87,312 research outputs found
Intrusion detection system on the basis of data mining algorithms in the industrial network of automated process control system
The purpose of the work is to increase the security of the industrial network of an automated process control system based on intelligent network traffic analysis algorithms. The analysis of the problem of detecting and recording actions of violators on the implementation of a network attack on an automated process control system in the industrial network of an enterprise has been performed. A structural and functional model of the monitoring system of the industrial network of industrial control systems is proposed. An algorithm is developed for the intellectual analysis of network traffic of industrial protocols and a software package that implements the proposed algorithms as part of a monitoring system to evaluate the effectiveness of the proposed solution on field data.This work was supported by the Russian Foundation for Basic Research, research No17-48-020095
Why (and How) Networks Should Run Themselves
The proliferation of networked devices, systems, and applications that we
depend on every day makes managing networks more important than ever. The
increasing security, availability, and performance demands of these
applications suggest that these increasingly difficult network management
problems be solved in real time, across a complex web of interacting protocols
and systems. Alas, just as the importance of network management has increased,
the network has grown so complex that it is seemingly unmanageable. In this new
era, network management requires a fundamentally new approach. Instead of
optimizations based on closed-form analysis of individual protocols, network
operators need data-driven, machine-learning-based models of end-to-end and
application performance based on high-level policy goals and a holistic view of
the underlying components. Instead of anomaly detection algorithms that operate
on offline analysis of network traces, operators need classification and
detection algorithms that can make real-time, closed-loop decisions. Networks
should learn to drive themselves. This paper explores this concept, discussing
how we might attain this ambitious goal by more closely coupling measurement
with real-time control and by relying on learning for inference and prediction
about a networked application or system, as opposed to closed-form analysis of
individual protocols
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems
We present an architecture designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and automatic) anomaly-based analysis of the system output, which provides useful context information regarding the network services. The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or anomaly-based) are reduced by correlating them with the output anomalies. We designed our architecture for TCP-based network services which have a client/server architecture (such as HTTP). Benchmarks show a substantial reduction of false positives between 50% and 100%
Code, space and everyday life
In this paper we examine the role of code (software) in the spatial formation of
collective life. Taking the view that human life and coded technology are folded into
one another, we theorise space as ontogenesis. Space, we posit, is constantly being
bought into being through a process of transduction – the constant making anew of a
domain in reiterative and transformative practices - as an incomplete solution to a
relational problem. The relational problem we examine is the ongoing encounter
between individuals and environment where the solution, to a greater or lesser extent,
is code. Code, we posit, is diversely embedded in collectives as coded objects, coded
infrastructure, coded processes and coded assemblages. These objects, infrastructure,
processes and assemblages possess technicity, that is, unfolding or evolutive power to
make things happen; the ability to mediate, supplement, augment, monitor, regulate,
operate, facilitate, produce collective life. We contend that when the technicity of
code is operationalised it transduces one of three forms of hybrid spatial formations:
code/space, coded space and backgrounded coded space. These formations are
contingent, relational, extensible and scaleless, often stretched out across networks of
greater or shorter length. We demonstrate the coded transduction of space through
three vignettes – each a day in the life of three people living in London, UK, tracing
the technical mediation of their interactions, transactions and mobilities. We then
discuss how code becomes the relational solution to five different classes of problems
– domestic living, travelling, working, communicating, and consuming
- …