A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment.

Recent research has indicated that although security systems are developing, illegal intrusion to computers is on the rise. The research conducted here illustrates that improving intrusion detection and prevention methods is fundamental for improving the overall security of systems. This research includes the design of a novel Intrusion Detection System (IDS) which identifies four levels of visibility of attacks. Two major areas of security concern were identified: speed and volume of attacks; and complexity of multistage attacks. Hence, the Multistage Intrusion Detection and Prevention System (MIDaPS) that is designed here is made of two fundamental elements: a multistage attack engine that heavily depends on attack trees and a Denial of Service Engine. MIDaPS were tested and found to improve current intrusion detection and processing performances. After an intensive literature review, over 25 GB of data was collected on honeynets. This was then used to analyse the complexity of attacks in a series of experiments. Statistical and analytic methods were used to design the novel MIDaPS. Key findings indicate that an attack needs to be protected at 4 different levels. Hence, MIDaPS is built with 4 levels of protection. As, recent attack vectors use legitimate actions, MIDaPS uses a novel approach of attack trees to trace the attacker¿s actions. MIDaPS was tested and results suggest an improvement to current system performance by 84% whilst detecting DDOS attacks within 10 minutes

QoS awareness and adaptation in service composition

The dynamic nature of a Web service execution environment generates frequent variations in the Quality of Service offered to the consumers, therefore, obtaining the expected results while running a composite service is not guaranteed. When combining this highly changing environment with the increasing emphasis on Quality of Service, management of composite services turns into a time consuming and complicated task. Different approaches and tools have been proposed to mitigate the impacts of unexpected events during the execution of composite services. Among them, self-adaptive proposals have stood out, since they aim to maintain functional and quality levels, by dynamically adapting composite services to the environment conditions, reducing human intervention. The research presented in this Thesis is centred on self-adaptive properties in service composition, mainly focused on self-optimization. Three models have been proposed to target self-optimization, considering various QoS parameters, the benefit of performing adaptation, and looking at adaptation from two perspectives: reactive and proactive. They target situations where the QoS of the composition is decreasing. Also, they consider situations where a number of the accumulated QoS values, in certain point of the process, are better than expected, providing the possibility of improving other QoS parameters. These approaches have been implemented in service composition frameworks and evaluated through the execution of test cases. Evaluation was performed by comparing the QoS values gathered from multiple executions of composite services, using the proposed optimization models and a non-adaptive approach. The benefit of adaptation was found a useful value during the decision making process, in order to determine if adaptation was needed or not. Results show that using optimization mechanisms when executing composite services provide significant improvements in the global QoS values of the compositions. Nevertheless, in some cases there is a trade-off, where one of the measured parameters shows an increment, in order to improve the others

Testing the Effectiveness of Dynamic Binding in Web Services

In recent years, Service Oriented Architectures (SOA) have risen in use as an architectural style for distributed systems. They have many desirable features such as flexibility, software reuse and cost benefits. In addition to this, SOA enables and indeed encourages the binding of services at runtime in the form of dynamic binding. Here, services are bound to service requests at runtime and the choice of service is determined with minimal user intervention. Presently, Web Services have risen as the de facto implementation of SOA and existing research for the testing of Web Services have assumed the choice of service at design-time. However, dynamic binding of services raises several additional challenges, such as managing complexity in service compositions using dynamic binding and non-deterministic behaviour in service selection. Few research exists that involve dynamic binding but with limitations as they do not consider the dynamic binding system itself. This paper focuses on the importance of the dynamic binding system and proposes a technique that can be used to test dynamic binding systems such that the behaviour of the algorithm can be determined