Дисертації з теми "Attack on the network"
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 дисертацій для дослідження на тему "Attack on the network".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте дисертації для різних дисциплін та оформлюйте правильно вашу бібліографію.
Avidan, Lenoy. "Dynamic Shifting of Virtual Network Topologies for Network Attack Prevention." DigitalCommons@CalPoly, 2019. https://digitalcommons.calpoly.edu/theses/1986.
Повний текст джерелаKaraaslan, Ibrahim. "Anti-sensor Network: Distortion-based Distributed Attack In Wireless Sensor Networks." Master's thesis, METU, 2008. http://etd.lib.metu.edu.tr/upload/3/12609276/index.pdf.
Повний текст джерелаGerbert, Oscar. "Attack on the Chaos Sensor Network Protocol." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-260480.
Повний текст джерелаVan, Heerden Renier Pelser. "A formalised ontology for network attack classification." Thesis, Rhodes University, 2014. http://hdl.handle.net/10962/d1011603.
Повний текст джерелаTan, Hailun Computer Science & Engineering Faculty of Engineering UNSW. "Secure network programming in wireless sensor networks." Awarded By:University of New South Wales. Computer Science & Engineering, 2010. http://handle.unsw.edu.au/1959.4/44835.
Повний текст джерелаHamid, Thaier K. A. "Attack graph approach to dynamic network vulnerability analysis and countermeasures." Thesis, University of Bedfordshire, 2014. http://hdl.handle.net/10547/576432.
Повний текст джерелаSchuhart, Russell G. "Hacking social networks examining the viability of using computer network attack against social networks." Thesis, Monterey, Calif. : Naval Postgraduate School, 2007. http://bosun.nps.edu/uhtbin/hyperion.exe/07Mar%5FSchuhart.pdf.
Повний текст джерелаThesis Advisor(s): David Tucker. "March 2007." Includes bibliographical references (p. 55-56). Also available in print.
Klaus, Christian. "Network design for reliability and resilience to attack." Thesis, Monterey, California: Naval Postgraduate School, 2014. http://hdl.handle.net/10945/41406.
Повний текст джерелаWe define and solve two network-design problems. In the first, (1) a defender uses limited resources to select a portfolio of paths or design a sub-network; (2) an attacker then uses limited attack resources to destroy network arcs, and then (3) the defender operates the damaged network optimally by ending a shortest path. The solution identifies a network design that minimizes post-attack path length. We show how the tri-level problem is equivalent to a single-level mixed integer program (MIP) with an exponential number of rows and columns, and solve that MIP using simultaneous row and column generation. Methods extend to network operations denied through general now constructs. The second problem considers a stochastic logistics network where arcs are present randomly and independently. Shipping from a source to a destination may be delayed until a path connecting the two is available. In the presence of storage capacity, cargo can be shipped partway. The problem's solution identifies the storage locations that minimize the cargo's waiting time for shipment. We develop and demonstrate practical methods to solve this #P-complete problem on a model instance derived from a Department of Defense humanitarian shipping network.
Mohammadnia, Hamzeh. "IoT-NETZ: Spoong Attack Mitigation in IoT Network." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-260250.
Повний текст джерелаDen fenomenala tillväxten av IoT och populariteten hos mobilstationerna har snabbt ökat efterfrågan på WLAN-nätverk (känd som IEEE 802.11 och WiFi). WLAN är ett billigt alternativ för mobilnätet och är ett olicensierat spektrum för att bygga huvudplanen för att bädda in Internet i allt-och-var som helst. Samtidigt är det inte trivialt att övervaka antalet IoT och WiFi-aktiverade enheter över bostäder och företag. Därför kräver framtida WiFi nätverksarkitektur ett smidigt hantering paradigm för att tillhandahålla internt stöd och säkerhet för WiFi-nätverk.Användningen av IoT och mobilanvändningsapplikationer är beroende av skalbarhet och högpresterande beräkningar av moln. Cloud computing har helt centraliserat den nuvarande datacenters nätverksarkitektur och det ger beräkningsintensiva, höghastighetsnätverk och realtidssvar påbegäran från IoT. IoT-till-moln kommunikationen är kärnan i nätverkssäkerhetshänsyn och de har ett allvarligt behov av ständig förbättring och säkerhetshärdning inom deras internätverk. Baserat på antalet undersökningar och analyser av genererad trafik av IoT har det observerats. Det finns det betydande antalet massiva spoofing-orienterade attacker som riktar sig mot molntjänster, lanseras från komprometterad IoT.På grundval av att granska tidigare undersökningar om IoTs mest genomförda nätverksattacker finns det en utmanande och gemensam egenskap som ofta utnyttjats i de många massiva internetattackerna. Detta arbete kommer att undersöka de befintliga lösningarna som har implementerats för att skydda både traditionella och mjukvariga nätverksparadigmer. Därefter föreslår det tillvägagångssättet för detta arbete som möjliggör IoT-värdnät skyddade genom att använda SDWN inom den föreslagna modellen för att mildra poofing-orienterade nätverksattacker. Dessutom erbjuder den föreslagna lösningen miljöhållbarhet genom att spara strömförbrukning i nätverksenheter under nätverksdrift. Den praktiska förbättringen av den föreslagna modellen mäts och utvärderas inom den omgivande miljön av Mininet-WiFi.
Kenar, Serkan. "An Extensible Framework For Automated Network Attack Signature Generation." Master's thesis, METU, 2010. http://etd.lib.metu.edu.tr/upload/2/12611418/index.pdf.
Повний текст джерелаNazari, Mahmood, and Kun Zhou. "Campus Network Design and Man-In-The-Middle Attack." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-25683.
Повний текст джерелаOguz, Saziye Deniz. "Protein Domain Networks: Analysis Of Attack Tolerance Under Varied Circumstances." Master's thesis, METU, 2010. http://etd.lib.metu.edu.tr/upload/12612518/index.pdf.
Повний текст джерелаAlmohri, Hussain. "Security risk prioritization for logical attack graphs." Thesis, Manhattan, Kan. : Kansas State University, 2008. http://hdl.handle.net/2097/1114.
Повний текст джерелаSuraev, Maxim. "Denial-of-service attack resilience of the GSM access network." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2011. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-13313.
Повний текст джерелаWilliams, Leevar (Leevar Christoff). "GARNET : a Graphical Attack graph and Reachability Network Evaluation Tool." Thesis, Massachusetts Institute of Technology, 2008. http://hdl.handle.net/1721.1/46367.
Повний текст джерелаThis electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Includes bibliographical references (p. 101-102).
Attack graphs are valuable tools in the assessment of network security, revealing potential attack paths an adversary could use to gain control of network assets. Creating an effective visualization for attack graphs is essential to their utility, but many previous efforts produce complex displays that are difficult to relate to the underlying networks. This thesis presents GARNET (Graphical Attack graph and Reachability Network Evaluation Tool), an interactive visualization tool intended to facilitate the task of attack graph analysis. The tool provides a simplified view of critical steps that can be taken by an attacker and of host-to-host network reachability that enables these exploits. It allows users to perform "what-if" experiments including adding new zero-day attacks, following recommendations to patch software vulnerabilities, and changing the attacker starting location to analyze external and internal attackers. Users are able to view a set of attack graph metrics that summarize different aspects of overall network security for a specific set of attacker models. An initial user evaluation of GARNET identified problematic areas of the interface that assisted in the development of a more functional design.
by Leevar Williams.
M.Eng.
Ikusan, Ademola A. "Collaboratively Detecting HTTP-based Distributed Denial of Service Attack using Software Defined Network." Wright State University / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1515067456228498.
Повний текст джерелаShafley, William K. "Business architecture model for network centric surface combatant land attack warfare." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2001. http://handle.dtic.mil/100.2/ADA397350.
Повний текст джерелаThesis advisor(s): Jansen, Erik; Brock, Floyd. "September 2001." Includes bibliographical references (p.115-116). Also available in print.
Chen, Ruiliang. "Enhancing Attack Resilience in Cognitive Radio Networks." Diss., Virginia Tech, 2008. http://hdl.handle.net/10919/26330.
Повний текст джерелаPh. D.
Giannini, Beatrice. "Attack and Mitigation Modelling for Software-Defined Networks." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2020. http://amslaurea.unibo.it/19817/.
Повний текст джерелаLu, Song. "Auto Red Team a network attack automation framework based on Decision Tree /." [Ames, Iowa : Iowa State University], 2008.
Знайти повний текст джерелаJavaid, Ahmad Yazdan. "Cyber Security Threat Analysis and Attack Simulation for Unmanned Aerial Vehicle Network." University of Toledo / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1438816219.
Повний текст джерелаYieh, Pierson. "Vehicle Pseudonym Association Attack Model." DigitalCommons@CalPoly, 2018. https://digitalcommons.calpoly.edu/theses/1840.
Повний текст джерелаKhanal, Sandarva, and Ciara Lynton. "Packet Simulation of Distributed Denial of Service (DDoS) Attack and Recovery." International Foundation for Telemetering, 2013. http://hdl.handle.net/10150/579511.
Повний текст джерелаDistributed Denial of Service (DDoS) attacks have been gaining popularity in recent years. Most research developed to defend against DDoS attacks have focused on analytical studies. However, because of the inherent nature of a DDoS attack and the scale of a network involved in the attack, analytical simulations are not always the best way to study DDoS attacks. Moreover, because DDoS attacks are considered illicit, performing real attacks to study their defense mechanisms is not an alternative. For this reason, using packet/network simulators, such as OPNET Modeler, is the best option for research purposes. Detection of an ongoing DDoS attack, as well as simulation of a defense mechanism against the attack, is beyond the scope of this paper. However, this paper includes design recommendations to simulate an effective defense strategy to mitigate DDoS attacks. Finally, this paper introduces network links failure during simulation in an attempt to demonstrate how the network recovers during and following an attack.
Costantini, Kevin C. "Development of a cyber attack simulator for network modeling and cyber security analysis /." Online version of thesis, 2007. http://hdl.handle.net/1850/5440.
Повний текст джерелаJayashankaraShridevi, Rajesh. "Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-Chip." DigitalCommons@USU, 2015. https://digitalcommons.usu.edu/etd/4548.
Повний текст джерелаNanda, Sanjeeb. "GRAPH THEORETIC MODELING: CASE STUDIES IN REDUNDANT ARRAYS OF INDEPENDENT DISKS AND NETWORK DEFENSE." Doctoral diss., University of Central Florida, 2007. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/3165.
Повний текст джерелаPh.D.
School of Electrical Engineering and Computer Science
Engineering and Computer Science
Computer Science PhD
Chen, Xiangqian. "Defense Against Node Compromise in Sensor Network Security." FIU Digital Commons, 2007. http://digitalcommons.fiu.edu/etd/7.
Повний текст джерелаde, Waern Henrik. "Computer Network Attack som olovligt våld : en fråga om association, effekt, aktör och mål." Thesis, Swedish National Defence College, Swedish National Defence College, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:fhs:diva-22.
Повний текст джерелаI Estland 2007 utbröt vad som kommit att kallas ”Cyberwar I”, vari ett stort antal centrala myndigheters, tillika finansiella institutioners servrar attackerades av massiva så kallade Computer Network Attacks (CNA), utfört av framförallt ryska aktörer. Estland protesterade högljutt, men frågan huruvida CNA är att beteckna som olovligt är allt annat än klar. Prövningen sker mot den folkrättsliga regimen Jus ad Bellum, och huruvida metoden uppfyller vissa centrala begrepp. Men hur skall denna regim appliceras CNA?
De frågeställningar som avses besvaras är: hur kan CNA utgöra våld eller hot om våld i enlighet med FN-stadgans artikel 2(4) samt hur kan CNA utgöra väpnat angrepp i enlighet med FN-stadgans artikel 51? Detta avses göras genom en studie inbegripande flertalet folkrättsliga experters teorier på området CNA och våldsanvändning, samt applicering av desamma på en fallstudie av händelserna i Estland 2007.
Sammanfattningsvis konstateras att flertalet variabler har bärighet i hur CNA kan uppfylla artiklarnas centrala begrepp, vari frågan om association, effekt, aktör och mål tydligast faller ut. I en efterföljande diskussion påvisas dock hur variablerna endast är att betrakta som indicier på hur CNA kan klassas så som olovligt, varvid endast statspraxis kan ge den slutgiltiga bedömningen.
Arikan, Erinc. "Attack profiling for DDoS benchmarks." Access to citation, abstract and download form provided by ProQuest Information and Learning Company; downloadable PDF file Mb., 96 p, 2006. http://gateway.proquest.com/openurl?url_ver=Z39.88-2004&res_dat=xri:pqdiss&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&rft_dat=xri:pqdiss:1435821.
Повний текст джерелаPagna, Disso Jules F. "A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/5248.
Повний текст джерелаBhattacherjee, Debopam. "Stepping Stone Detection for Tracing Attack Sources in Software-Defined Networks." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-190121.
Повний текст джерелаStaples, Zachary H. Michael Robert J. "Redefining attack : taking the offensive against networks /." Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Mar%5FStaples.pdf.
Повний текст джерелаThesis advisor(s): Dan Moran, John Hiles, Rudy Darken. Includes bibliographical references (p. 134-138). Also available online.
Moore, Tyler Weston. "Cooperative attack and defense in distributed networks." Thesis, University of Cambridge, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.612283.
Повний текст джерелаMichael, Robert J., and Zachary H. Staples. "Redefining attack: taking the offensive against networks." Thesis, Monterey, California. Naval Postgraduate School, 2003. http://hdl.handle.net/10945/1063.
Повний текст джерелаThis thesis done in cooperation with the MOVES Institute
The Information Age empowers individuals, and affords small groups an opportunity to attack states' interests with an increasing variety of tactics and great anonymity. Current strategies to prevail against these emerging threats are inherently defensive, relying on potential adversaries to commit mistakes and engage in detectable behavior. While defensive strategies are a critical component of a complete solution set, they cede initiative to the adversary. Moreover, reactive measures are not suited to quickly suppress adversary networks through force. To address this shortfall in strategic planning, the science of networks is rapidly making clear that natural systems built over time with preferential attachment form scale-free networks. These networks are naturally resilient to failure and random attack, but carry inherent vulnerabilities in their highly connected hubs. Taking the offensive against networks is therefore an exercise in discovering and attacking such hubs. To find these hub vulnerabilities in network adversaries, this thesis proposes a strategy called Stimulus Based Discovery, which leads to rapid network mapping and then systematically improves the accuracy and validity of this map while simultaneously degrading an adversary's network cohesion. Additionally, this thesis provides a model for experimenting with Stimulus Based Discovery in a Multi-Agent System.
Lieutenant, United States Navy
Pagna, Disso Jules Ferdinand. "A novel intrusion detection system (IDS) architecture : attack detection based on snort for multistage attack scenarios in a multi-cores environment." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/5248.
Повний текст джерелаBencel, Jozef. "Analýza bezpečnosti bezdrátových sítí." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2009. http://www.nusl.cz/ntk/nusl-218125.
Повний текст джерелаLimmer, Tobias [Verfasser], and Falko [Akademischer Betreuer] Dressler. "Efficient Network Monitoring for Attack Detection = Effizientes Netzwerkmonitoring für Angriffserkennung / Tobias Limmer. Betreuer: Falko Dressler." Erlangen : Universitätsbibliothek der Universität Erlangen-Nürnberg, 2011. http://d-nb.info/1015474462/34.
Повний текст джерелаSangster, Benjamin F. "Performance of VoIP services on a DOCSIS network targeted by a denial of service attack." Connect to this title online, 2007. http://etd.lib.clemson.edu/documents/1193080291/.
Повний текст джерелаTitle from first page of PDF file. Document formatted into pages; contains xi, 66 p. ; also includes graphics (chiefly col). Contains additional supplemental file.
Sung, Minho. "Scalable and efficient distributed algorithms for defending against malicious Internet activity." Diss., Available online, Georgia Institute of Technology, 2006, 2006. http://etd.gatech.edu/theses/available/etd-07172006-134741/.
Повний текст джерелаXu, Jun, Committee Chair ; Ahamad, Mustaque, Committee Member ; Ammar, Mostafa, Committee Member ; Bing, Benny, Committee Member ; Zegura, Ellen, Committee Member.
Yan, Qiben. "Security Enhanced Communications in Cognitive Networks." Diss., Virginia Tech, 2014. http://hdl.handle.net/10919/49704.
Повний текст джерелаPh. D.
Salla, Vamsi. "Error and attack tolerance of complex real networks." Morgantown, W. Va. : [West Virginia University Libraries], 2005. https://eidr.wvu.edu/etd/documentdata.eTD?documentid=4311.
Повний текст джерелаTitle from document title page. Document formatted into pages; contains x, 80 p. : ill. (some col.). Includes abstract. Includes bibliographical references (p. 70-72).
Rejeb, Ridha. "Fault and attack management in all-optical networks." Thesis, University of Warwick, 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.425517.
Повний текст джерелаFurman, Joshua R. (Joshua Ronni) 1977. "Attack notification and adaptation in ad hoc networks." Thesis, Massachusetts Institute of Technology, 2002. http://hdl.handle.net/1721.1/87423.
Повний текст джерелаGorlatova, Maria A. "Wormhole attack detection in wireless ad hoc networks." Thesis, University of Ottawa (Canada), 2007. http://hdl.handle.net/10393/27459.
Повний текст джерелаFall, Moustapha. "Cyber-Physical Systems Security: Machine to Machine Controlled by PLC in a Local Network." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1623168149265934.
Повний текст джерелаAlserhani, Faeiz. "A framework for correlation and aggregation of security alerts in communication networks : a reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5430.
Повний текст джерелаFlucke, Thomas J. "IDENTIFICATION OF USERS VIA SSH TIMING ATTACK." DigitalCommons@CalPoly, 2020. https://digitalcommons.calpoly.edu/theses/2208.
Повний текст джерелаHedefalk, Finn. "Robustness of Spatial Databases: Using Network Analysis on GIS Data Models." Thesis, University of Gävle, Department of Technology and Built Environment, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hig:diva-6625.
Повний текст джерелаDemands on the quality and reliability of Volunteered Geographic Information have increased because of its rising popularity. Due to the less controlled data entry, there is a risk that people provide false or inaccurate information to the database. One factor that affects the effect of such updates is the network structure of the database schema, which might reveal the database’s robustness against different kinds of false updates. Therefore, network analyses are needed. The aim is to analyse GIS data models, stored in UML class diagrams, for scale-free and small-world properties. Moreover, a robustness analysis is to be carried out on selected data models in order to find out their error and attack tolerance against, for example, false updates. Three graphs were specified from the UML class diagrams: (1) class graphs: classes as nodes and their interactive relationships as connections; (2) attribute graphs: classes and attributes as nodes, with connections between the classes and their attributes; and (3) schema graphs: attributes as nodes and their interactive relationships inside and outside the tables as links. The analysed class diagrams were stored in XMI, and therefore transformed with XSLT to the Pajek network format. Thereafter, small-world and scale-free analyses as well as a robustness analysis were performed on the graphs.
The results from the scale-free analyses showed no strict power-laws. Nevertheless, the classes’ relationships and attributes, and the betweenness in the schema graphs were long-tailed distributed. Furthermore, the schema graphs had small-world properties, and the analysed class and schema graphs were robust against errors but fragile against attacks. In a network structure perspective, these results indicate that false updates on random tables of a database should usually do little harm, but falsely updating the most central cells or tables may cause big damage. Consequently, it may be necessary to monitor and constrain sensitive cells and tables in order to protect them from attacks
Antunes, João Alexandre Simões 1981. "Network attack injection." Doctoral thesis, 2012. http://hdl.handle.net/10451/7244.
Повний текст джерелаThe increasing reliance on networked computer systems demands for high levels of dependability. Unfortunately, new threats and forms of attack are constantly emerging to exploit vulnerabilities in systems, compromising their correctness. An intrusion in a network server may affect its users and have serious repercussions in other services, possibly leading to new security breaches that can be exploited by further attacks. Software testing is the first line of defense in opposing attacks because it can support the discovery and removal of weaknesses in the systems. However, searching for flaws is a difficult and error-prone task, which has invariably overlooked vulnerabilities. The thesis proposes a novel methodology for vulnerability discovery that systematically generates and injects attacks, while monitoring and analyzing the target system. An attack that triggers an unexpected behavior provides a strong indication of the presence of a flaw. This attack can then be given to the developers as a test case to reproduce the anomaly and to assist in the correction of the problem. The main focus of the investigation is to provide a theoretical and experimental framework for the implementation and execution of attack injection on network servers. Several innovative solutions related to this approach are covered, including ways to infer a specification of the protocol implemented by the server, the generation of a comprehensive set of attacks, the injection and monitoring of the target system, and the automatic analysis of results. Furthermore, we apply some of the developed techniques to other areas of network security, namely to intrusion tolerance and detection. In particular, a new method is proposed to assist on the evaluation of the compliance of diverse replicas in intrusion-tolerant systems.
O aumento da dependência e confiança depositada nos sistemas de rede, exige níveis de confiabilidade cada vez mais elevados. Infelizmente, novas ameaças e formas de ataque estão constantemente a surgir, explorando vulnerabilidades nos sistemas e comprometendo a sua correta operação. Uma intrusão num servidor de rede pode afetar os seus utilizadores e ter graves repercussões noutros serviços, eventualmente abrindo novas brechas de segurança que podem ser exploradas por outros ataques. O teste de software é a primeira linha de defesa na oposição a ataques porque pode apoiar a descoberta e remoção de fraquezas dos sistemas. No entanto, a procura de falhas é uma tarefa difícil e propensa a erros, e que tem invariavelmente deixado escapar vulnerabilidades. A tese propõe uma nova metodologia para a descoberta da vulnerabilidades que permite a sistemática geração e injeção de ataques, e a simultânea monitorização e análise do sistema-alvo. Um ataque que desencadeie um comportamento inesperado é uma forte indicação da presença de uma falha. Este ataque pode então ser dado à equipa de desenvolvimento como um caso de teste para reproduzir a anomalia e para auxiliar na correção do problema. O foco principal da investigação é fornecer um quadro teórico e experimental para a concretização e execução da injeção de ataques em servidores de rede. Diversas soluções inovadoras relacionadas com esta abordagem são estudadas, incluindo a inferência da especificação do protocolo concretizado pelo servidor, a geração de um conjunto abrangente de ataques, a injeção e monitorização do sistema-alvo e a análise automática dos resultados. Além disso, aplicamos algumas das técnicas aqui desenvolvidas noutras áreas de segurança de redes, nomeadamente, para a tolerância e deteção de intrusões. Em particular, é proposto um novo método para a avaliação da conformidade de réplicas em sistemas tolerantes a intrusões com diversidade.
Fundação para a Ciência e a Tecnologia (FCT, SFRH/BD/-44336/2008, projetos POSC/EIA/61643/2004 (AJECT) e PTDC/EIA-EIA/100894/2008 (DIVERSE); Multi-annual and CMU-Portugal Programmes; European Comission, projetos IST-2004-27513 (CRUTIAL) e FP7-257475 (MASSIF).
Chen, Ming-Hung, and 陳明宏. "Attack Graph Based Network Defense." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/10775568647829336324.
Повний текст джерела中原大學
資訊工程研究所
93
As the society gradually evolved to accommodate the advances of technologies, many network applications have been invented, which lead to the flourishing development of the Internet. With more and more services move to the Internet, intruders are attracted by the possible advantages they are able to take by exploiting human mistakes or software vulnerabilities. On seeing a suspicious packet, the response an intrusion detection system makes is usually based on the alert solely; environmental characteristics and the current network states are rarely considered. In order to prevent an intruder from achieving his final goal after initial attacks are detected, an automated mechanism that can help in making appropriate decisions on the response strategies and the response actors is needed. Intrusion detection systems produce certain amount of false alarms; and, usually, they react to intrusion events statically .In this thesis, we proposed a mechanism based on attack graph to strengthen the dependability of alarms. Also, when an alarm matches to the attack graph of the site in concern, the mechanism can help to determine the appropriate response to take.