880 resultados para Network Security System
Resumo:
This paper presents a Bi-level Programming (BP) approach to solve the Transmission Network Expansion Planning (TNEP) problem. The proposed model is envisaged under a market environment and considers security constraints. The upper-level of the BP problem corresponds to the transmission planner which procures the minimization of the total investment and load shedding cost. This upper-level problem is constrained by a single lower-level optimization problem which models a market clearing mechanism that includes security constraints. Results on the Garver's 6-bus and IEEE 24-bus RTS test systems are presented and discussed. Finally, some conclusions are drawn. © 2011 IEEE.
Resumo:
Malicious programs (malware) can cause severe damage on computer systems and data. The mechanism that the human immune system uses to detect and protect from organisms that threaten the human body is efficient and can be adapted to detect malware attacks. In this paper we propose a system to perform malware distributed collection, analysis and detection, this last inspired by the human immune system. After collecting malware samples from Internet, they are dynamically analyzed so as to provide execution traces at the operating system level and network flows that are used to create a behavioral model and to generate a detection signature. Those signatures serve as input to a malware detector, acting as the antibodies in the antigen detection process. This allows us to understand the malware attack and aids in the infection removal procedures. © 2012 Springer-Verlag.
Resumo:
Many applications in several domains such as telecommunications, network security, large scale sensor networks, require online processing of continuous data lows. They produce very high loads that requires aggregating the processing capacity of many nodes. Current Stream Processing Engines do not scale with the input load due to single-node bottlenecks. Additionally, they are based on static con?gurations that lead to either under or over-provisioning. In this paper, we present StreamCloud, a scalable and elastic stream processing engine for processing large data stream volumes. StreamCloud uses a novel parallelization technique that splits queries into subqueries that are allocated to independent sets of nodes in a way that minimizes the distribution overhead. Its elastic protocols exhibit low intrusiveness, enabling effective adjustment of resources to the incoming load. Elasticity is combined with dynamic load balancing to minimize the computational resources used. The paper presents the system design, implementation and a thorough evaluation of the scalability and elasticity of the fully implemented system.
Resumo:
Structural Health Monitoring (SHM) requires integrated "all in one" electronic devices capable of performing analysis of structural integrity and on-board damage detection in aircraft?s structures. PAMELA III (Phased Array Monitoring for Enhanced Life Assessment, version III) SHM embedded system is an example of this device type. This equipment is capable of generating excitation signals to be applied to an array of integrated piezoelectric Phased Array (PhA) transducers stuck to aircraft structure, acquiring the response signals, and carrying out the advanced signal processing to obtain SHM maps. PAMELA III is connected with a host computer in order to receive the configuration parameters and sending the obtained SHM maps, alarms and so on. This host can communicate with PAMELA III through an Ethernet interface. To avoid the use of wires where necessary, it is possible to add Wi-Fi capabilities to PAMELA III, connecting a Wi-Fi node working as a bridge, and to establish a wireless communication between PAMELA III and the host. However, in a real aircraft scenario, several PAMELA III devices must work together inside closed structures. In this situation, it is not possible for all PAMELA III devices to establish a wireless communication directly with the host, due to the signal attenuation caused by the different obstacles of the aircraft structure. To provide communication among all PAMELA III devices and the host, a wireless mesh network (WMN) system has been implemented inside a closed aluminum wingbox. In a WMN, as long as a node is connected to at least one other node, it will have full connectivity to the entire network because each mesh node forwards packets to other nodes in the network as required. Mesh protocols automatically determine the best route through the network and can dynamically reconfigure the network if a link drops out. The advantages and disadvantages on the use of a wireless mesh network system inside closed aerospace structures are discussed.
Resumo:
Security Onion is a Network Security Manager (NSM) platform that provides multiple Intrusion Detection Systems (IDS) including Host IDS (HIDS) and Network IDS (NIDS). Many types of data can be acquired using Security Onion for analysis. This includes data related to: Host, Network, Session, Asset, Alert and Protocols. Security Onion can be implemented as a standalone deployment with server and sensor included or with a master server and multiple sensors allowing for the system to be scaled as required. Many interfaces and tools are available for management of the system and analysis of data such as Sguil, Snorby, Squert and Enterprise Log Search and Archive (ELSA). These interfaces can be used for analysis of alerts and captured events and then can be further exported for analysis in Network Forensic Analysis Tools (NFAT) such as NetworkMiner, CapME or Xplico. The Security Onion platform also provides various methods of management such as Secure SHell (SSH) for management of server and sensors and Web client remote access. All of this with the ability to replay and analyse example malicious traffic makes the Security Onion a suitable low cost alternative for Network Security Management. In this paper, we have a feature and functionality review for the Security Onion in terms of: types of data, configuration, interface, tools and system management.
Resumo:
Il rilevamento di intrusioni nel contesto delle pratiche di Network Security Monitoring è il processo attraverso cui, passando per la raccolta e l'analisi di dati prodotti da una o più fonti di varia natura, (p.e. copie del traffico di rete, copie dei log degli applicativi/servizi, etc..) vengono identificati, correlati e analizzati eventi di sicurezza con l'obiettivo di rilevare potenziali tenativi di compromissione al fine di proteggere l'asset tecnologico all'interno di una data infrastruttura di rete. Questo processo è il prodotto di una combinazione di hardware, software e fattore umano. Spetta a quest'ultimo nello specifico il compito più arduo, ovvero quello di restare al passo con una realtà in continua crescita ed estremamente dinamica: il crimine informatico. Spetta all'analista filtrare e analizzare le informazioni raccolte in merito per contestualizzarle successivamente all'interno della realta che intende proteggere, con il fine ultimo di arricchire e perfezionare le logiche di rilevamento implementate sui sistemi utilizzati. È necessario comprendere come il mantenimento e l'aggiornamento di questi sistemi sia un'attività che segue l'evolversi delle tecnologie e delle strategie di attacco. Un suo svolgimento efficacie ed efficiente risulta di primaria importanza per consentire agli analisti di focalizzare le proprie risorse sulle attività di investigazione di eventi di sicurezza, ricerca e aggiornamento delle logiche di rilevamento, minimizzando quelle ripetitive, "time consuming", e potenzialmente automatizzabili. Questa tesi ha come obiettivo quello di presentare un possibile approccio ad una gestione automatizzata e centralizzata di sistemi per il rilevamento delle intrusioni, ponendo particolare attenzione alle tecnologie IDS presenti sul panorama open source oltre a rapportare tra loro gli aspetti di scalabilità e personalizzazione che ci si trova ad affrontare quando la gestione viene estesa ad infrastrutture di rete eterogenee e distribuite.
Resumo:
Mestrado em Engenharia Electrotécnica e de Computadores
Resumo:
Perante a evolução constante da Internet, a sua utilização é quase obrigatória. Através da web, é possível conferir extractos bancários, fazer compras em países longínquos, pagar serviços sem sair de casa, entre muitos outros. Há inúmeras alternativas de utilização desta rede. Ao se tornar tão útil e próxima das pessoas, estas começaram também a ganhar mais conhecimentos informáticos. Na Internet, estão também publicados vários guias para intrusão ilícita em sistemas, assim como manuais para outras práticas criminosas. Este tipo de informação, aliado à crescente capacidade informática do utilizador, teve como resultado uma alteração nos paradigmas de segurança informática actual. Actualmente, em segurança informática a preocupação com o hardware é menor, sendo o principal objectivo a salvaguarda dos dados e continuidade dos serviços. Isto deve-se fundamentalmente à dependência das organizações nos seus dados digitais e, cada vez mais, dos serviços que disponibilizam online. Dada a mudança dos perigos e do que se pretende proteger, também os mecanismos de segurança devem ser alterados. Torna-se necessário conhecer o atacante, podendo prever o que o motiva e o que pretende atacar. Neste contexto, propôs-se a implementação de sistemas de registo de tentativas de acesso ilícitas em cinco instituições de ensino superior e posterior análise da informação recolhida com auxílio de técnicas de data mining (mineração de dados). Esta solução é pouco utilizada com este intuito em investigação, pelo que foi necessário procurar analogias com outras áreas de aplicação para recolher documentação relevante para a sua implementação. A solução resultante revelou-se eficaz, tendo levado ao desenvolvimento de uma aplicação de fusão de logs das aplicações Honeyd e Snort (responsável também pelo seu tratamento, preparação e disponibilização num ficheiro Comma Separated Values (CSV), acrescentando conhecimento sobre o que se pode obter estatisticamente e revelando características úteis e previamente desconhecidas dos atacantes. Este conhecimento pode ser utilizado por um administrador de sistemas para melhorar o desempenho dos seus mecanismos de segurança, tais como firewalls e Intrusion Detection Systems (IDS).
Resumo:
Trabalho apresentado no âmbito do Mestrado em Engenharia Informática, como requisito parcial para obtenção do grau de Mestre em Engenharia Informática
Resumo:
Summary The field of public finance focuses on the spending and taxing activities of governments and their influence on the allocation of resources and distribution of income. This work covers in three parts different topics related to public finance which are currently widely discussed in media and politics. The first two parts deal with issues on social security, which is in general one of the biggest spending shares of governments. The third part looks at the main income source of governments by analyzing the perceived value of tax competition. Part one deals with the current problem of increased early retirement by focusing on Switzerland as a special case. Early retirement is predominantly considered to be the result of incentives set by social security and the tax system. But the Swiss example demonstrates that the incidence of early retirement has dramatically increased even in the absence of institutional changes. We argue that the wealth effect also plays an important role in the retirement decision for middle and high income earners. An actuarially fair, but mandatory funded system with a relatively high replacement rate may thus contribute to a low labor market participation rate of elderly workers. We provide evidence using a unique dataset on individual retirement decisions in Swiss pension funds, allowing us to perfectly control for pension scheme details. Our findings suggest that affordability is a key determinant in the retirement decisions. The higher the accumulated pension capital, the earlier men, and to a smaller extent women, tend to leave the workforce. The fact that early retirement has become much more prevalent in the last 15 years is a further indicator of the importance of a wealth effect, as the maturing of the Swiss mandatory funded pension system over that period has led to an increase in the effective replacement rates for middle and high income earners. Part two covers the theoretical side of social security. Theories analyzing optimal social security benefits provide important qualitative results, by mainly using one general type of an economy. Economies are however very diverse concerning numerous aspects, one of the most important being the wealth level. This can lead to significant quantitative benefit differences that imply differences in replacement rates and levels of labor supply. We focus on several aspects related to this fact. In a within cohort social security model, we introduce disability insurance with an imperfect screening mechanism. We then vary the wealth level of the model economy and analyze how the optimal social security benefit structure or equivalently, the optimal replacement rates, changes depending on the wealth level of the economy, and if the introduction of disability insurance into a social security system is preferable for all economies. Second, the screening mechanism of disability insurance and the threshold level at which people are defined as disabled can differ. For economies with different wealth levels, we determine for different thresholds the screening level that maximizes social welfare. Finally, part three turns to the income of governments, by adding an element to the controversy on tax competition versus tax harmonization.2 Inter-jurisdictional tax competition can generate at least two potential benefits or costs: On a public level, tax competition may result in a lower or higher efficiency in the production of public services. But there is also a more private benefit in the form of an option for individuals to move to a community with a lower tax rate in the future. To explore the value citizens attach to tax competition we analyze a unique popular vote for a complete tax harmonization between communities in the third largest Swiss canton, Vaud. Although a majority of voters would have seemingly benefited from replacing the current tax rate by a revenue-neutral average tax rate, the proposal was rejected by a large margin. Our estimates suggest that the estimated combined perceived benefit from tax competition is in the range of 10%.
Resumo:
We study the social, demographic and economic origins of social security. The data for the U.S. and for a cross section of countries suggest that urbanization and industrialization are associated with the rise of social insurance. We describe an OLG model in which demographics, technology, and social security are linked together in a political economy equilibrium. In the model economy, there are two locations (sectors), the farm (agricultural) and the city (industrial) and the decision to migrate from rural to urban locations is endogenous and linked to productivity differences between the two locations and survival probabilities. Farmers rely on land inheritance for their old age and do not support a pay-as-you-go social security system. With structural change, people migrate to the city, the land loses its importance and support for social security arises. We show that a calibrated version of this economy, where social security taxes are determined by majority voting, is consistent with the historical transformation in the United States.
Resumo:
This paper quantifies the effects of social security on capital accumulation and wealth distribution in a life cycle framework with altruistic individuals. The main findings of this paper are that the current U.S. social security system has a significant impact on capital accumulation and wealth distribution. I find that social security crowds out 8\% of the capital stock of an economy without social security. This effect is driven by the distortions of labor supply due to the taxation of labor income rather than by the intergenerational redistribution of income imposed by the social security system. In contrast to previous analysis of social security, I found that social security does not affect the savings rate of the economy. Another interesting finding is that even though the current U.S. social security system is progressive in its benefits, it may lead to a more disperse distribution of wealth.
Resumo:
This paper studies the impact of an unfunded social security system on the distribution of bequests in a framework where savings are due both by life cycle and by random altruistic motivations. We show that the impact of social security on the distribution of bequests depends crucially on the importance of the bequest motive in explaining savings behavior. If the bequest motive is strong, then an increase in the social security tax raises the bequests left by altruistic parents. On the other hand, when the importance of bequests in motivating savings is sufficiently low, theincrease in the social security tax could result in a reduction of the bequests left by altruistic parents under some conditions on the attitude of individuals toward risk and on the relative returns associated with private saving and social security. Some implications concerning the transitional effects of introducing an unfunded social security scheme are also discussed.
Resumo:
This paper provides a quantitative evaluation of the intra--cohortredistributive elements of the United States social security system in thecontext of a computable general equilibrium model. I determine how thewell--being of individuals that differ across {\sl gender, race} and {\sl education}is affected by government social security policy. I find that females, whitesand non--college graduates stand less to gain (lose) from reductions(increases) in the size of social security than males, non--whites andcollege graduates, respectively. Differences in mortality risk and laborproductivity translate into differences in the magnitudes of capitalaccumulation and labor supply distortions, that are responsible for theobserved welfare difference between types. Results imply that the currentprogram is lifetime progressive across gender and education, yet lifetimeregressive across race.
Resumo:
Why are the old politically successful? We build a simple interest group model in which political pressure is time-intensive, showing that in the political competitive equilibrium each group lobbies for government policies that lower their own value of time but the old do so to a greater extent and as a result are net gainers from the political process. What distinguishes the elderly from other political groups (and what makes them more succesful) is that they have lower labor productivity and/or that we are all likely to become elderly at some point, while we are relatively unlikely to change gender, race, sexual orientation, or even ocupation, The model has a variety of implications for the design of social security programs, which we test using data from the Social Security Administration. For example, the model predicts that social security programs with retirement incentives are larger and that the old are more "single-minded" in their politics, implications which we verify using cross-country government finance data and cross-country political participation surveys. Finally, we show that the forced savings programs intended to "reform" the social security system may increase the amount of intergenerational redistribution. As a model for evaluating policy reforms, ours has the attractive feature that reforms must be time time consistent from a political point of view rather than a public interest point of view.
