A Comparative Study on Performance Evaluation of Intrusion Detection System through Feature Reduction for High Speed Networks

Abstract- The rapid growth in the usage of the internet had led to many serious security issues in the network The intrusion detection system IDS is one of the sophisticated defensive systems used to detect the malicious activities happening in the network services across the world Hence more advanced IDS are been developed in past few years To improve the performance of the IDS the system has to be trained effectively to increase the efficiency and decrease the false alarm rate To train the system the attributes selection plays the major role This paper evaluates and compares the performance of the intrusion detection systems for different feature reduction techniques in high speed network

Computer-aided financial fraud detection: Promise and applicability in monitoring financial transaction fraud

Anti-money Laundering (AML) and Financial Fraud Detection (FFD) have been receiving increasing attention in the past few years, especially in light of the global financial crisis. Closer systems integration and a number of latest steep technological developments in areas like Big Data; High Frequency Trading; e-payments; and mobile payment systems, to name a few, are now promising enhanced risk management through superior decision support for the global financial industry. At the same time, however, resident regulatory frameworks, national and international, appear to lack the connectivity and flexibility required to support integrated AML and FFD approaches. This is strongly testified by the disparate technological approaches to FFD across different Financial Institutions and their reluctance to share practice within the industry. Focusing on Financial Transaction Fraud, this paper draws on the authors’ past research work which presented a prototype system that uses a workflow approach to identify abnormal financial transactions and applies Artificial Intelligence for classification. That work has shown successful applicability at short scale experiments, limited by the wide concern that information sharing should be achieved within the broader sector in order to achieve improved results. Drawing from there, this paper proposes that extending that approach across transaction infrastructure will deliver higher quality intelligent monitoring against Financial Transaction Fraud. Following from that, we argue that the necessary technological maturity does exist to support full-scale operable FFD systems working on large disparate datasets. We then discuss the evidence in favour of the view that such systems can only be realised in the presence of wider regulatory consensus. There is, therefore, the need for a framework within which the technical infrastructure, business architecture and regulatory rules will harness that technological capability to deliver superior fraud prevention. The paper first reviews computer-aided techniques and approaches for FFD available to the financial sector and discusses the business value of their application. It then addresses the main impediments for their full-scale applicability and uses an analytical framework for assessing their significance, in technological, business-specific and regulatory terms. A brief account of the authors’ workflow-based approach is then provided and its capabilities are outlined

The Importance and Implications of Forensic Accounting in the Financial World

This thesis thoroughly explores fraud and the forensic accounting profession. It details the education, training, and careers of forensic accountants; and why demand for this profession has suddenly spiked. The necessary skills of forensic accountants and why these skills are valuable is explored; a need for better education and training is also proposed. It also details popular forensic accounting methods and how these may be used to detect fraud. This thesis explains several fraud schemes and famous frauds that were contributors to the growing demand of forensic accountants. The fraud triangle and other contributing factors are explored. This thesis also emphasizes the importance of strong internal controls and explains the COSO internal control framework; several important internal controls are listed and explained. Cybersecurity is also explained; including why it has become an absolute necessity and how businesses can better enforce cybersecurity measures. This thesis also explains the changes that were made following the Enron and WorldCom scandals and details the Sarbanes-Oxley Act of 2002. Explanations for the relevant changes and why they were necessary are included. The purpose of this thesis is to demonstrate the importance of forensic accounting and to thoroughly explain the facets of fraud and forensic accounting

Development an Anomaly Network Intrusion Detection System Using Neural Network

Most intrusion detection systems are signature based that work similar to anti-virus but they are unable to detect the zero-day attacks. The importance of the anomaly based IDS has raised because of its ability to deal with the unknown attacks. However smart attacks are appeared to compromise the detection ability of the anomaly based IDS. By considering these weak points the proposed system is developed to overcome them. The proposed system is a development to the well-known payload anomaly detector (PAYL). By combining two stages with the PAYL detector, it gives good detection ability and acceptable ratio of false positive. The proposed system improve the models recognition ability in the PAYL detector, for a filtered unencrypted HTTP subset traffic of DARPA 1999 data set, from 55.234% in the PAYL system alone to 99.94% in the proposed system; due to the existence of the neural network self-organizing map (SOM). In addition SOM decreases the ratio of false positive from 44.676% in the PAYL system alone to 5.176% in the proposed system. The proposed system provides 80% detection ability of smart worms that are meant to invade the PAYL detector in the PAYL system alone, due to the existence of the randomization stage in the proposed system

Security Patterns for Intrusion Detection Systems

ABSTRACT In our world of ever-increasing Internet connectivity, there is an on-going threat of intrusion or denial of service attacks. These intrusions may bring all kinds of misuses. Intrusion Detection Systems (IDS) play a very important role in the security of today's networks by detecting when an attack is happening. IDS have evolved into an integral part of network security which monitors the network traffic for attacks based either on existing attack patterns or signatures (Signature-based IDS) or on anomalies or abnormal behavior (Behavior-Based) in the system. We present here a pattern for abstract IDS that defines their general features and patterns for SignatureBased IDS and Behavior-Based IDS

A FRAMEWORK FOR THE EVALUATION OF CYBERSECURITY EFFECTIVENESS OF ABU DHABI GOVERNMENT ENTITIES

Cyberspace has become one of the new frontiers for countries to demonstrate their power to survive in the digitized world. The UAE has become a major target for cyber conflicts due to the rapid increase in economic activity and technology. Further, the widespread use of the internet in the region to the tune of 88% by the end of 2014 has exposed the critical infrastructure to all forms of cyber threats. In this dissertation, the researcher presents a detailed study of the existing cybersecurity defences globally and an investigation into the factors that influence the effectiveness of cybersecurity defences in Abu Dhabi government entities. Further, the role of cybersecurity education, training, and awareness in enhancing the effectiveness of cybersecurity and the role of senior management in providing strategic direction to government entities on cybersecurity are evaluated in addition to determining the contribution of strategic planning and technology level in ensuring an effective cybersecurity system. The study has evaluated the level of Cybersecurity Effectiveness (CSE) in Abu Dhabi Government Entities and the results show that Science and Technology entity performed better than all other Entities with CSE Mean = 4.37 while Public Order showed the least performance with CSE Mean = 3.83 and the combined model of six factors with R-square value 0.317 after multiple regression implying that 32% change in CSE in the government entities is occurring due to the six (6) independent variables used in the study. Further, results show that management has the responsibility of putting in place strategies, frameworks and policies that respond appropriately to the prevention, detection and mitigation of cyberattacks. Results further indicate that culture-sensitive training and awareness programmes add to the quality and effectiveness of cybersecurity systems in government entities. Further, study findings reveal that qualified and experienced personnel in government entities show a greater understanding of cyber and information security issues. Finally, the researcher proposes a cybersecurity framework and a checklist, with checkpoints, for evaluating the effectiveness of cybersecurity systems within government entities and future research interventions

Cryptographic Analysis of Secure Messaging Protocols

Instant messaging applications promise their users a secure and private way to communicate. The validity of these promises rests on the design of the underlying protocol, the cryptographic primitives used and the quality of the implementation. Though secure messaging designs exist in the literature, for various reasons developers of messaging applications often opt to design their own protocols, creating a gap between cryptography as understood by academic research and cryptography as implemented in practice. This thesis contributes to bridging this gap by approaching it from both sides: by looking for flaws in the protocols underlying real-world messaging applications, as well as by performing a rigorous analysis of their security guarantees in a provable security model.Secure messaging can provide a host of different, sometimes conflicting, security and privacy guarantees. It is thus important to judge applications based on the concrete security expectations of their users. This is particularly significant for higher-risk users such as activists or civil rights protesters. To position our work, we first studied the security practices of protesters in the context of the 2019 Anti-ELAB protests in Hong Kong using in-depth, semi-structured interviews with participants of these protests. We report how they organised on different chat platforms based on their perceived security, and how they developed tactics and strategies to enable pseudonymity and detect compromise.Then, we analysed two messaging applications relevant in the protest context: Bridgefy and Telegram. Bridgefy is a mobile mesh messaging application, allowing users in relative proximity to communicate without the Internet. It was being promoted as a secure communication tool for use in areas experiencing large-scale protests. We showed that Bridgefy permitted its users to be tracked, offered no authenticity, no effective confidentiality protections and lacked resilience against adversarially crafted messages. We verified these vulnerabilities by demonstrating a series of practical attacks.Telegram is a messaging platform with over 500 million users, yet prior to this work its bespoke protocol, MTProto, had received little attention from the cryptographic community. We provided the first comprehensive study of the MTProto symmetric channel as implemented in cloud chats. We gave both positive and negative results. First, we found two attacks on the existing protocol, and two attacks on its implementation in official clients which exploit timing side channels and uncover a vulnerability in the key exchange protocol. Second, we proved that a fixed version of the symmetric MTProto protocol achieves security in a suitable bidirectional secure channel model, albeit under unstudied assumptions. Our model itself advances the state-of-the-art for secure channels

Bankacılık işlemlerinde konum destekli sahtekarlık önleme sistemi

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.Sahtekârlık (fraud) işlemlerinin tespiti ulusal ve uluslararası ekonomiler için oldukça önemli bir görev haline gelmiştir. Bankalar ve diğer finansal kuruluşların gerçekleştirdikleri işlemlerin güvenilirliğini sağlaması başta ülke ekonomisi olmak üzere, finansal kuruluşun da itibar ve kârlılığını etkileyen temel faktörlerden birisidir. Sahtekârlık işlemlerinin tespit edilebilmesi ve önlenmesi amacıyla kamu ve özel finans kuruluşlarında bu kontrolleri yapmaktan sorumlu birimler oluşturulmuştur. Ancak sahtekârlık işlemlerini gerçekleştirmeye çalışan kişilerin, yakalanmamak amacıyla sürekli yöntem değiştirmeleri, bu tip işlemlerin tespit edilmesini zorlaştırmaktadır. Bu işlemlerin tespiti, işlem hacimlerinin yoğunluğu da dikkate alındığında teknoloji desteğini zorunlu kılmaktadır. Sahtekârlık işlemlerinin tespiti için geliştirilmiş uygulamalar içerisinde özellikle kural tabanlı sistemlerin yaygınlığı dikkate değerdir. Bu sistemler basit ve bileşik kurallar kullanan, doğrulanmış sahtekârlık veritabanları ve diğer önemli veri setlerinde karşılaştırma yapan ileri teknoloji veri eşleme sistemleri olabileceği gibi şüpheli davranışları tespit edebilen ve bu bilgiyi doğru kanala yönlendiren veritabanları gibi basit sistemler de olabilmektedir. Bununla birlikte, sahtekârlık işlemlerinin tespitinde işlem konumlarının (lokasyonlarının) dikkate alınması üzerine geliştirilmiş bir modele rastlanmamıştır. Bu tez çalışmasında hedeflenen bankacılık ürün ve hizmetlerine yönelik sahtekârlık işlemlerinin tespiti ve önlenmesi için finansal işlemlerin konum bilgisinin kullanılması ile daha iyi sonuçlar elde edilip edilemeyeceğinin incelenmesidir. Çalışma kapsamında coğrafi bilgi sistemlerinin yardımıyla ve veri madenciliği modelleri kullanılarak, konum ve zaman bilgisinin dahil edildiği senaryolar keşfedilmiştir. Anahtar kelimeler: Sahtekârlık (fraud) işlemleri, veri madenciliği, coğrafi bilgi sistemleri, lokasyon zekâsıFraud detection procedures for national and international economies have become quite important tasks. Ensuring the security of transactions carried out by banks and other financial institutions is one of the major factors affecting the reputation and profitability of such organizations. Public and private financial institutions establish organizational bodies responsible for carrying out controls for detecting and preventing fraudulent transactions. However, since people who perform fradulent transactions change their methods constantly in order not to get caught up, it gets more difficult to identify and detect this type of transactions. Detecting this type of transactions makes the support of technology compulsory, considering high volume and intensity of transactions. Among the applications that has been developed for the detection of fraudulent transactions, the prevalence of the rule-based systems are particularly noteworthy. As these systems may use of simple and compound rules, advanced data mapping technologies that make comparison in validated fraud databases, and other important databases mapping systems, they may be simple database systems that can detect suspicious behavior and directs this information to the right. However, we have not come across any model that takes into account of transaction location. The aim of this thesis study is to study the worth of location information of financial transactions for detecting the fraudulent transactions. The scope of work is to discover scenarios to detect fraudulent transactions by the support of geographic information systems with location, and time information and the help of models built by using data mining. Keywords: Fraudulent Transactions, Data Mining, Geographical Information Systems, Location Intelligenc

Métodos de gestión de riesgos en proyectos de software

La disciplina de Gestión de Riesgos ha crecido mucho en el área de tecnologías de la información en los últimos años, particularmente ha tenido un gran impulso en proyectos de desarrollo de software. Éste impulso se puede atribuir a las malas experiencias que se suscitan al intentar culminar un proyecto con éxito. Hoy en día es posible encontrar métodos formales para realizar una gestión de riesgos seria y que brinde resultados positivos al proyecto. Quizás el que más se destaque, ya sea por su probada eficiencia o por ser un estándar de hecho, sea el propuesto por el Instituto de Gestión de Proyecto (PMI por sus siglas en inglés). Sin embargo, no es el único, encontrándose en el mercado otras opciones valederas como lo es el denominado método RiskIt, el cual fue creado justamente en el entorno de proyectos de software. Esta tesis introduce los conceptos básicos de la gestión de riesgos, presenta una reseña de los métodos disponibles, los compara entre sí y documenta la evaluación del método RiskIt al ser utilizado en un proyecto de desarrollo de software en su fase de análisis y diseño como aplicación práctica