302 research outputs found

    Research and development of enhanced, integrated and accessible flow metering software for industry.

    Get PDF
    This project was an investigation to find improvements required in the delivery of software for the flow metering industry. The project has resulted in the repackaging of existing software using appropriate technologies. This included developing software that is accessible via the web and extending functionality whereby a user can import and export information in a variety of data formats. The software was successfully revised and is now commercially accessible to the flow metering industry. The project was performed in the context of a KTP (Knowledge Transfer Partnership) programme with academic supervision provided by TUV NEL (the academic partner) on the premises of KELTON® (the commercial partner) who provided day-to-day project management supervision. The project was in collaboration between the two organisations with the joint aims of facilitating knowledge transfer between the organisations and enhancing the market performance of the commercial partner. The main objective of the study was to gain a full understanding of the needs of the flow metering industry in terms of software and delivery via web or standalone application. Web based applications are new to KELTON® so it was necessary to investigate the methods of delivery. The work concentrated on investigating techniques to modularise code, allowing flexible access to data between applications and on data presentation. iv At an early stage of the project an online market survey program was developed and appropriate questions were used to get customer feedback. The results were analysed and used to prioritise work. Following the review, the current software architecture was found to be unsuitable so new approaches were investigated. The software was created using an n-tier architecture which is a method of splitting common code into separate components. Web based applications were found to be slower than standalone applications. However, web applications benefited from not having to fully install software on individual user PCs therefore allowing access from anywhere that users have access to the network

    Cost benefits of using machine learning features in NIDS for cyber security in UK small medium enterprises (SME)

    Get PDF
    Cyber security has made an impact and has challenged Small and Medium Enterprises (SMEs) in their approaches towards how they protect and secure data. With an increase in more wired and wireless connections and devices on SME networks, unpredictable malicious activities and interruptions have risen. Finding the harmony between the advancement of technology and costs has always been a balancing act particularly in convincing the finance directors of these SMEs to invest in capital towards their IT infrastructure. This paper looks at various devices that currently are in the market to detect intrusions and look at how these devices handle prevention strategies for SMEs in their working environment both at home and in the office, in terms of their credibility in handling zero-day attacks against the costs of achieving so. The experiment was set up during the 2020 pandemic referred to as COVID-19 when the world experienced an unprecedented event of large scale. The operational working environment of SMEs reflected the context when the UK went into lockdown. Pre-pandemic would have seen this experiment take full control within an operational office environment; however, COVID-19 times has pushed us into a corner to evaluate every aspect of cybersecurity from the office and keeping the data safe within the home environment. The devices chosen for this experiment were OpenSource such as SNORT and pfSense to detect activities within the home environment, and Cisco, a commercial device, set up within an SME network. All three devices operated in a live environment within the SME network structure with employees being both at home and in the office. All three devices were observed from the rules they displayed, their costs and machine learning techniques integrated within them. The results revealed these aspects to be important in how they identified zero-day attacks. The findings showed that OpenSource devices whilst free to download, required a high level of expertise in personnel to implement and embed machine learning rules into the business solution even for staff working from home. However, when using Cisco, the price reflected the buy-in into this expertise and Cisco’s mainframe network, to give up-to-date information on cyber-attacks. The requirements of the UK General Data Protection Regulations Act (GDPR) were also acknowledged as part of the broader framework of the study. Machine learning techniques such as anomaly-based intrusions did show better detection through a commercially subscription-based model for support from Cisco compared to that of the OpenSource model which required internal expertise in machine learning. A cost model was used to compare the outcome of SMEs’ decision making, in getting the right framework in place in securing their data. In conclusion, finding a balance between IT expertise and costs of products that are able to help SMEs protect and secure their data will benefit the SMEs from using a more intelligent controlled environment with applied machine learning techniques, and not compromising on costs.</p

    Deployment of NFV and SFC scenarios

    Get PDF
    Aquest ítem conté el treball original, defensat públicament amb data de 24 de febrer de 2017, així com una versió millorada del mateix amb data de 28 de febrer de 2017. Els canvis introduïts a la segona versió són 1) correcció d'errades 2) procediment del darrer annex.Telecommunications services have been traditionally designed linking hardware devices and providing mechanisms so that they can interoperate. Those devices are usually specific to a single service and are based on proprietary technology. On the other hand, the current model works by defining standards and strict protocols to achieve high levels of quality and reliability which have defined the carrier-class provider environment. Provisioning new services represent challenges at different levels because inserting the required devices involve changes in the network topology. This leads to slow deployment times and increased operational costs. To overcome the current burdens network function installation and insertion processes into the current service topology needs to be streamlined to allow greater flexibility. The current service provider model has been disrupted by the over-the-top Internet content providers (Facebook, Netflix, etc.), with short product cycles and fast development pace of new services. The content provider irruption has meant a competition and stress over service providers' infrastructure and has forced telco companies to research new technologies to recover market share with flexible and revenue-generating services. Network Function Virtualization (NFV) and Service Function Chaining (SFC) are some of the initiatives led by the Communication Service Providers to regain the lost leadership. This project focuses on experimenting with some of these already available new technologies, which are expected to be the foundation of the new network paradigms (5G, IOT) and support new value-added services over cost-efficient telecommunication infrastructures. Specifically, SFC scenarios have been deployed with Open Platform for NFV (OPNFV), a Linux Foundation project. Some use cases of the NFV technology are demonstrated applied to teaching laboratories. Although the current implementation does not achieve a production degree of reliability, it provides a suitable environment for the development of new functional improvements and evaluation of the performance of virtualized network infrastructures

    Dashboard design to assess the impact of distinct data visualization techniques in the dynamic analysis of survey’s results

    Get PDF
    A study of available data visualization techniques is required to comprehensively and accurately display real-time information. Customizing existing platforms and designing new specific display formats are among the important tasks for getting an accurate view of information. In this work we have carried out a bibliographic review on visualization of data, techniques and platforms of existing Dashboards. We implemented a generic and dynamic dashboard based on information collected in real time. The objective was to assess the impact of the Data Visualization Techniques available on the developed dashboard. Therefore, Dashboard users will be able to interact with the information, accessing at an early stage a set of pre-defined charts, tables, and reports produced by the Dashboard itself. At a later stage it will be possible for users to have greater control over the presentation of the data and to customize the views presented, generating graphs, tables and reports dynamically. This implementation allows you to test an existing set of data visualization techniques and dynamically generated new forms, showing that Dashboards can become a unique and powerful means of providing information

    Does the online card payment system unwittingly facilitate fraud?

    Get PDF
    PhD ThesisThe research work in this PhD thesis presents an extensive investigation into the security settings of Card Not Present (CNP) financial transactions. These are the transactions which include payments performed with a card over the Internet on the websites, and over the phone. Our detailed analysis on hundreds of websites and on multiple CNP payment protocols justifies that the current security architecture of CNP payment system is not adequate enough to protect itself from fraud. Unintentionally, the payment system itself will allow an adversary to learn and exploit almost all of the security features put in place to protect the CNP payment system from fraud. With insecure modes of accepting payments, the online payment system paves the way for cybercriminals to abuse even the latest designed payment protocols like 3D Secure 2.0. We follow a structured analysis methodology which identifies vulnerabilities in the CNP payment protocols and demonstrates the impact of these vulnerabilities on the overall payment system. The analysis methodology comprises of UML diagrams and reference tables which describe the CNP payment protocol sequences, software tools which implements the protocol and practical demonstrations of the research results. Detailed referencing of the online payment specifications provides a documented link between the exploitable vulnerabilities observed in real implementations and the source of the vulnerability in the payment specifications. We use practical demonstrations to show that these vulnerabilities can be exploited in the real-world with ease. This presents a stronger impact message when presenting our research results to a nontechnical audience. This has helped to raise awareness of security issues relating to payment cards, with our work appearing in the media, radio and T

    Development of a mobile control system for Teklab Multipurpose Workstations on Android

    Get PDF
    This thesis was done for Helsinki Metropolia University of Applied Sciences at the department of Information and Communication Technology, Piha Lab. The aim of the thesis was to develop a mobile control system for TEKLAB Multipurpose Workstations on Android. The objective was to be able to monitor and control the TEKLAB ELP100NET laboratory tables from a mobile device through a graphical user interface. Another objective was to be able to view the status of all TEKLAB ELP100NET laboratory tables with the application. A Python program that runs on ConnectPort X2 via iDigi Device Cloud was developed along with the Android application developed to provide an interface for controlling and monitoring TEKLAB ELP100NET laboratory tables in the Piha lab Ethernet network. HTTP POST was used for sending and receiving RCI XML data string wrapped over SCI XML. The Digi ConnectPort X2 gateway was configured and connected to the Piha Lab Ethernet network interfacing with iDigi Device Cloud

    10th SC@RUG 2013 proceedings:Student Colloquium 2012-2013

    Get PDF
    • …
    corecore