INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK THE HUMAN IMMUNE SYSTEM AND NETWORK SECURITY SYSTEM

Abstract Most of the current security systems do not provide adequate level of protection against ever-increasing threats. The main reason for their failure is the use of point solutions to protect hosts and reactive approach against intrusions. We studied human immune system, which survives under dynamic changing conditions and provides protection against biological viruses and bacteria. By taking immune system as an analogy, we propose an end-to-end network security system using mobile agents. Our solution not only overcomes limitations of traditional security solutions, but also enhances overall security by providing protection at each stage of the attack timeline. It functions in proactive and also reactive manner and has ability to learn and improve its strategies, equivalent to what human immune system does against viruses and bacteria

Security Support in Continuous Deployment Pipeline

Continuous Deployment (CD) has emerged as a new practice in the software industry to continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the changes from the repository to production. Since most of the CDP components run in an environment that has several interfaces to the Internet, these components are vulnerable to various kinds of malicious attacks. This paper reports our work aimed at designing secure CDP by utilizing security tactics. We have demonstrated the effectiveness of five security tactics in designing a secure pipeline by conducting an experiment on two CDPs - one incorporates security tactics while the other does not. Both CDPs have been analyzed qualitatively and quantitatively. We used assurance cases with goal-structured notations for qualitative analysis. For quantitative analysis, we used penetration tools. Our findings indicate that the applied tactics improve the security of the major components (i.e., repository, continuous integration server, main server) of a CDP by controlling access to the components and establishing secure connections

A Lightweight Intrusion Detection System for the Cluster Environment

As clusters of Linux workstations have gained in popularity, security in this environment has become increasingly important. While prevention methods such as access control can enhance the security level of a cluster system, intrusions are still possible and therefore intrusion detection and recovery methods are necessary. In this thesis, a system architecture for an intrusion detection system in a cluster environment is presented. A prototype system called pShield based on this architecture for a Linux cluster environment is described and its capability to detect unique attacks on MPI programs is demonstrated. The pShield system was implemented as a loadable kernel module that uses a neural network classifier to model normal behavior of processes. A new method for generating artificial anomalous data is described that uses a limited amount of attack data in training the neural network. Experimental results demonstrate that using this method rather than randomly generated anomalies reduces the false positive rate without compromising the ability to detect novel attacks. A neural network with a simple activation function is used in order to facilitate fast classification of new instances after training and to ease implementation in kernel space. Our goal is to classify the entire trace of a program¡¯s execution based on neural network classification of short sequences in the trace. Therefore, the effect of anomalous sequences in a trace must be accumulated. Several trace classification methods were compared. The results demonstrate that methods that use information about locality of anomalies are more effective than those that only look at the number of anomalies. The impact of pShield on system performance was evaluated on an 8-node cluster. Although pShield adds some overhead for each API for MPI communication, the experimental results show that a real world parallel computing benchmark was slowed only slightly by the intrusion detection system. The results demonstrate the effectiveness of pShield as a light-weight intrusion detection system in a cluster environment. This work is part of the Intelligent Intrusion Detection project of the Center for Computer Security Research at Mississippi State University

Методика сигнатурного антивірусного захисту з застосуванням сканерів

Об’єктом дослідження є методика сигнатурного антивірусного захисту з застосуванням сканерів. Предметом дослідження виступає процес дослідження методики сигнатурного антивірусного захисту з застосуванням сканерів. Результати роботи представлені у вигляді рисунків, що характеризують кроки сканування сигнатури, використання текстових шаблонів для перевірки файлу, часовий проміжок між створенням вірусу та скануванням його підпису тощо. Отримані результати мають практичне застосування при виборі різних типів антивірусного захисту, а також розуміння їх переваг та недоліків, використанні сигнатурного підходу до виявлення вірусів, створенні прототипів антивірусних програм та підключенні різних шаблонів для знаходження шкідливого програмного забезпечення.he object of research is the method of signature anti-virus protection using scanners. The subject of the study is the process of studying the methodology of signature anti-virus protection using scanners. The results are presented in the form of figures that characterize the steps of scanning the signature, the use of text templates to scan the file, the time gap between the creation of the virus and scanning its signature, and so on. The obtained results have practical application in choosing different types of antivirus protection, as well as understanding their advantages and disadvantages, using a signature approach to virus detection, prototyping antivirus programs and connecting various templates to find malware

The development and analysis of intrusion detection algorithms

Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998.Includes bibliographical references (p. 73-75).by Seth E. Webster.M.Eng