Cybersecurity Incident Response in eHealth

The thesis highlights the concept of Cybersecurity Incident Response, which involves preparing for and responding to cybersecurity breaches or attacks. It emphasizes the importance of timely and effective response to security incidents, with the goals of minimizing damage and preventing future incidents. The main objective of the thesis, which is to design a system specifically for responding to cyber attacks in a specific eHealth use case. The system will have the capability to identify potential cyber attacks in the critical assets, evaluate the impact of such attacks, and create mitigation strategies (automated response) focused on maintaining business continuity. Overall, the thesis aims to enhance the incident response capabilities of organizations operating in the eHealth sector, providing them with a systematic approach to handle cyber threats and ensure the smooth functioning of their infrastructures

Zero Trust Implementation in the Emerging Technologies Era: Survey

This paper presents a comprehensive analysis of the shift from the traditional perimeter model of security to the Zero Trust (ZT) framework, emphasizing the key points in the transition and the practical application of ZT. It outlines the differences between ZT policies and legacy security policies, along with the significant events that have impacted the evolution of ZT. Additionally, the paper explores the potential impacts of emerging technologies, such as Artificial Intelligence (AI) and quantum computing, on the policy and implementation of ZT. The study thoroughly examines how AI can enhance ZT by utilizing Machine Learning (ML) algorithms to analyze patterns, detect anomalies, and predict threats, thereby improving real-time decision-making processes. Furthermore, the paper demonstrates how a chaos theory-based approach, in conjunction with other technologies like eXtended Detection and Response (XDR), can effectively mitigate cyberattacks. As quantum computing presents new challenges to ZT and cybersecurity as a whole, the paper delves into the intricacies of ZT migration, automation, and orchestration, addressing the complexities associated with these aspects. Finally, the paper provides a best practice approach for the seamless implementation of ZT in organizations, laying out the proposed guidelines to facilitate organizations in their transition towards a more secure ZT model. The study aims to support organizations in successfully implementing ZT and enhancing their cybersecurity measures.Comment: 15 pages, 3 figure

Adaptive filtering algorithms and data-selective strategies for graph signal estimation

Considering the potential of graph signal processing (GSP), a recent research field that extends classical signal processing to signals defined over graph structures, this dissertation explores and proposes new algorithms to a GSP problem that has been lately recast within the adaptive filtering framework. After presenting an overview of both adaptive filtering and GSP, this work highlights the merging of these areas when algorithms based on the least-mean-square (LMS) and recursive least-squares (RLS) methods are used for the online estimation of bandlimited graph signals (GS) using a reduced number of noisy measurements. Extending this idea, this dissertation proposes a normalized least-mean-square (NLMS) algorithm for the same GSP context. As in the classical adaptive filtering framework, the resulting NLMS GS estimation technique is faster than the LMS algorithm while being less complex than the RLS algorithm. Detailed steady-state mean-squared error and deviation analyses are provided for the proposed NLMS algorithm, and are also employed to complement previous results on the LMS and RLS algorithms. Additionally, two different data-selective (DS) strategies are pro- posed to reduce the overall computational complexity by only performing updates when the input signal brings enough innovation. Proper definitions of constraint pa- rameters are given based on the analysis of these DS strategies, and closed formulas are derived for an estimate of the update probability when using different adaptive algorithms. At last, this work presents many numerical simulations corroborating, with high accuracy, the theoretical results predicted.Dado o potencial do processamento de sinais em grafos (GSP em inglês), um campo de pesquisa recente que estende o processamento de sinais clássico a sinais definidos sobre grafos, esta dissertação explora e propõe novos algoritmos para um problema de GSP que foi recentemente reformulado considerando estratégias de filtragem adaptativa. Após apresentar uma visão geral individualizada de filtragem adaptativa e GSP, este trabalho ressalta a fusão destas áreas quando algoritmos baseados nos métodos least-mean-square (LMS) e recursive least-squares (RLS) são empregados para estimação em tempo real de sinais em grafos limitados em banda com utilização de um número reduzido de medições ruidosas. Com a extensão desta ideia, esta dissertação propõe o algoritmo normalized least- mean-square (NLMS) para o mesmo contexto de GSP. Conforme a filtragem adaptativa clássica, a técnica NLMS obtida para estimação de sinais em grafos converge mais rapidamente que o algoritmo LMS enquanto é menos complexa que o algoritmo RLS. Análises detalhadas do erro e desvio médio quadráticos em estado estacionário são fornecidas para o algoritmo NLMS proposto, sendo estas também empregadas para complementar análises prévias dos algoritmos LMS e RLS para GSP. Adi- cionalmente, duas estratégias diferentes de seletividade de dados (DS em inglês) são propostas neste trabalho para reduzir a complexidade computacional geral ao somente calcular atualizações do algoritmo quando o sinal de entrada contém inovação suficiente. Escolhas adequadas de parâmetros de restrição são sugeridas com base na análise destas estratégias de DS, e fórmulas fechadas são derivadas para o cálculo estimado da probabilidade de atualização quando utilizados diferentes algoritmos adaptativos. Por fim, este trabalho apresenta diversas simulações numéricas que corroboram, com elevada acurácia, os resultados teóricos previstos

ПРАКТИЧНІ ПІДХОДИ ДО КІБЕРЗАХИСТУ МОБІЛЬНИХ ПРИСТРОЇВ ЗА ДОПОМОГОЮ РІШЕННЯ ENDPOINT DETECTION AND RESPONSE

In this article, practical approaches to cyber protection of mobile devices using the Endpoint Detection and Response solution are considered and the results of the work carried out are given. In order to reliably protect mobile devices, the authors of the article conducted testing of CrowdStrike Falcon software; Sophos Intercept X; Palo Alto Cortex XDR included in the Endpoint Detection and Response solution. The research was conducted on personal mobile devices of employees of our institution, which work on the basis of Android and iOS operating systems. Comprehensive collection of monitoring data allows Endpoint Detection and Response to create a complete picture of potential cyber attacks. Continuous monitoring of all mobile devices – online and offline – facilitates cybersecurity analysis and response to cyber attacks/cyber incidents. This enables deep cybersecurity analysis and provides security administrators with insight into anomalies and vulnerabilities that occur in networks to anticipate future cyber threats. The detection of each threat goes beyond the scope of installed antivirus software, so Endpoint Detection and Response's ability to provide real-time response to a wide range of cyber threats allows security administrators to visualize potential cyber attacks/cyber incidents even as they impact hosts and mobile devices, and all it's in real time. The Endpoint Detection and Response solution can be considered a set of traditional antivirus software tools. Antivirus software alone is limited in scope compared to newer Endpoint Detection and Response solutions. Thus, antivirus software is part of Endpoint Detection and Response. As attackers improve their attacks and use advanced technologies to gain access to networks and user data, simple antivirus software cannot detect zero-day or multi-layer threats in a timely manner, but Endpoint Detection and Response systems can detect all types of cyber threats.У даній статті рoзглянуто практичні підходи щодо кiберзахисту мобільних пристроїв за допомогою рішення Endpoint Detection and Response та наведено отримані результати за проведеною рoботою. З метою надійного захисту мобільних пристроїв авторами статті було проведено тестування програмних засобів CrowdStrike Falcon; Sophos Intercept X; Palo Alto Cortex XDR, що входять до рішення Endpoint Detection and Response. Дослідження проводилось на осoбистих мобільних пристроях співробітників нашої установи, які працюють на основі операційних систем Android та iOS. Комплексний збір даних моніторингу дозволяє Endpoint Detection and Response складати повне уявлення про потенційні кібератаки. Постійний моніторинг усіх мобільних пристроїв – онлайн та офлайн – полегшує аналіз кiбербезпеки та реагування на кiбератаки/кiберінциденти. Це дозволяє проводити глибoкий аналіз кiбербезпеки та надає рoзуміння, адміністраторам безпеки щодо аномалій та вразливостей, які виникають в мережах для усвідомлення майбутніх кiберзагроз. Виявлення кожної загрози виходить за рамки встановленого антивірусного програмного забезпечення, а oтже здатність Endpoint Detection and Response забезпечувати реакцію в режимі реального часу на широкий спектр кiберзагроз дoзволяє адміністраторам безпеки вiзуалізувати потенційні кiбератаки/кiберінциденти, навіть коли вoни здійснюють вплив на хости та мобільні пристрої, і все це в режимі реального часу. Рішення Endpoint Detection and Response можна вважати набoром традиційних антивірусних програмних засобів. Антивірусні програмні засoби самостійно обмежені в області застосування в порівнянні з більш нoвими рішеннями Endpoint Detection and Response. Таким чином, антивірусні програмні засоби є частиною Endpoint Detection and Response. Оскільки зловмисники вдосконалюють свої атаки та викoристовують передові технології для отримання доступу дo мереж та даних користувачів, простий антивірусний прoграмний засіб, не в змозі своєчаснo виявити загрози “нульового дня” абo багатошарового рівня, а от системи Endpoint Detection and Response мoжуть виявляти всі типи кiберзагроз

A blow-up construction and graph coloring

Given a graph G (or more generally a matroid embedded in a projective space), we construct a sequence of varieties whose geometry encodes combinatorial information about G. For example, the chromatic polynomial of G (giving at each m>0 the number of colorings of G with m colors, such that no adjacent vertices are assigned the same color) can be computed as an intersection product between certain classes on these varieties, and other information such as Crapo's invariant find a very natural geometric counterpart. The note presents this construction, and gives `geometric' proofs of a number of standard combinatorial results on the chromatic polynomial.Comment: 22 pages, amstex 2.

Consulting in computer systems and software

This report aims to describe the work I have done during my project in company. It is part of my second year in the Master of Computer Engineering – Mobile Computing of the School of Technology and Management of the Polytechnic Institute of Leiria. During this experience, I was assigned two missions. The first one is about the study of a S/MIME solution for email security and the second one is about the improvement of Microsoft Office 365 security score. For both missions I had material at my disposal and some instructions were given to me. I began by analysing the situation, and then established a state of the art in terms of technologies used. Then, thanks to my knowledge, I simulated virtual computer networks, tested encryption solutions, determined what were the best security practices, automated my work by scripting, reported the difficulties, and provided a detailed documentation about my work. The solutions produced respond to the problems, and they are functional. For the first mission, client machines can send S/MIME emails in a virtual network. For the second mission, the scripts and the tool provided allow to improve Microsoft Office 365 security score

Process, Technology and Human Aspects of a Security Operations Center

This report presents the high level aspects of any security operations center and tries to define a baseline for SOC processes, technologies to be used and roles to be assigned for an effective and efficient service. This work takes international standards and guideline as reference as they are highly mature documents with wide adoption rate. This report can be used as benchmark tool for initial stages of gap assessments or even present a roadmap for those who need it.M.S. - Master Of Science Without Thesi

A retrospective analytical study of treatment outcomes among multi drug resistant tuberculosis patients

Background: India is amongst one of the high multidrug resistant tuberculosis (MDR-TB) burden countries globally with a huge contribution given by the state of Uttar Pradesh. Programmatic Management of Drug Resistant Tuberculosis, initiated in 2007 has taken over the disorganized and unsupervised treatment practice in India. However, regular scrutiny is required which points out both its success and failure. Aim & Objective: This study was conducted to evaluate final treatment outcomes among MDR-TB patients on standard Category IV regimen Settings and Design: Retrospective analysis was done using secondary data from medical records of all patients. Methods and Material: Data of all MDR-TB patients registered under RNTCP at King George’s Medical University, Lucknow from 2013 to 2016 was collected. Demographic details along with pre-defined treatment outcomes were recorded (cured, treatment completed, death, treatment failure, treatment default and transfer to higher centre). Statistical analysis used: Descriptive statistics using numbers and percentage. Results: The records of 3580 MDR tuberculosis patients registered at drug resistant tuberculosis centre in King George’s Medical University from January 2013 to December 2016 were included which consisted of 67%males and 33%female. Mean age of presentation was 31.17 years (95% CI 30.75-31.59). Mean weight of patients was 40.16 kg (95% CI 39.89-40.43). Year wise distribution of registered cases from 2013 to 2016 was 611, 799, 984 and 1186 patients respectively. Amongst 3580 patients, 30.39% were declared cured, 25.50% completed treatment, 21.39% died, 0.84% showed treatment failure, 12.54% were defaulters, 2.35% were transferred out to higher centre, 6.5% were shifted to regimen for Extensive drug resistant (EDR) TB, 0.16% patients needed to stop treatment due to ADR and 0.33% patient were still on treatment. Conclusion: The treatment success rate of MDR?TB patients is still low. Measures to improve treatment adherence as in National tuberculosis elimination programme (NTEP) attempts to further improve the success rate

A control strategy for stand-alone wound rotor induction machine

A control strategy to regulate the frequency and voltage of a stand-alone wound rotor induction machine is presented. This strategy allows the machine to work as a generator in stand-alone systems (without grid connection) with variable rotor speed. A stator flux-oriented control is proposed using the rotor voltages as actuation variables. Two cascade control loops are used to regulate the stator flux and the rotor currents. A closed loop observer is designed to estimate the machine flux which is necessary to implement these control loops. The proposed control strategy is validated through simulations with satisfactory results.Fil: Forchetti, Daniel Gustavo. Universidad Nacional de Río Cuarto. Facultad de Ingeniería. Grupo de Electrónica Aplicada; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; ArgentinaFil: Solsona, Jorge Alberto. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Instituto de Investigaciones en Ingeniería Eléctrica "Alfredo Desages". Universidad Nacional del Sur. Departamento de Ingeniería Eléctrica y de Computadoras. Instituto de Investigaciones en Ingeniería Eléctrica "Alfredo Desages"; ArgentinaFil: Garcia, Guillermo. Universidad Nacional de Río Cuarto. Facultad de Ingeniería. Grupo de Electrónica Aplicada; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; ArgentinaFil: Valla, Maria Ines. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - La Plata; Argentina. Universidad Nacional de La Plata. Facultad de Ingeniería. Departamento de Electrotecnia. Laboratorio de Electrónica Industrial, Control e Instrumentación; Argentin