921 resultados para Intrusion tolerance
Resumo:
INTRODUCTION In recent years computer systems have become increasingly complex and consequently the challenge of protecting these systems has become increasingly difficult. Various techniques have been implemented to counteract the misuse of computer systems in the form of firewalls, antivirus software and intrusion detection systems. The complexity of networks and dynamic nature of computer systems leaves current methods with significant room for improvement. Computer scientists have recently drawn inspiration from mechanisms found in biological systems and, in the context of computer security, have focused on the human immune system (HIS). The human immune system provides an example of a robust, distributed system that provides a high level of protection from constant attacks. By examining the precise mechanisms of the human immune system, it is hoped the paradigm will improve the performance of real intrusion detection systems. This paper presents an introduction to recent developments in the field of immunology. It discusses the incorporation of a novel immunological paradigm, Danger Theory, and how this concept is inspiring artificial immune systems (AIS). Applications within the context of computer security are outlined drawing direct reference to the underlying principles of Danger Theory and finally, the current state of intrusion detection systems is discussed and improvements suggested.
Resumo:
Abstract We present ideas about creating a next generation Intrusion Detection System (IDS) based on the latest immunological theories. The central challenge with computer security is determining the difference between normal and potentially harmful activity. For half a century, developers have protected their systems by coding rules that identify and block specific events. However, the nature of current and future threats in conjunction with ever larger IT systems urgently requires the development of automated and adaptive defensive tools. A promising solution is emerging in the form of Artificial Immune Systems (AIS): The Human Immune System (HIS) can detect and defend against harmful and previously unseen invaders, so can we not build a similar Intrusion Detection System (IDS) for our computers? Presumably, those systems would then have the same beneficial properties as HIS like error tolerance, adaptation and self-monitoring. Current AIS have been successful on test systems, but the algorithms rely on self-nonself discrimination, as stipulated in classical immunology. However, immunologist are increasingly finding fault with traditional self-nonself thinking and a new 'Danger Theory' (DT) is emerging. This new theory suggests that the immune system reacts to threats based on the correlation of various (danger) signals and it provides a method of 'grounding' the immune response, i.e. linking it directly to the attacker. Little is currently understood of the precise nature and correlation of these signals and the theory is a topic of hot debate. It is the aim of this research to investigate this correlation and to translate the DT into the realms of computer security, thereby creating AIS that are no longer limited by self-nonself discrimination. It should be noted that we do not intend to defend this controversial theory per se, although as a deliverable this project will add to the body of knowledge in this area. Rather we are interested in its merits for scaling up AIS applications by overcoming self-nonself discrimination problems.
Resumo:
Intrusion Detection Systems (IDSs) provide an important layer of security for computer systems and networks, and are becoming more and more necessary as reliance on Internet services increases and systems with sensitive data are more commonly open to Internet access. An IDS’s responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this activity. The majority of IDSs use a set of signatures that define what suspicious traffic is, and Snort is one popular and actively developing open-source IDS that uses such a set of signatures known as Snort rules. Our aim is to identify a way in which Snort could be developed further by generalising rules to identify novel attacks. In particular, we attempted to relax and vary the conditions and parameters of current Snort rules, using a similar approach to classic rule learning operators such as generalisation and specialisation. We demonstrate the effectiveness of our approach through experiments with standard datasets and show that we are able to detect previously undetected variants of various attacks. We conclude by discussing the general effectiveness and appropriateness of generalisation in Snort based IDS rule processing. Keywords: anomaly detection, intrusion detection, Snort, Snort rules
Resumo:
The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we review the algorithms used, the development of the systems and the outcome of their implementation. We provide an introduction and analysis of the key developments within this field, in addition to making suggestions for future research.
Resumo:
Fault tolerance allows a system to remain operational to some degree when some of its components fail. One of the most common fault tolerance mechanisms consists on logging the system state periodically, and recovering the system to a consistent state in the event of a failure. This paper describes a general fault tolerance logging-based mechanism, which can be layered over deterministic systems. Our proposal describes how a logging mechanism can recover the underlying system to a consistent state, even if an action or set of actions were interrupted mid-way, due to a server crash. We also propose different methods of storing the logging information, and describe how to deploy a fault tolerant master-slave cluster for information replication. We adapt our model to a previously proposed framework, which provided common relational features, like transactions with atomic, consistent, isolated and durable properties, to NoSQL database management systems.
Resumo:
Alternaria blight (AB) of sweet potato ( Ipomoea batatas L. ), caused by Alternaria spp., was recently reported in South Africa, but is common in southern and eastern Africa. Elsewhere in the world, AB is controlled primarily using resistant varieties. Twenty-five sweet potato varieties/breeding lines, from different origins were assessed for tolerance to AB. The materials were planted in fields having a history of AB disease and rated for tolerance based on a General Disease Index (GDI), with the lowest scores representing tolerance, and the higher scores representing susceptibility. Variety 199062-1 had the lowest GDI value, and was the most tolerant to AB; while W119 had the highest GDI value and was the most susceptible to the disease. Other varieties/breeding lines showed a variation in GDI values between most tolerant and most susceptible. Among the fungicides tested under field conditions, the mixture azoxystrobin-difenoconazole was the most effective in reducing AB intensity. Fungicides pyraclostrobin-boscalid, unizeb, azoxystrobin-chlorothalonil and cymoxanil-mancozeb were also effective against the disease.
Resumo:
The European sea bass (Dicentrarchus labrax) is an economically important fish native to the Mediterranean and Northern Atlantic. Its complex life cycle involves many migrations through temperature gradients that affect the energetic demands of swimming. Previous studies have shown large intraspecific variation in swimming performance and temperature tolerance, which could include deleterious and advantageous traits under the evolutionary pressure of climate change. However, little is known of the underlying determinants of this individual variation. We investigated individual variation in temperature tolerance in 30 sea bass by exposing them to a warm temperature challenge test. The eight most temperature-tolerant and eight most temperature-sensitive fish were then studied further to determine maximal swimming speed (U-CAT), aerobic scope and post-exercise oxygen consumption. Finally, ventricular contractility in each group was determined using isometric muscle preparations. The temperature-tolerant fish showed lower resting oxygen consumption rates, possessed larger hearts and initially recovered from exhaustive exercise faster than the temperature-sensitive fish. Thus, whole-animal temperature tolerance was associated with important performance traits. However, the temperature-tolerant fish also demonstrated poorer maximal swimming capacity (i.e. lower UCAT) than their temperature-sensitive counterparts, which may indicate a trade-off between temperature tolerance and swimming performance. Interestingly, the larger relative ventricular mass of the temperature-tolerant fish did not equate to greater ventricular contractility, suggesting that larger stroke volumes, rather than greater contractile strength, may be associated with thermal tolerance in this species.
Resumo:
We present ideas about creating a next generation Intrusion Detection System (IDS) based on the latest immunological theories. The central challenge with computer security is determining the difference between normal and potentially harmful activity. For half a century, developers have protected their systems by coding rules that identify and block specific events. However, the nature of current and future threats in conjunction with ever larger IT systems urgently requires the development of automated and adaptive defensive tools. A promising solution is emerging in the form of Artificial Immune Systems (AIS): The Human Immune System (HIS) can detect and defend against harmful and previously unseen invaders, so can we not build a similar Intrusion Detection System (IDS) for our computers? Presumably, those systems would then have the same beneficial properties as HIS like error tolerance, adaptation and self-monitoring. Current AIS have been successful on test systems, but the algorithms rely on self-nonself discrimination, as stipulated in classical immunology. However, immunologist are increasingly finding fault with traditional self-nonself thinking and a new ‘Danger Theory’ (DT) is emerging. This new theory suggests that the immune system reacts to threats based on the correlation of various (danger) signals and it provides a method of ‘grounding’ the immune response, i.e. linking it directly to the attacker. Little is currently understood of the precise nature and correlation of these signals and the theory is a topic of hot debate. It is the aim of this research to investigate this correlation and to translate the DT into the realms of computer security, thereby creating AIS that are no longer limited by self-nonself discrimination. It should be noted that we do not intend to defend this controversial theory per se, although as a deliverable this project will add to the body of knowledge in this area. Rather we are interested in its merits for scaling up AIS applications by overcoming self-nonself discrimination problems.
Resumo:
Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to the IDS problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.
Resumo:
Nowadays, Power grids are critical infrastructures on which everything else relies, and their correct behavior is of the highest priority. New smart devices are being deployed to be able to manage and control power grids more efficiently and avoid instability. However, the deployment of such smart devices like Phasor Measurement Units (PMU) and Phasor Data Concentrators (PDC), open new opportunities for cyber attackers to exploit network vulnerabilities. If a PDC is compromised, all data coming from PMUs to that PDC is lost, reducing network observability. Our approach to solve this problem is to develop an Intrusion detection System (IDS) in a Software-defined network (SDN). allowing the IDS system to detect compromised devices and use that information as an input for a self-healing SDN controller, which redirects the data of the PMUs to a new, uncompromised PDC, maintaining the maximum possible network observability at every moment. During this research, we have successfully implemented Self-healing in an example network with an SDN controller based on Ryu controller. We have also assessed intrinsic vulnerabilities of Wide Area Management Systems (WAMS) and SCADA networks, and developed some rules for the Intrusion Detection system which specifically protect vulnerabilities of these networks. The integration of the IDS and the SDN controller was also successful. \\To achieve this goal, the first steps will be to implement an existing Self-healing SDN controller and assess intrinsic vulnerabilities of Wide Area Measurement Systems (WAMS) and SCADA networks. After that, we will integrate the Ryu controller with Snort, and create the Snort rules that are specific for SCADA or WAMS systems and protocols.
Resumo:
2011
Resumo:
2014
Resumo:
Past research has shown that having a large population of ethnic minorities beyond the neighborhood level arouses intolerance in the majority. However, this paper presents the argument that the effect of minority size on tolerance depends on minority type: the less subject the minority is to negative stereotyping, the more favorable the effect that minority size has on tolerance. In this study, a hierarchical linear model was applied to a dataset on advanced and emerging democracies in Europe. The analysis shows that when the duration and level of democracy are controlled for, ethnic tolerance was associated positively with native minority size and negatively with foreign population size.
Resumo:
OBJECTIVE: To estimate the prevalence of reduced sound tolerance (hyperacusis) in a UK population of 11-year-old children and examine the association of early life and auditory risk factors with report of hyperacusis. DESIGN: A prospective UK population-based study. STUDY SAMPLE: A total of 7097 eleven-year-old children within the Avon longitudinal study of parents and children (ALSPAC) were asked about sound tolerance; hearing and middle-ear function was measured using audiometry, otoacoustic emissions, and tympanometry. Information on neonatal risk factors and socioeconomic factors were obtained through parental questionnaires. RESULTS: 3.7% (95% CI 3.25, 4.14) children reported hyperacusis. Hyperacusis report was less likely in females (adj OR 0.64, 95% CI 0.49, 0.85), and was more likely with higher maternal education level (adj OR 1.72, 95% CI 1.08, 2.72) and with readmission to hospital in first four weeks (adj OR 1.98, 95% CI 1.20, 3.25). Report of hyperacusis was associated with larger amplitude otoacoustic emissions but with no other auditory factors. CONCLUSIONS: The prevalence of hyperacusis in the population of 11-year-old UK children is estimated to be 3.7%. It is more common in boys.
