Anomaly Detection Framework Based on Matching Pursuit for Network Security Enhancement, Journal of Telecommunications and Information Technology, 2011, nr 1

In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper are: novel framework for network security based on the correlation approach as well as new signal based algorithm for intrusion detection using matching pursuit

Evaluation of QoS and QoE in Mobile WIMAX – Systematic Approach

Space scienc

Information and communication technology and crisis management

In the present article selected telecommunication aspects in the area of crisis management are exposed. In particular, the focus is put on the response phase, since there are new challenges at the junction of organisational and technical layers, incl. interoperability, new functionalities and models. Those aspects have not been exhaustively tested in real situations; thus such issues still require multiple testing, verification and validation. In this article the communication problems are collated with new solutions, such as the use of cloud computing, social media and additional functionalities to increase the security level. The main aim of this article is to introduce challenges, as well as new opportunities provided by the implementation of new Information and Communication Technologies in the area of crisis management

Rola kontekstowej informacji geograficznej w mobilnych systemach monitoringu

The role of geographical context and its machine readable representation in mobile surveillance systems has been presented in the paper. It has been shown how the appropriate semantic description of a surrounding geographical context can improve the configuration and operation of a mobile video surveillance system.W artykule zaprezentowano rolę geograficznej informacji kontekstowej w systemach monitoringu. Przedstawiono, jak odpowiednio zamodelowany opis semantyczny informacji o otoczeniu geograficznym może wpłynąć na poprawę działania systemów monitoringu. Dokładniejsza informacja o otoczeniu pozwala na bardziej odpowiednie skonfigurowanie systemu i tym samem jego efektywniejsze działanie

INTERSECTION Approach to Vulnerability Handling

In this paper our approach to heterogeneous networks vulnerability handling is presented. Vulnerabilities of heterogeneous networks like satellite, GSM/GPRS, UMTS, wireless sensor networks and the Internet have been identified, classified and described in the framework of the European co-funded project, named INTERSECTION (INfrastructure for heTErogeneous, Resilient, SEcure, Complex, Tightly Inter-Operating Networks). Since computer security incidents usually occur across administrative domains and interconnected networks it is quite clear that it would be advantageous for different organizations and network operators to be able to share data on network vulnerabilities. The exchange of vulnerability information and statistics would be crucial for proactive identification of trends that can lead to incident prevention. Network operators have always been reticent to disclose information about attacks on their systems or through their networks. However, this tendency seems to be overcome by the new awareness that it is only through cooperation that networking infrastructures can be made robust to attacks and failures. Starting from these considerations, we developed two components, namely INTERSECTION Vulnerability Database (IVD) and Project INTERSECTION Vulnerability Ontology Tool (PIVOT), for vulnerability data management and classification. Both tools will be presented in this paper

The Proposition and Evaluation of the RoEduNet-SIMARGL2021 Network Intrusion Detection Dataset

Cybersecurity is an arms race, with both the security and the adversaries attempting to outsmart one another, coming up with new attacks, new ways to defend against those attacks, and again with new ways to circumvent those defences. This situation creates a constant need for novel, realistic cybersecurity datasets. This paper introduces the effects of using machine-learning-based intrusion detection methods in network traffic coming from a real-life architecture. The main contribution of this work is a dataset coming from a real-world, academic network. Real-life traffic was collected and, after performing a series of attacks, a dataset was assembled. The dataset contains 44 network features and an unbalanced distribution of classes. In this work, the capability of the dataset for formulating machine-learning-based models was experimentally evaluated. To investigate the stability of the obtained models, cross-validation was performed, and an array of detection metrics were reported. The gathered dataset is part of an effort to bring security against novel cyberthreats and was completed in the SIMARGL project