Characterizations on microencapsulated sunflower oil as self-healing agent using In situ polymerization method

This paper emphasizes the characterization on the microencapsulation of sunflower oil as self-healing agent. In-situ polymerization method mainly implicates in the microencapsulation process. The analysis of microencapsulated sunflower oil via prominent characterization of yield of microcapsules, microcapsules characteristics and Fourier Transmission Infa-Red Spectroscopy (FTIR). The prime optimization used was reaction time of microencapsulation process in the ranges of 2, 3 and 4 h. The higher reaction time of microencapsulation process resulted in a higher yield of microcapsules. The yield of microcapsules increases from 46 to 53% respectively by the increasing of reaction time from 2 to 4 h. The surface morphology study associating the diameter of microcapsules measured to analyse the prepared microcapsules. It was indicated that microcapsules were round in shape with smooth micro-surfaces. It was discovered that the diameter of microcapsules during microencapsulation process after 4 h reaction time was in average of 70.53 μm. This size was measured before filtering the microcapsules with solvent and dried in vacuum oven. Apparently, after filtering and drying stage, the diameter of microcapsules specifically identified under Field Emission Scanning Electron Microscopy (FESEM) showing the size of 2.33 μm may be due to the removing the suspended oil surrounded the microcapsules. Sunflower oil as core content and urea formaldehyde (UF) as shell of microcapsules demonstrated the proven chemical properties on characterization by FTIR with the stretching peak of 1537.99 - 1538.90 cm-1 (-H in -CH2), 1235.49 - 1238.77 cm-1 (C-O-C Vibrations at Ester) and 1017.65 - 1034.11 cm-1 (C-OH Stretching Vibrations). It was showed that sunflower oil can be considered as an alternative nature resource for self-healing agent in microencapsulation process. The characterization of microencapsulated sunflower oil using in-situ polymerization method showed that sunflower oil was viable self-healing agent to be encapsulated and incorporated in metal coating

The Science of Information Protection

Workshop on Education in Computer Security (WECS) 7The presentation of Information Protection material can be improved in two important ways. First, if the material is arranged in a systematic/scientific fashion it can show how all the various pieces fit together and it can also demonstrate completeness by showing that all threats are addressed. Second, if each protection technique is preceded by a clear description of the threat that it addresses learning is significantly enhanced because the protection technique is motivated. This paper presents an information threat model that 1) arranges the material in a scientific/systematic fashion and 2) facilitates a threat-first presentation of Information Protection techniques

Access monitoring system for distributed firewall policies

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2008Includes bibliographical references (leaves: 69-70)Text in English; Abstract: Turkish and Englishx, 70 leavesInternet has provided several benefits in terms of information sharing. However, Internet is an insecure environment that can cause threats to private networks. As a result, network security becomes a critical issue. One of the important tools used in network security is firewall. Firewalls protect a private network from external threats by restricting network traffic according to predefined security rules. Basically, firewalls apply these rules to each packet that passes over them. Distributed firewalls are a new approach to firewall to overcome some drawbacks of traditional firewalls. Distributed firewall design is based on the idea of enforcing the policy rules at the endpoints rather than a single entry point to network. Management of policy rules is a critical issue in both traditional and distributed firewalls. We propose a monitoring application for distributed firewall policies to keep track of actions (create, read. update, delete) performed on policy rule set. The resulting data produced by the monitoring application will be very helpful in policy management process

Federated Agentless Detection of Endpoints Using Behavioral and Characteristic Modeling

During the past two decades computer networks and security have evolved that, even though we use the same TCP/IP stack, network traffic behaviors and security needs have significantly changed. To secure modern computer networks, complete and accurate data must be gathered in a structured manner pertaining to the network and endpoint behavior. Security operations teams struggle to keep up with the ever-increasing number of devices and network attacks daily. Often the security aspect of networks gets managed reactively instead of providing proactive protection. Data collected at the backbone are becoming inadequate during security incidents. Incident response teams require data that is reliably attributed to each individual endpoint over time. With the current state of dissociated data collected from networks using different tools it is challenging to correlate the necessary data to find origin and propagation of attacks within the network. Critical indicators of compromise may go undetected due to the drawbacks of current data collection systems leaving endpoints vulnerable to attacks. Proliferation of distributed organizations demand distributed federated security solutions. Without robust data collection systems that are capable of transcending architectural and computational challenges, it is becoming increasingly difficult to provide endpoint protection at scale. This research focuses on reliable agentless endpoint detection and traffic attribution in federated networks using behavioral and characteristic modeling for incident response

The medical science DMZ: a network design pattern for data-intensive medical science

Abstract: Objective We describe a detailed solution for maintaining high-capacity, data-intensive network flows (eg, 10, 40, 100 Gbps+) in a scientific, medical context while still adhering to security and privacy laws and regulations. Materials and Methods High-end networking, packet-filter firewalls, network intrusion-detection systems. Results We describe a “Medical Science DMZ” concept as an option for secure, high-volume transport of large, sensitive datasets between research institutions over national research networks, and give 3 detailed descriptions of implemented Medical Science DMZs. Discussion The exponentially increasing amounts of “omics” data, high-quality imaging, and other rapidly growing clinical datasets have resulted in the rise of biomedical research “Big Data.” The storage, analysis, and network resources required to process these data and integrate them into patient diagnoses and treatments have grown to scales that strain the capabilities of academic health centers. Some data are not generated locally and cannot be sustained locally, and shared data repositories such as those provided by the National Library of Medicine, the National Cancer Institute, and international partners such as the European Bioinformatics Institute are rapidly growing. The ability to store and compute using these data must therefore be addressed by a combination of local, national, and industry resources that exchange large datasets. Maintaining data-intensive flows that comply with the Health Insurance Portability and Accountability Act (HIPAA) and other regulations presents a new challenge for biomedical research. We describe a strategy that marries performance and security by borrowing from and redefining the concept of a Science DMZ, a framework that is used in physical sciences and engineering research to manage high-capacity data flows. Conclusion By implementing a Medical Science DMZ architecture, biomedical researchers can leverage the scale provided by high-performance computer and cloud storage facilities and national high-speed research networks while preserving privacy and meeting regulatory requirements

Defense in Depth Network Perimeter Security

Defense in depth network perimeter security has always be a topic of discussion for a long time as an efficient way of mitigating cyber-attacks. While there are no 100% mitigating method against cyber-attacks, a layered defense in depth network perimeter security can be used to mitigate against cyber-attacks. Research have shown a massive growth in cyber-crimes and there are limited number of cyber security expert to counter this attacks. EIU as an institution is taking up the responsibility of producing cyber security graduates with the new Master of Science in Cyber Security program that started in Fall 2017. This research is aim at designing and developing a defense in depth network perimeter security that will be used for laboratory practices to learn and simulate cyber security activity and its mitigation. The research is complemented with the design of ten laboratory practices to give expertise to the students in the equipment used in the design. The designed topology comprises of two sites, connected via IPSec site to site VPN over an unsecure internet connection. A public testing webserver is placed at the DMZ which is to be used to invite hackers to attack the design system for the purpose of detecting, preventing and learning cyber-attack mechanisms

INTRUSION DETECTION SYSTEM

An Intrusion detection system is generally considered to be any system designed to detect attempts compromise the integrity, confidentiality or availability of the protected network and associated computer systems. Intrusion Detection System (IDS) aims to detect attempted compromises by monitoring network traffic for indications that an attempted compromise is in progress, or an internal system is behaving in a manner which indicates it may already be compromised. A host based IDS (HIDS) monitors a single system for signs of compromise. The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems. The easy and destructive spread of worms, such as Blaster, Slammer, and Code Red, can be traced directly to exploitation of unpatched vulnerabilities

Investigation of Efficient Unified Threat Management in Enterprise Security

This thesis explores the problems that exist today with perimeter security in data communications specifically the disparate architecture that exists to mitigate risk. Currently there are many different components to the enterprise security perimeter that are not cohesive and do not collaborate well to form an efficient, scalable, operationally supportable gateway design. The thesis breaks down this problem by illustrating the shortcomings of current technologies. These illustrations are used in conjunction with published research and authored research to provide solid footing for the idea of a unified threat management or UTM model. In this model, threat prevention techniques are consolidated into a single logical operating environment that leverages advances in next generation firewalls, intrusion prevention systems, content filtering and antivirus technologies. The results of this investigation are provided in a matrix that shows strengths and weaknesses with a consolidated unified model