Computer Security: Just How Secure Is Your Computer?

Security has become a matter of utmost importance since the aftermath of September 11th, especially in the area of computer systems. There are many options that a health educator can do as an individual to help secure the computer system at their worksite and in their home. This article is a brief overview of some of the precautions that should be taken on a daily basis to protect your computer systems, files, data, and other pertinent information

CK-RAID: Collaborative Knowledge Repository for Intrusion Detection System

Intrusion Detection Systems (IDSs) are an integral part of an organization\u27s infrastructure. Without an IDS facility in place to monitor network and host activities, attempted and successful intrusion attempts may go unnoticed. This study proposed a Collaborative Knowledge Repository Architecture for Intrusion Detection (CK-RAID). It is based on a distributed network of computer nodes, each with their individual IDS with a centralized knowledge repository system, and firewall acting as a defence. When an unfamiliar attack hits any node, the first step the intrusion monitor takes is to request from Knowledge Repository Server the most effective intrusion response. To improve performance, Intrusion Update module collaborates with IDSs sensor and log by updating their expert rule and intrusion information respectively and removing the old intrusion signature from the knowledge base with the aid of Intrusion Detector Pruning. To ensure security of information exchange, RSA encryption and Digital Signature were used to encode information during transit. The result showed that CK-RAID had a detection rate of 97.2%, compared with Medoid Clustering, Y-means, FCM and K-means that have an accuracy of 96.38%, 87.15%, 82.13% and 77.25% respectively. Therefore, CK-RAID can be deployed for efficient detection of all categories of intrusion detection and response

Developing Best Practices for Securing VoIP Communication for a non-profit Organization

Voice over Internet Protocol (VoIP) is the most widely used service around the world. The proficiency of it utilizing the web has increased awesome ubiquity in the current years. With this notoriety, there is expanding worry about the wellbeing of the system. The robbery or loss of the information being exchanged is great concern. For example, a basic problem for researchers who are developing safeguards for VoIP systems is the level of threats and other issues experienced by the non-profit organizations while implementing VoIP communication. This problem originated when non-profits received pressure from their donors not to implement VoIP communication because it will record important and valuable information of their bank account, including their bank balance, and consequently, exposing them to the public. Other dangers include safeguarding secrecy, respectability, and accessibility of the system, known as CIA. dangers. To battle these dangers, some security conventions and calculations have been produced. For example, the H.235 has been investigated, their calculations updated, and it is currently regarded as the most recent and effective system for security of the VoIP system. Another method for battling issues and concerns, and one that is the most proficient due to bigger budgets than non-profits, is VoIP being utilized in new structures and the IT work force. Fortunately, the expanding interest of VoIP has guaranteed and emphasized the requirement for more research to build up the effective security structures and countermeasures of CIA threats. This investigation examines the methods by which such security issues concerning VoIP can be set out to give an appropriate, secure and effective method for correspondence and data trade. In this postulation, the analyst will profoundly examine the relief of VoIP security issues

Advances in modern botnet understanding and the accurate enumeration of infected hosts

Botnets remain a potent threat due to evolving modern architectures, inadequate remediation methods, and inaccurate measurement techniques. In response, this re- search exposes the architectures and operations of two advanced botnets, techniques to enumerate infected hosts, and pursues the scientific refinement of infected-host enu- meration data by recognizing network structures which distort measurement. This effort is motivated by the desire to reveal botnet behavior and trends for future mit- igation, methods to discover infected hosts for remediation in real time and threat assessment, and the need to reveal the inaccuracy in population size estimation when only counting IP addresses. Following an explanation of theoretical enumeration techniques, the architectures, deployment methodologies, and malicious output for the Storm and Waledac botnets are presented. Several tools developed to enumerate these botnets are then assessed in terms of performance and yield. Finally, this study documents methods that were developed to discover the boundaries and impact of NAT and DHCP blocks in network populations along with a footprint measurement based on relative entropy which better describes how uniformly infections communi- cate through their IP addresses. Population data from the Waledac botnet was used to evaluate these techniqu

Integrated security sub-system for IPBrick

Estágio realizado na iPortalMais e orientado pelo Eng.º Hélder RochaTese de mestrado integrado. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200

FPgrep and FPsed: Packet Payload Processors for Managing the Flow of Digital Content on Local Area Networks and the Internet

As computer networks increase in speed, it becomes difficult to monitor and manage the transmitted digital content. To alleviate these problems, hardware-based search (FPgrep) and search-and-replace (FPsed) modules have been developed. FP-grep has the ability to scan packet payloads for a given set of regular expressions and pass or drop packets based on the payload contents. FPsed also scans packet payloads for a set of regular expressions and adds the ability to modify the payload if desired. The hardware circuits that implement the FPgrep and FPsed modules can be generated, compiled, and synthesized using a simple web interface. Once a module is created it is programmed into logic on a Field Programmable Gate Array (FPGA). The FPgrep and FPsed modules use FPGAs to process packets at the full rate of Gigabit-speed networks. Both modules, along with several supporting applications were developed and tested using the Field Programmable Port Extender (FPX) platform. Applications developed for the modules currently include a spam filter, virus protection, an information security filter, as well as a copyright enforcement function

AI-based algorithm for intrusion detection on a real Dataset

[Abstract]: In this Project, Novel Machine Learning proposals are given to produce a Network Intrusion Detection System (NIDS). For this, a state of the art Dataset for Cyclo Stationary NIDS has been used, together with a previously proposed standard methodology to compare the results of different models over the same Dataset. An extensive research has been done for this Project about the different Datasets available for NIDS, as has been done to expose the evolution and functioning of IDSs. Finally, experiments have been made with Outlier Detectors, Ensemble Methods, Deep Learning and Conventional Classifiers to compare with previously published results over the same Dataset and with the same methodology. The findings reveal that the Ensemble Methods have been capable to improve the results from prior research being the best approach the Extreme Gradient Boosting method.[Resumen]: En este Proyecto, se presentan novedosas propuestas de Aprendizaje Automático para producir un Sistema de Detección de Intrusos en Red (NIDS). Para ello, se ha utilizado un Dataset de última generación para NIDS Cicloestacionarios, junto con una metodología estándar previamente propuesta para comparar los resultados de diferentes modelos sobre el mismo Dataset. Para este Proyecto se ha realizado una extensa investigación sobre los diferentes conjuntos de datos disponibles para NIDS, así como se ha expuesto la evolución y funcionamiento de los IDSs. Por último, se han realizado experimentos con Detectores de Anomalias, Métodos de Conjunto, Aprendizaje Profundo y Clasificadores Convencionales para comparar con resultados previamente publicados sobre el mismo Dataset y con la misma metodología. Los resultados revelan que los Métodos de Conjunto han sido capaces de mejorar los resultados de investigaciones previas siendo el mejor enfoque el método de Extreme Gradient Boosting.Traballo fin de grao (UDC.FIC). Enxeñaría Informática. Curso 2022/202

How to accelerate your internet : a practical guide to bandwidth management and optimisation using open source software

xiii, 298 p. : ill. ; 24 cm.Libro ElectrónicoAccess to sufficient Internet bandwidth enables worldwide electronic collaboration, access to informational resources, rapid and effective communication, and grants membership to a global community. Therefore, bandwidth is probably the single most critical resource at the disposal of a modern organisation. The goal of this book is to provide practical information on how to gain the largest possible benefit from your connection to the Internet. By applying the monitoring and optimisation techniques discussed here, the effectiveness of your network can be significantly improved