Rozprawy doktorskie na temat „Intrusion”
Utwórz poprawne odniesienie w stylach APA, MLA, Chicago, Harvard i wielu innych
Sprawdź 50 najlepszych rozpraw doktorskich naukowych na temat „Intrusion”.
Przycisk „Dodaj do bibliografii” jest dostępny obok każdej pracy w bibliografii. Użyj go – a my automatycznie utworzymy odniesienie bibliograficzne do wybranej pracy w stylu cytowania, którego potrzebujesz: APA, MLA, Harvard, Chicago, Vancouver itp.
Możesz również pobrać pełny tekst publikacji naukowej w formacie „.pdf” i przeczytać adnotację do pracy online, jeśli odpowiednie parametry są dostępne w metadanych.
Przeglądaj rozprawy doktorskie z różnych dziedzin i twórz odpowiednie bibliografie.
Olsson, Fredrik. "Intrusion Management". Thesis, Växjö University, School of Mathematics and Systems Engineering, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-794.
Pełny tekst źródłaInformation security is tasked with protecting the confidentiality, integrity, and availability of an organizations information resource. A key aspect in protecting these resources is developing an
understanding of the threats, vulnerabilities, and exposures that they face by using Risk Management.
The objective of Risk Management is to identify, quantify and manage information security risks to achieve organizations objectives through a number of tasks utilizing key Risk Management techniques.
Risk Management is a process that ensures that the impact of threats exploiting vulnerabilities is within acceptable limits and at an acceptable cost.
With the increased complexity of modern dynamic networks, traditional defence mechanisms are failing and as a result cyber crime is on the rise [FBI03]. This puts organizations and corporations at risk as the defences are ill-fitted and weak [KBM04].
No information system can be absolutely secure, especially large and complex systems. Embedded security works for isolated, dedicated systems with few users but does not offer cost effective security, and even worse does not always handle security based on a real threat (this is manly due to it inherent inflexibility). A military strategy within the field of information operations suggests a method of information superiority bases on the OODA-loop. This theses propose a method of information security protection based on a combination of risk management techniques and information operation (foremost the OODA-loop). This is in order to ensure a cost effective and a viable future for information security in large
and complex systems, where the war at least at present time is lost to the “black hats”, a term often used to describe a menaced hacker.
Jim, Nilsson. "Fracture characterization in magmatic rock, a case study of the Sosa-dyke (Neuquén Basin, Argentina)". Thesis, Uppsala universitet, Institutionen för geovetenskaper, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-411548.
Pełny tekst źródłaI hela världen finns det många exempel där stelnade magmatiska intrusioner påverka ett områdes vatten och energiförsörjning, på grund av att intrusioner kan agera som ledare och reservoarer men också som barriärer för vätskor och gaser in marken. Den avgörande faktorn mellan ledare och barriärer i en intrusion är dess spricknätverk. Därför är det viktigt att kartlägga och karakterisera en intrusions spricknätverk och därmed också få en uppfattning om dess permeabilitet. Magmatiska intrusioner är förutom genom borrhål ofta svåråtkomliga, det finns därför väldigt lite information om hur de påverkar akviferer och reservoarer i marken. Det är därför viktigt att öka kunskapen om magmatiska intrusioner genom att undersöka intrusionerna som är tillgängliga vid markytan. I denna studie har bilder från en fallstudie om Sosa Intrusionen använts för att kartera och karakterisera sprickor i Sosa intrusionen. Det är en vertikal magmatisk intrusion som är synlig på markytan, och en del av Chachahuén vulkan komplexet i sydvästra Argentina. Bilderna som användes är tagna med en UAV( unmanned aerial vehicle), och för att analysera bilderna, kartera sprickorna och producera resultaten, användes programmen Agisoft Metashape, MOVE™ och MATLAB med FracPaQ verktyget. Intrusionen har två distinkta sprickgrupper, en som är vinkelrät mot intrusionens kanter och en som går parallellt med kanterna. Konnektivitet mellan sprickorna är låg och eftersom permeabiliteten påverkas av konnektiviteten är den också låg. Sprickgruppen som är vinkelrätt mot intrusionskanten är så kallade kylningssprickor och bildas nät magman i intrusionen svalnar. Det leder till att magman kontraherar och spricker, och bildar sprickor som går inåt mot stelningsgränsen och därmed vinkelrätt mot intrusionskanten. Sprickgruppen som går parallellt med intrusionen bildas av att mineral i magmaströmmen påverkas av friktion från intrusionskanterna. Det gör att mineralen lägger sig och sträcks ut i samma riktning som magmaflödet, vilket när magman stelnar bildar svaghetszoner som sprickor kan fortplanta sig i. Dessa sprickgrupper har låg konnektivitet vilket gör att slutsatsen blir att det karterade området av Sosa intrusionen har låg permeabilitet.
Ferreira, Eduardo Alves. "Detecção autônoma de intrusões utilizando aprendizado de máquina". Universidade de São Paulo, 2011. http://www.teses.usp.br/teses/disponiveis/55/55134/tde-28072011-160306/.
Pełny tekst źródłaThe use of computers to automatically perform operational tasks is commonplace, thanks to the information technology evolution. The maintenance of computer systems, on the other hand, is commonly performed manually, resulting in high costs, low productivity and low quality of service. The Autonomous Computing initiative aims to approach this limitation, through selfmanagement of computer systems. In order to assemble a fully autonomous system, an intrusion detection application is needed to monitor the behavior and data flows on applications. Considering this context, an autonomous Web intrusion detection system is proposed, based on machine-learning techniques with near-linear computational complexity. This system is based on clustering and novelty detection techniques, characterizing an application behavior, to later pinpoint anomalies in live applications. By conducting experiments, we observed that this new approach is capable of detecting anomalies with less dependency on specific contexts than previous solutions
Stefanova, Zheni Svetoslavova. "Machine Learning Methods for Network Intrusion Detection and Intrusion Prevention Systems". Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7367.
Pełny tekst źródłaChatprechakul, Nattapron. "Improving performance of distributed network intrusion intrusion detection systems using mobile agents". Thesis, Cranfield University, 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.423508.
Pełny tekst źródłaChevalier, Ronny. "Detecting and Surviving Intrusions : Exploring New Host-Based Intrusion Detection, Recovery, and Response Approaches". Thesis, CentraleSupélec, 2019. http://www.theses.fr/2019CSUP0003.
Pełny tekst źródłaComputing platforms, such as embedded systems or laptops, are built with layers of preventive security mechanisms to reduce the likelihood of attackers successfully compromising them. Nevertheless, given time and despite decades of improvements in preventive security, intrusions still happen. Therefore, systems should expect intrusions to occur, thus they should be built to detect and to survive them.Commodity Operating Systems (OSs) are deployed with intrusion detection solutions, but their ability to survive them is limited. State-of-the-art approaches from industry or academia either involve manual procedures, loss of availability, coarse-grained responses, or non-negligible performance overhead. Moreover, low-level components, such as the BIOS, are increasingly targeted by sophisticated attackers to implant stealthy and resilient malware. State-of-the-art solutions, however, mainly focus on boot time integrity, leaving the runtime part of the BIOS—known as the System Management Mode (SMM)—a prime target.This dissertation shows that we can build platforms that detect intrusions at the BIOS level and survive intrusions at the OS level. First, by demonstrating that intrusion survivability is a viable approach for commodity OSs. We develop a new approach that address various limitations from the literature, and we evaluate its security and performance. Second, by developing a hardware-based approach that detects attacks at the BIOS level where we demonstrate its feasibility with multiple detection methods
Vigo, John Louis Jr. "Wireless Intrusion Detection Sytem". ScholarWorks@UNO, 2004. http://scholarworks.uno.edu/td/203.
Pełny tekst źródłaWeigert, Stefan. "Community-Based Intrusion Detection". Doctoral thesis, Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2017. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-217677.
Pełny tekst źródłaJacoby, Grant Arthur. "Battery-Based Intrusion Detection". Diss., Virginia Tech, 2005. http://hdl.handle.net/10919/27092.
Pełny tekst źródłaPh. D.
Jacoby, Grant A. "Battery-based intrusion detection /". This resource online, 2005. http://scholar.lib.vt.edu/theses/available/etd-04212005-120840.
Pełny tekst źródłaNushart, Nathan. "Modeling Intrusive Geometries of a Shallow Crustal Intrusion: New Evidence From Mount Ellsworth, Utah". Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/5753.
Pełny tekst źródłaLiao, Yihua. "Machine learning in intrusion detection /". For electronic version search Digital dissertations database. Restricted to UC campuses. Access is free to UC campus dissertations, 2005. http://uclibs.org/PID/11984.
Pełny tekst źródłaMaier, Eric William. "Buried fiber optic intrusion sensor". Thesis, Texas A&M University, 2004. http://hdl.handle.net/1969.1/425.
Pełny tekst źródłaSainani, Varsha. "Hybrid Layered Intrusion Detection System". Scholarly Repository, 2009. http://scholarlyrepository.miami.edu/oa_theses/44.
Pełny tekst źródłaPark, Chan-Hee. "Saltwater Intrusion in Coastal Aquifers". Diss., Georgia Institute of Technology, 2004. http://hdl.handle.net/1853/4857.
Pełny tekst źródłaKayahan, Hüseyin. "INTRUSION EXECUTION SYSTEMS : Prototype: IMPETUS". Thesis, Linnéuniversitetet, Institutionen för datavetenskap (DV), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-29546.
Pełny tekst źródłaWilden, Matthew Kyle. "The intrusion collector and emulator". [Ames, Iowa : Iowa State University], 2007.
Znajdź pełny tekst źródłaLekkas, Stavros. "Evolving intelligent intrusion detection systems". Thesis, University of Manchester, 2009. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.503075.
Pełny tekst źródłaJolly, Richard J. H. "Mechanisms of igneous sheet intrusion". Thesis, University of Southampton, 1996. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.242207.
Pełny tekst źródłaBucks, Romola Starr. "Intrusion errors in Alzheimer's disease". Thesis, University of Bristol, 1998. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.285578.
Pełny tekst źródłaNazarchuk, Alex. "Water intrusion in underground structures". Thesis, Massachusetts Institute of Technology, 2008. http://hdl.handle.net/1721.1/43880.
Pełny tekst źródłaIncludes bibliographical references (p. 119-124).
This thesis presents a study of the permissible groundwater infiltration rates in underground structures, the consequences of this leakage and the effectiveness of mitigation measures. Design guides and codes do not restrict, address or make clear recommendations for permissible inflows in underground space. Owners, with the help of engineers, typically make decisions based on costs or specifications from past projects without looking at consequences of excessive groundwater infiltration and mitigation costs. The Author has reviewed the published leakage rates for tunnels in comparison with current international standards. After examining over one-hundred case studies, the Author infers that water leakage is the principal damage causing degradation on tunnel linings. International standards for permissible leakage rates (transit tunnels) are consistent with class A definitions of CIRIA (1979) and are approximately 0.1-2 gpm/100,000 SF (0.05-1.2 Uday/SM). The most common cause of leakage (based on numerous case studies) in cast-in-place lining is due to cracks that develop from shrinkage of concrete during curing and to the inability of the structure to accommodate movements due to thermal changes. Individual sources of leakage may be allowable within the permissible rates, however can cause damage to tunnel structure and to the surrounding environment (consolidation and differential settlement). Spalling is one of most common structural damages due to groundwater infiltration. The presence of water can cause unpleasant stains, resulting in erosion and corrosion over time. Formation of icicles, ice and water ponding can affect public safety in a tunnel and jeopardize operations. To mitigate leakage in underground structures and tunnels one may control and/or eliminate the inflow.
(cont.) Chemical grouting is one of the most common measures. However, its application has been unsuccessful in 43% of cases reported by ITA-AITES (2001). Inappropriate material selection for each particular application is major contributing factor for the lack of success. The Author focused this thesis on highway and rail tunnels, and established recommended permissible leakage rates for such underground structures based on international standards and experiences. These recommended rates can serve as guidelines for future tunnel design specifications or to compare recorded inflow rates with international standards.
by Alex Nazarchuk.
M.Eng.
Dehnert, Alexander Worthington. "Using VProbes for intrusion detection". Thesis, Massachusetts Institute of Technology, 2013. http://hdl.handle.net/1721.1/85414.
Pełny tekst źródłaCataloged from PDF version of thesis.
Includes bibliographical references (pages 89-90).
Many current intrusion detection systems (IDSes) are vulnerable to intruders because they are running under the same operating system (OS) as a potential attacker. Since an attacker will often be attempting to co-opt the OS, this leaves the IDS vulnerable to subversion by the attacker. While some systems escape this threat, they typically do so by running the OS inside a modified hypervisor. This risks of adding new bugs that reduce the correctness or security of the hypervisor, and may make it harder to incorporate upstream improvements. VMware has a technology called VProbes that allows setting breakpoints, examining machine state, and inspecting memory from a VM host. This thesis introduces VProbe Instrumentation for VM Intrusion Detection (VIVID), which makes subverting the instrumentation much harder while still allowing the use of an off-the-shelf hypervisor.
by Alexander Worthington Dehnert.
M. Eng.
Maharjan, Nadim, i Paria Moazzemi. "Telemetry Network Intrusion Detection System". International Foundation for Telemetering, 2012. http://hdl.handle.net/10150/581632.
Pełny tekst źródłaTelemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.
Zomlot, Loai M. M. "Handling uncertainty in intrusion analysis". Diss., Kansas State University, 2014. http://hdl.handle.net/2097/17603.
Pełny tekst źródłaDepartment of Computing and Information Sciences
Xinming Ou
Intrusion analysis, i.e., the process of combing through Intrusion Detection System (IDS) alerts and audit logs to identify true successful and attempted attacks, remains a difficult problem in practical network security defense. The primary cause of this problem is the high false positive rate in IDS system sensors used to detect malicious activity. This high false positive rate is attributed to an inability to differentiate nearly certain attacks from those that are merely possible. This inefficacy has created high uncertainty in intrusion analysis and consequently causing an overwhelming amount of work for security analysts. As a solution, practitioners typically resort to a specific IDS-rules set that precisely captures specific attacks. However, this results in failure to discern other forms of the targeted attack because an attack’s polymorphism reflects human intelligence. Alternatively, the addition of generic rules so that an activity with remote indication of an attack will trigger an alert, requires the security analyst to discern true alerts from a multitude of false alerts, thus perpetuating the original problem. The perpetuity of this trade-off issue is a dilemma that has puzzled the cyber-security community for years. A solution to this dilemma includes reducing uncertainty in intrusion analysis by making IDS-nearly-certain alerts prominently discernible. Therefore, I propose alerts prioritization, which can be attained by integrating multiple methods. I use IDS alerts correlation by building attack scenarios in a ground-up manner. In addition, I use Dempster-Shafer Theory (DST), a non-traditional theory to quantify uncertainty, and I propose a new method for fusing non-independent alerts in an attack scenario. Finally, I propose usage of semi-supervised learning to capture an organization’s contextual knowledge, consequently improving prioritization. Evaluation of these approaches was conducted using multiple datasets. Evaluation results strongly indicate that the ranking provided by the approaches gives good prioritization of IDS alerts based on their likelihood of indicating true attacks.
Sonbul, O., M. Byamukama, S. Alzebda i A. N. Kalashnikov. "Autonomous intrusion detection information system". Thesis, Сумський державний університет, 2012. http://essuir.sumdu.edu.ua/handle/123456789/28777.
Pełny tekst źródłaAdemi, Muhamet. "Web-Based Intrusion Detection System". Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20271.
Pełny tekst źródłaSemerci, Hakan Tuğlular Tuğkan. "Analysis of intrusion prevention methods/". [s.l.]: [s.n.], 2004. http://library.iyte.edu.tr/tezler/master/bilgisayaryazilimi/T000579.pdf.
Pełny tekst źródłaMolina, Jesus. "Evaluating host intrusion detection systems". College Park, Md.: University of Maryland, 2007. http://hdl.handle.net/1903/7697.
Pełny tekst źródłaThesis research directed by: Dept. of Electrical and Computer Engineering. Title from t.p. of PDF. Includes bibliographical references. Published by UMI Dissertation Services, Ann Arbor, Mich. Also available in paper.
Lydon, Andrew. "Compilation For Intrusion Detection Systems". Ohio University / OhioLINK, 2004. http://www.ohiolink.edu/etd/view.cgi?ohiou1088179093.
Pełny tekst źródłaMohajer, Soltani Aria. "Users Perceptions on Computer Intrusion". Thesis, Linköpings universitet, Institutionen för datavetenskap, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-130996.
Pełny tekst źródłaGandre, Amit Prafullachandra. "Implementation of a policy-based intrusion detection system--Generic Intrusion Detection Model (GIDEM version 1.1)". [Gainesville, Fla.] : University of Florida, 2001. http://purl.fcla.edu/fcla/etd/UFE0000317.
Pełny tekst źródłaTitle from title page of source document. Document formatted into pages; contains vi, 66 p.; also contains graphics. Includes vita. Includes bibliographical references.
Thiago, Vinicius da Silva. "Arquitetura multi-agentes para detecção de intrusão distribuida". reponame:Repositório Institucional da UFC, 2012. http://www.repositorio.ufc.br/handle/riufc/18655.
Pełny tekst źródłaSubmitted by Elineudson Ribeiro (elineudsonr@gmail.com) on 2016-07-12T18:46:20Z No. of bitstreams: 1 2012_dis_vsthiago.pdf: 6549625 bytes, checksum: 57aa3af5bfc03f007d9bea048190cfb7 (MD5)
Approved for entry into archive by Rocilda Sales (rocilda@ufc.br) on 2016-07-22T12:47:27Z (GMT) No. of bitstreams: 1 2012_dis_vsthiago.pdf: 6549625 bytes, checksum: 57aa3af5bfc03f007d9bea048190cfb7 (MD5)
Made available in DSpace on 2016-07-22T12:47:27Z (GMT). No. of bitstreams: 1 2012_dis_vsthiago.pdf: 6549625 bytes, checksum: 57aa3af5bfc03f007d9bea048190cfb7 (MD5) Previous issue date: 2012
The growing concern about information security in computer networks is responsible for constantly producing new ways to defend them. Within this context, the development of new ways of intrusion detection plays an important role in protecting the information. Detection systems must be efficient and, at the same time, must not overload the network or the processing capabilities of the nodes within it. In order to be effective, a system must base its decisions on as many sources of information as possible and organize knowledge in a way that allows a functional communication between those sources. This dissertation describes the proposal for a Distributed Intrusion Detection System architecture that uses mobile agents and an ontology for information sharing. Mobile agents provide a convenient way to distribute the detection process, enabling peer to peer cooperation between network nodes without generating much additional traffic. The ontology provides an organized way of storing and sharing knowledge. The proposed architecture has been implemented using the Java programming language and JADE framework and a test laboratory has been assembled to verify the operation of the system. The tests results confirmed that a distributed multi-agent architecture that uses an ontology can be effective in detecting attacks on networks and systems.
A crescente preocupação com a segurança da informação em redes de computadores é responsável por produzir constantemente novas formas de defender as mesmas. Dentro desse contexto, o desenvolvimento de novas formas de detecção de intrusão assume um papel muito importante na proteção das informações. Os sistemas de detecção de intrusão precisam ser eficientes e ao mesmo tempo não devem sobrecarregar a rede ou a capacidade de processamento dos nós que a compõem. Com o objetivo de ser eficiente, um sistema deve basear as suas decisões em tantas fontes de informação quanto forem possíveis e organizar o conhecimento de forma que permita uma comunicação funcional entre essas fontes. Este trabalho descreve a proposta de uma arquitetura de um Sistema de Detecção de Intrusão Distribuído que utiliza agentes móveis e uma ontologia para o compartilhamento da informação. Os agentes móveis proporcionam uma maneira prática de distribuir o processo de detecção, possibilitando cooperação ponto a ponto entre os nós da rede sem gerar muito tráfego adicional. A ontologia fornece uma maneira organizada de armazenar e compartilhar o conhecimento. A arquitetura proposta foi implementada utilizando a linguagem de programação Java e o framework JADE e foi montado um laboratório de testes para verificar o funcionamento do sistema. Os resultados obtidos com os testes confirmaram que uma arquitetura distribuída multi-agentes que faz uso de uma ontologia pode ser eficiente na detecção de ataques a redes e sistemas.
Sreekar, Shenoy Govind. "Architecture support for intrusion detection systems". Doctoral thesis, Universitat Politècnica de Catalunya, 2012. http://hdl.handle.net/10803/124705.
Pełny tekst źródłaAbarca, Cameo Elena. "Seawater intrusion in complex geological environments". Doctoral thesis, Universitat Politècnica de Catalunya, 2006. http://hdl.handle.net/10803/6243.
Pełny tekst źródłaFirst, a new paradigm for seawater intrusion is proposed since the current paradigm (the Henry problem) fails to properly reproduce observed SWI wedges. Mixing is represented by means of a velocity dependent dispersion tensor in the new proposed problem. Thereby, we denote it as "dispersive Henry problem". SWI is characterized in terms of the wedge penetration, width of the mixing zone and influx of seawater. We find that the width of the mixing zone depends basically on dispersion, with longitudinal and transverse dispersion controlling different parts of the mixing zone but displaying similar overall effects. The wedge penetration is mainly controlled by the horizontal permeability and by the geometric mean of the dispersivities. Transverse dispersivity and the geometric mean of the hydraulic conductivity are the leading parameters controlling the amount of salt that enters the aquifer.
Second, the effect of heterogeneity was studied by incorporating heterogeneity in the hydraulic permeability into the modified Henry problem. Results show that heterogeneity causes the toe to recede while increases both the width and slope of the mixing zone. The shape of the interface and the saltwater flux depends on the distribution of the permeability in each realization. However, the toe penetration and the width of the mixing zone do not show large fluctuations. Both variables are satisfactorily reproduced, in cases of moderate heterogeneity, by homogeneous media with equivalent permeability and either local or effective dispersivities.
Third, the effect of aquifer geometry in horizontally large confined aquifers was analyzed. Lateral slope turned out to be a critical factor. Lateral slopes in the seaside boundary of more than 3% cause the development of horizontal convection cells. The deepest zones act as preferential zones for seawater to enter the aquifer and preferential discharging zones are developed in the upwards lateral margins. A dimensionless number, Nby, has been defined to estimate the relative importance of this effect.
All these factors can be determinant to explain the evolution of salinity in aquifers such as the Main aquifer of the Llobregat delta. Finally, a management model of this aquifer is developed to optimally design corrective measures to restore the water quality of the aquifer. The application of two different optimization methodologies, a linear and a non-linear optimization method, allowed (1) to quantify the hydraulic efficiency of two potential corrective measures: two recharge ponds and a seawater intrusion barrier; (2) to determine the water necessary to be injected in each of these measures to restore the water quality of the aquifer while minimizing changes in the pumping regime and (3) to assess the sustainable pumping regime (with and without the implementation of additional measures) once the water quality has been restored. Shadow prices obtained from linear programming become a valuable tool to quantify the hydraulic efficiency of potential corrective measures to restore water quality in the aquifer.
Ringström, Saltin Markus. "Intrusion Detection Systems : utvärdering av Snort". Thesis, University of Skövde, School of Humanities and Informatics, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-3081.
Pełny tekst źródłaDet här examensarbetet undersöker effektiviteten hos ett Intrusion Detection System(IDS). Ett IDS är ett system som skall upptäcka om klienter på ett nätverk attackerasav en ”hacker” eller om någon obehörig försöker inkräkta, ungefär som en vakthund.Det IDS som testats är Snort, ett mycket populärt IDS skrivet med öppen källkod.Syftet med studien är att kunna påvisa huruvida ett IDS är ett bra komplement till ettsystems säkerhet eller inte, då det gjorts väldigt få metodiska undersökningar avSnort, och IDS i allmänhet.Den studie som gjorts utfördes med hjälp av ett antal experiment i enlaborationsmiljö, där effektiviteten hos Snort sattes på prov med hjälp av olika typerav attacker.Utifrån det resultat som uppkom så går det att konstatera att ett IDS absolut är ettkomplement värt att överväga för en organisation som är villig att ägna de resursersom systemet kräver, då ett högt antal av de utförda attackerna upptäcktes – attackersom anti-virus eller brandväggar inte är skapade för att reagera på.
Riegel, Martin, i Claes Lyth Walsø. "Intrusion Detection in High-Speed Networks". Thesis, Norwegian University of Science and Technology, Department of Telematics, 2007. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-8785.
Pełny tekst źródłaThis thesis investigates methods for implementing an intrusion detection system (IDS) in a high-speed backbone network. The work presented in this report is run in cooperation with Kripos and Uninett. The popular IDS software, Snort, is deployed and tested in Uninett's backbone network. In addition, the monitoring API (MAPI) is considered as a possible IDS implementation in the same environment. The experiments conducted in this report make use of the programmable DAG card, which is a passive monitoring card deployed on several monitoring sensors in Uninett's backbone. As a limitation of the workload, this report only focuses on the detection of botnets. Botnets are networks consisting of infected computers, and are considered to be a significant threat on the Internet as of today. A total of seven experiments using Snort are presented. These experiments test 1) the impact the number of rules have on Snort, 2) the importance of good configuration, 3)the importance of using well written rules, 4) Snort's ability to run in an environment with minimum external traffic, 5) the impact the size of the processed packets have, 6) the impact the TCP protocol has on packet processing and 7) Snort's ability to run as a botnet detection system for a longer period of time. Based on the results from these experiments, it is concluded that Snort is able to run as a botnet detection system in a high-speed network. This report also discusses some strategies for handling high-speed network data and some future aspects. In addition, ideas for further work and research are given in the end of the report.
Satam, Shalaka Chittaranjan, i Shalaka Chittaranjan Satam. "Bluetooth Anomaly Based Intrusion Detection System". Thesis, The University of Arizona, 2017. http://hdl.handle.net/10150/625890.
Pełny tekst źródłaSmith, Reuben. "Correlating intrusion alerts with unsupervised learning". Thesis, University of Ottawa (Canada), 2006. http://hdl.handle.net/10393/27179.
Pełny tekst źródłaGupta, Kapil Kumar. "Robust and efficient intrusion detection systems". Connect to thesis, 2009. http://repository.unimelb.edu.au/10187/3588.
Pełny tekst źródłaIn this thesis, we address these three issues by introducing efficient intrusion detection frameworks and models which are effective in detecting a wide variety of attacks and which result in very few false alarms. Additionally, using our approach, attacks can not only be accurately detected but can also be identified which helps to initiate effective intrusion response mechanisms in real-time. Experimental results performed on the benchmark KDD 1999 data set and two additional data sets collected locally confirm that layered conditional random fields are particularly well suited to detect attacks at the network level and user session modeling using conditional random fields can effectively detect attacks at the application level.
We first introduce the layered framework with conditional random fields as the core intrusion detector. Layered conditional random field can be used to build scalable and efficient network intrusion detection systems which are highly accurate in attack detection. We show that our systems can operate either at the network level or at the application level and perform better than other well known approaches for intrusion detection. Experimental results further demonstrate that our system is robust to noise in training data and handles noise better than other systems such as the decision trees and the naive Bayes. We then introduce our unified logging framework for audit data collection and perform user session modeling using conditional random fields to build real-time application intrusion detection systems. We demonstrate that our system can effectively detect attacks even when they are disguised within normal events in a single user session. Using our user session modeling approach based on conditional random fields also results in early attack detection. This is desirable since intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of an attack.
Prasad, Praveen. "A dynamically reconfigurable intrusion detection system". NCSU, 2003. http://www.lib.ncsu.edu/theses/available/etd-05202003-181843/.
Pełny tekst źródłaBalon-Perin, Alexandre. "Ensemble-based methods for intrusion detection". Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for datateknikk og informasjonsvitenskap, 2012. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-20115.
Pełny tekst źródłaJumaat, Nor Badrul Anuar. "Incident prioritisation for intrusion response systems". Thesis, University of Plymouth, 2012. http://hdl.handle.net/10026.1/909.
Pełny tekst źródłaIbrahim, Tarik Mohamed Abdel-Kader. "Improving intrusion prevention, detection and response". Thesis, University of Plymouth, 2011. http://hdl.handle.net/10026.1/479.
Pełny tekst źródłaNGUYEN, HONG NHUNG. "INTRUSION DETECTION IN WIRELESS SENSOR NETWORKS". Master's thesis, University of Central Florida, 2006. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/3318.
Pełny tekst źródłaM.S.
Department of Electrical and Computer Engineering
Engineering and Computer Science
Computer Engineering
Song, Jingping. "Feature selection for intrusion detection system". Thesis, Aberystwyth University, 2016. http://hdl.handle.net/2160/3143de58-208f-405e-ab18-abcecfc8f33b.
Pełny tekst źródłaDas, Kumar J. (Kumar Jay) 1978. "Attack development for intrusion detector evaluation". Thesis, Massachusetts Institute of Technology, 2000. http://hdl.handle.net/1721.1/9080.
Pełny tekst źródłaIncludes bibliographical references (p. 96-97).
An important goal of the 1999 DARPA Intrusion Detection Evaluation was to promote the development of intrusion detection systems that can detect new attacks. This thesis describes UNIX attacks developed for the 1999 DARPA Evaluation. Some attacks were new in 1999 and others were stealthy versions of 1998 User-to-Root attacks designed to evade network-based intrusion detection systems. In addition, new and old attacks were fragmented at the packet level to evade network-based intrusion detection systems. Results demonstrated that new and stealthy attacks were not detected well. New attacks that were never seen before were not detected by any network-based systems. Stealthy attacks, modified to be difficult to detect by network intrusion detection systems, were detected less accurately than clear versions. The best network-based system detected 42% of clear attacks and only 11% of stealthy attacks at 10 false alarms per day. A few attacks and background sessions modified with packet modifications eluded network intrusion detection systems causing them to generate false negatives and false positives due to improper TCP/IP reassembly.
by Kumar J. Das.
S.B.and M.Eng.
Chandra, Ramesh Ph D. Massachusetts Institute of Technology. "Automated intrusion recovery for web applications". Thesis, Massachusetts Institute of Technology, 2013. http://hdl.handle.net/1721.1/84883.
Pełny tekst źródłaCataloged from PDF version of thesis.
Includes bibliographical references (pages 93-97).
In this dissertation, we develop recovery techniques for web applications and demonstrate that automated recovery from intrusions and user mistakes is practical as well as effective. Web applications play a critical role in users' lives today, making them an attractive target for attackers. New vulnerabilities are routinely found in web application software, and even if the software is bug-free, administrators may make security mistakes such as misconfiguring permissions; these bugs and mistakes virtually guarantee that every application will eventually be compromised. To clean up after a successful attack, administrators need to find its entry point, track down its effects, and undo the attack's corruptions while preserving legitimate changes. Today this is all done manually, which results in days of wasted effort with no guarantee that all traces of the attack have been found or that no legitimate changes were lost. To address this problem, we propose that automated intrusion recovery should be an integral part of web application platforms. This work develops several ideas-retroactive patching, automated UI replay, dependency tracking, patch-based auditing, and distributed repair-that together recover from past attacks that exploited a vulnerability, by retroactively fixing the vulnerability and repairing the system state to make it appear as if the vulnerability never existed. Repair tracks down and reverts effects of the attack on other users within the same application and on other applications, while preserving legitimate changes. Using techniques resulting from these ideas, an administrator can easily recover from past attacks that exploited a bug using nothing more than a patch fixing the bug, with no manual effort on her part to find the attack or track its effects. The same techniques can also recover from attacks that exploit past configuration mistakes-the administrator only has to point out the past request that resulted in the mistake. We built three prototype systems, WARP, POIROT, and AIRE, to explore these ideas. Using these systems, we demonstrate that we can recover from challenging attacks in real distributed web applications with little or no changes to application source code; that recovery time is a fraction of the original execution time for attacks with a few affected requests; and that support for recovery adds modest runtime overhead during the application's normal operation.
by Ramesh Chandra.
Ph.D.
Hastings, Joseph R. 1980. "Incremental Bayesian segmentation for intrusion detection". Thesis, Massachusetts Institute of Technology, 2003. http://hdl.handle.net/1721.1/28399.
Pełny tekst źródłaIncludes bibliographical references (leaves 131-133).
This thesis describes an attempt to monitor patterns of system calls generated by a Unix host in order to detect potential intrusion attacks. Sequences of system calls generated by privileged processes are analyzed using incremental Bayesian segmentation in order to detect anomalous activity. Theoretical analysis of various aspects of the algorithm and empirical analysis of performance on synthetic data sets are used to tune the algorithm for use as an Intrusion Detection System.
by Joseph R. Hastings.
M.Eng.
Moten, Daryl, i Farhad Moazzami. "Telemetry Network Intrusion Detection Test Bed". International Foundation for Telemetering, 2013. http://hdl.handle.net/10150/579527.
Pełny tekst źródłaThe transition of telemetry from link-based to network-based architectures opens these systems to new security risks. Tools such as intrusion detection systems and vulnerability scanners will be required for emerging telemetry networks. Intrusion detection systems protect networks against attacks that occur once the network boundary has been breached. An intrusion detection model was developed in the Wireless Networking and Security lab at Morgan State University. The model depends on network traffic being filtered into traffic streams. The streams are then reduced to vectors. The current state of the network can be determined using Viterbi analysis of the stream vectors. Viterbi uses the output of the Hidden Markov Model to find the current state of the network. The state information describes the probability of the network being in predefined normal or attack states based on training data. This output can be sent to a network administrator depending on threshold levels. In this project, a penetration-testing tool called Metasploit was used to launch attacks against systems in an isolated test bed. The network traffic generated during an attack was analyzed for use in the MSU intrusion detection model.
Wang, Jie. "Advanced attack tree based intrusion detection". Thesis, Loughborough University, 2012. https://dspace.lboro.ac.uk/2134/9631.
Pełny tekst źródła