4 research outputs found

    Pre-filters in-transit malware packets detection in the network

    Get PDF
    Conventional malware detection systems cannot detect most of the new malware in the network without the availability of their signatures. In order to solve this problem, this paper proposes a technique to detect both metamorphic (mutated malware) and general (non-mutated) malware in the network using a combination of known malware sub-signature and machine learning classification. This network-based malware detection is achieved through a middle path for efficient processing of non-malware packets. The proposed technique has been tested and verified using multiple data sets (metamorphic malware, non-mutated malware, and UTM real traffic), this technique can detect most of malware packets in the network-based before they reached the host better than the previous works which detect malware in host-based. Experimental results showed that the proposed technique can speed up the transmission of more than 98% normal packets without sending them to the slow path, and more than 97% of malware packets are detected and dropped in the middle path. Furthermore, more than 75% of metamorphic malware packets in the test dataset could be detected. The proposed technique is 37 times faster than existing technique

    A Neural Network Approach to Border Gateway Protocol Peer Failure Detection and Prediction

    Get PDF
    The size and speed of computer networks continue to expand at a rapid pace, as do the corresponding errors, failures, and faults inherent within such extensive networks. This thesis introduces a novel approach to interface Border Gateway Protocol (BGP) computer networks with neural networks to learn the precursor connectivity patterns that emerge prior to a node failure. Details of the design and construction of a framework that utilizes neural networks to learn and monitor BGP connection states as a means of detecting and predicting BGP peer node failure are presented. Moreover, this framework is used to monitor a BGP network and a suite of tests are conducted to establish that this neural network approach as a viable strategy for predicting BGP peer node failure. For all performed experiments both of the proposed neural network architectures succeed in memorizing and utilizing the network connectivity patterns. Lastly, a discussion of this framework\u27s generic design is presented to acknowledge how other types of networks and alternate machine learning techniques can be accommodated with relative ease

    Um sistema de detecção de ataques Sinkhole sobre 6lowpan para internet das coisas

    Get PDF
    Orientador : Prof. Aldri Luiz dos SantosCo-orientadora : Profª. Michele Nogueira LimaDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa: Curitiba, 18/08/2014Inclui referênciasResumo: A Internet das coisas (IoT) é fruto de uma revolução tecnológica que representa o futuro da computação e da comunicação, sendo identificada como uma das tecnologias emergentes que mudará nossa forma de vida. As redes IoT são formadas por objetos heterogêneos (nós) com alguma inteligência, isto é, com capacidade de processamento que lhes permitem, entre outras tarefas, enviar e receber informações através da rede. Entretanto, cada vez mais objetos estarão interligados com aparelhos digitais, veículos e demais, e a presença deles tende a crescer em nossas vidas trazendo mais comodidade e facilidade. A IoT ligará todos esses objetos, assim como ligará outros que não pertencem à computação podendo ser fixos ou móveis. Visto que os objetos que compõem a IoT possuem recursos limitados, estes se tornarão vulneráveis a vários tipos de ataques, sendo o ataque sinkhole um dos mais destrutivos nas redes. Contudo, as soluções existentes para a proteção e segurança contra os ataques sinkhole geram um elevado consumo de recursos e usam mecanismos complexos para garantir um bom desempenho. Desta forma, este trabalho propõe um sistema de detecção de intrusão, chamado de INTI (Detecção Intrução contra ataques SiNkhole sobre 6LoWPAN para a InterneT das CoIsas) para identificar a presença de ataques sinkhole no serviço de roteamento na IoT. Além disso, INTI visa mitigar os efeitos adversos encontrados em IDSs que perturbam o seu desempenho como falsos positivos e negativos, também como os elevados consumos de recursos. O INTI combina o uso dos mecanismos como o uso de watchdog, reputação e confiança. O mecanismo de watchdog possibilita o monitoramento das atividades dos outros nós durante o encaminhamento de pacotes. A reputação e a confiança colaboram para determinar os dispositivos considerados confiáveis e não confiáveis na rede IoT. Estes mecanismos são utilizados para a detecção de ataques sinkhole, analisando o comportamento dos dispositivos. O sistema INTI foi avaliado em dois cenários realísticos de IoT, e nesses cenários os resultados obtidos mostram a eficácia do INTI em termos de taxa de detecção de ataques, o número de falsos negativos e falsos positivos e da eficiência na taxa de entrega, na latência e no consumo de energia. Palavras-chave: IDS, IoT, segurança, proteção, ataques sinkhole, watchdog, reputação.Abstract: The Internet of Things (IoT) is the result of a technological revolution that represents the future of computing and communication, being identified as one of the emerging technologies that will change our way of life. The IoT networks are formed by heterogeneous objects (nodes) with some intelligence, that is, with processing capabilities that enable them, among other tasks, send and receive information across the network. However, more and more objects are interconnected with digital devices, vehicles and other equipment, and their presence tends to grow in our lives bringing more convenience and ease. The IoT will connect all of these devices as well as bind other objects that do not belong to the digital world and that can be fixed or mobile. Since the objects that make up the IoT have limited resources, they become vulnerable to various attacks, and the sinkhole attack is one of the most destructive in the networks. However, existing solutions for the protection and security against sinkhole attacks generate a high consumption of resources and use complex mechanisms to ensure good performance. Thus, this dissertation proposes an intrusion detection system, called INTI (intrusion detection against sinkhole attacks on 6LoWPAN for IoT), to identify the presence of sinkhole attacks on the routing services in IoT. Moreover, INTI aims to mitigate adverse effects found in IDS that disturb its performance, suck as false positive and negative as well as the high resource cost. The INTI system combines the use of mechanisms such as watchdog, reputation and trust. The watchdog mechanism enables the monitoring the activities of other nodes for packet forwarding. The reputation and trust mechanisms collaborate to determine the devices considered reliable and unreliable in IoT network.These mechanisms are used for detection of attackers, by analyzing the behavior of devices. The INTI system was evaluated in two realistic scenarios of IoT, and these scenarios the results show the effectiveness of INTI in terms of attack detection rate, the number of false negatives and false positives and efficiency in the delivery rate, latency and energy consumption. Keywords: IDS, IoT, security, safety, sinkhole attacks, watchdog, reputation

    La Menzogna: Le altre facce della realtà

    Get PDF
    [Italiano]:Il volume presenta contributi scientifici sul tema della menzogna nelle sue più diversificate ‘manifestazioni’ testuali e declinazioni ‘comunicative’, potendo essere intesa come immaginazione, invenzione, finzione, artificio, dissimulazione, deformazione ma anche come manipolazione.Il volume si articola in tre macrosezioni: letteraria, filologica-linguistica e artistica. La sezione letteraria contiene una riflessione ramificata che offre uno sguardo multiprospettico. La menzogna è analizzata dapprima come tema per poi tramutarsi in oggetto di studio della critica letteraria, giungendo, infine, in un mutevole paesaggio geoculturale. La seconda sezione, quella filologica-linguistica, segue invece un principio diacronico: si indaga la menzogna a partire dalla tradizione manoscritta fino alla comunicazione digitale. La terza e ultima sezione, che conferma la natura interdisciplinare e transmediale del volume, è dedicata alle strategie di rappresentazione e dissimulazione in rapporto alle diverse forme d’arte, quali il teatro, le serie TV, la docufiction, nonché le arti performative. Il volume si chiude con un’appendice che contiene le riproduzioni delle opere pittoriche di alcuni artisti, presentate in occasione della mostra che ha affiancato la Graduate Conference ./[English]: The volume presents a collection of papers focussing on the topic of “lies” in its different textual ‘manifestations’ and ‘communicative’ declinations, and can be understood in terms of imagination, invention, artifice, dissimulation, disfiguration and manipulation. The volume is divided into three macro-sections: literature, philology and linguistics, and the arts. The literary section contains a ramification of reflections, which provides a multi-perspective view. “Lies” are analyzed as a topic and become an object of literary criticism, entering into a mutable geo-cultural landscape. The second section of philology and linguistics adopts, instead, a diachronic approach: investigations on “lies” range from the manuscript tradition to digital communication. The third and last section, which confirms the interdisciplinary and transmedial nature of this volume, is dedicated to strategies of representation and dissimulation in relation to the different forms of art, including theatre, television series, docufiction and other performing arts. The volume ends with an appendix, which contains the reproduction of paintings presented on the occasion of the exhibition that accompanied the Graduate Conference of the PhD Programme in Literary, Linguistic and Comparative Studies at the University of Naples “L’Orientale”
    corecore