Segurança em redes sem fio: estudo sobre o desenvolvimento de conjuntos de dados para comparação de IDS

Pós-graduação em Engenharia Elétrica - FEIS

An Optimum-Path Forest framework for intrusion detection in computer networks

Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)

Boosting optimum-path forest clustering through harmony Search and its applications for intrusion detection in computer networks

In this paper we propose a nature-inspired approach that can boost the Optimum-Path Forest (OPF) clustering algorithm by optimizing its parameters in a discrete lattice. The experiments in two public datasets have shown that the proposed algorithm can achieve similar parameters' values compared to the exhaustive search. Although, the proposed technique is faster than the traditional one, being interesting for intrusion detection in large scale traffic networks. © 2012 IEEE.

Intrusion detection in computer networks using optimum-path forest clustering

Nowadays, organizations face the problem of keeping their information protected, available and trustworthy. In this context, machine learning techniques have also been extensively applied to this task. Since manual labeling is very expensive, several works attempt to handle intrusion detection with traditional clustering algorithms. In this paper, we introduce a new pattern recognition technique called Optimum-Path Forest (OPF) clustering to this task. Experiments on three public datasets have showed that OPF classifier may be a suitable tool to detect intrusions on computer networks, since it outperformed some state-of-the-art unsupervised techniques. © 2012 IEEE.

An approach to mitigate denial of service attacks in ieee 802.11 networks

Wireless networks are widely deployed and have many uses, for example in critical embedded systems. The applications of this kind of network meets the common needs of most embedded systems and addressing the particularities of each scenario, such as limitations of computing resources and energy supply. Problems such as denial of service attacks are common place and cause great inconvenience. Thus, this study presents simulations of denial of service attacks on 802.11 wireless networks using the network simulator OMNeT++. Furthermore, we present an approach to mitigate such attack, obtaining significant results for improving wireless networks.

A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks

Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)

An attack signature model to computer security intrusion detection

Internal and external computer network attacks or security threats occur according to standards and follow a set of subsequent steps, allowing to establish profiles or patterns. This well-known behavior is the basis of signature analysis intrusion detection systems. This work presents a new attack signature model to be applied on network-based intrusion detection systems engines. The AISF (ACME! Intrusion Signature Format) model is built upon XML technology and works on intrusion signatures handling and analysis, from storage to manipulation. Using this new model, the process of storing and analyzing information about intrusion signatures for further use by an IDS become a less difficult and standardized process.

Transmission network expansion planning in full open market considering security constraints

This paper presents a mathematical model and a methodology to solve the transmission network expansion planning problem with security constraints in full competitive market, assuming that all generation programming plans present in the system operation are known. The methodology let us find an optimal transmission network expansion plan that allows the power system to operate adequately in each one of the generation programming plans specified in the full competitive market case, including a single contingency situation with generation rescheduling using the security (n-1) criterion. In this context, the centralized expansion planning with security constraints and the expansion planning in full competitive market are subsets of the proposal presented in this paper. The model provides a solution using a genetic algorithm designed to efficiently solve the reliable expansion planning in full competitive market. The results obtained for several known systems from the literature show the excellent performance of the proposed methodology.

L3-arpsec - módulo seguro para controle e proteção do protocolo de resolução de endereços em redes definidas por software

Pós-graduação em Engenharia Elétrica - FEIS

An approach based on neural networks for identification of fault sections in radial distribution systems

The main objective involved with this paper consists of presenting the results obtained from the application of artificial neural networks and statistical tools in the automatic identification and classification process of faults in electric power distribution systems. The developed techniques to treat the proposed problem have used, in an integrated way, several approaches that can contribute to the successful detection process of faults, aiming that it is carried out in a reliable and safe way. The compilations of the results obtained from practical experiments accomplished in a pilot radial distribution feeder have demonstrated that the developed techniques provide accurate results, identifying and classifying efficiently the several occurrences of faults observed in the feeder.

The application of distributed virtual machines for enterprise computer management: A two-tier network file system for image provisioning and management

In order to simplify computer management, several system administrators are adopting advanced techniques to manage software configuration of enterprise computer networks, but the tight coupling between hardware and software makes every PC an individual managed entity, lowering the scalability and increasing the costs to manage hundreds or thousands of PCs. Virtualization is an established technology, however its use is been more focused on server consolidation and virtual desktop infrastructure, not for managing distributed computers over a network. This paper discusses the feasibility of the Distributed Virtual Machine Environment, a new approach for enterprise computer management that combines virtualization and distributed system architecture as the basis of the management architecture. © 2008 IEEE.

Statistical model applied to NetFlow for network intrusion detection

The computers and network services became presence guaranteed in several places. These characteristics resulted in the growth of illicit events and therefore the computers and networks security has become an essential point in any computing environment. Many methodologies were created to identify these events; however, with increasing of users and services on the Internet, many difficulties are found in trying to monitor a large network environment. This paper proposes a methodology for events detection in large-scale networks. The proposal approaches the anomaly detection using the NetFlow protocol, statistical methods and monitoring the environment in a best time for the application. © 2010 Springer-Verlag Berlin Heidelberg.

Detecção de eventos de segurança de redes por intermédio de técnicas estatísticas e associativas aplicadas a fluxos de dados

Pós-graduação em Ciência da Computação - IBILCE

Proposta de uma ferramenta de visualização e realidade virtual para o monitoramento de tráfego de redes de computadores

Pós-graduação em Ciência da Computação - IBILCE

Kappa-PSO-ARTMAP Fuzzy: uma metodologia para detecção de intrusos baseado em seleção de atributos e otimização de parâmetros numa rede neural ARTMAP Fuzzy

Pós-graduação em Engenharia Elétrica - FEIS