Bibliografie tematiche / Attacks detection

Letteratura scientifica selezionata sul tema "Attacks detection"

Autore: Grafiati
Pubblicato: 8 giugno 2024

Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili

Scegli il tipo di fonte:

Consulta la lista di attuali articoli, libri, tesi, atti di convegni e altre fonti scientifiche attinenti al tema "Attacks detection".

Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.

Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.

Indice

  1. Articoli di riviste
  2. Tesi
  3. Libri
  4. Capitoli di libri
  5. Atti di convegni
  6. Rapporti di organizzazioni

Articoli di riviste sul tema "Attacks detection":

1

BALIGA, SANDEEP, ETHAN BUENO DE MESQUITA e ALEXANDER WOLITZKY. "Deterrence with Imperfect Attribution". American Political Science Review 114, n. 4 (3 agosto 2020): 1155–78. http://dx.doi.org/10.1017/s0003055420000362.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Motivated by recent developments in cyberwarfare, we study deterrence in a world where attacks cannot be perfectly attributed to attackers. In the model, each of $$ n $$ attackers may attack the defender. The defender observes a noisy signal that probabilistically attributes the attack. The defender may retaliate against one or more attackers and wants to retaliate against the guilty attacker only. We note an endogenous strategic complementarity among the attackers: if one attacker becomes more aggressive, that attacker becomes more “suspect” and the other attackers become less suspect, which leads the other attackers to become more aggressive as well. Despite this complementarity, there is a unique equilibrium. We identify types of improvements in attribution that strengthen deterrence—namely, improving attack detection independently of any effect on the identifiability of the attacker, reducing false alarms, or replacing misidentification with non-detection. However, we show that other improvements in attribution can backfire, weakening deterrence—these include detecting more attacks where the attacker is difficult to identify or pursuing too much certainty in attribution. Deterrence is improved if the defender can commit to a retaliatory strategy in advance, but the defender should not always commit to retaliate more after every signal.
2

Kareem, Mohammed Ibrahim, Mohammad Jawad Kadhim Abood e Karrar Ibrahim. "Machine learning-based PortScan attacks detection using OneR classifier". Bulletin of Electrical Engineering and Informatics 12, n. 6 (1 dicembre 2023): 3690–96. http://dx.doi.org/10.11591/eei.v12i6.4142.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
PortScan attacks are a common security threat in computer networks, where an attacker systematically scans a range of network ports on a target system to identify potential vulnerabilities. Detecting such attacks in a timely and accurate manner is crucial to ensure network security. Attackers can determine whether a port is open by sending a detective message to it, which helps them find potential vulnerabilities. However, the best methods for spotting and identifying port scanner attacks are those that use machine learning. One of the most dangerous online threats is PortScan attack, according to experts. The research is work on detection while improving detection accuracy. Dataset containing tags from network traffic is used to train machine learning techniques for classification. The JRip algorithm is trained and tested using the CICIDS2017 dataset. As a consequence, the best performance results for JRip-based detection schemes were 99.84%, 99.80%, 99.80%, and 0.09 ms for accuracy, precision, recall, F-score, and detection overhead, respectively. Finally, the comparison with current models demonstrated our model's proficiency and advantage with increased attack discovery speed.
3

O, Belej, Spas N, Artyshchuk I e Fedastsou M. "Construction of a multi-agent attack detection system based on artificial intelligence models". Artificial Intelligence 26, jai2021.26(1) (30 giugno 2021): 22–30. http://dx.doi.org/10.15407/jai2021.01.022.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Statistics of recent years on attacking actions on information systems show both the growth of known attackers and the growth of new models and directions of attacks. In this regard, the task of collecting information about events occurring in the information system and related to the main objects of the information system, and conducting their effective analysis is relevant. The main requirements for the tools of analysis are: speed and ability to adapt to new circumstances - adaptability. Means that meet these requirements are artificial intelligence systems. In particular, there are a number of research that use neural networks as a means of analysis. There are different types of neural networks, which differ depending on the tasks to be solved and are more suitable for different input data. The proposed multi-agent attack detection system collects and analyzes the collected information about the events of the information system using two types of neural networks. A multilayer perceptron is used to analyze various logs of information system objects. The Jordan network is used to analyze directly collected information about the events of information system objects. The use of a multi-agent attack detection system can increase the security of the information system. Features of modern attacks are considered. The urgency of the task of detecting attacks is substantiated. The peculiarities of the attack process were considered. The actions of attackers of different types at different stages of the attack are analyzed. It was shown which methods of detecting attacks should be used at different stages of the attack by an attacker. A model of a multi-agent attack detection system is proposed. An interpretation of the results of the analysis of information system events by the method of detecting attacks was proposed, as well as an algorithm for joint decision-making by agents based on several sources of information about their status. A model of an attack detection system that takes into account these features is proposed. This attack detection system collects information at several levels of the information system and uses it to analyze the artificial intelligence system
4

Sambangi, Swathi, e Lakshmeeswari Gondi. "A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression". Proceedings 63, n. 1 (25 dicembre 2020): 51. http://dx.doi.org/10.3390/proceedings2020063051.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.
5

Xuan, Cho Do, Duc Duong e Hoang Xuan Dau. "A multi-layer approach for advanced persistent threat detection using machine learning based on network traffic". Journal of Intelligent & Fuzzy Systems 40, n. 6 (21 giugno 2021): 11311–29. http://dx.doi.org/10.3233/jifs-202465.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Advanced Persistent Threat (APT) is a dangerous network attack method that is widely used by attackers nowadays. During the APT attack process, attackers often use advanced techniques and tools, thus, causing many difficulties for information security systems. In fact, to detect the APT attacks, intrusion detection systems cannot rely on one technique or method but often combine multiple techniques and methods. In addition, the approach for APT attack detection using behavior analysis and evaluation techniques is facing many difficulties due to the lack of characteristic data of attack campaigns. For the above reasons, in this paper, we propose a method for APT attack detection based on a multi-layer analysis. The multi-layer analysis technique in our proposal computes and analyzes various events in Network Traffic to detect and synthesize abnormal signs and behaviors in order to make conclusions about the existence of APT in the system. Specifically, in our proposal, we will use serial 3 main layers for the APT attack detection process including i) Detecting APT attacks based on analyzing abnormal connection; ii) Detecting APT attacks based on analyzing and evaluating Suricata log; iii) Detecting APT attacks based on analyzing behavior profiles that are compiled from layers (i) and (ii). To achieve these goals, the multi-layer analysis technique for APT attack detection will perform 2 main tasks: i) Analyzing and evaluating components of Network Traffic based on abnormal signs and behaviors. ii) building and classifying behavior profile based on each component of network traffic. In the experimental section, we will compare and evaluate the effectiveness of the APT attack detection process of each layer in the multi-layer analysis model using machine learning. Experimental results have shown that the APT attack detection method based on analyzing behavior profile has yielded better results than individual detection methods on all metrics. The research results shown in the paper not only demonstrate the effectiveness of the multilayer analysis model for APT attack detection but also provide a novel approach for detecting several other cyber-attack techniques.
6

Haseeb-ur-rehman, Rana M. Abdul, Azana Hafizah Mohd Aman, Mohammad Kamrul Hasan, Khairul Akram Zainol Ariffin, Abdallah Namoun, Ali Tufail e Ki-Hyung Kim. "High-Speed Network DDoS Attack Detection: A Survey". Sensors 23, n. 15 (1 agosto 2023): 6850. http://dx.doi.org/10.3390/s23156850.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Having a large number of device connections provides attackers with multiple ways to attack a network. This situation can lead to distributed denial-of-service (DDoS) attacks, which can cause fiscal harm and corrupt data. Thus, irregularity detection in traffic data is crucial in detecting malicious behavior in a network, which is essential for network security and the integrity of modern Cyber–Physical Systems (CPS). Nevertheless, studies have shown that current techniques are ineffective at detecting DDoS attacks on networks, especially in the case of high-speed networks (HSN), as detecting attacks on the latter is very complex due to their fast packet processing. This review aims to study and compare different approaches to detecting DDoS attacks, using machine learning (ML) techniques such as k-means, K-Nearest Neighbors (KNN), and Naive Bayes (NB) used in intrusion detection systems (IDSs) and flow-based IDSs, and expresses data paths for packet filtering for HSN performance. This review highlights the high-speed network accuracy evaluation factors, provides a detailed DDoS attack taxonomy, and classifies detection techniques. Moreover, the existing literature is inspected through a qualitative analysis, with respect to the factors extracted from the presented taxonomy of irregular traffic pattern detection. Different research directions are suggested to support researchers in identifying and designing the optimal solution by highlighting the issues and challenges of DDoS attacks on high-speed networks.
7

Zhou, Qing Lei, Yan Ke Zhao e Wei Jun Zhu. "Intrusion Detection for Universal Attack Mode Based on Projection Temporal Logic". Applied Mechanics and Materials 556-562 (maggio 2014): 2821–24. http://dx.doi.org/10.4028/www.scientific.net/amm.556-562.2821.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Compared with the intrusion detection based on pattern matching, the method which is based on model checking can detect the complex attacks. But all of the existing algorithms are used to detect some specific types of attacks. So, we firstly use the projection temporal logic (PTL) formulae to set up formal sub-models respectively for the five kinds of attackers, the four kinds of attack processes and the eight kinds of attack effects. According to their universal relationship and the semantic relation of variety of PTL logic operators, we obtain the above sub-models together, thus, the universal model described by PTL formula for universal attack is formed. On this base, we implement an intrusion detection method based on projection temporal logic for detecting all types of attacks. Compared with the existing methods, the detecting ability of the new method is more comprehensive.
8

Sravanthi, P. "Machine Learning Methods for Attack Detection in Smart Grid". International Journal for Research in Applied Science and Engineering Technology 12, n. 3 (31 marzo 2024): 2257–61. http://dx.doi.org/10.22214/ijraset.2024.59222.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Abstract: In the realm of smart grids attack detection, statistical learning poses challenges across various attack scenarios, whether measurements are obtained either online or in batch mode. This approach categorizes measurements into two groups: secure and attacked, leveraging machine learning algorithms. The suggested method offers a framework for detecting attacks, aiming to address limitations arising from the sparse nature of the problem and leveraging any available past system knowledge. Through decision- and feature-level fusion, established batch and online learning methods are employed to tackle the attack detection challenge. To uncover unobservable attacks using statistical learning techniques, the relationships between the geometric and statistical characteristics of the attack vectors within the attack scenarios and the learning algorithms are scrutinized
9

Gupta, Punit, e Pallavi Kaliyar. "History Aware Anomaly Based IDS for Cloud IaaS". INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 10, n. 6 (30 agosto 2013): 1779–84. http://dx.doi.org/10.24297/ijct.v10i6.3205.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Cloud Computing provides different types of services such as SaaS, PaaS, IaaS. Each of them have their own security challenges, but IaaS undertakes all types of challenges viz., network attack ,behaviour based attack, request based attacks i.e handling the requests from untrusted users, XSS (cross site scripting attack), DDOS and many more. These attacks are independent of each other and consequently the QoS provided by cloud is compromised. This paper proposes a History aware Behaviour based IDS (Intrusion Detection System) BIDS. BIDS provides detection of untrusted users, false requests that may lead to spoofing, XSS or DOS attack and many more such attacks. In addition, certain cases where user login or password is compromised. History aware BIDs can be helpful in detecting such attacks and maintaining the QoS provided to the user in cloud IaaS ( Infrastructure as a service).
10

Qiao, Peng Zhe, Yi Ran Wang e Yan Ke Zhao. "Intrusion Detection for Universal Attack Mode Based on Linear Temporal Logic with Past Construct". Applied Mechanics and Materials 680 (ottobre 2014): 433–36. http://dx.doi.org/10.4028/www.scientific.net/amm.680.433.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Compared with the intrusion detection based on pattern matching, the method which is based on model checking can detect the complex attacks. But all of the existing algorithms are only used to detect some specific types of attacks. To solve this problem, we firstly use the Linear Temporal Logic with Past Construct (LTLPC) formulae to set up formal sub-models for the five kinds of attackers, the four kinds of attack processes and the eight kinds of attack effects. According to their universal relationship and the semantic relation of variety of LTLPC operators, we obtain the above sub-models together, thus, the universal models described by LTLPC formulae for universal attacks are formed. On this base, we implement an intrusion detection method based on LTLPC for detecting all types of attacks. Compared with the existing methods, the detecting ability of the new method is more comprehensive.
Più fonti
Ti possono interessare anche gli elenchi estesi di opere sul tema "Attacks detection":
Articoli di riviste Tesi Libri

Tesi sul tema "Attacks detection":

1

Akdemir, Kahraman D. "Error Detection Techniques Against Strong Adversaries". Digital WPI, 2010. https://digitalcommons.wpi.edu/etd-dissertations/406.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
"Side channel attacks (SCA) pose a serious threat on many cryptographic devices and are shown to be effective on many existing security algorithms which are in the black box model considered to be secure. These attacks are based on the key idea of recovering secret information using implementation specific side-channels. Especially active fault injection attacks are very effective in terms of breaking otherwise impervious cryptographic schemes. Various countermeasures have been proposed to provide security against these attacks. Double-Data-Rate (DDR) computation, dual-rail encoding, and simple concurrent error detection (CED) are the most popular of these solutions. Even though these security schemes provide sufficient security against weak adversaries, they can be broken relatively easily by a more advanced attacker. In this dissertation, we propose various error detection techniques that target strong adversaries with advanced fault injection capabilities. We first describe the advanced attacker in detail and provide its characteristics. As part of this definition, we provide a generic metric to measure the strength of an adversary. Next, we discuss various techniques for protecting finite state machines (FSMs) of cryptographic devices against active fault attacks. These techniques mainly depend on nonlinear robust codes and physically unclonable functions (PUFs). We show that due to the nonuniform behavior of FSM variables, securing FSMs using nonlinear codes is an important and difficult problem. As a solution to this problem, we propose error detection techniques based on nonlinear codes with different randomization methods. We also show how PUFs can be utilized to protect a class of FSMs. This solution provides security on the physical level as well as the logical level. In addition, for each technique, we provide possible hardware realizations and discuss area/security performance. Furthermore, we provide an error detection technique for protecting elliptic curve point addition and doubling operations against active fault attacks. This technique is based on nonlinear robust codes and provides nearly perfect error detection capability (except with exponentially small probability). We also conduct a comprehensive analysis in which we apply our technique to different elliptic curves (i.e. Weierstrass and Edwards) over different coordinate systems (i.e. affine and projective). "
2

Rodofile, Nicholas R. "Generating attacks and labelling attack datasets for industrial control intrusion detection systems". Thesis, Queensland University of Technology, 2018. https://eprints.qut.edu.au/121760/1/Nicholas_Rodofile_Thesis.pdf.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
To address the arising Cyber Security threats against SCADA-based Critical infrastructure, the security research community have identified the application of Intrusion Detection and IA as an ideal security measure for such systems. The research presents a cyber-attack classification for critical infrastructure, to identify the cyber-attack landscape for critical infrastructure attacks. To further aid in the development and evaluation of AI using intrusion detection, the thesis presents a SCADA cyber-attack generation framework. The cyber-attack generation framework provides a collection of algorithms to stimulate control system equipment with cyber-attacks. Using the attack generation methodology, a SCADA attack labelling framework is also presented to generate labelled attack datasets. The datasets can be used in future work to aid in the development of AI detecting new and unknown cyber attacks on Critical Infrastructure systems.
3

Omar, Luma Qassam Abedalqader. "Face liveness detection under processed image attacks". Thesis, Durham University, 2018. http://etheses.dur.ac.uk/12812/.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Face recognition is a mature and reliable technology for identifying people. Due to high-definition cameras and supporting devices, it is considered the fastest and the least intrusive biometric recognition modality. Nevertheless, effective spoofing attempts on face recognition systems were found to be possible. As a result, various anti-spoofing algorithms were developed to counteract these attacks. They are commonly referred in the literature a liveness detection tests. In this research we highlight the effectiveness of some simple, direct spoofing attacks, and test one of the current robust liveness detection algorithms, i.e. the logistic regression based face liveness detection from a single image, proposed by the Tan et al. in 2010, against malicious attacks using processed imposter images. In particular, we study experimentally the effect of common image processing operations such as sharpening and smoothing, as well as corruption with salt and pepper noise, on the face liveness detection algorithm, and we find that it is especially vulnerable against spoofing attempts using processed imposter images. We design and present a new facial database, the Durham Face Database, which is the first, to the best of our knowledge, to have client, imposter as well as processed imposter images. Finally, we evaluate our claim on the effectiveness of proposed imposter image attacks using transfer learning on Convolutional Neural Networks. We verify that such attacks are more difficult to detect even when using high-end, expensive machine learning techniques.
4

Cheng, Long. "Program Anomaly Detection Against Data-Oriented Attacks". Diss., Virginia Tech, 2018. http://hdl.handle.net/10919/84937.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Memory-corruption vulnerability is one of the most common attack vectors used to compromise computer systems. Such vulnerabilities could lead to serious security problems and would remain an unsolved problem for a long time. Existing memory corruption attacks can be broadly classified into two categories: i) control-flow attacks and ii) data-oriented attacks. Though data-oriented attacks are known for a long time, the threats have not been adequately addressed due to the fact that most previous defense mechanisms focus on preventing control-flow exploits. As launching a control-flow attack becomes increasingly difficult due to many deployed defenses against control-flow hijacking, data-oriented attacks are considered an appealing attack technique for system compromise, including the emerging embedded control systems. To counter data-oriented attacks, mitigation techniques such as memory safety enforcement and data randomization can be applied in different stages over the course of an attack. However, attacks are still possible because currently deployed defenses can be bypassed. This dissertation explores the possibility of defeating data-oriented attacks through external monitoring using program anomaly detection techniques. I start with a systematization of current knowledge about exploitation techniques of data-oriented attacks and the applicable defense mechanisms. Then, I address three research problems in program anomaly detection against data-oriented attacks. First, I address the problem of securing control programs in Cyber-Physical Systems (CPS) against data-oriented attacks. I describe a new security methodology that leverages the event-driven nature in characterizing CPS control program behaviors. By enforcing runtime cyber-physical execution semantics, our method detects data-oriented exploits when physical events are inconsistent with the runtime program behaviors. Second, I present a statistical program behavior modeling framework for frequency anomaly detection, where frequency anomaly is the direct consequence of many non-control-data attacks. Specifically, I describe two statistical program behavior models, sFSA and sCFT, at different granularities. Our method combines the local and long-range models to improve the robustness against data-oriented attacks and significantly increase the difficulties that an attack bypasses the anomaly detection system. Third, I focus on defending against data-oriented programming (DOP) attacks using Intel Processor Trace (PT). DOP is a recently proposed advanced technique to construct expressive non-control data exploits. I first demystify the DOP exploitation technique and show its complexity and rich expressiveness. Then, I design and implement the DeDOP anomaly detection system, and demonstrate its detection capability against the real-world ProFTPd DOP attack.
Ph. D.
5

Rosa, José Luís da Silva. "Customer-side detection of BGP routing attacks". Master's thesis, Universidade de Aveiro, 2016. http://hdl.handle.net/10773/17808.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Mestrado em Engenharia de Computadores e Telemática
A utilização diária da Internet tornou-se uma rotina que foi assimilada pelas pessoas sem considerarem a complexidade interna desta gigante rede. Até um certo ponto, o Border Gateway Protocol é o que mantem toda esta conectividade possível apesar de ser um protocolo defeituoso por natureza. Em 2008, um ataque Man-In-The-Middle foi pela primeira vez apresentado ao grande público e desde de então mais técnicas para explorar este protocolo e obter tráfego alheio de forma ilícita foram dadas a conhecer. Mesmo que o desvio não aconteça com natureza maliciosa, mas sim devido a um erro de configuração, este é um problema que deverá ser enfrentado. Alguns provedores de serviço e institutos de investigação já apresentaram propostas para novos protocolos e/ou sistemas de monitorização, mas estes estão atrasados no seu desenvolvimento ou apenas afetam a camada superior da rede, deixando utilizadores e um grande número de empresas que estão ligadas a um provedor sem meios para agir e sem informação sobre o encaminhamento do seu tráfego. Nesta dissertação, é apresentado, concebido e implementado um sistema que atinge uma monitorização ativa do BGP através da medição do tempo médio de viagem de vários pacotes enviados de várias localizações, através de uma rede mundial de sondas, e do processamento dos resultados obtidos, permitindo que todos os interessados possam ser alertados.
The daily use of the Internet has become a routine that many people absorbed into their lives without even thinking about the insides of this gigantic network. To an extent, the Border Gateway Protocol is what is keeping all this connectivity together despite being a very flawed protocol due to its design. In 2008 a Man-In-The-Middle attack was first presented to the general audience and ever since more techniques were reported to use the protocol to obtain traffic illicitly. Even if the routing deviation does not occur via a malicious intention but due to some poorly configured router, this is a problem that must be tackled. Some network providers and research institutes already presented some drafts for new protocols or monitoring systems but they are late into deployment or only affect the top layer of the network, leaving users and most part of the companies connected to the provider impotent and without any proper information about the routing of their traffic. In this dissertation a system is presented, implemented and deployed, achieving an active monitorization of BGP through measurements of the average travel time of several packets sent to various locations by a worldwide set of Probes and the collected results processed allowing all concerned actors to be alerted.
6

Liu, Jessamyn. "Anomaly detection methods for detecting cyber attacks in industrial control systems". Thesis, Massachusetts Institute of Technology, 2020. https://hdl.handle.net/1721.1/129055.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Thesis: S.M., Massachusetts Institute of Technology, Sloan School of Management, Operations Research Center, September, 2020
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 119-123).
Industrial control systems (ICS) are pervasive in modern society and increasingly under threat of cyber attack. Due to the critical nature of these systems, which govern everything from power and wastewater plants to refineries and manufacturing, a successful ICS cyber attack can result in serious physical consequences. This thesis evaluates multiple anomaly detection methods to quickly and accurately detect ICS cyber attacks. Two fundamental challenges in developing ICS cyber attack detection methods are the lack of historical attack data and the ability of attackers to make their malicious activity appear normal. The goal of this thesis is to develop methods which generalize well to anomalies that are not included in the training data and to increase the sensitivity of detection methods without increasing the false alarm rate. The thesis presents and analyzes a baseline detection method, the multivariate Shewhart control chart, and four extensions to the Shewhart chart which use machine learning or optimization methods to improve detection performance. Two of these methods, stationary subspace analysis and maximized ratio divergence analysis, are based on dimensionality reduction techniques, and an additional model-based method is implemented using residuals from LASSO regression models. The thesis also develops an ensemble method which uses an optimization formulation to combine the output of multiple models in a way that minimizes detection delay. When evaluated on 380 samples from the Kasperskey Tennessee Eastman process dataset, a simulated chemical process that includes disruptions from cyber attacks, the ensemble method reduced detection delay on attack data by 12% (55 minutes) on average when compared to the baseline method and was 9% (42 minutes) faster on average than the method which performed best on training data.
by Jessamyn Liu.
S.M.
S.M. Massachusetts Institute of Technology, Sloan School of Management, Operations Research Center
7

Lu, Yuanchao. "On Traffic Analysis Attacks To Encrypted VoIP Calls". Cleveland State University / OhioLINK, 2009. http://rave.ohiolink.edu/etdc/view?acc_num=csu1260222271.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
8

Kazi, Shehab. "Anomaly based Detection of Attacks on Security Protocols". Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-4806.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Abstract. Security and privacy in digital communications is the need of the hour. SSL/TLS has become widely adopted to provide the same. Multiple application layer protocols can be layered on top of it. However protection is this form results in all the data being encrypted causing problems for an intrusion detection system which relies on a sniffer that analyses packets on a network. We thus hypothesise that a host based intrusion detection system that analyses packets after decryption would be able to detect attacks against security protocols. To this effect we conduct two experiments where we attack a web server and a mail server, collect data, analyse it and conclude with methods to detect such attacks. These methods are in the form of peudocode.
9

Whitelaw, Clayton. "Precise Detection of Injection Attacks on Concrete Systems". Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/6051.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Injection attacks, including SQL injection, cross-site scripting, and operating system command injection, rank the top two entries in the MITRE Common Vulnerability Enumeration (CVE) [1]. Under this attack model, an application (e.g., a web application) uses some untrusted input to produce an output program (e.g., a SQL query). Applications may be vulnerable to injection attacks because the untrusted input may alter the output program in malicious ways. Recent work has established a rigorous definition of injection attacks. Injections are benign iff they obey the NIE property, which states that injected symbols strictly insert or expand noncode tokens in the output program. Noncode symbols are strictly those that are either removed by the tokenizer (e.g., insignificant whitespace) or span closed values in the output program language, and code symbols are all other symbols. This thesis demonstrates that such attacks are possible on applications for Android—a mobile device operating system—and Bash—a common Linux shell—and shows by construction that these attacks can be detected precisely. Specifically, this thesis examines the recent Shellshock attacks on Bash and shows how it widely differs from ordinary attacks, but can still be precisely detected by instrumenting the output program’s runtime. The paper closes with a discussion of the lessons learned from this study and how best to overcome the practical challenges to precisely preventing these attacks in practice.
10

Dandurand, Luc. "Detection of network infrastructure attacks using artificial traffic". Thesis, National Library of Canada = Bibliothèque nationale du Canada, 1998. http://www.collectionscanada.ca/obj/s4/f2/dsk3/ftp04/mq44906.pdf.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Più fonti

Libri sul tema "Attacks detection":

1

Dübendorfer, Thomas P. Impact analysis, early detection, and mitigation of large-scale Internet attacks. Aachen: Shaker, 2005.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
2

Li, Beibei, Rongxing Lu e Gaoxi Xiao. Detection of False Data Injection Attacks in Smart Grid Cyber-Physical Systems. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-58672-0.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
3

Raghavan, S. V., e E. Dawson, a cura di. An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks. India: Springer India, 2011. http://dx.doi.org/10.1007/978-81-322-0277-6.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
4

K, Kokula Krishna Hari, a cura di. Early Detection and Prevention of Vampire Attacks in Wireless Sensor Networks: ICIEMS 2014. India: Association of Scientists, Developers and Faculties, 2014.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
5

Casola, Linda, e Dionna Ali, a cura di. Robust Machine Learning Algorithms and Systems for Detection and Mitigation of Adversarial Attacks and Anomalies. Washington, D.C.: National Academies Press, 2019. http://dx.doi.org/10.17226/25534.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
6

Raghavan, S. V. An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks: Critical Information Infrastructure Protection. India: Springer India Pvt. Ltd., 2011.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
7

Nelson A. Rockefeller Institute of Government., a cura di. The role of "home" in homeland security: The prevention and detection of terrorist attacks : the challenge for state and local government. Albany, N.Y: The Institute, 2003.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
8

National Academy of Sciences (U.S.). Committee on Effectiveness of National Biosurveillance Systems, BioWatch and the Public Health System. BioWatch and public health surveillance: Evaluating systems for the early detection of biological threats. Washington, D.C: National Academies Press, 2011.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
9

Salem, Malek Ben. Towards Effective Masquerade Attack Detection. [New York, N.Y.?]: [publisher not identified], 2012.

Cerca il testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
10

Wan, Jun, Guodong Guo, Sergio Escalera, Hugo Jair Escalante e Stan Z. Li. Multi-Modal Face Presentation Attack Detection. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-031-01824-4.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Più fonti

Capitoli di libri sul tema "Attacks detection":

1

Brooks, Richard R., e İlker Özçelik. "Attack Detection". In Distributed Denial of Service Attacks, 115–38. Boca Raton : CRC Press, 2020.: Chapman and Hall/CRC, 2020. http://dx.doi.org/10.1201/9781315213125-8.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
2

Kuribayashi, Minoru. "Adversarial Attacks". In Frontiers in Fake Media Generation and Detection, 63–79. Singapore: Springer Nature Singapore, 2022. http://dx.doi.org/10.1007/978-981-19-1524-6_3.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
3

Krzysztoń, Mateusz, Marcin Lew e Michał Marks. "NAD: Machine Learning Based Component for Unknown Attack Detection in Network Traffic". In Cybersecurity of Digital Service Chains, 83–102. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-04036-8_4.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
AbstractDetection of unknown attacks is challenging due to the lack of exemplary attack vectors. However, previously unknown attacks are a significant danger for systems due to a lack of tools for protecting systems against them, especially in fast-evolving Internet of Things (IoT) technology. The most widely used approach for malicious behaviour of the monitored system is detecting anomalies. The vicious behaviour might result from an attack (both known and unknown) or accidental breakdown. We present a Net Anomaly Detector (NAD) system that uses one-class classification Machine Learning techniques to detect anomalies in the network traffic. The highly modular architecture allows the system to be expanded with adapters for various types of networks. We propose and discuss multiple approaches for increasing detection quality and easing the component deployment in unknown networks by known attacks emulation, exhaustive feature extraction, hyperparameter tuning, detection threshold adaptation and ensemble models strategies. Furthermore, we present both centralized and decentralized deployment schemes and present preliminary results of experiments for the TCP/IP network traffic conducted on the CIC-IDS2017 dataset.
4

Brooks, Richard R., e İlker Özçelik. "Deceiving DDoS Detection". In Distributed Denial of Service Attacks, 139–49. Boca Raton : CRC Press, 2020.: Chapman and Hall/CRC, 2020. http://dx.doi.org/10.1201/9781315213125-9.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
5

Szynkiewicz, Paweł. "Signature-Based Detection of Botnet DDoS Attacks". In Cybersecurity of Digital Service Chains, 120–35. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-04036-8_6.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
AbstractThe distributed denial of service (DDoS) attack is an attempt to disrupt the proper availability of a targeted server, service or network. The attack is achieved by corrupting or overwhelming the target’s communications with a flood of malicious network traffic. In the current era of mass connectivity DDoS attacks emerge as one of the biggest threats, staidly causing greater collateral damage and heaving a negate impacting on the integral Internet Infrastructure. DDoS attacks come in a variety of types and schemes, they continue to evolve, steadily becoming more sophisticated and larger at scale. A close investigation of attack vectors and refining current security measures is required to efficiently mitigate new DDoS threats. The solution described in this article concerns a less explored variation of signature-based techniques for DDoS mitigation. The approach exploits one of the traits of modern DDoS attacks, the utilization of Packet generation algorithms (PGA) in the attack execution. Proposed method performs a fast, protocol-level detection of DDoS network packets and can easily be employed to provide an effective, supplementary protection against DDoS attacks.
6

Ayala, Luis. "Detection of Cyber-Attacks". In Cybersecurity for Hospitals and Healthcare Facilities, 53–60. Berkeley, CA: Apress, 2016. http://dx.doi.org/10.1007/978-1-4842-2155-6_6.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
7

Ning, Peng, Sushil Jajodia e X. Sean Wang. "Decentralized Detection of Distributed Attacks". In Intrusion Detection in Distributed Systems, 71–90. Boston, MA: Springer US, 2004. http://dx.doi.org/10.1007/978-1-4615-0467-2_7.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
8

Kuribayashi, Minoru. "Defense Against Adversarial Attacks". In Frontiers in Fake Media Generation and Detection, 131–48. Singapore: Springer Nature Singapore, 2022. http://dx.doi.org/10.1007/978-981-19-1524-6_6.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
9

Vella, Mark, Sotirios Terzis e Marc Roper. "Distress Detection (Poster Abstract)". In Research in Attacks, Intrusions, and Defenses, 384–85. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-33338-5_24.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
10

Wang, Wubing, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang e Zhiqiang Lin. "Specularizer : Detecting Speculative Execution Attacks via Performance Tracing". In Detection of Intrusions and Malware, and Vulnerability Assessment, 151–72. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-80825-9_8.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
AbstractThis paper presents Specularizer, a framework for uncovering speculative execution attacks using performance tracing features available in commodity processors. It is motivated by the practical difficulty of eradicating such vulnerabilities in the design of CPU hardware and operating systems and the principle of defense-in-depth. The key idea of Specularizer is the use of Hardware Performance Counters and Processor Trace to perform lightweight monitoring of production applications and the use of machine learning techniques for identifying the occurrence of the attacks during offline forensics analysis. Different from prior works that use performance counters to detect side-channel attacks, Specularizer monitors triggers of the critical paths of the speculative execution attacks, thus making the detection mechanisms robust to different choices of side channels used in the attacks. To evaluate Specularizer, we model all known types of exception-based and misprediction-based speculative execution attacks and automatically generate thousands of attack variants. Experimental results show that Specularizer yields superior detection accuracy and the online tracing of Specularizer incur reasonable overhead.

Atti di convegni sul tema "Attacks detection":

1

Alzubi, Saif, Frederic T. Stahl e Mohamed M. Gaber. "Towards Intrusion Detection Of Previously Unknown Network Attacks". In 35th ECMS International Conference on Modelling and Simulation. ECMS, 2021. http://dx.doi.org/10.7148/2021-0035.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Advances in telecommunication network technologies have led to an ever more interconnected world. Accordingly, the types of threats and attacks to intrude or disable such networks or portions of it are continuing to develop likewise. Thus, there is a need to detect previously unknown attack types. Supervised techniques are not suitable to detect previously not encountered attack types. This paper presents a new ensemble-based Unknown Network Attack Detector (UNAD) system. UNAD proposes a training workflow composed of heterogeneous and unsupervised anomaly detection techniques, trains on attack-free data and can distinguish normal network flow from (previously unknown) attacks. This scenario is more realistic for detecting previously unknown attacks than supervised approaches and is evaluated on telecommunication network data with known ground truth. Empirical results reveal that UNAD can detect attacks on which the workflows have not been trained on with a precision of 75% and a recall of 80%. The benefit of UNAD with existing network attack detectors is, that it can detect completely new attack types that have never been encountered before.
2

Kolodziej, Joanna, Mateusz Krzyszton e Pawel Szynkiewicz. "Anomaly Detection In TCP/IP Networks". In 37th ECMS International Conference on Modelling and Simulation. ECMS, 2023. http://dx.doi.org/10.7148/2023-0542.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Intrusion Detection Systems (IDS) should be capable of quickly detecting attacks and network traffic anomalies to reduce the damage to the network components. They may efficiently detect threats based on prior knowledge of attack characteristics and the potential threat impact ('known attacks'). However, IDS cannot recognize threats, and attacks ('unknown attacks') usually occur when using brand-new technologies for system damage. This paper presents two security services -- Net Anomaly Detector (NAD) and a signature-based PGA Filter for detecting attacks and anomalies in TCP/IP networks. Both services are modules of the cloud-based GUARD platform developed in the H2020 GUARD project. Such a platform was the main component of the simulation environment in the work presented in this paper. The provided experiments show that both modules achieved satisfactory results in detecting an unknown type of DoS attacks and signatures of DDoS attacks.
3

Kazari, Kiarash, Ezzeldin Shereen e Gyorgy Dan. "Decentralized Anomaly Detection in Cooperative Multi-Agent Reinforcement Learning". In Thirty-Second International Joint Conference on Artificial Intelligence {IJCAI-23}. California: International Joint Conferences on Artificial Intelligence Organization, 2023. http://dx.doi.org/10.24963/ijcai.2023/19.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
We consider the problem of detecting adversarial attacks against cooperative multi-agent reinforcement learning. We propose a decentralized scheme that allows agents to detect the abnormal behavior of one compromised agent. Our approach is based on a recurrent neural network (RNN) trained during cooperative learning to predict the action distribution of other agents based on local observations. The predicted distribution is used for computing a normality score for the agents, which allows the detection of the misbehavior of other agents. To explore the robustness of the proposed detection scheme, we formulate the worst-case attack against our scheme as a constrained reinforcement learning problem. We propose to compute an attack policy by optimizing the corresponding dual function using reinforcement learning. Extensive simulations on various multi-agent benchmarks show the effectiveness of the proposed detection scheme in detecting state-of-the-art attacks and in limiting the impact of undetectable attacks.
4

Segura, Gustavo A. Nunez, Arsenia Chorti e Cíntia Borges Margi. "IDIT-SDN: Intrusion Detection Framework for Software-defined Wireless Sensor Networks". In Anais Estendidos do Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. Sociedade Brasileira de Computação - SBC, 2023. http://dx.doi.org/10.5753/sbrc_estendido.2023.817.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Software-Defined Networking has been used to leverage security solutions for wireless sensor networks. However, this paradigm turns networks vulnerable to distributed denial of service attacks. IDIT-SDN is a tool for Software-defined Wireless Sensor Networks devised for DoS and DDoS attacks simulation and detection. This tool provides a framework for anomaly detection and a communication protocol to share security wise information from the sensor network to the controller. We demonstrate its use by showing a cooperative DDoS attack detection and attacker identification application based on distributed (every node) and centralized (controller) anomaly detection.
5

Ghafouri, Amin, Yevgeniy Vorobeychik e Xenofon Koutsoukos. "Adversarial Regression for Detecting Attacks in Cyber-Physical Systems". In Twenty-Seventh International Joint Conference on Artificial Intelligence {IJCAI-18}. California: International Joint Conferences on Artificial Intelligence Organization, 2018. http://dx.doi.org/10.24963/ijcai.2018/524.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Attacks in cyber-physical systems (CPS) which manipulate sensor readings can cause enormous physical damage if undetected. Detection of attacks on sensors is crucial to mitigate this issue. We study supervised regression as a means to detect anomalous sensor readings, where each sensor's measurement is predicted as a function of other sensors. We show that several common learning approaches in this context are still vulnerable to stealthy attacks, which carefully modify readings of compromised sensors to cause desired damage while remaining undetected. Next, we model the interaction between the CPS defender and attacker as a Stackelberg game in which the defender chooses detection thresholds, while the attacker deploys a stealthy attack in response. We present a heuristic algorithm for finding an approximately optimal threshold for the defender in this game, and show that it increases system resilience to attacks without significantly increasing the false alarm rate.
6

Kim, Hannah, Celia Cintas, Girmaw Abebe Tadesse e Skyler Speakman. "Spatially Constrained Adversarial Attack Detection and Localization in the Representation Space of Optical Flow Networks". In Thirty-Second International Joint Conference on Artificial Intelligence {IJCAI-23}. California: International Joint Conferences on Artificial Intelligence Organization, 2023. http://dx.doi.org/10.24963/ijcai.2023/107.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Optical flow estimation have shown significant improvements with advances in deep neural networks. However, these flow networks have recently been shown to be vulnerable to patch-based adversarial attacks, which poses security risks in real-world applications, such as self-driving cars and robotics. We propose SADL, a Spatially constrained adversarial Attack Detection and Localization framework, to detect and localize these patch-based attack without requiring a dedicated training. The detection of an attacked input sequence is performed via iterative optimization on the features from the inner layers of flow networks, without any prior knowledge of the attacks. The novel spatially constrained optimization ensures that the detected anomalous subset of features comes from a local region. To this end, SADL provides a subset of nodes within a spatial neighborhood that contribute more to the detection, which will be utilized to localize the attack in the input sequence. The proposed SADL is validated across multiple datasets and flow networks. With patch attacks 4.8% of the size of the input image resolution on RAFT, our method successfully detects and localizes them with an average precision of 0.946 and 0.951 for KITTI-2015 and MPI-Sintel datasets, respectively. The results show that SADL consistently achieves higher detection rates than existing methods and provides new localization capabilities.
7

Xie, Liang, e Sencun Zhu. "Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification". In 2006 Securecomm and Workshops. IEEE, 2006. http://dx.doi.org/10.1109/seccomw.2006.359534.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
8

Wu, Mingtao, e Young B. Moon. "Intrusion Detection of Cyber-Physical Attacks in Manufacturing Systems: A Review". In ASME 2019 International Mechanical Engineering Congress and Exposition. American Society of Mechanical Engineers, 2019. http://dx.doi.org/10.1115/imece2019-10135.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Abstract Cyber-physical manufacturing system is the vision of future manufacturing systems where physical components are fully integrated through various networks and the Internet. The integration enables the access to computation resources that can improve efficiency, sustainability and cost-effectiveness. However, its openness and connectivity also enlarge the attack surface for cyber-attacks and cyber-physical attacks. A critical challenge in defending those attacks is that current intrusion detection methods cannot timely detect cyber-physical attacks. Studies showed that the physical detection provides a higher accuracy and a shorter respond time compared to network-based or host-based intrusion detection systems. Moreover, alert correlation and management methods help reducing the number of alerts and identifying the root cause of the attack. In this paper, the intrusion detection research relevant to cyber-physical manufacturing security is reviewed. The physical detection methods — using side-channel data, including acoustic, image, acceleration, and power consumption data to disclose attacks during the manufacturing process — are analyzed. Finally, the alert correlation methods — that manage the high volume of alerts generated from intrusion detection systems via logical relationships to reduce the data redundancy and false alarms — are reviewed. The study show that the cyber-physical attacks are existing and rising concerns in industry. Also, the increasing efforts in cyber-physical intrusion detection and correlation research can be utilized to secure the future manufacturing systems.
9

Mihai, Ioan cosmin, e Laurentiu Giurea. "MANAGEMENT OF ELEARNING PLATFORMS SECURITY". In eLSE 2016. Carol I National Defence University Publishing House, 2016. http://dx.doi.org/10.12753/2066-026x-16-061.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
The existence of many cyber-attacks targeted to online environment, make eLearning platforms security a major concern. To secure an eLearning platform there are three interconnected strategies: prevention (the actions taken before an attack), detection (the action taken during an attack) and response (the action taken after an attack). This paper focuses on detection, providing different strategies to detect if eLearning platform security was compromised: intrusion detection, malware detection and suspicious activities detection. An attack tree is developed to simulate and to observe the impact of cyber-attacks on eLearning platforms. The attack tree lists and develops methods by which an attacker can cause a security incident on platforms. The attack tree is useful to explore certain attack paths in depth and to generate intrusion scenarios on a website. To conduct a cyber-attack to an eLearning platform, each edge to the internal node structure of the attack tree must be traversed. The internal nodes of the attack tree represent the seven stages of the intrusion model Kill Chain, which was defined by researchers from Lockheed Martin. This model consists of seven stages: reconnaissance, weaponization, delivery, exploitation, installation, command and control and action on objectives. The external edges of the tree that connect the leaf nodes, represent optional attack vectors. The results from the simulation attacks are used to presents the management of eLearning platforms security against cyber-attacks. An eLearning platform security is affected when the integrity or availability of the platform's files are compromised or additional malicious activity has been detected; for example malware infections, redirections to malicious websites or other suspicious activities like phishing or spamming. While there are no solutions to guarantee the security of eLearning platforms, this paper describes the attack vectors and presents various solutions to detect indicators of compromise.
10

Huang, Bo, Yi Wang e Wei Wang. "Model-Agnostic Adversarial Detection by Random Perturbations". In Twenty-Eighth International Joint Conference on Artificial Intelligence {IJCAI-19}. California: International Joint Conferences on Artificial Intelligence Organization, 2019. http://dx.doi.org/10.24963/ijcai.2019/651.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Adversarial examples induce model classification errors on purpose, which has raised concerns on the security aspect of machine learning techniques. Many existing countermeasures are compromised by adaptive adversaries and transferred examples. We propose a model-agnostic approach to resolve the problem by analysing the model responses to an input under random perturbations, and study the robustness of detecting norm-bounded adversarial distortions in a theoretical framework. Extensive evaluations are performed on the MNIST, CIFAR-10 and ImageNet datasets. The results demonstrate that our detection method is effective and resilient against various attacks including black-box attacks and the powerful CW attack with four adversarial adaptations.

Rapporti di organizzazioni sul tema "Attacks detection":

1

Tan, Pang-Ning, e Anil K. Jain. Information Assurance: Detection & Response to Web Spam Attacks. Fort Belvoir, VA: Defense Technical Information Center, agosto 2010. http://dx.doi.org/10.21236/ada535002.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
2

Baras, J. S., A. A. Cardenas e V. Ramezani. On-Line Detection of Distributed Attacks from Space-Time Network Flow Patterns. Fort Belvoir, VA: Defense Technical Information Center, gennaio 2003. http://dx.doi.org/10.21236/ada439768.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
3

Kirichek, Galina, Vladyslav Harkusha, Artur Timenko e Nataliia Kulykovska. System for detecting network anomalies using a hybrid of an uncontrolled and controlled neural network. [б. в.], febbraio 2020. http://dx.doi.org/10.31812/123456789/3743.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
In this article realization method of attacks and anomalies detection with the use of training of ordinary and attacking packages, respectively. The method that was used to teach an attack on is a combination of an uncontrollable and controlled neural network. In an uncontrolled network, attacks are classified in smaller categories, taking into account their features and using the self- organized map. To manage clusters, a neural network based on back-propagation method used. We use PyBrain as the main framework for designing, developing and learning perceptron data. This framework has a sufficient number of solutions and algorithms for training, designing and testing various types of neural networks. Software architecture is presented using a procedural-object approach. Because there is no need to save intermediate result of the program (after learning entire perceptron is stored in the file), all the progress of learning is stored in the normal files on hard disk.
4

Kolencik, Marian. A critical evaluation of the risk indicators of criminal conduct involving CBRN and explosive materials - Behavioural and observational analysis in crime detection and investigation. ISEM Institute, n.p.o., ottobre 2023. http://dx.doi.org/10.52824/vzrb5079.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
Terrorist attacks using explosives and CBRN (Chemical, Biological, Radiological and Nuclear) materials have been present throughout history. While the frequency of CBRN terrorist attacks is relatively low compared to those with explosives and other types of weapons, it is crucial to treat the efforts of both terrorist organizations and individuals with appropriate gravity in order to avert catastrophic consequences. Identifying warning signs that indicate criminal behaviour is crucial for preventing planned crimes or terrorist attacks, and there is a need for more precise coverage of potential risk indicators related to CBRN and explosive crimes. This research aimed at examining and scrutinizing possible warning signs associated with planning and conducting terrorist attacks using CBRN and explosive materials. The research was implemented in three phases. First, comprise the systematic literature review. In the second phase, the case studies and CCTV records from past cases from Europe, USA, Australia and Asia were analysed and the aim was to create a list of risk indicators and categories for future reference by developing a methodological tool. The last phase represented a survey in which the practitioners from European Law enforcement and Intelligence Agencies critically assessed the list of risk indicators and their categories created based on the previous two steps of the research. The last goal was to gain the agreement and endorsement of law enforcement officials from different European nations regarding the validity and importance of recognized risk indicators and their categories, as well as their ranking for use in operational tasks, investigations, and training. The majority of the respondents found the identified categories and risk indicators as reliable and relevant for their operational activities and investigations. For the second research question, the survey results prioritized categories of risk indicators that are most suitable for the detection tactics of investigators and intelligence officers. The third research question examined the ease of observing identified risk indicators, with the category of technological detection/air sampling alarm risk indicators ranking as the easiest to detect. Finally, the survey found that the identified risk indicators are useful for training activities of security entities. Several final comments and recommendations from participants were also discussed, emphasizing the importance of considering multiple factors when identifying risk indicators and the value of the comprehensive list of identified risk indicators. The publication also examines some terrorist theories, the advantages, limitations, and the ongoing debate surrounding the use of profiling in protective security.
5

Ye, Nong. The Monitoring, Detection, Isolation and Assessment of Information Warfare Attacks Through Multi-Level, Multi-Scale System Modeling and Model Based Technology. Fort Belvoir, VA: Defense Technical Information Center, gennaio 2004. http://dx.doi.org/10.21236/ada421322.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
6

Tayeb, Shahab. Taming the Data in the Internet of Vehicles. Mineta Transportation Institute, gennaio 2022. http://dx.doi.org/10.31979/mti.2022.2014.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
As an emerging field, the Internet of Vehicles (IoV) has a myriad of security vulnerabilities that must be addressed to protect system integrity. To stay ahead of novel attacks, cybersecurity professionals are developing new software and systems using machine learning techniques. Neural network architectures improve such systems, including Intrusion Detection System (IDSs), by implementing anomaly detection, which differentiates benign data packets from malicious ones. For an IDS to best predict anomalies, the model is trained on data that is typically pre-processed through normalization and feature selection/reduction. These pre-processing techniques play an important role in training a neural network to optimize its performance. This research studies the impact of applying normalization techniques as a pre-processing step to learning, as used by the IDSs. The impacts of pre-processing techniques play an important role in training neural networks to optimize its performance. This report proposes a Deep Neural Network (DNN) model with two hidden layers for IDS architecture and compares two commonly used normalization pre-processing techniques. Our findings are evaluated using accuracy, Area Under Curve (AUC), Receiver Operator Characteristic (ROC), F-1 Score, and loss. The experimentations demonstrate that Z-Score outperforms no-normalization and the use of Min-Max normalization.
7

Fedchenko, Vitaly. Nuclear Security During Armed Conflict: Lessons From Ukraine. Stockholm International Peace Research Institute, marzo 2023. http://dx.doi.org/10.55163/zzsp5617.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
Abstract (sommario):
The attacks on nuclear installations in Ukraine by the Russian military in 2022 were unprecedented. Nuclear security aims at prevention, detection and response to malicious or unauthorized acts by non-state actors, not the armed forces of a state. However, an international armed conflict creates new circumstances in which a national nuclear security regime must operate. In March 2022 the director general of the International Atomic Energy Agency (IAEA) highlighted ‘seven indispensable pillars of nuclear safety and security’ in extraordinary circumstances. There are three further areas in which the international nuclear security framework can be strengthened and prepared for extraordinary events, including armed conflict. First, there is a need to further clarify and plan the actions of competent authorities. Second, the IAEA may be able to assist member states in developing guidance for specific scenarios during extraordinary events. Third, there should be further integration of nuclear security with nuclear safety and emergency preparedness and response.
8

Ingram, Joey Burton, Timothy J. Draelos, Meghan Galiardi e Justin E. Doak. Temporal Cyber Attack Detection. Office of Scientific and Technical Information (OSTI), novembre 2017. http://dx.doi.org/10.2172/1409921.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
9

Peterson, Dale. Cyber Security Audit and Attack Detection Toolkit. Office of Scientific and Technical Information (OSTI), maggio 2012. http://dx.doi.org/10.2172/1097617.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri
10

Jahanian, Farnam. Detecting and Surviving Large-Scale Network Infrastructure Attacks. Fort Belvoir, VA: Defense Technical Information Center, aprile 2005. http://dx.doi.org/10.21236/ada433781.

Testo completo
Gli stili APA, Harvard, Vancouver, ISO e altri

Vai alla bibliografia