Proposing a hybrid-intelligent framework to secure e-government web applications

One of the essential needs to implement a successful e-Government web application is security. Web application firewalls (WAF) are the most important tool to secure web applications against the increasing number of web application attacks nowadays. WAFs work in different modes depending on the web traffic filtering approach used, such as positive security mode, negative security mode, session-based mode, or mixed modes. The proposed WAF, which is called (HiWAF), is a web application firewall that works in three modes: positive, negative and session based security modes. The new approach that distinguishes this WAF among other WAFs is that it utilizes the concepts of Artificial Intelligence (AI) instead of regular expressions or other traditional pattern matching techniques as its filtering engine. Both artificial neural networks and fuzzy logic concepts will be used to implement a hybrid intelligent web application firewall that works in three security modes.

Cost effectiveness of mitigation measures for water security and water quality in the River Thames catchment: impacts of changing climate, land use and water scarcity

The catchment of the River Thames, the principal river system in southern England, provides the main water supply for London but is highly vulnerable to changes in climate, land use and population. The river is eutrophic with significant algal blooms with phosphorus assumed to be the primary chemical indicator of ecosystem health. In the Thames Basin, phosphorus is available from point sources such as wastewater treatment plants and from diffuse sources such as agriculture. In order to predict vulnerability to future change, the integrated catchments model for phosphorus (INCA-P) has been applied to the river basin and used to assess the cost-effectiveness of a range of mitigation and adaptation strategies. It is shown that scenarios of future climate and land-use change will exacerbate the water quality problems, but a range of mitigation measures can improve the situation. A cost-effectiveness study has been undertaken to compare the economic benefits of each mitigation measure and to assess the phosphorus reductions achieved. The most effective strategy is to reduce fertilizer use by 20% together with the treatment of effluent to a high standard. Such measures will reduce the instream phosphorus concentrations to close to the EU Water Framework Directive target for the Thames.

A security architecture for a semantic Grid registry

Existing registry technologies such as UDDI can be enhanced to support capabilities for semantic reasoning and inquiry, which subsequently increases its usability range. The Grimoires registry was developed to provide such support through the use of metadata attachments to registry entities. The use of such attachments provides a way for allowing service operators to specify security assertions pertaining to registry entities owned by them. These assertions may however have to be reconciled with existing registry policies. A security architecture based on the XACML standard and deployed in the OMII framework is outlined to demonstrate how this goal is achieved in the registry.

An Optimum-Path Forest framework for intrusion detection in computer networks

Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)

Sustainable bioenergy: a framework for decision makers

Includes bibliography

Poverty, hunger and food security in Central America and Panama

Includes bibliography

IPSFlow: Um framework para Sistema de Prevenção de Intrusão baseado em Redes Definidas por Software

Os Sistemas de Detecção e Prevenção de Intrusão (Intrusion Detection Systems – IDS e Intrusion Prevention Systems - IPS) são ferramentas bastante conhecidas e bem consagradas no mundo da segurança da informação. Porém, a falta de integração com os equipamentos de rede como switches e roteadores acaba limitando a atuação destas ferramentas e exige um bom dimensionamento de recursos de hardware como processamento, memória e interfaces de rede de alta velocidade, utilizados para implementá-las. Diante de diversas limitações deparadas por pesquisadores e administradores de redes, surgiu o conceito de Rede Definida por Software (Software Defined Network – SDN), que ao separar os planos de controle e de dados, permite adaptar o funcionamento da rede de acordo com as necessidades de cada um. Desta forma, devido à padronização e flexibilidade propostas pelas SDNs, e das limitações apresentadas dos IPSs, esta dissertação de mestrado propõe o IPSFlow, um framework que utiliza uma rede baseada na arquitetura SDN e o protocolo OpenFlow para a criação de um IPS com ampla cobertura e que permite bloquear um tráfego caracterizado pelos IDS(s) como malicioso no equipamento mais próximo da origem. Para validar o framework, experimentos no ambiente virtual Mininet foram realizados utilizando-se o Snort como IDS para analisar tráfego de varredura (scan) gerado pelo Nmap de um host ao outro. Os resultados coletados apresentam que o IPSFlow funcionou conforme planejado ao efetuar o bloqueio de 85% do tráfego de varredura.

Ict security: Defence strategies against targeted attacks

L’avanzare delle tecnologie ICT e l’abbattimento dei costi di produzione hanno portato ad un aumento notevole della criminalità informatica. Tuttavia il cambiamento non è stato solamente quantitativo, infatti si può assistere ad un paradigm-shift degli attacchi informatici da completamente opportunistici, ovvero senza un target specifico, ad attacchi mirati aventi come obiettivo una particolare persona, impresa o nazione. Lo scopo della mia tesi è quello di analizzare modelli e tassonomie sia di attacco che di difesa, per poi valutare una effettiva strategia di difesa contro gli attacchi mirati. Il lavoro è stato svolto in un contesto aziendale come parte di un tirocinio. Come incipit, ho effettuato un attacco mirato contro l’azienda in questione per valutare la validità dei sistemi di difesa. L’attacco ha avuto successo, dimostrando l’inefficacia di moderni sistemi di difesa. Analizzando i motivi del fallimento nel rilevare l’attacco, sono giunto a formulare una strategia di difesa contro attacchi mirati sotto forma di servizio piuttosto che di prodotto. La mia proposta è un framework concettuale, chiamato WASTE (Warning Automatic System for Targeted Events) il cui scopo è fornire warnings ad un team di analisti a partire da eventi non sospetti, ed un business process che ho nominato HAZARD (Hacking Approach for Zealot Attack Response and Detection), che modella il servizio completo di difesa contro i targeted attack. Infine ho applicato il processo all’interno dell’azienda per mitigare minacce ed attacchi informatici.

Challenges of the Cooperative Movement In Addressing Issues of Human Security In the Context of a Neoliberal World: the Case of Argentina

The response of some Argentine workers to the 2001 crisis of neoliberalism gave rise to a movement of worker-recovered enterprises (empresas recuperadas por sus trabajadores or ERTs). The ERTs have emerged as former employees took over the control of generally fraudulently bankrupt factories and enterprises. The analysis of the ERT movement within the neoliberal global capitalist order will draw from William Robinson’s (2004) neo-Gramscian concept of hegemony. The theoretical framework of neo-Gramscian hegemony will be used in exposing the contradictions of capitalism on the global, national, organizational and individual scales and the effects they have on the ERT movement. The ERT movement has demonstrated strong level of resilience, despite the numerous economic, social, political and cultural challenges and limitations it faces as a consequence of the implementation of neoliberalism globally. ERTs have shown that through non-violent protests, democratic principles of management and social inclusion, it is possible to start constructing an alternative social order that is based on the cooperative principles of “honesty, openness, social responsibility and caring for others” (ICA 2007) as opposed to secrecy, exclusiveness, individualism and self-interestedness. In order to meet this “utopian” vision, it is essential to push the limits of the possible within the current social order and broaden the alliance to include the organized members of the working class, such as the members of trade unions, and the unorganized, such as the unemployed and underemployed. Though marginal in number and size, the members of ERTs have given rise to a model that is worth exploring in other countries and regions burdened by the contradictory workings of capitalism. Today, ERTs serve as living proofs that workers too are capable of successfully running businesses, not capitalists alone.

The WTO and Food Security: What’s Wrong with the Rules?

The WTO Agreement on Agriculture (AoA) is the predominant multilateral legal framework governing agricultural trade. The objective of the AoA is to liberalise trade in agriculture through reductions in tariffs, domestic support and export subsidies. The AoA has not, however, ‘levelled the playing field’ and has not resulted in the equitable distribution of food, particularly for the poorer developing countries. On the other hand, support for small farmers does not ensure food security for the poor. While food security has no simple solutions such as “free trade is good for you”, reform proposals for trade rules which only address agricultural policy instruments fail to account for consumer and other interests: neither tariff reductions and subsidy disciplines, nor safeguards and other measures of producer protection can automatically increase food security. Rather, what is needed is the full and proper implementation of a number of commitments which the international community has already entered into in various human rights treaties, but which even the envisaged results of the now failed Doha Round negotiations could not ensure without revisiting relevant multilateral trade and investment rules.

An Efficient Multiple Object Detection and Tracking Framework for Automatic Counting and Video Surveillance Applications

Automatic visual object counting and video surveillance have important applications for home and business environments, such as security and management of access points. However, in order to obtain a satisfactory performance these technologies need professional and expensive hardware, complex installations and setups, and the supervision of qualified workers. In this paper, an efficient visual detection and tracking framework is proposed for the tasks of object counting and surveillance, which meets the requirements of the consumer electronics: off-the-shelf equipment, easy installation and configuration, and unsupervised working conditions. This is accomplished by a novel Bayesian tracking model that can manage multimodal distributions without explicitly computing the association between tracked objects and detections. In addition, it is robust to erroneous, distorted and missing detections. The proposed algorithm is compared with a recent work, also focused on consumer electronics, proving its superior performance.

Security of plug-and-play QKD arrangements with finite resources

The security of a passive plug-and-play QKD arrangement in the case of finite (resources) key lengths is analysed. It is assumed that the eavesdropper has full access to the channel so an unknown and untrusted source is assumed. To take into account the security of the BB84 protocol under collective attacks within the framework of quantum adversaries, a full treatment provides the well-known equations for the secure key rate. A numerical simulation keeping a minimum number of initial parameters constant as the total error sought and the number of pulses is carried out. The remaining parameters are optimized to produce the maximum secure key rate. Two main strategies are addressed: with and without two-decoy-states including the optimization of signal to decoy relationship.

Security needs: Some considerations about its integration into the Self-Determination-Theory (SDT)

According to Self-determination Theory (SDT), there are only three psychological needs - competence, autonomy and relatedness - truly fundamental and essential for human being?s health and well-being, which can be satisfied by individuals while engaging in a wide variety of behaviors that may differ among individuals and be differentially manifest in different cultures. However, a number of questions have been raised about SDT?s contention that there are only those three basic psychological needs. The present study discusses the possibility that the security need should be considered as a basic need and its relation to the accepted three basic psychological needs. Using the Cultural Theory framework the degree of satisfaction of the basic needs, depending on the type of culture, is also presented.