Rozprawy doktorskie na temat „Détection des menaces”
Utwórz poprawne odniesienie w stylach APA, MLA, Chicago, Harvard i wielu innych
Sprawdź 17 najlepszych rozpraw doktorskich naukowych na temat „Détection des menaces”.
Przycisk „Dodaj do bibliografii” jest dostępny obok każdej pracy w bibliografii. Użyj go – a my automatycznie utworzymy odniesienie bibliograficzne do wybranej pracy w stylu cytowania, którego potrzebujesz: APA, MLA, Harvard, Chicago, Vancouver itp.
Możesz również pobrać pełny tekst publikacji naukowej w formacie „.pdf” i przeczytać adnotację do pracy online, jeśli odpowiednie parametry są dostępne w metadanych.
Przeglądaj rozprawy doktorskie z różnych dziedzin i twórz odpowiednie bibliografie.
Ben, Chaabene Nour El Houda. "Détection d'utilisateurs violents et de menaces dans les réseaux sociaux". Electronic Thesis or Diss., Institut polytechnique de Paris, 2022. http://www.theses.fr/2022IPPAS001.
Pełny tekst źródłaOnline social networks are an integral part of people's daily social activity. They provide platforms to connect people from all over the world and share their interests. Recent statistics indicate that 56% of the world's population use these social media. However, these network services have also had many negative impacts and the existence of phenomena of aggression and intimidation in these spaces is inevitable and must therefore be addressed. Exploring the complex structure of social networks to detect violent behavior and threats is a challenge for data mining, machine learning, and artificial intelligence. In this thesis work, we aim to propose new approaches for the detection of violent behavior in social networks. Our approaches attempt to resolve this problem for several practical reasons. First, different people have different ways of expressing the same violent behavior. It is desirable to design an approach that works for everyone because of the variety of behaviors and the various ways in which they are expressed. Second, the approaches must have a way to detect potential unseen abnormal behaviors and automatically add them to the training set. Third, the multimodality and multidimensionality of the data available on social networking sites must be taken into account for the development of data mining solutions that will be able to extract relevant information useful for the detection of violent behavior. Finally, approaches must consider the time-varying nature of networks to process new users and links and automatically update built models. In the light of this and to achieve the aforementioned objectives, the main contributions of this thesis are as follows: - The first contribution proposes a model for detecting violent behavior on Twitter. This model supports the dynamic nature of the network and is capable of extracting and analyzing heterogeneous data. - The second contribution introduces an approach for detecting atypical behaviors on a multidimensional network. This approach is based on the exploration and analysis of the relationships between the individuals present on this multidimensional social structure. - The third contribution presents a framework for identifying abnormal people. This intelligent framework is based on the exploitation of a multidimensional model which takes as input multimodal data coming from several sources, capable of automatically enriching the learning set by the violent behaviors detected and considers the dynamicity of the data in order to detect new violent behaviors that appear on the network. This thesis describes achievements combining data mining techniques with new machine learning techniques. To prove the performance of our experimental results, we sums based on real data taken from three popular social networks
Carvallo, Pamela. "Sécurité dans le cloud : framework de détection de menaces internes basé sur l'analyse d'anomalies". Thesis, Université Paris-Saclay (ComUE), 2018. http://www.theses.fr/2018SACLL008/document.
Pełny tekst źródłaCloud Computing (CC) opens new possibilities for more flexible and efficient services for Cloud Service Clients (CSCs). However, one of the main issues while migrating to the cloud is that what once was a private domain for CSCs, now is handled by a third-party, hence subject to their security policies. Therefore, CSCs' confidentiality, integrity, and availability (CIA) should be ensured. In spite of the existence of protection mechanisms, such as encryption, the monitoring of the CIA properties becomes necessary. Additionally, new threats emerge every day, requiring more efficient detection techniques. The work presented in this document goes beyond the state of the art by treating the malicious insider threat, one of the least studied threats in CC. This is mainly due to the organizational and legal barriers from the industry, and therefore the lack of appropriate datasets for detecting it. We tackle this matter by addressing two challenges.First, the derivation of an extensible methodology for modeling the behavior of a user in a company. This abstraction of an employee includes intra psychological factors, contextual information and is based on a role-based approach. The behaviors follow a probabilistic procedure, where the malevolent motivations are considered to occur with a given probability in time.The main contribution, a design and implementation of an anomaly-based detection framework for the aforementioned threat. This implementation enriches itself by comparing two different observation points: a profile-based view from the local network of the company, and a cloud-end view that analyses data from the services with whom the clients interact. This allows the learning process of anomalies to benefit from two perspectives: (1) the study of both real and simulated traffic with respect to the cloud service's interaction, in favor of the characterization of anomalies; and (2) the analysis of the cloud service in order to aggregate data statistics that support the overall behavior characterization.The design of this framework empirically shows to detect a broader set of anomalies of the company's interaction with the cloud. This is possible due to the replicable and extensible nature of the mentioned insider model. Also, the proposed detection model takes advantage of the autonomic nature of a clustering machine learning technique, following an unsupervised, adaptive algorithm capable of characterizing the evolving behaviors of the users towards cloud assets. The solution efficiently tackles the detection of anomalies by showing high levels of clustering performance, while keeping a low False Positive Rate (FPR), ensuring the detection performance for threat scenarios where the threat comes from inside the enterprise
Carvallo, Pamela. "Sécurité dans le cloud : framework de détection de menaces internes basé sur l'analyse d'anomalies". Electronic Thesis or Diss., Université Paris-Saclay (ComUE), 2018. http://www.theses.fr/2018SACLL008.
Pełny tekst źródłaCloud Computing (CC) opens new possibilities for more flexible and efficient services for Cloud Service Clients (CSCs). However, one of the main issues while migrating to the cloud is that what once was a private domain for CSCs, now is handled by a third-party, hence subject to their security policies. Therefore, CSCs' confidentiality, integrity, and availability (CIA) should be ensured. In spite of the existence of protection mechanisms, such as encryption, the monitoring of the CIA properties becomes necessary. Additionally, new threats emerge every day, requiring more efficient detection techniques. The work presented in this document goes beyond the state of the art by treating the malicious insider threat, one of the least studied threats in CC. This is mainly due to the organizational and legal barriers from the industry, and therefore the lack of appropriate datasets for detecting it. We tackle this matter by addressing two challenges.First, the derivation of an extensible methodology for modeling the behavior of a user in a company. This abstraction of an employee includes intra psychological factors, contextual information and is based on a role-based approach. The behaviors follow a probabilistic procedure, where the malevolent motivations are considered to occur with a given probability in time.The main contribution, a design and implementation of an anomaly-based detection framework for the aforementioned threat. This implementation enriches itself by comparing two different observation points: a profile-based view from the local network of the company, and a cloud-end view that analyses data from the services with whom the clients interact. This allows the learning process of anomalies to benefit from two perspectives: (1) the study of both real and simulated traffic with respect to the cloud service's interaction, in favor of the characterization of anomalies; and (2) the analysis of the cloud service in order to aggregate data statistics that support the overall behavior characterization.The design of this framework empirically shows to detect a broader set of anomalies of the company's interaction with the cloud. This is possible due to the replicable and extensible nature of the mentioned insider model. Also, the proposed detection model takes advantage of the autonomic nature of a clustering machine learning technique, following an unsupervised, adaptive algorithm capable of characterizing the evolving behaviors of the users towards cloud assets. The solution efficiently tackles the detection of anomalies by showing high levels of clustering performance, while keeping a low False Positive Rate (FPR), ensuring the detection performance for threat scenarios where the threat comes from inside the enterprise
Andreoni, Lopez Martin Esteban. "Un système de surveillance et détection de menaces utilisant le traitement de flux comme une fonction virtuelle pour le Big Data". Thesis, Sorbonne université, 2018. http://www.theses.fr/2018SORUS035/document.
Pełny tekst źródłaThe late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. As a consequence, fast real-time threat detection is mandatory for security administration. In addition, Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. We propose a fast and efficient threat detection system based on stream processing and machine learning algorithms. The main contributions of this work are i) a novel monitoring threat detection system based on streaming processing, ii) two datasets, first a dataset of synthetic security data containing both legitimate and malicious traffic, and the second, a week of real traffic of a telecommunications operator in Rio de Janeiro, Brazil, iii) a data pre-processing algorithm, a normalizing algorithm and an algorithm for fast feature selection based on the correlation between variables, iv) a virtualized network function in an Open source Platform for providing a real-time threat detection service, v) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, with a minimum number of sensors, and finally vi) a greedy algorithm that allocates on demand a sequence of virtual network functions
Andreoni, Lopez Martin Esteban. "Un système de surveillance et détection de menaces utilisant le traitement de flux comme une fonction virtuelle pour le Big Data". Electronic Thesis or Diss., Sorbonne université, 2018. http://www.theses.fr/2018SORUS035.
Pełny tekst źródłaThe late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. As a consequence, fast real-time threat detection is mandatory for security administration. In addition, Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. We propose a fast and efficient threat detection system based on stream processing and machine learning algorithms. The main contributions of this work are i) a novel monitoring threat detection system based on streaming processing, ii) two datasets, first a dataset of synthetic security data containing both legitimate and malicious traffic, and the second, a week of real traffic of a telecommunications operator in Rio de Janeiro, Brazil, iii) a data pre-processing algorithm, a normalizing algorithm and an algorithm for fast feature selection based on the correlation between variables, iv) a virtualized network function in an Open source Platform for providing a real-time threat detection service, v) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, with a minimum number of sensors, and finally vi) a greedy algorithm that allocates on demand a sequence of virtual network functions
Leman, Hélène. "Apport des ondelettes dans le traitement de l'électromyogramme utérin abdominal : caractérisation des contractions pendant la grossesse pour la détection des menaces d'accouchement prématuré". Compiègne, 1999. http://www.theses.fr/1999COMP1243.
Pełny tekst źródłaEl, Hatib Souad. "Une approche sémantique de détection de maliciel Android basée sur la vérification de modèles et l'apprentissage automatique". Master's thesis, Université Laval, 2020. http://hdl.handle.net/20.500.11794/66322.
Pełny tekst źródłaThe ever-increasing number of Android malware is accompanied by a deep concern about security issues in the mobile ecosystem. Unquestionably, Android malware detection has received much attention in the research community and therefore it becomes a crucial aspect of software security. Actually, malware proliferation goes hand in hand with the sophistication and complexity of malware. To illustrate, more elaborated malware like polymorphic and metamorphic malware, make use of code obfuscation techniques to build new variants that preserve the semantics of the original code but modify it’s syntax and thus escape the usual detection methods. In the present work, we propose a model-checking based approach that combines static analysis and machine learning. Mainly, from a given Android application we extract an abstract model expressed in terms of LNT, a process algebra language. Afterwards, security related Android behaviours specified by temporal logic formulas are checked against this model, the satisfaction of a specific formula is considered as a feature, finally machine learning algorithms are used to classify the application as malicious or not.
Gregory, Stephen David. "Effets Allee démographiques : évidence empirique et détection". Paris 11, 2010. http://www.theses.fr/2010PA112091.
Pełny tekst źródłaA component Allee effect (cAE) describes reduced individual fitness at a reduced population size and can manifest as reduced population growth at reduced population size - a demographic Allee effect (dAE). Assuming no taxonomic or publication bias, I reviewed the Allee effect literature, using the intuitive mate-finding Allee effect mechanism as an example, and found that cAE are common in natural populations but rarely manifest as dAE. There are myriad reasons for this including benefits accrued from reduced intraspecific competition. However, since so many of todays populations are declining and threatened, I predicted a higher incidence of dAE. An analysis of 1198 natural populations failed to support this prediction and detected a dAE in less than 1 in 92 populations. Nevertheless, the analysis had a poor power to detect dAE and that variability would prevent their detection. We used a simulation study to show that detecting dAE in highly variable time series is likely to be challenging. Subsequently, we borrowed from existing time series analysis methods to develop a statistical procedure to better detect dAE in highly variable time series, and illustrated its advantage using real datasets. We then applied the new statistical procedure to large datasets collected for nine species of UK social bats and revealed a dAE in 4 of 9 bat species. This reaffirmed our confidence in the new statistical procedure and calls into question the paucity of dAE observed in other social species
Marciano, Abraham. "Méthodes d'Analyse et de Recalage d'images radiographiques de fret et de Véhicules". Thesis, Paris Sciences et Lettres (ComUE), 2018. http://www.theses.fr/2018PSLED040/document.
Pełny tekst źródłaOur societies, faced with an unprecedented level of security threat since WWII, must provide fast and adaptable solutions to cope with a new kind of menace. Illicit trade also, oftencorrelated with criminal actions, is viewed as a defining stake by governments and agencies. Enforcement authorities are thus very demandingin terms of technological features, asthey explicitly aim at automating inspection processes. The main objective of our research is to develop assisting tools to detect weapons and narcotics for lawenforcement officers. In the present work, we intend to employ and customize both advanced classification and image registration techniques for irregularity detection in X-ray cargo screening scans. Rather than employing machine-learning recognition techniques, our methods prove to be very efficient while targeting a very diverse type of threats from which no specific features can be extracted. Moreover, the proposed techniques significantly enhance the detection capabilities for law-enforcement officers, particularly in dense regions where both humans or trained learning models would probably fail. Our work reviews state-of-the art methods in terms of classification and image registration. Various numerical solutions are also explored. The proposed algorithms are tested on a very large number ofimages, showing their necessity and performances both visually and numerically
Zhu, Xiaoyang. "Building a secure infrastructure for IoT systems in distributed environments". Thesis, Lyon, 2019. http://www.theses.fr/2019LYSEI038/document.
Pełny tekst źródłaThe premise of the Internet of Things (IoT) is to interconnect not only sensors, mobile devices, and computers but also individuals, homes, smart buildings, and cities, as well as electrical grids, automobiles, and airplanes, to mention a few. However, realizing the extensive connectivity of IoT while ensuring user security and privacy still remains a challenge. There are many unconventional characteristics in IoT systems such as scalability, heterogeneity, mobility, and limited resources, which render existing Internet security solutions inadequate to IoT-based systems. Besides, the IoT advocates for peer-to-peer networks where users as owners intend to set security policies to control their devices or services instead of relying on some centralized third parties. By focusing on scientific challenges related to the IoT unconventional characteristics and user-centric security, we propose an IoT secure infrastructure enabled by the blockchain technology and driven by trustless peer-to-peer networks. Our IoT secure infrastructure allows not only the identification of individuals and collectives but also the trusted identification of IoT things through their owners by referring to the blockchain in trustless peer-to-peer networks. The blockchain provides our IoT secure infrastructure with a trustless, immutable and public ledger that records individuals and collectives identities, which facilitates the design of the simplified authentication protocol for IoT without relying on third-party identity providers. Besides, our IoT secure infrastructure adopts socialized IoT paradigm which allows all IoT entities (namely, individuals, collectives, things) to establish relationships and makes the IoT extensible and ubiquitous networks where owners can take advantage of relationships to set access policies for their devices or services. Furthermore, in order to protect operations of our IoT secure infrastructure against security threats, we also introduce an autonomic threat detection mechanism as the complementary of our access control framework, which can continuously monitor anomaly behavior of device or service operations
Alava, T. "Conception, fabrication, caractérisation de micromembranes résonantes en silicium, à actionnement piézoélectrique et détection piézorésistive intégrés appliquées à la détection d'agents biologiques simulant la menace". Phd thesis, Université Paul Sabatier - Toulouse III, 2010. http://tel.archives-ouvertes.fr/tel-00541991.
Pełny tekst źródłaAlava, Thomas. "Conception, fabrication, caractérisation de micromembranes résonantes en silicium, à actionnement piézoélectrique et détection piézorésistive intégrés appliquées à la détection d'agents biologiques simulant la menace". Toulouse 3, 2010. http://thesesups.ups-tlse.fr/981/.
Pełny tekst źródłaThe threat of a massive biological attack aiming at armies has compelled military research institutions to invest massively in planning the response to such an attack. The response is contingent to abilities of perception and identification of this attack. Therefore, the need of low-cost, reliable, easily transportable, biological detection solutions is crucial. In this manuscript, we study the cases of biosensors based on silicon resonant micro-membranes, fabricated by standards micro-fabrication techniques. We first emphasize the advantages of these types of sensors to fill the requirements of the studied problematic. Then, according to initial objectives expressed in term of mass resolution and sensitivity, we report the theoretical study enabling the sizing and design of micro-membranes in order to satisfy these requirements. The detection principle is micro-gravimetry. The vibration of membranes is provided through a piezoelectric patch, the vibration detection is operated by piezoresistances located at clamping. We report the micro-systems fabrication, their packaging and the fabrication of associated electronics. Finally, the electrical, electro-mechanical and biological characterization enables the focus on main results. First, we demonstrate the physical co-integration of piezoelectric and piezoresistive phenomena inside a same resonating microstructure. Then, the ability to track in real time the resonant frequency of several multiplexed micro-membranes vibrating in a liquid media provided to piezoresistive detection of vibration is reported. At last, results obtained for detection of biological warfare agents' surrogates are presented
Celosia, Guillaume. "Privacy challenges in wireless communications of the Internet of Things". Thesis, Lyon, 2020. http://www.theses.fr/2020LYSEI069.
Pełny tekst źródłaAlso known as the Internet of Things (IoT), the proliferation of connected objects offers unprecedented opportunities to consumers. From fitness trackers to medical assistants, through smarthome appliances, the IoT objects are evolving in a plethora of application fields. However, the benefits that they can bring to our society increase along with their privacy implications. Continuously communicating valuable information via wireless links such as Bluetooth and Wi-Fi, those connected devices support their owners within their activities. Most of the time emitted on open channels, and sometimes in the absence of encryption, those information are then easily accessible to any passive attacker in range. In this thesis, we explore two major privacy concerns resulting from the expansion of the IoT and its wireless communications: physical tracking and inference of users information. Based on two large datasets composed of radio signals from Bluetooth/BLE devices, we first defeat existing anti-tracking features prior to detail several privacy invasive applications. Relying on passive and active attacks, we also demonstrate that broadcasted messages contain cleartext information ranging from the devices technical characteristics to personal data of the users such as e-mail addresses and phone numbers. In a second time, we design practical countermeasures to address the identified privacy issues. In this direction, we provide recommendations to manufacturers, and propose an approach to verify the absence of flaws in the implementation of their protocols. Finally, to further illustrate the investigated privacy threats, we implement two demonstrators. As a result, Venom introduces a visual and experimental physical tracking system, while Himiko proposes a human interface allowing to infer information on IoT devices and their owners
Shrivastwa, Ritu Ranjan. "Enhancements in Embedded Systems Security using Machine Learning". Electronic Thesis or Diss., Institut polytechnique de Paris, 2023. http://www.theses.fr/2023IPPAT051.
Pełny tekst źródłaThe list of connected devices (or IoT) is growing longer with time and so is the intense vulnerability to security of the devices against targeted attacks originating from network or physical penetration, popularly known as Cyber Physical Security (CPS) attacks. While security sensors and obfuscation techniques exist to counteract and enhance security, it is possible to fool these classical security countermeasures with sophisticated attack equipment and methodologies as shown in recent literature. Additionally, end node embedded systems design is bound by area and is required to be scalable, thus, making it difficult to adjoin complex sensing mechanism against cyberphysical attacks. The solution may lie in Artificial Intelligence (AI) security core (soft or hard) to monitor data behaviour internally from various components. Additionally the AI core can monitor the overall device behaviour, including attached sensors, to detect any outlier activity and provide a smart sensing approach to attacks. AI in hardware security domain is still not widely acceptable due to the probabilistic behaviour of the advanced deep learning techniques, there have been works showing practical implementations for the same. This work is targeted to establish a proof of concept and build trust of AI in security by detailed analysis of different Machine Learning (ML) techniques and their use cases in hardware security followed by a series of case studies to provide practical framework and guidelines to use AI in various embedded security fronts. Applications can be in PUFpredictability assessment, sensor fusion, Side Channel Attacks (SCA), Hardware Trojan detection, Control flow integrity, Adversarial AI, etc
Brogi, Guillaume. "Real-time detection of Advanced Persistent Threats using Information Flow Tracking and Hidden Markov Models". Thesis, Paris, CNAM, 2018. http://www.theses.fr/2018CNAM1167/document.
Pełny tekst źródłaIn this thesis, we present the risks posed by Advanced Persitent Threats (APTs) and propose a two-step approach for recognising when detected attacks are part of one. This is part of the Akheros solution, a fully autonomous Intrusion Detection System (IDS) being developed in collaboration by three PhD students. The idea is to use machine learning to detect unexpected events and check if they present a security risk. The last part, and the subject of this thesis, is the highlighting of APT. APTs campaigns are particularly dangerous because they are performed by skilled attackers with a precise goal and time and money on their side.We start with the results from the previous part of the Akheros IDS: a list of events, which can be translated to flows of information, with an indication for events found to be attacks. We find links between attacks using Information Flow Tracking. To do so, we create a new taint for each detected attack and propagate it. Whenever a taint is on the input of an event that is part of another attack, then the two attacks are linked. However, the links are only potential because the events used are not precise enough, which leads to erroneously propagated taints. In the case of an undetected attack, no taint is created for that attack, but the other taints are still propagated as normal so that previous attack is still linked to the next attack, only skipping the undetected one. The second step of the approach is to filter out the erroneous links. To do so, we use a Hidden Markov Model to represent APTs and remove potential attack campaign that do not fit the model. This is possible because, while each APT is different, they all go through the same phases, which form the hidden states of our model. The visible observations are the kind of attacks performed during these phases. In addition, the results in one phase dictate what the attackers do next, which fits the Markov hypothesis. The score used to rank potential attack campaign from most likely an APT to least likely so is based on a customised Viterbi algorithm in order to take into account potentially undetected attacks
Brogi, Guillaume. "Real-time detection of Advanced Persistent Threats using Information Flow Tracking and Hidden Markov Models". Electronic Thesis or Diss., Paris, CNAM, 2018. http://www.theses.fr/2018CNAM1167.
Pełny tekst źródłaIn this thesis, we present the risks posed by Advanced Persitent Threats (APTs) and propose a two-step approach for recognising when detected attacks are part of one. This is part of the Akheros solution, a fully autonomous Intrusion Detection System (IDS) being developed in collaboration by three PhD students. The idea is to use machine learning to detect unexpected events and check if they present a security risk. The last part, and the subject of this thesis, is the highlighting of APT. APTs campaigns are particularly dangerous because they are performed by skilled attackers with a precise goal and time and money on their side.We start with the results from the previous part of the Akheros IDS: a list of events, which can be translated to flows of information, with an indication for events found to be attacks. We find links between attacks using Information Flow Tracking. To do so, we create a new taint for each detected attack and propagate it. Whenever a taint is on the input of an event that is part of another attack, then the two attacks are linked. However, the links are only potential because the events used are not precise enough, which leads to erroneously propagated taints. In the case of an undetected attack, no taint is created for that attack, but the other taints are still propagated as normal so that previous attack is still linked to the next attack, only skipping the undetected one. The second step of the approach is to filter out the erroneous links. To do so, we use a Hidden Markov Model to represent APTs and remove potential attack campaign that do not fit the model. This is possible because, while each APT is different, they all go through the same phases, which form the hidden states of our model. The visible observations are the kind of attacks performed during these phases. In addition, the results in one phase dictate what the attackers do next, which fits the Markov hypothesis. The score used to rank potential attack campaign from most likely an APT to least likely so is based on a customised Viterbi algorithm in order to take into account potentially undetected attacks
Williot, Alexandre. "La détection de la menace chez les policiers : un processus stratégique?" Thèse, 2018. http://depot-e.uqtr.ca/8499/1/032073206.pdf.
Pełny tekst źródła