A monitoring and threat detection system using stream processing as a virtual function for big data

The late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. As a consequence, fast realtime threat detection is mandatory for security guarantees. In addition, Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. We propose a fast and efficient threat detection system based on stream processing and machine learning algorithms. The main contributions of this work are i) a novel monitoring threat detection system based on stream processing; ii) two datasets, first a dataset of synthetic security data containing both legitimate and malicious traffic, and the second, a week of real traffic of a telecommunications operator in Rio de Janeiro, Brazil; iii) a data pre-processing algorithm, a normalizing algorithm and an algorithm for fast feature selection based on the correlation between variables; iv) a virtualized network function in an open-source platform for providing a real-time threat detection service; v) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, with a minimum number of sensors; and, finally, vi) a greedy algorithm that allocates on demand a sequence of virtual network functions.A detecção tardia de ameaças de segurança causa um significante aumento no risco de danos irreparáveis, impossibilitando qualquer tentativa de defesa. Como consequência, a detecção rápida de ameaças em tempo real é essencial para a administração de segurança. Além disso, A tecnologia de virtualização de funções de rede (Network Function Virtualization - NFV) oferece novas oportunidades para soluções de segurança eficazes e de baixo custo. Propomos um sistema de detecção de ameaças rápido e eficiente, baseado em algoritmos de processamento de fluxo e de aprendizado de máquina. As principais contribuições deste trabalho são: i) um novo sistema de monitoramento e detecção de ameaças baseado no processamento de fluxo; ii) dois conjuntos de dados, o primeiro ´e um conjunto de dados sintético de segurança contendo tráfego suspeito e malicioso, e o segundo corresponde a uma semana de tráfego real de um operador de telecomunicações no Rio de Janeiro, Brasil; iii) um algoritmo de pré-processamento de dados composto por um algoritmo de normalização e um algoritmo para seleção rápida de características com base na correlação entre variáveis; iv) uma função de rede virtualizada em uma plataforma de código aberto para fornecer um serviço de detecção de ameaças em tempo real; v) posicionamento quase perfeito de sensores através de uma heurística proposta para posicionamento estratégico de sensores na infraestrutura de rede, com um número mínimo de sensores; e, finalmente, vi) um algoritmo guloso que aloca sob demanda uma sequencia de funções de rede virtual

Data Confidentiality and Risk Management in Cloud Computing

Cloud computing can enable an organisation to outsource computing resources to gain economic benefits. Cloud computing is transparent to both the programmers and the users; as a result, it introduces new challenges when compared with previous forms of distributed computing. Cloud computing enables its users to abstract away from low level configuration (configuring IP addresses and routers). It creates an illusion that this entire configuration is automated. This illusion is also true for security services, for instance automating security policies and access control in the Cloud, so that companies using the Cloud perform only very high- level (business oriented) configuration. This thesis identifies research challenges related to security, posed by the transparency of distribution, abstraction of configuration and automation of services that entails Cloud computing. It provides solutions to some of these research challenges. As mentioned, Cloud computing provides outsourcing of resources; the outsourcing does not enable a data owner to outsource the responsibility of confidentiality, integrity and access control as it remains the responsibility of the data owner. The challenge of providing confidentiality, integrity and access control of data hosted on Cloud platforms is not catered for by traditional access control models. These models were developed over the course of many decades to fulfil the requirements of organisations which assumed full control over the physical infrastructure of the resources they control access to. The assumption is that the data owner, data controller and administrator are present in the same trusted domain. This assumption does not hold for the Cloud computing paradigm. Risk management of data present on the Cloud is another challenge. There is a requirement to identify the risks an organisation would be taking while hosting data and services on the Cloud. Furthermore, the identification of risk would be the first step, the next step would be to develop the mitigation strategies. As part of the thesis, two main areas of research are targeted: distributed access control and security risk management

URI Undergraduate and Graduate Course Catalog 2020-2021

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1072/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2019-2020

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1071/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2018-2019

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1070/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2016-2017

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1068/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2015-2016

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1067/thumbnail.jp

General Catalog 2009-2010

Contains course descriptions, University college calendar, and college administrationhttps://digitalcommons.usu.edu/universitycatalogs/1128/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2021-2022

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1073/thumbnail.jp

URI Undergraduate and Graduate Course Catalog 2017-2018

This is a downloadable PDF version of the University of Rhode Island course catalog.https://digitalcommons.uri.edu/course-catalogs/1069/thumbnail.jp