Stone Detection for Tracing Attack Sources in Software-Defined Networks." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-190121.
Full textStaples, Zachary H. Michael Robert J. "Redefining attack : taking the offensive against networks /." Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Mar%5FStaples.pdf.
Full textThesis advisor(s): Dan Moran, John Hiles, Rudy Darken. Includes bibliographical references (p. 134-138). Also available online.
Moore, Tyler Weston. "Cooperative attack and defense in distributed networks." Thesis, University of Cambridge, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.612283.
Full textMichael, Robert J., and Zachary H. Staples. "Redefining attack: taking the offensive against networks." Thesis, Monterey, California. Naval Postgraduate School, 2003. http://hdl.handle.net/10945/1063.
Full textThis thesis done in cooperation with the MOVES Institute
The Information Age empowers individuals, and affords small groups an opportunity to attack states' interests with an increasing variety of tactics and great anonymity. Current strategies to prevail against these emerging threats are inherently defensive, relying on potential adversaries to commit mistakes and engage in detectable behavior. While defensive strategies are a critical component of a complete solution set, they cede initiative to the adversary. Moreover, reactive measures are not suited to quickly suppress adversary networks through force. To address this shortfall in strategic planning, the science of networks is rapidly making clear that natural systems built over time with preferential attachment form scale-free networks. These networks are naturally resilient to failure and random attack, but carry inherent vulnerabilities in their highly connected hubs. Taking the offensive against networks is therefore an exercise in discovering and attacking such hubs. To find these hub vulnerabilities in network adversaries, this thesis proposes a strategy called Stimulus Based Discovery, which leads to rapid network mapping and then systematically improves the accuracy and validity of this map while simultaneously degrading an adversary's network cohesion. Additionally, this thesis provides a model for experimenting with Stimulus Based Discovery in a Multi-Agent System.
Lieutenant, United States Navy
Pagna, Disso Jules Ferdinand. "A novel intrusion detection system (IDS) architecture : attack detection based on snort for multistage attack scenarios in a multi-cores environment." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/5248.
Full textBencel, Jozef. "Analýza bezpečnosti bezdrátových sítí." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2009. http://www.nusl.cz/ntk/nusl-218125.
Full textLimmer, Tobias [Verfasser], and Falko [Akademischer Betreuer] Dressler. "Efficient Network Monitoring for Attack Detection = Effizientes Netzwerkmonitoring für Angriffserkennung / Tobias Limmer. Betreuer: Falko Dressler." Erlangen : Universitätsbibliothek der Universität Erlangen-Nürnberg, 2011. http://d-nb.info/1015474462/34.
Full textSangster, Benjamin F. "Performance of VoIP services on a DOCSIS network targeted by a denial of service attack." Connect to this title online, 2007. http://etd.lib.clemson.edu/documents/1193080291/.
Full textTitle from first page of PDF file. Document formatted into pages; contains xi, 66 p. ; also includes graphics (chiefly col). Contains additional supplemental file.
Sung, Minho. "Scalable and efficient distributed algorithms for defending against malicious Internet activity." Diss., Available online, Georgia Institute of Technology, 2006, 2006. http://etd.gatech.edu/theses/available/etd-07172006-134741/.
Full textXu, Jun, Committee Chair ; Ahamad, Mustaque, Committee Member ; Ammar, Mostafa, Committee Member ; Bing, Benny, Committee Member ; Zegura, Ellen, Committee Member.
Yan, Qiben. "Security Enhanced Communications in Cognitive Networks." Diss., Virginia Tech, 2014. http://hdl.handle.net/10919/49704.
Full textPh. D.
Salla, Vamsi. "Error and attack tolerance of complex real networks." Morgantown, W. Va. : [West Virginia University Libraries], 2005. https://eidr.wvu.edu/etd/documentdata.eTD?documentid=4311.
Full textTitle from document title page. Document formatted into pages; contains x, 80 p. : ill. (some col.). Includes abstract. Includes bibliographical references (p. 70-72).
Rejeb, Ridha. "Fault and attack management in all-optical networks." Thesis, University of Warwick, 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.425517.
Full textFurman, Joshua R. (Joshua Ronni) 1977. "Attack notification and adaptation in ad hoc networks." Thesis, Massachusetts Institute of Technology, 2002. http://hdl.handle.net/1721.1/87423.
Full textGorlatova, Maria A. "Wormhole attack detection in wireless ad hoc networks." Thesis, University of Ottawa (Canada), 2007. http://hdl.handle.net/10393/27459.
Full textFall, Moustapha. "Cyber-Physical Systems Security: Machine to Machine Controlled by PLC in a Local Network." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1623168149265934.
Full textAlserhani, Faeiz. "A framework for correlation and aggregation of security alerts in communication networks : a reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5430.
Full textFlucke, Thomas J. "IDENTIFICATION OF USERS VIA SSH TIMING ATTACK." DigitalCommons@CalPoly, 2020. https://digitalcommons.calpoly.edu/theses/2208.
Full textHedefalk, Finn. "Robustness of Spatial Databases: Using Network Analysis on GIS Data Models." Thesis, University of Gävle, Department of Technology and Built Environment, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hig:diva-6625.
Full textDemands on the quality and reliability of Volunteered Geographic Information have increased because of its rising popularity. Due to the less controlled data entry, there is a risk that people provide false or inaccurate information to the database. One factor that affects the effect of such updates is the network structure of the database schema, which might reveal the database’s robustness against different kinds of false updates. Therefore, network analyses are needed. The aim is to analyse GIS data models, stored in UML class diagrams, for scale-free and small-world properties. Moreover, a robustness analysis is to be carried out on selected data models in order to find out their error and attack tolerance against, for example, false updates. Three graphs were specified from the UML class diagrams: (1) class graphs: classes as nodes and their interactive relationships as connections; (2) attribute graphs: classes and attributes as nodes, with connections between the classes and their attributes; and (3) schema graphs: attributes as nodes and their interactive relationships inside and outside the tables as links. The analysed class diagrams were stored in XMI, and therefore transformed with XSLT to the Pajek network format. Thereafter, small-world and scale-free analyses as well as a robustness analysis were performed on the graphs.
The results from the scale-free analyses showed no strict power-laws. Nevertheless, the classes’ relationships and attributes, and the betweenness in the schema graphs were long-tailed distributed. Furthermore, the schema graphs had small-world properties, and the analysed class and schema graphs were robust against errors but fragile against attacks. In a network structure perspective, these results indicate that false updates on random tables of a database should usually do little harm, but falsely updating the most central cells or tables may cause big damage. Consequently, it may be necessary to monitor and constrain sensitive cells and tables in order to protect them from attacks
Antunes, João Alexandre Simões 1981. "Network attack injection." Doctoral thesis, 2012. http://hdl.handle.net/10451/7244.
Full textThe increasing reliance on networked computer systems demands for high levels of dependability. Unfortunately, new threats and forms of attack are constantly emerging to exploit vulnerabilities in systems, compromising their correctness. An intrusion in a network server may affect its users and have serious repercussions in other services, possibly leading to new security breaches that can be exploited by further attacks. Software testing is the first line of defense in opposing attacks because it can support the discovery and removal of weaknesses in the systems. However, searching for flaws is a difficult and error-prone task, which has invariably overlooked vulnerabilities. The thesis proposes a novel methodology for vulnerability discovery that systematically generates and injects attacks, while monitoring and analyzing the target system. An attack that triggers an unexpected behavior provides a strong indication of the presence of a flaw. This attack can then be given to the developers as a test case to reproduce the anomaly and to assist in the correction of the problem. The main focus of the investigation is to provide a theoretical and experimental framework for the implementation and execution of attack injection on network servers. Several innovative solutions related to this approach are covered, including ways to infer a specification of the protocol implemented by the server, the generation of a comprehensive set of attacks, the injection and monitoring of the target system, and the automatic analysis of results. Furthermore, we apply some of the developed techniques to other areas of network security, namely to intrusion tolerance and detection. In particular, a new method is proposed to assist on the evaluation of the compliance of diverse replicas in intrusion-tolerant systems.
O aumento da dependência e confiança depositada nos sistemas de rede, exige níveis de confiabilidade cada vez mais elevados. Infelizmente, novas ameaças e formas de ataque estão constantemente a surgir, explorando vulnerabilidades nos sistemas e comprometendo a sua correta operação. Uma intrusão num servidor de rede pode afetar os seus utilizadores e ter graves repercussões noutros serviços, eventualmente abrindo novas brechas de segurança que podem ser exploradas por outros ataques. O teste de software é a primeira linha de defesa na oposição a ataques porque pode apoiar a descoberta e remoção de fraquezas dos sistemas. No entanto, a procura de falhas é uma tarefa difícil e propensa a erros, e que tem invariavelmente deixado escapar vulnerabilidades. A tese propõe uma nova metodologia para a descoberta da vulnerabilidades que permite a sistemática geração e injeção de ataques, e a simultânea monitorização e análise do sistema-alvo. Um ataque que desencadeie um comportamento inesperado é uma forte indicação da presença de uma falha. Este ataque pode então ser dado à equipa de desenvolvimento como um caso de teste para reproduzir a anomalia e para auxiliar na correção do problema. O foco principal da investigação é fornecer um quadro teórico e experimental para a concretização e execução da injeção de ataques em servidores de rede. Diversas soluções inovadoras relacionadas com esta abordagem são estudadas, incluindo a inferência da especificação do protocolo concretizado pelo servidor, a geração de um conjunto abrangente de ataques, a injeção e monitorização do sistema-alvo e a análise automática dos resultados. Além disso, aplicamos algumas das técnicas aqui desenvolvidas noutras áreas de segurança de redes, nomeadamente, para a tolerância e deteção de intrusões. Em particular, é proposto um novo método para a avaliação da conformidade de réplicas em sistemas tolerantes a intrusões com diversidade.
Fundação para a Ciência e a Tecnologia (FCT, SFRH/BD/-44336/2008, projetos POSC/EIA/61643/2004 (AJECT) e PTDC/EIA-EIA/100894/2008 (DIVERSE); Multi-annual and CMU-Portugal Programmes; European Comission, projetos IST-2004-27513 (CRUTIAL) e FP7-257475 (MASSIF).
Chen, Ming-Hung, and 陳明宏. "Attack Graph Based Network Defense." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/10775568647829336324.
Full text中原大學
資訊工程研究所
93
As the society gradually evolved to accommodate the advances of technologies, many network applications have been invented, which lead to the flourishing development of the Internet. With more and more services move to the Internet, intruders are attracted by the possible advantages they are able to take by exploiting human mistakes or software vulnerabilities. On seeing a suspicious packet, the response an intrusion detection system makes is usually based on the alert solely; environmental characteristics and the current network states are rarely considered. In order to prevent an intruder from achieving his final goal after initial attacks are detected, an automated mechanism that can help in making appropriate decisions on the response strategies and the response actors is needed. Intrusion detection systems produce certain amount of false alarms; and, usually, they react to intrusion events statically .In this thesis, we proposed a mechanism based on attack graph to strengthen the dependability of alarms. Also, when an alarm matches to the attack graph of the site in concern, the mechanism can help to determine the appropriate response to take.