To see the other types of publications on this topic, follow the link: Security Monitors.
Dissertations / Theses on the topic 'Security Monitors'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 36 dissertations / theses for your research on the topic 'Security Monitors.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Khoury, Raphaël. "Enforcing Security Policies with Runtime Monitors." Thesis, Université Laval, 2011. http://www.theses.ulaval.ca/2011/28124/28124.pdf.
Full textAbstract:
Le monitorage (monitoring) est une approche pour la sécurisation du code qui permet
l'exécution d’un code potentiellement malicieux en observant son exécution, et en intervenant
au besoin pour éviter une violation d’une politique de sécurité. Cette méthode
a plusieurs applications prometteuses, notamment en ce qui a trait à la sécurisation du
code mobile.
Les recherches académiques sur le monitorage se sont généralement concentrées sur
deux questions. La première est celle de délimiter le champ des politiques de sécurité
applicables par des moniteurs opérant sous différentes contraintes. La seconde question
est de construire des méthodes permettant d’insérer un moniteur dans un programme,
ce qui produit un nouveau programme instrumenté qui respecte la politique de sécurité
appliquée par ce moniteur. Mais malgré le fait qu’une vaste gamme de moniteurs a été
étudiée dans la littérature, les travaux sur l’insertion des moniteurs dans les programmes
se sont limités à une classe particulière de moniteurs, qui sont parmi les plus simples et
les plus restreint quant à leur champ de politiques applicables.
Cette thèse étend les deux avenues de recherches mentionnées précédemment et
apporte un éclairage nouveau à ces questions. Elle s’attarde en premier lieu à étendre le
champ des politiques applicables par monitorage en développabt une nouvelle approche
pour l’insertion d’un moniteur dans un programme. En donnant au moniteur accès à
un modèle du comportement du programme, l’étude montre que le moniteur acquiert
la capacité d’appliquer une plus vaste gamme de politiques de sécurité.
De plus, les recherches ont aussi d´emontré qu’un moniteur capable de transformer
l’exécution qu’il surveille est plus puissant qu’un moniteur qui ne possède pas cette
capacité. Naturellement, des contraintes doivent être imposées sur cette capacité pour
que l’application de la politique soit cohérente. Autrement, si aucune restriction n’est
imposée au moniteur, n’importe quelle politique devient applicable, mais non d’une
manière utile ou désirable. Dans cette étude, nous proposons deux nouveaux paradigmes
d’application des politiques de sécurité qui permettent d’incorporer des restrictions
raisonnables imposées sur la capacité des moniteurs de transformer les exécutions sous
leur contrôle. Nous étudions le champ des politiques applicables avec ces paradigmes
et donnons des exemples de politiques réelles qui peuvent être appliquées à l’aide de
notre approche.Execution monitoring is an approach that seeks to allow an untrusted code to run safely by observing its execution and reacting if need be to prevent a potential violation of a user-supplied security policy. This method has many promising applications, particularly with respect to the safe execution of mobile code. Academic research on monitoring has generally focused on two questions. The first, relates to the set of policies that can be enforced by monitors under various constraints and the conditions under which this set can be extended. The second question deals with the way to inline a monitor into an untrusted or potentially malicious program in order to produce a new instrumented program that provably respects the desired security policy. This study builds on the two strands of research mentioned above and brings new insights to this study. It seeks, in the first place, to increase the scope of monitorable properties by suggesting a new approach of monitor inlining. By drawing on an a priori model of the program’s possible behavior, we develop a monitor that can enforce a strictly larger set of security properties. Furthermore, longstanding research has showed that a monitor that is allowed to transform its input is more powerful than one lacking this ability. Naturally, this ability must be constrained for the enforcement to be meaningful. Otherwise, if the monitor is given too broad a leeway to transform valid and invalid sequences, any property can be enforced, but not in a way that is useful or desirable. In this study, we propose two new enforcement paradigms which capture reasonable restrictions on a monitor’s ability to alter its input. We study the set of properties enforceable if these enforcement paradigms are used and give examples of real-life security policies that can be enforced using our approach.
2
Shankaranarayanan, Bharath. "Assertion-Based Monitors for Run-time Security Validation." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1626356515627044.
Full text
3
Joglekar, Sachin P. "Embedded monitors for detecting and preventing intrusions in cryptographic and application protocols." Thesis, University of North Texas, 2003. https://digital.library.unt.edu/ark:/67531/metadc4414/.
Full textAbstract:
There are two main approaches for intrusion detection: signature-based and anomaly-based. Signature-based detection employs pattern matching to match attack signatures with observed data making it ideal for detecting known attacks. However, it cannot detect unknown attacks for which there is no signature available. Anomaly-based detection builds a profile of normal system behavior to detect known and unknown attacks as behavioral deviations. However, it has a drawback of a high false alarm rate. In this thesis, we describe our anomaly-based IDS designed for detecting intrusions in cryptographic and application-level protocols. Our system has several unique characteristics, such as the ability to monitor cryptographic protocols and application-level protocols embedded in encrypted sessions, a very lightweight monitoring process, and the ability to react to protocol misuse by modifying protocol response directly.
4
Raja, Subashree. "Security Architecture and Dynamic Signal Selection for Post-Silicon Validation." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1623241837129969.
Full text
5
Vermeulen, Hester. "A balanced food basket approach to monitor food affordability in South Africa." Thesis, University of Pretoria, 2020. http://hdl.handle.net/2263/73175.
Full textAbstract:
The public health landscape in South Africa today is characterised by a double-burden of nutritional challenges. Under-nutrition is prevalent, as is evident from the high levels of childhood stunting that are reported. Deficiencies of micro-nutrients such as vitamin A and iron continue to be prevalent in children, females and vulnerable groups. Simultaneously overweight and obesity among adults and children together with an associated increase in the occurrence of non-communicable diseases (NCDs) such as diabetes and cardiovascular disease are increasing steadily to epidemic levels.
With approximately 40% of the population living under the International Poverty Line and approximately a quarter of the population not able to obtain enough food to fulfil their daily energy needs, poverty and food insecurity are harsh realities in many South African households. The ability of a household to make healthy food choices is, among other factors, affected by food affordability. Food affordability is determined by household income relative to the cost of purchased food items. In recent years, food affordability in South Africa has been under increased pressure due to the following factors: household income-growth barely keeping track with inflation, rising unemployment, as well as high and ever increasing food prices. The pressure on lower income households is particularly profound, forcing such households to use about a third of total expenditure for food purchases.
In this study, a multi-disciplinary approach was used (including principles of nutrition, economics and consumer behaviour sciences) to develop models to measure the cost and affordability of healthy eating in South Africa at a national level and on a socio-economically disaggregated basis. The healthy food basket model was primarily based on the South African Food-based Dietary Guidelines, typical food consumption patterns, household demographics and official urban retail food prices monitored by Statistics South Africa.
Food affordability is a major challenge, with 60% of the population unable to afford the Moderate-cost Food Basket which provides greater nutritional diversity. The more economical Thrifty Healthy Food Basket (approximately 30% less expensive) is only affordable to approximately half of the South African population. A four member household earning two minimum wages has to spend a third of total expenditure on food to be able to afford this basket, while the typical food expenditure share of such households is usually lower (approximately 24%), thus confirming the pressure on households to afford healthy eating. In future the models of healthy eating also present possibilities for further expansion (e.g. these models can be refined to study different geographical areas or different household structure typologies).
Compared to national nutritional recommendations, the study found that the intakes of whole-grain starch-rich foods, lean meat, fish, eggs, dairy, fruit, vegetables and legumes were low. Inadequate intake was generally more severe among lower income households. Less-affluent households spend a large proportion of their food budget on starch-rich staples, fats / oils and sugar-rich foods, but allocate insufficient resources to animal-source foods, legumes, fruit and vegetables. This study also identified that excessive intakes of refined and processed starch-rich food options, sugar-rich foods and fats / oils were common across all income groups and increased with socio-economic status. These findings confirm the reality of the nutrition transition in South Africa.
The contribution of this research to estimate the socio-economically disaggregated consumption of animal-source foods (meat, fish and eggs) and starch-rich foods (maize meal, bread, rice and potatoes), provides valuable insights into differences in food intake across the socio-economic spectrum of South Africa.
A complex combination of interventions is required to promote healthy eating patterns in South Africa. In addition to legislative measures (e.g. salt and sugar reduction legislation), consumer education (across the socio-economic spectrum) should focus on science-based practical solutions and provide advice on making healthy and budget-conscious food choices. In addition, it is also important to design and implement policy actions to improve the affordability and availability of healthy food options for the various socio-economic groups, in diverse geographic locations in South Africa.
The improvement of food affordability is a key component in moving closer to achieve the Sustainable Development Goal of the United Nations “to end hunger, achieve food security, improve nutrition and promote sustainable agriculture”. Furthermore, improving household food and nutrition security (including addressing issues pertaining to healthy food consumption and affordability), through public and private sector actions, is one of the enabling milestones in the National Development Plan 2030.
The monthly costing of the food basket models which were developed in this study and analyses thereof should be used as policy analysis tools to act as a practical, scientific basis for the food security debate in South Africa. These tools are, in fact, already published on a quarterly basis in the public domain. In future the models of healthy eating also present possibilities for further expansion (e.g. these models can be refined to study different geographical areas or different household structure typologies).Thesis (PhD) - University of Pretoria. 2020.
Financial support received from: * The Bureau for Food and Agricultural Policy (BFAP) * The Department of Science and Technology (DST)/National Research Foundation (NRF) Centre of Excellence (CoE) in Food Security * Agbiz * Red Meat Research and Development South Africa (RMRD SA) * DST/NRF South African Research Chairs Initiative (SARChl) in the National Development Plan Priority Area of Nutrition and Food Security (Unique number: SARCI170808259212) * University of Pretoria
Animal and Wildlife Sciences
PhD Nutrition
Unrestricted
6
Nauditt, Alexandra. "Understanding stream flow generation in sparsely monitored montane catchments." Thesis, University of Aberdeen, 2017. http://digitool.abdn.ac.uk:80/webclient/DeliveryManager?pid=233935.
Full text
7
Leon, Vidalon Igmar, and Ampuero Pablo Jorge Medina. "Mejora al Proceso de Monitoreo Continuo de Vulnerabilidades." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2020. http://hdl.handle.net/10757/652805.
Full textAbstract:
El presente trabajo de investigación tiene como objetivo mejorar el proceso de Monitoreo Continuo de Vulnerabilidades de la gerencia de Operaciones de Seguridad Tecnológica lo cual contribuye en gran medida a estar prevenidos y mitigar en gran medida cualquier problema que pueda aprovechar una amenaza externa e interna de Mibanco.
El presente trabajo de investigación contiene seis capítulos entre los principales la definición del Marco Teórico, se desarrollaron los principales conceptos, antecedentes y se definieron las palabras claves relacionadas al tema principal del presente trabajo de investigación; en el capítulo de Desarrollo del Proyecto se evidenciara el problema con más detalle donde se formula el problema principal y el objetivo de mejora el cual estaría enfocado en la reducción sustancial de tiempo con el apoyo de tecnologías de información.This research work aims to improve the Continuous Vulnerability Monitoring process of Technology Security Operations management, which greatly contributes to being prevented and greatly mitigating any problem that may take advantage of an external and internal threat from Mibanco. This research work contains six chapters, the main ones being the definition of the Theoretical Framework, the main concepts, antecedents were developed and the key words related to the main topic of this research work were defined; In the Project Development chapter the problem will be shown in more detail where the main problem is formulated and the improvement objective which would be focused on the substantial reduction of time with the support of information technologies.
Tesis
8
Lu, Lu. "IoT Network Watchdog." Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-34008.
Full textAbstract:
The Internet of Things (IoT) plays an important role in the coming era of the Internet development. In addition to the convenience and opportunities it brings to us, there comes with the security issues, which could lead to the privacy leakage, it’s a threaten to the whole IoT system. To deal with the potential dangerous element hidden behind this technology, monitoring on the network would be indispensable. To develop and implements the digital network watchdog system that monitors the local network and the connected device, firstly, I surveyed the area related to the IoT attacks. The network monitor system provides basic network monitoring function, connected device tracking and monitoring function, reliable device operating function. I used the packages provided by Raspberry Pi to realize the general monitoring and transferred the captured result for further analysis. Also, I made use of SNMP and drawing tool to create graphs of different parameters in the monitoring of both network and connected devices. Then I implemented database with web service on Raspberry Pi to realize device operating. In evaluation, the system works well in general monitoring with all information provided and low lost package percentage, the graphs can provide situation of different parameters, and the respond time in the operation time of database is short. I discussed the ethical thinking and proposed the ethical thinking and future work.
9
PASQUIER, JEAN-BAPTISTE. "Remote surveys to monitor IDPs leaving displacement sites : A case study in the eastern DR Congo." Thesis, KTH, Industriell ekologi, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-179640.
Full textAbstract:
In the last 20 years, on-going conflicts in eastern Democratic Republic of Congo (DRC) and neighbouring countries have led to massive displacements. In the province of Nord-Kivu, epicentre of the crisis, there are currently 53 displacement sites that host about 185,000 Internally Displaced People (IDPs). IDPs tend to leave camps as soon as they consider their home villages to be safe. At the same time, camps are also being closed for political motivations, creating large flows of IDPs to unknown areas. The World Food Programme (WFP) and other humanitarian actors need to track returnees and understand their need for assistance. WFP conducts a monthly phone survey in Mugunga III, an IDP camp on the outskirts of Goma, the capital of Nord-Kivu. The main goal of this remote survey is to monitor the food security situation in the camp. However, this paper demonstrates that this innovative tool also proves successful in monitoring the situation of returnees and understanding the dynamics of their returns. This remote monitoring technology is expected to be even more useful when the authorities decide to close the camp. If the results are disseminated, an increase in government accountability should be observed. This research was conducted in collaboration with WFP in an attempt to extend the applications of high frequency survey data. To continue this research, methodological adjustments should be taken before considering applying the tool to another displacement site.
10
Patzina, Lars Verfasser], Andy [Akademischer Betreuer] Schürr, and Jan [Akademischer Betreuer] [Jürjens. "Generierung von effizienten Security-/Safety-Monitoren aus modellbasierten Beschreibungen / Lars Patzina. Betreuer: Andy Schürr ; Jan Jürjens." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2014. http://d-nb.info/1110979053/34.
Full text
11
Patzina, Lars [Verfasser], Andy Akademischer Betreuer] Schürr, and Jan [Akademischer Betreuer] [Jürjens. "Generierung von effizienten Security-/Safety-Monitoren aus modellbasierten Beschreibungen / Lars Patzina. Betreuer: Andy Schürr ; Jan Jürjens." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2014. http://nbn-resolving.de/urn:nbn:de:tuda-tuprints-41334.
Full text
12
Nemati, Hamed. "Secure System Virtualization : End-to-End Verification of Memory Isolation." Doctoral thesis, KTH, Teoretisk datalogi, TCS, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-213030.
Full textAbstract:
Over the last years, security-kernels have played a promising role in reshaping the landscape of platform security on embedded devices. Security-kernels, such as separation kernels, enable constructing high-assurance mixed-criticality execution platforms on a small TCB, which enforces isolation between components. The reduced TCB minimizes the system attack surface and facilitates the use of formal methods to ensure the kernel functional correctness and security. In this thesis, we explore various aspects of building a provably secure separation kernel using virtualization technology. We show how the memory management subsystem can be virtualized to enforce isolation of system components. Virtualization is done using direct-paging that enables a guest software to manage its own memory configuration. We demonstrate the soundness of our approach by verifying that the high-level model of the system fulfills the desired security properties. Through refinement, we then propagate these properties (semi-)automatically to the machine-code of the virtualization mechanism. Further, we show how a runtime monitor can be securely deployed alongside a Linux guest on a hypervisor to prevent code injection attacks targeting Linux. The monitor takes advantage of the provided separation to protect itself and to retain a complete view of the guest. Separating components using a low-level software cannot by itself guarantee the system security. Indeed, current processors architecture involves features that can be utilized to violate the isolation of components. We present a new low-noise attack vector constructed by measuring caches effects which is capable of breaching isolation of components and invalidates the verification of a software that has been verified on a memory coherent model. To restore isolation, we provide several countermeasures and propose a methodology to repair the verification by including data-caches in the statement of the top-level security properties of the system.QC 20170831
PROSPER
HASPOC
13
Otoum, Safa. "Machine Learning-driven Intrusion Detection Techniques in Critical Infrastructures Monitored by Sensor Networks." Thesis, Université d'Ottawa / University of Ottawa, 2019. http://hdl.handle.net/10393/39090.
Full textAbstract:
In most of critical infrastructures, Wireless Sensor Networks (WSNs) are deployed due to their low-cost, flexibility and efficiency as well as their wide usage in several infrastructures. Regardless of these advantages, WSNs introduce various security vulnerabilities such as different types of attacks and intruders due to the open nature of sensor nodes and unreliable wireless links.
Therefore, the implementation of an efficient Intrusion Detection System (IDS) that achieves an acceptable security level is a stimulating issue that gained vital importance.
In this thesis, we investigate the problem of security provisioning in WSNs based critical monitoring infrastructures. We propose a trust based hierarchical model for malicious nodes detection specially for Black-hole attacks. We also present various Machine Learning (ML)-driven IDSs schemes for wirelessly connected sensors that track critical infrastructures. In this thesis, we present an in-depth analysis of the use of machine learning, deep learning, adaptive machine learning, and reinforcement learning solutions to recognize intrusive behaviours in the monitored network.
We evaluate the proposed schemes by using KDD'99 as real attacks data-sets in our simulations. To this end, we present the performance metrics for four different IDSs schemes namely the Clustered Hierarchical Hybrid IDS (CHH-IDS), Adaptively Supervised and Clustered Hybrid IDS (ASCH-IDS), Restricted Boltzmann Machine-based Clustered IDS (RBC-IDS) and Q-learning based IDS (QL-IDS) to detect malicious behaviours in a sensor network.
Through simulations, we analyzed all presented schemes in terms of Accuracy Rates (ARs), Detection Rates (DRs), False Negative Rates (FNRs), Precision-recall ratios, F_1 scores and, the area under curves (ROC curves) which are the key performance parameters for all IDSs. To this end, we show that QL-IDS performs with ~ 100% detection and accuracy rates.
14
Carter, Zachary Negual. "A Principled Approach to Policy Composition for Runtime Enforcement Mechanisms." Scholar Commons, 2012. http://scholarcommons.usf.edu/etd/4006.
Full textAbstract:
Runtime enforcement mechanisms are an important and well-employed method for ensuring an execution only exhibits acceptable behavior, as dictated by a security policy. Wherever interaction occurs between two or more parties that do not completely trust each other, it is most often the case that a runtime enforcement mechanism is between them in some form, monitoring the exchange. Considering the ubiquity of such scenarios in the computing world, there has been an increased effort to build formal models of runtime monitors that closely capture their capabilities so that their effectiveness can be analysed more precisely. While models have grown more faithful to their real-life counterparts, is- sues concerning complexity and manageability (a common concern for software engineers) of centralized policies remains to be fully addressed. The goal of this thesis is to provide a principled approach to policy construction that is modular, intuitive, and backed by formal methods.
This thesis introduces a class of policy combinators adequate for use with runtime en- forcement policies and analyses a particular instance of them called Static Committee Com- binators (SCCs). SCCs present a model of policy composition where combinators act as committees that vote on events passing through the monitor. They were conceptualized in collaboration with Jay Ligatti and Daniel Lomsak. The general class of combinators are called Static Decision Combinators (SDCs), which share key features with SCCs such as allowing combinators to respond with alternative events when polled, in addition to re- sponding with grants or denials. SDCs treat the base-level policies they compose as black boxes, which helps decouple the system of combinators from the underlying policy model. The base policies could be modelled by automata but the combinators would not maintain their own state, being "static". This allows them to be easily defined and understood using truth tables, as well as analysed using logic tools. In addition to an analysis of SDCs and SCCs, we provide useful examples and a reusable combinator library.
15
Patzina, Sven Verfasser], Andy [Akademischer Betreuer] Schürr, and Jan [Akademischer Betreuer] [Jürjens. "Entwicklung einer Spezifikationssprache zur modellbasierten Generierung von Security-/Safety-Monitoren zur Absicherung von (Eingebetteten) Systemen / Sven Patzina. Betreuer: Andy Schürr ; Jan Jürjens." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2014. http://d-nb.info/1110979029/34.
Full text
16
Patzina, Sven [Verfasser], Andy Akademischer Betreuer] Schürr, and Jan [Akademischer Betreuer] [Jürjens. "Entwicklung einer Spezifikationssprache zur modellbasierten Generierung von Security-/Safety-Monitoren zur Absicherung von (Eingebetteten) Systemen / Sven Patzina. Betreuer: Andy Schürr ; Jan Jürjens." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2014. http://nbn-resolving.de/urn:nbn:de:tuda-tuprints-41327.
Full text
17
Chávez, Luna Manuel Ángel, and Jara Armando Victor Paredes. "Propuesta de una Arquitectura de Software para la Mejora del Proceso de Gestión de Monitoreo de Controles de Seguridad." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2020. http://hdl.handle.net/10757/652804.
Full textAbstract:
El objetivo del presente trabajo de investigación es una propuesta de Arquitectura de Software para la gestión de monitoreo de controles de seguridad del Programa Integral Nacional para el bienestar Familia – INABIF, siguiendo buenas prácticas de enfoques predictivos, análisis de procesos, marcos de trabajo de la arquitectura empresarial y diseño arquitectónico de software. El modelo propuesto proveerá al negocio un diseño de arquitectura de software que optimice las tareas asociadas al control y medición de los controles de seguridad de la organización.
Entonces, para el desarrollo de la propuesta de trabajo, se presentará el análisis del negocio, que, mediante la metodología de Zachman, se mostrará una vista a alto nivel del giro de negocio de la organización, sus objetivos estratégicos y su posicionamiento en la actualidad. Seguidamente, se presentará el enfoque desde el punto de vista del proceso estudio, conocer el rol que cumple dentro de los procesos macros de la compañía, su trazabilidad con los objetivos de la compañía, así como el grado de responsabilidad que tienen asignada.
Asimismo, una vez identificado las tareas que hacen deficiente el proceso, se generará los casos de uso de sistema (basado en lenguaje de modelamiento unificado), que representen el comportamiento del sistema que el diseño de arquitectura de software deberá soportar. Finalmente, y bajo lineamientos de calidad de arquitectura, se emplearán herramientas de modelado que definan la estructura arquitectónica de la presente propuesta, de tal forma garanticen calidad de análisis, diseño y cumplimiento de objetivos trazados por el negocio.The objective of this research work is to provide a Software for the management of security controls and monitoring of the National Comprehensive Program for Families well-being - INABIF, following practices of predictive approach, process analysis, structure of the business, construction and software design. The proposed model will provide a software design that optimizes the tasks associated with the control and study of the organization's security controls. Also, for the development of the proposed work, a business analysis will be presented, which, through the Zachman methodology, it will present a high-level view of the organization's business line, its strategic objectives, and its current positioning. The approach will be visible from the point of view of the study process, knowing the role it plays within the company's macro processes, following the company's objectives, as well as the degree of responsibility assigned to it. Once deficient tasks have been identified, the system will generate case studies (based on the unified modeling language), which represent the behavior of the system that the software design must support. Finally, under design quality guidelines, modeling tools will be used to define the structure of this proposal, thereby guaranteeing quality of analysis, design and compliance with objectives set by the organization.
Tesis
18
Stamenkovich, Joseph Allan. "Enhancing Trust in Autonomous Systems without Verifying Software." Thesis, Virginia Tech, 2019. http://hdl.handle.net/10919/89950.
Full textAbstract:
The complexity of the software behind autonomous systems is rapidly growing, as are the
applications of what they can do. It is not unusual for the lines of code to reach the millions,
which adds to the verification challenge. The machine learning algorithms involved are often
"black boxes" where the precise workings are not known by the developer applying them, and
their behavior is undefined when encountering an untrained scenario. With so much code, the
possibility of bugs or malicious code is considerable. An approach is developed to monitor and
possibly override the behavior of autonomous systems independent of the software controlling
them. Application-isolated safety monitors are implemented in configurable hardware to
ensure that the behavior of an autonomous system is limited to what is intended. The sensor
inputs may be shared with the software, but the output from the monitors is only engaged
when the system violates its prescribed behavior. For each specific rule the system is expected
to follow, a monitor is present processing the relevant sensor information. The behavior is
defined in linear temporal logic (LTL) and the associated monitors are implemented in a
field programmable gate array (FPGA). An off-the-shelf drone is used to demonstrate the
effectiveness of the monitors without any physical modifications to the drone. Upon detection
of a violation, appropriate corrective actions are persistently enforced on the autonomous
system.Master of Science
Autonomous systems are surprisingly vulnerable, not just from malicious hackers, but from design errors and oversights. The lines of code required can quickly climb into the millions, and the artificial decision algorithms can be inscrutable and fully dependent upon the information they are trained on. These factors cause the verification of the core software running our autonomous cars, drones, and everything else to be prohibitively difficult by traditional means. Independent safety monitors are implemented to provide internal oversight for these autonomous systems. A semi-automatic design process efficiently creates error-free monitors from safety rules drones need to follow. These monitors remain separate and isolated from the software typically controlling the system, but use the same sensor information. They are embedded in the circuitry and act as their own small, task-specific processors watching to make sure a particular rule is not violated; otherwise, they take control of the system and force corrective behavior. The monitors are added to a consumer off-the-shelf (COTS) drone to demonstrate their effectiveness. For every rule monitored, an override is triggered when they are violated. Their effectiveness depends on reliable sensor information as with any electronic component, and the completeness of the rules detailing these monitors.
19
Fahlström, Albin, and Victor Henriksson. "Intrångsdetektering i processnätverk." Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-39881.
Full textAbstract:
The threat against industrial networks have increased, which raises the demands on the industries cybersecurity. The industrial networks are not constructed with cybersecurity in mind, which makes these systems vulnerable to attacks. Even if the networks outer protection is deemed sufficient, the system may still be infected. This risk demands an intrusion detection system (IDS) that can identify infected components. An IDS scans all traffic of a point in the network and looks for traffic matching its detections parameters, if a match is made the IDS will send an alarm to the administrators. It can also analyze the network traffic using a behavior based method which means that the IDS will alert administrators if network activity deviates from the normal traffic flow. It is of vital essence that the IDS do not impair with the system, an outage of the industrial process can have a high cost for the industry. This report aims to put forward plans for the implementation of an IDS in one of Mälarenergi AB’s industrial networks, this will be made using the Bro and Snort intrusion detection systems.Hoten mot industrinätverken har blivit större vilket har ställt högre krav på industriernas cybersäkerhet. Industrinätverk är ofta inte konstruerade med cybersäkerhet i åtanke, vilket har gjort dessa system sårbara mot attacker. Även om nätverkets yttre skydd anses gott går det inte att vara säker på att ett industrinätverk förblir osmittat. Detta ställer krav på någon form av intrångsdetekteringssystem (IDS) som kan upptäcka infekterad utrustning och suspekt datatrafik i nätverket. En IDS skannar alla paket vid en viss punkt i nätverket, om IDS:en upptäcker något paket som matchar med dess signatur kommer den att larma en administratör. IDS:en kan även använda beteendeanalys där den larmar om nätverksaktiviteten avviker från det normala. Det är mycket viktigt att en IDS inte orsakar avbrott i industriprocessen, om en process stannar kan det innebära stora kostnader för industrin. Denna rapport syftar till att lämna ett lösningsförslag på en IDS-implementation till ett av Mälarenergi AB: s processnätverk, lösningen konstruerades med hjälp av IDS:erna Bro och Snort.
Vissa bilder i den elektroniska rapporten har tagits bort av upphovrättsliga skäl. Författarna har bedömt att rapporten är förståelig även utan dessa bilder.
20
Laos, Barrantes Jorge Augusto, and Flores Marcos Jefferson Mauricio. "Sistema de monitoreo de seguridad y salud en el trabajo para una empresa constructora empleando redes neuronales MLP para el análisis de imágenes en obras." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2021. http://hdl.handle.net/10757/657548.
Full textAbstract:
La seguridad y salud en el trabajo para una empresa de construcción, forma parte importante de los procesos misionales, visto desde la perspectiva humana, así como económica. En tal sentido, con el presente proyecto se propone una solución informática, tomando como punto de partida la información del negocio (mapa de procesos) para con esta realizar el análisis y diseño de un sistema de monitoreo de seguridad y salud en el trabajo empleando inteligencia artificial redes neuronales MLP para el análisis de imágenes en obras. De forma general, la propuesta tiene como objetivo reducir los accidentes y con esto los gastos (7% de ingresos) que se vienen presentando en la ejecución de obras por pagos de multas, penalidades o por incumplimiento de contratos.
En la primera etapa se realiza el análisis de la información de la empresa, se emplea el marco de trabajo de Zachman y TOGAF, de esta manera se conoce la situación actual del proceso de gestión y control de obras identificando los problemas o debilidades que se presenten en este, con esta información se procede a realizar en análisis de la propuesta de mejora.
La siguiente etapa se basa en diseñar la propuesta de solución partiendo por la identificación de requerimientos del sistema junto al usuario del negocio, teniendo esta información se identifican los drivers funcionales y no funcionales del sistema, finalmente se pasa a realizar el diseño del sistema empleando el modelo C4, plasmando la arquitectura de software a 4 niveles de aproximación.Occupational safety and health for a construction company is an important part of missionary processes seen from a human perspective, as well as an economic one. In this sense, with this project a system solution is proposed, taking as a starting point the business information (process map) to carry out the analysis and design of a monitoring system for safety and health at work using artificial intelligence neural networks MLP for the analysis of images in construction sites. In general, the objective of the proposal is to reduce accidents and with this the expenses (7% of income) that have been presented in the execution of works for payment of fines, penalties or for breach of contracts. In the first stage, the analysis of the company's information is carried out with the help of Zachman and TOGAF framework, in this way the current situation of the process “Management and control of construction sites” is known, identifying the problems or weaknesses that it has, with this information, the analysis of the improvement proposal is carried out. The next stage is based on designing the solution proposal starting from the identification of system requirements together with the business user, having this information, the functional and non-functional drivers of the system are identified, finally the system design is carried out using the model C4, expressing the software architecture at 4 levels of approximation.
Tesis
21
Freitas, Pablo Gulias Rufino de. "Seguran?a da informa??o e QoS na gest?o de redes de telecomunica??es em conformidade com as pr?ticas de ITIL?" Pontif?cia Universidade Cat?lica de Campinas, 2017. http://tede.bibliotecadigital.puc-campinas.edu.br:8080/jspui/handle/tede/976.
Full textAbstract:
Submitted by SBI Biblioteca Digital (sbi.bibliotecadigital@puc-campinas.edu.br) on 2017-08-08T12:17:56Z
No. of bitstreams: 1
PABLO GULIAS RUFINO DE FREITAS.pdf: 2140333 bytes, checksum: 1e937a0df855e15ff38bbf36da286844 (MD5)Made available in DSpace on 2017-08-08T12:17:56Z (GMT). No. of bitstreams: 1 PABLO GULIAS RUFINO DE FREITAS.pdf: 2140333 bytes, checksum: 1e937a0df855e15ff38bbf36da286844 (MD5) Previous issue date: 2017-05-02
Pontif?cia Universidade Cat?lica de Campinas ? PUC Campinas
Traditionally, Information Security (IS) and Quality of Service (QoS), which means the capacity of a service to satisfy the needs of a user, have been considered separately, with different purposes and needs. However, the service levels that are advertised and expected for both are strongly linked. In this sense, despite the improvement in the performance of communication and of the confidentiality, integrity and the availability of data trafficked having greater premise, there still is no standardization for the joint and efficient use of IS and QoS. There are also no defined metrics or indicators that allow for this grouped measurement. This study proposed and tested a model for the management of communication networks, based on the best practices of the library for Information Technology Service Management (ITSM), Information Technology Infrastructure Library (ITIL), having the novelty of using the information security risk management process, from the 27005 (Risk Management) standard, in conjunction with a list of requirements checks of QoS and controls from the 27002 (Code of Practice) standard. This study looks to find the equilibrium between IS, performance and productivity. The results obtained showed the effectiveness of this proposal decreasing by approximately 16%, the number of incidents directly linked to IS and QoS, detected and solved in a proactive manner.
Tradicionalmente, Seguran?a da Informa??o (SI) e Qualidade de Servi?o (Quality of Service (QoS)), que significa a capacidade de um servi?o para satisfazer as necessidades do usu?rio, t?m sido consideradas, separadamente, com diferentes prop?sitos e necessidades. No entanto, os n?veis de servi?os anunciados e esperados por ambos est?o fortemente ligados. Nesse sentido, apesar da melhoria no desempenho da comunica??o e da confidencialidade, integridade e disponibilidade dos dados transportados serem premissas maiores, ainda n?o h? uma padroniza??o para um uso conjunto e eficiente entre SI e QoS. Tamb?m n?o h? uma defini??o de m?tricas ou indicadores que possibilitem essa medi??o agrupada. No presente trabalho, prop?e-se e testa-se um modelo de gerenciamento de redes de telecomunica??es, baseado nas melhores pr?ticas da biblioteca de Gerenciamento de Servi?os de Tecnologia da Informa??o (GSTI), Information Technology Infrastructure Library (ITIL), tendo como novidade a utiliza??o do processo de gest?o de riscos de seguran?a da informa??o, da norma 27005 (Gest?o de riscos), em conjun??o com uma lista de verifica??es de requisitos de QoS e controles da norma 27002 (C?digo de pr?ticas). Este trabalho busca o equil?brio entre SI, desempenho e produtividade. Os resultados obtidos mostraram a efetividade da proposta com uma diminui??o aproximada de 16%, da quantidade de incidentes diretamente ligados ? SI e QoS, detectados e solucionados de forma proativa.
22
Kumarapillai, Chandrikakutty Harikrishnan. "Protecting Network Processors with High Performance Logic Based Monitors." 2013. https://scholarworks.umass.edu/theses/1054.
Full textAbstract:
Technological advancements have transformed the way people interact with the world. The Internet now forms a critical infrastructure that links different aspects of our life like personal communication, business transactions, social networking, and advertising. In order to cater to this ever increasing communication overhead there has been a fundamental shift in the network infrastructure. Modern network routers often employ software programmable network processors instead of ASIC-based technology for higher throughput performance and adaptability to changing resource requirements. This programmability makes networking infrastructure vulnerable to new class of network attacks by compromising the software on network processors. This issue has resulted in the need for security systems which can monitor the behavior of network processors at run time. This thesis describes an FPGA-based security monitoring system for multi-core network processors. The implemented security monitor improves upon previous hardware monitoring schemes. We demonstrate a state machine based hardware programmable monitor which can track program execution flow at run time. Applications are analyzed offline and a hash of the instructions is generated to form a state machine sequence. If the state machine deviates from expected behavior, an error flag is raised, forcing a network processor reset. For testing purposes, the monitoring logic along with the multi-core network processor system is implemented in FPGA logic. In this research, we modify the network processor memory architecture to improve security monitor functionality. The efficiency of this approach is validated using a diverse set of network benchmarks. Experiments are performed on the prototype system using known network attacks to test the performance of the monitoring subsystem. Experimental results demonstrate that out security monitor approach provides an efficient monitoring system in detecting and recovering from network attacks with minimum overhead while maintaining line rate packet forwarding. Additionally, our monitor is capable of defending against attacks on processor with a Harvard architecture, the dominant contemporary network processor organization. We demonstrate that our monitor architecture provides no network slowdown in the absence of an attack and provides the capability to drop packets without otherwise affecting regular network traffic when an attack occurs.
23
Sayed, Bassam. "Protection against malicious JavaScript using hybrid flow-sensitive information flow monitoring." Thesis, 2015. http://hdl.handle.net/1828/7063.
Full textAbstract:
Modern web applications use several third-party JavaScript libraries to achieve higher levels of engagement. The third-party libraries range from utility libraries such as jQuery to libraries that provide services such as Google Analytics and context- sensitive advertisement. These third-party libraries have access to most (if not all) the elements of the displayed webpage. This allows malicious third-party libraries to perform attacks that steal information from the end-user or perform an action without the end-user consent. These types of attacks are the stealthiest and the hardest to defend against, because they are agnostic to the browser type and platform of the end-user and at the same time they rely on web standards when performing the attacks. Such kind of attacks can perform actions using the victim’s browser without her permission. The nature of such actions can range from posting an embarrassing message on the victim’s behalf over her social network account, to performing online biding using the victim’s account. This poses the need to develop effective mechanisms for protecting against client-side web attacks that mainly target the end-user. In the proposed research, we address the above challenges from information flow monitoring perspective by developing a framework that restricts the flow of information on the client-side to legitimate channels. The proposed model tracks sensitive information flow in the JavaScript code and prevents information leakage from happening. The main component of the framework is a hybrid flow-sensitive security monitor that controls, at runtime, the dissemination of information flow and its inlining. The security monitor is hybrid as it combines both static analysis and runtime monitoring of the running JavaScript program. We provide the soundness proof of the model with respect to termination-insensitive non-interference security policy and develop a new security benchmark to establish experimentally its effectiveness in detecting and preventing illicit information flow. When applied to the context of client-side web-based attacks, the proposed model provides a more secure browsing environment for the end-user.Graduate
24
Ryan, Christopher Michael. "Determining the Impact of Concrete Roadways on Gamma Ray Background Readings for Radiation Portal Monitoring Systems." Thesis, 2011. http://hdl.handle.net/1969.1/ETD-TAMU-2011-05-9341.
Full textAbstract:
The dissolution of the Soviet Union coupled with the growing sophistication of international terror organizations has brought about a desire to ensure that a sound infrastructure exists to interdict smuggled nuclear material prior to leaving its country of origin. To combat the threat of nuclear trafficking, radiation portal monitors (RPMs) are deployed around the world to intercept illicit material while in transit by passively detecting gamma and neutron radiation. Portal monitors in some locations have reported abnormally high gamma background count rates. The higher background data has been attributed, in part, to the concrete surrounding the portal monitors. Higher background can ultimately lead to more material passing through the RPMs undetected.
This work is focused on understanding the influence of the concrete surrounding the monitors on the total gamma ray background for the system. This research employed a combination of destructive and nondestructive analytical techniques with computer simulations to form a model that may be adapted to any RPM configuration. Six samples were taken from three different composition concrete slabs. The natural radiologcal background of these samples was determined using a high-purity germanium (HPGe) detector in conjunction with the Canberra In-Situ Object Counting System (ISOCS™) and Genie™ 2000 software packages. The composition of each sample was determined using thermal and fast neutron activation analysis (NAA) techniques.
The results from these experiments were incorporated into a Monte Carlo N-Particle (MNCP) photon transport simulation to determine the expected gamma ray count rate in the RPM due to the concrete.
The results indicate that a quantitative estimate may be possible if the experimental conditions are optimized to eliminate sources of uncertainty. Comparisons of actual and simulated count rate data for 137Cs check sources showed that the model was accurate to within 15%. A comparison of estimated and simulated count rates in one concrete slab showed that the model was accurate to within 4%. Subsequent sensitivity analysis showed that if the elemental concentrations are well known, the carbon and hydrogen content could be easily estimated. Another sensitivity analysis revealed that the small fluctuations in density have a minimal impact on the gamma count rate.
The research described by this thesis provides a method by which RPM end users may quantitatively estimate the expected gamma background from concrete foundations beneath the systems. This allows customers to adjust alarm thresholds to compensate for the elevated background due to the concrete, thereby increasing the probability of intercepting illicit radiological and nuclear material.
25
Yang, Chang Yo, and 楊長祐. "Distributed and Mobile Security Monitor System." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/45025742917668342585.
Full textAbstract:
碩士長庚大學
資訊工程學系
98
Taiwan’s elderly population is being increased year by year. Today the fall accidents have become one of important causes of death forelderly. More and more elder communities have installed high-securityvideo surveillance system to insure the safety for elders. Thesesurveillance systems, however, almost need employ guards or care-staffs to watch the monitors artificially. Some high-and systems apply the imageprocessing techniques to automatically identify if there are exceptional events appeared in the monitors. Such systems, however, will have performance bottlenecks on image processing. In addition, the convention video surveillance systems lack better emergence alarming mechanism in case an elder falling incident occurs. For this reason, we will adopt a hierarchical framework to implement a falling detection system with distributed image processing and data flow control. Through distributed image processing, it will effectively reduce the burden on Server. Also, the Server will perform data flow control forthe data stream collected by all cameras based on Round-Robin principles. The most important is, through the combination of mobile applicationsscreening on highrisk factors of the diseases, and personnel positioningmechanism , the system will support more complete services for elder safety. With the development of this system, we make the fall-accidentdetection from occurring to alarming in a very short delay time . And wewill take into account physiological conditions for seperate elderly to give more accurate , personal services. Our goal is to hope the elderly can do activities more confidently and safely in the community.
26
Wang, Shun-Hung, and 王舜弘. "Design of a monitor security system based on chaotic synchronization." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/01588888006257809631.
Full textAbstract:
碩士樹德科技大學
電腦與通訊系碩士班
100
Due to the events of social security, home security issue is very important. Locks are the first line of defense to prevent theft. Thus the design of high security locks is very important. In addition, the monitoring system can provide real-time monitor and record all abnormal conditions, to make the best processing and can effectively reduce the loss of life and property. Firstly, we study the design of high-security locks which utilize the noise-like characteristics and synchronization of chaotic systems. A switching mechanism to change the response speed of chaotic systems is proposed in this study. The user can change the key by different switching mechanism, so that the key is no longer fixed. The shortcomings of the mechanical lock and electronic lock are released. Secondly, we proposed the monitor security system which combines the chaos-based lock and real-time video monitoring system. This proposed monitor security system can keep records of the image files in the home space and effectively enhance the monitoring and surveillance function.
27
Chung, Tine-Shiang, and 鍾天祥. "Assessment of the Construction Project of Barrack Security Monitor System." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/87946697967276462031.
Full textAbstract:
碩士華梵大學
工業工程與經營資訊學系碩士班
99
Security monitoring system plays a significant role in barrack security. Considering limited filming area, poor quality images, short storage time can not satisfy the growing demand for high quality images, high definition images and large storage space, the upgrade of the capabilities mentioned above is necessary to fit the current needs of security monitoring equipment and improve the shortage of the manpower and barrack security. Based on hierarchy scoring method, this research creates monitoring system structure and evaluation criteria in order to find the most appropriate program. Besides, this research adopts SMART as evaluation decision to find out the weighted scoring method and group decision making through which concrete suggestions and evaluations could be made. Then the majority rule is applied to access the importance of each structure under the evaluation criteria and their performance and to further prioritize the selections. According to the research result, three structures are prioritized based on the hierarchical structure, which include function demand structure, cost structure, and system integration structure. In the end, three evaluation results, no needs to change, partially change and change completely, are acquired. This research explores how to find out the most appropriate program for buildup of the monitoring system in terms of function demand structure, cost structure and system integration structure. Based on the criteria brought up by the group decision making, statistics, and prioritization, a best selection could be found and provides reference for future studies regarding construction of barrack monitoring system.
28
黃廷宇. "A Network-based Security Analyzer for the Remote Medical Monitor Devices." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/zjf69j.
Full text
29
Chen, Bor-Chyan, and 陳柏謙. "The Design of a Security Monitor for Wireless Local Area Networks." Thesis, 2003. http://ndltd.ncl.edu.tw/handle/36238024023882220243.
Full textAbstract:
碩士國立交通大學
資訊工程系
91
Wireless Local Area Networks (wireless LANs) are local area networks (LANs) where data are transmitted by radio waves. One can easily collect all the transmissions within a wireless LAN without any physical contact with the LAN devices (hubs or switches). As a result, security mechanisms such as encryption and authentication are necessary for wireless LANs. However, the current security standard for wireless LANs is not secure enough, and customized security solutions may become obsolete in the future when the new security standard is available. Therefore, we do not invent any new security standard to replace the existing one. Instead, we develop a security program that can easily compatible with any security solution. In this thesis, we describe the design of a program called Wireless LAN Monitor. This program can act as a sniffer that listens data transmissions in a wireless LAN. In addition, this program can actively send faked messages to affect the wireless LAN. By applying these two basic functions, this program can provide two advanced functions, which are “Connection Breaking” and “SYN Flooding Defense”, without modifying existing network devices. We describe all the functions in this thesis and present the experimental results on the efficiency of the two advanced functions.
30
Patzina, Lars. "Generierung von effizienten Security-/Safety-Monitoren aus modellbasierten Beschreibungen." Phd thesis, 2014. http://tuprints.ulb.tu-darmstadt.de/4133/7/20141110_Thesis_Lars_Patzina_Final.pdf.
Full textAbstract:
Computer werden heute zunehmend durch kleine Recheneinheiten mit Sensoren zur Erfassung der Außenwelt ergänzt. Diese Recheneinheiten kommunizieren untereinander und mit externen Einheiten, um Informationen weiterzugeben und sich untereinander abzustimmen. Hierdurch findet auch eine Öffnung von sicherheitskritischen eingebetteten Systemen nach außen statt. Die Systeme können nun entweder direkt oder indirekt über zusätzliche Einheiten angegriffen werden.
Des Weiteren ist die auf eingebetteten Systemen eingesetzte Software durch beschränkte Ressourcen auf das Nötigste reduziert und bietet keine komplexen Sicherheitsmechanismen. Maßnahmen wie Testen von Software kann deren Fehlerfreiheit nicht sicherstellen. In realen Systemen ist zudem davon auszugehen, dass nicht bekannte Fehler existieren, die u.a. auch von Angreifern ausgenutzt werden können.
Die Laufzeitüberwachung solcher Systeme hat sich als geeignet erwiesen, um auch unbekannte Angriffe und Fehler zu erkennen. Zur Spezifikation solcher Laufzeitmonitore über Beschreibungen (Signaturen) von erlaubtem und verbotenem Verhalten haben sich viele verschiedene Spezifikationssprachen herausgebildet. Diese basieren auf verschiedensten Modellierungskonzepten. Zur Generierung von Monitoren aus diesen Spezifikationen in Software und Hardware müssen für die unterschiedlichen Sprachen verschiedenste Codegeneratoren erstellt werden. Des Weiteren besitzen einige der gewöhnlich verwendeten einfach zu verstehenden Spezifikationssprachen keine formalisierte Syntax und Semantik.
In dieser Arbeit wird zusammen mit [Pat14] der Model-based Security/Safety Monitor (MBSecMon)-Entwicklungsprozess vorgestellt. Dieser umfasst parallel zu dem eigentlichen Softwareentwicklungsprozess des zu überwachenden Systems die Spezifikation, die Generierung und die Einbindung von Laufzeitmonitoren.
Ziel dieser Arbeit ist die Definition einer formal definierten Zwischensprache zur Repräsentation stark verschränkter nebenläufiger Kommunikationen. Zu ihrer Entwicklung werden Anforderungen basierend auf existierenden Arbeiten aufgestellt. Auf Grundlage dieser Anforderungen wird die Zwischensprache Monitor-Petrinetze (MPN) entworfen und formal definiert. Diese Zwischensprache unterstützt die Repräsentation von Signaturen, die in verschiedensten Spezifikationssprachen modelliert sind, und die Generierung von effizienten Laufzeitmonitoren für unterschiedliche Zielplattformen. Die MPNs sind ein auf Petrinetzen basierender Formalismus, der um Konzepte der Laufzeitüberwachung erweitert wurde. Es wird gezeigt, dass die MPN-Sprache alle ermittelten Anforderungen an eine solche Zwischensprache, bis auf ein Hierarchisierungskonzept für Ereignisse, das in dieser Arbeit nicht behandelt wird, erfüllt.
Die MPN-Sprache wird in einem prototypischen Werkzeug zur Monitorgenerierung eingesetzt. Dieses unterstützt die MBSecMon-Spezifikationssprache [Pat14] als Eingabesprache und verwendet die MPN-Sprache als Zwischenrepräsentation zur Monitorgenerierung für verschiedenste Plattformen und Zielsprachen. Die generierten Monitore werden auf ihr Laufzeitverhalten und ihren Speicherverbrauch evaluiert. Es hat sich gezeigt, dass sich die MPN-Sprache trotz ihrer hohen Ausdrucksstärke zur einfachen Generierung effizienter Laufzeitmonitore für verschiedenste Plattformen und Zielsprachen eignet.
31
Hui, Yeh-yu, and 葉毓輝. "Auto Detection of Illegal IP Connect and Monitor Mechanism for Information Security." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/26944457490303173953.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
96
Information security is getting more important for corporations and government. Although most of the companies have set firewall and IDS system, but it can only protect and detect illegal user hacking in the network from the external network. The system can not detect employees from the company using fake IP to hack into the network. To solve the problem, I have combined the ARP WATCH with DHCP to build a system that can stop illegal IP connection automatically. In addition, the system is capable to supervise firewall system, web log, SQL Injection and XXS (Cross Site Scripting) which hackers usually use to break in the network. The software monitors the system, analysis data on spot which prevents MIS to make mistake and ensures higher security level for the network.
32
MOHOSINA, AMATUL. "DESERVE: A FRAMEWORK FOR DETECTING PROGRAM SECURITY VULNERABILITY EXPLOITATIONS." Thesis, 2011. http://hdl.handle.net/1974/6734.
Full textAbstract:
It is difficult to develop a program that is completely free from vulnerabilities. Despite the applications of many approaches to secure programs, vulnerability exploitations occur in real world in large numbers. Exploitations of vulnerabilities may corrupt memory spaces and program states, lead to denial of services and authorization bypassing, provide attackers the access to authorization information, and leak sensitive information. Monitoring at the program code level can be a way of vulnerability exploitation detection at runtime. In this work, we propose a monitor embedding framework DESERVE (a framework for DEtecting program SEcuRity Vulnerability Exploitations). DESERVE identifies exploitable statements from source code based on static backward slicing and embeds necessary code to detect attacks. During the deployment stage, the enhanced programs execute exploitable statements in a separate test environment. Unlike traditional monitors that extract and store program state information to compare with vulnerable free program states to detect exploitation, our approach does not need to save state information. Moreover, the slicing technique allows us to avoid the tracking of fine grained level of information about runtime program environments such as input flow and memory state. We implement DESERVE for detecting buffer overflow, SQL injection, and cross-site scripting attacks. We evaluate our approach for real world programs implemented in C and PHP languages. The results show that the approach can detect some of the well-known attacks. Moreover, the approach imposes negligible runtime overhead.Thesis (Master, Electrical & Computer Engineering) -- Queen's University, 2011-09-19 19:04:28.423
33
Maserumule, Ngwanadira Tebogo. "Parent's use of strategies to monitor children's activities online." Thesis, 2017. https://hdl.handle.net/10539/24336.
Full textAbstract:
Thesis (M.Com. (Information Systems))--University of the Witwatersrand, Faculty of Commerce, Law and Management, School of Economic and Business Sciences, 2017Although studies have been conducted on the effectiveness of different types of filtering software, limited knowledge is available on parents’ use of strategies to monitor their children’s activities online. Thus, identifying understanding parents’ use of strategies to monitor children’s activities online and the extent in which parents use content filtering software will contribute to the body of knowledge. The purpose of this study is to understand parent’s use of strategies to monitor children’s activities online and the extent in which they use content filtering software in Gauteng Province, South Africa. The study adopted a Social Cognitive Theory to develop a conceptual framework and identify existing theoretical concepts. The conceptual framework adapted Bandura’s (2001) framework to inform data analysis. Data were collected through semi-structured interviews and qualitative, thematic content analysis was used for data analyses. The results of the study indicated that parents do use various strategies to monitor children’s activities online and further apply knowledge, experience, and social support as a rationale for using those strategies. The study further revealed that there is a gap between parents, technology industry and government regarding the use of content filtering software. Thus, the study recommends parents, industry and government work together to protecting children online through various strategies and address the concerns regarding the use of content filtering software. Parents’ need to understand the importance of content filtering software and discuss this with their children to be able to protect them online without restricting access to relevant information. Keywords: Harmful content, blocking, strategies, filtering, online content, software, use, non-use, strategies
GR2018
34
Lopes, José Pedro Silva. "Ontology-driven metamodeling towards hypervisor design automation: runtime security and data integrity." Master's thesis, 2017. http://hdl.handle.net/1822/59264.
Full textAbstract:
Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresOne of the most popular cyber-attack vectors to compromise computer systems is related to memory corruption. Memory corruption is one of the most prevalent and devastating vulnerabilities. The widespread adoption of virtualization technology in embedded systems generally and naively accepts Virtual Machine Manager (VMM) or hypervisor software as the Trusted Computing Base (TCB). As a software component, vulnerabilities can still be present, allowing attackers to subvert it alike Operating Systems (OSs). Virtualization empowers mixed-criticality embedded systems by executing critical and non-critical tasks under the same hardware. Therefore, security and safety are critical in their design as attacks on real-time embedded systems software can put lives in danger and/or cause enormous financial losses. Disregarding code-injection attacks, memory corruption exploits consist of: control- and noncontrol- data attacks. In practice, code-injection attacks are prevented with a W E policy which defines memory regions either as writable or executable, as Memory Protection Unit (MMU) hardware is now commonly available. Throughout this work, the focus is mainly on non-controldata attacks. Nevertheless, control-data attacks are also tackled with Control-Flow Integrity (CFI) enforcement. This thesis uncovers a tailor-made security solution enforcing data integrity in the μRTZVisor VMM, according to a specification devised by the developer. The Zynq-7000 System on Chip (SoC) was leveraged to isolate a remote integrity monitor from the hypervisor, in a separate core. Through compile-time instrumentation, execution traces are collected, recording updates to critical static variables on μRTZVisor. The monitor audits these traces by searching for violations of data integrity rules, concurrently to hypervisor’s execution. Automating the deployment of the devised security mechanism is required to facilitate its adoption. Using ontologies for knowledge representation, information related to the security mechanism and the data aspect of the μRTZVisor software is modeled into a specifically designed meta-model. Ontologies uniformize knowledge representation and aid maintainability. By inserting the modeling efforts into the SeML modeling infrastructure, code generation capabilities are leveraged to generate implementation-specific files.
Um dos mais populares vetores de ataque a comprometer os sistemas computacionais é a exploração de vulnerabilidades de corrupção de memória. Estas vulnerabilidades, além de bastante comuns, podem ter efeitos devastadores. A difusão da tecnologia de virtualização em sistemas embebidos assume, ingenuamente, o software VMM como pertencendo à TCB. No entanto, podem ainda existir vulnerabilidades, permitindo aos atacantes subverter os mecanismos de segurança. A virtualização permite a criação de sistemas embebidos de criticidade mista, executando funções criticas e não criticas na mesma plataforma. Por esta razão, a segurança é essencial na conceção dos mesmos. Ataques a sistemas embebidos críticos podem ter efeitos devastadores como a perda de vidas humanas e/ou enormes perdas económicas. Não considerando ataques que injetam código novo no programa, existem duas maneiras de explorar vulnerabilidades de corrupção de memória: ataques a dados de controlo e aos restantes dados do programa. Na prática, ataques que inserem código novo são prevenidos com uma política de W E, em que segmentos da memória são classificados como executáveis ou passiveis de serem escritos. Essa política é aplicada pelo hardware MMU que se encontra atualmente presente numa vasta gama de sistemas. O foco deste trabalho inside principalmente em ataques não direcionados aos dados de controlo. No entanto, estes ataques também são considerados através da implementação de um mecanismo de CFI. Esta tese propõe uma solução de segurança, especialmente concebida para o μRTZVisor, que providencia integridade de dados de acordo com uma especificação concebida pelo desenvolvedor. Utilizando o SoC Zynq-7000, o monitor é isolado num core diferente do utilizado pelo software de virtualização. Através da inserção de instrumentação em tempo de compilação, é efetuado um registo das operações de escrita em variáveis criticas do μRTZVisor. O monitor remoto audita o registo à procura de violações na especificação de integridade de dados providenciada. A automação da aplicação do mecanismo de segurança proposto é necessária para facilitar a sua adoção. Utilizando ontologias como linguagem de representação de conhecimento, informação relacionada com os mecanismos de segurança e o plano de dados do software de virtualização são modelados num meta-modelo desenvolvido neste trabalho. A utilização de ontologias uniformiza a representação de conhecimento e a manutenção do mesmo. Através da inserção dos esforços de modelação na infraestrutura de modelação SeML, são ainda utilizados mecanismos de geração de código para gerar ficheiros de implementação.
35
-Hung, Wu-Hung, and 洪文宏. "Evaluating the efficiency of the security policy in Taichung City Police Bureau in terms of monitor system." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/08621927041270319751.
Full text
36
Patzina, Sven. "Entwicklung einer Spezifikationssprache zur modellbasierten Generierung von Security-/Safety-Monitoren zur Absicherung von (Eingebetteten) Systemen." Phd thesis, 2014. http://tuprints.ulb.tu-darmstadt.de/4132/1/20141119_Thesis_SvenPatzina_Final.pdf.
Full textAbstract:
Getrieben durch technische Innovationen gewinnt die Kommunikation zwischen eingebetteten Systemen immer mehr an Bedeutung. So kommunizieren heutzutage nicht nur PCs über lokale Netzwerke oder das Internet, sondern auch mobile Geräte wie Smartphones und Tablets erobern den Markt. Diese bieten aufgrund ihrer geringeren Rechenleistung neue Angriffsflächen, da Sicherungsmaßnahmen der PC-Domäne nicht ohne Anpassung anwendbar sind. Durch die Vernetzung dieser mobilen Geräte mit Fahrzeugen und die Anbindung der Fahrzeuge an externe Dienstleistungen sind selbst eingebettete Systeme im Fahrzeug, die sicherheitskritische Aufgaben erfüllen, nicht mehr vollständig von der Außenwelt abgeschirmt. Bei ihrer Entwicklung wurde jedoch wenig Aufmerksamkeit auf Sicherheitsmechanismen, wie Verschlüsselung und sicheres Komponentendesign, zur Abwehr von Angriffen aus der Außenwelt gelegt. Solche Fahrzeuge sind hierdurch von außen für aktive und passive Angriffe anfällig. Selbst wenn bei einer Neuentwicklung eines eingebetteten Systems großer Wert auf die Absicherung gelegt wird, ist es meist nicht möglich, alle Sicherheitslücken zu eliminieren und jeden möglichen Angriff vorherzusehen. Betrachtet man komplexe heterogene Systeme oder Komponenten und will diese nachträglich absichern, ist dies meistens ökonomisch oder technisch nicht zu realisieren. Resultierend daraus kann bei keinem System davon ausgegangen werden, dass es sicher ist -- sei es durch unbekannte Schwachstellen oder der Verwendung von Legacy-Komponenten. Um Systeme dennoch gegen Angriffe, die vorher unbekannte Fehler und Sicherheitslücken ausnutzen, absichern zu können, hat sich die Überwachung eines Systems während der Laufzeit als geeignet herausgestellt.
Eine solche Absicherung wird durch den in dieser Dissertationsschrift und in [Pat14] vorgestellten verständlichen Model Based Security/Safety Monitor-Entwicklungsprozess (MBSecMon-Entwicklungsprozess) erreicht, der sich in bestehende modellbasierte Systementwicklungsprozesse nahtlos eingliedert. Dieser MBSecMon-Entwicklungsprozess generiert aus einer in der Anforderungsphase entstandenen Spezifikation automatisch effiziente Sicherheitsmonitore für hoch nebenläufige Kommunikationen.
Diese Arbeit betrachtet zwei Schritte dieses Entwicklungsprozesses. Der erste Teil der Arbeit stellt eine neue auf dem szenariobasierten Design aufbauende graphische, modellbasierte Signaturbeschreibungssprache vor - die MBSecMon-Spezifikationssprache. Diese Sprache vereinigt die Vorteile bestehender Formalismen, indem sie (1) alle wichtigen Konzepte zur Modellierung von verhaltensbeschreibenden Signaturen für hoch nebenläufige Kommunikationsabläufe unterstützt und diese kompakt repräsentieren kann. Sie bezieht (2) bestehende Entwicklungsartefakte des Systementwicklungsprozesses in die Modellierung ein, (3) befindet sich auf einer höheren Abstraktionsebene als üblicherweise zur Spezifikation eingesetzte Sprachen und unterscheidet explizit zwischen Normalverhalten und bekannten Angriffsmustern und -klassen. Durch diese Unterscheidung und durch Nähe der Sprache zur UML wird (4) eine hohe Verständlichkeit der Spezifikation sowohl für den Softwaretechniker als auch für Nicht-Experten erreicht.
Den zweiten Teil dieser Arbeit bildet die Abbildung der sehr kompakten in der MBSecMon-Spezifikationssprache verfassten Spezifikationen in die formale Zwischensprache Monitor-Petrinetze [Pat14]. Hierdurch wird zum einen die Semantik der MBSecMon-Spezifikationssprache formalisiert und zum anderen der im MBSecMon-Entwicklungsprozess eingesetzte automatische Übergang in eine für die Generierung effizienter Monitore besser geeignete Repräsentation realisiert.