Current Search: Computer security (x)
View All Items
Pages
- Title
- Intrusion detection in wireless networks: A data mining approach.
- Creator
- Nath, Shyam Varan., Florida Atlantic University, Khoshgoftaar, Taghi M., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
The security of wireless networks has gained considerable importance due to the rapid proliferation of wireless communications. While computer network heuristics and rules are being used to control and monitor the security of Wireless Local Area Networks (WLANs), mining and learning behaviors of network users can provide a deeper level of security analysis. The objective and contribution of this thesis is three fold: exploring the security vulnerabilities of the IEEE 802.11 standard for...
Show moreThe security of wireless networks has gained considerable importance due to the rapid proliferation of wireless communications. While computer network heuristics and rules are being used to control and monitor the security of Wireless Local Area Networks (WLANs), mining and learning behaviors of network users can provide a deeper level of security analysis. The objective and contribution of this thesis is three fold: exploring the security vulnerabilities of the IEEE 802.11 standard for wireless networks; extracting features or metrics, from a security point of view, for modeling network traffic in a WLAN; and proposing a data mining-based approach to intrusion detection in WLANs. A clustering- and expert-based approach to intrusion detection in a wireless network is presented in this thesis. The case study data is obtained from a real-word WLAN and contains over one million records. Given the clusters of network traffic records, a distance-based heuristic measure is proposed for labeling clusters as either normal or intrusive. The empirical results demonstrate the promise of the proposed approach, laying the groundwork for a clustering-based framework for intrusion detection in computer networks.
Show less - Date Issued
- 2005
- PURL
- http://purl.flvc.org/fcla/dt/13246
- Subject Headings
- Wireless communication systems, Data warehousing, Data mining, Telecommunication--Security measures, Computer networks--Security measures, Computer security
- Format
- Document (PDF)
- Title
- Misuse Patterns for the SSL/TLS Protocol.
- Creator
- Alkazimi, Ali, Fernandez, Eduardo B., Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
The SSL/TLS is the main protocol used to provide secure data connection between a client and a server. The main concern of using this protocol is to avoid the secure connection from being breached. Computer systems and their applications are becoming more complex and keeping these secure connections between all the connected components is a challenge. To avoid any new security flaws and protocol connections weaknesses, the SSL/TLS protocol is always releasing newer versions after discovering...
Show moreThe SSL/TLS is the main protocol used to provide secure data connection between a client and a server. The main concern of using this protocol is to avoid the secure connection from being breached. Computer systems and their applications are becoming more complex and keeping these secure connections between all the connected components is a challenge. To avoid any new security flaws and protocol connections weaknesses, the SSL/TLS protocol is always releasing newer versions after discovering security bugs and vulnerabilities in any of its previous version. We have described some of the common security flaws in the SSL/TLS protocol by identifying them in the literature and then by analyzing the activities from each of their use cases to find any possible threats. These threats are realized in the form of misuse cases to understand how an attack happens from the point of the attacker. This approach implies the development of some security patterns which will be added as a reference for designing secure systems using the SSL/TLS protocol. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models.
Show less - Date Issued
- 2017
- PURL
- http://purl.flvc.org/fau/fd/FA00004873, http://purl.flvc.org/fau/fd/FA00004873
- Subject Headings
- Computer networks--Security measures., Computer network protocols., Computer software--Development., Computer architecture.
- Format
- Document (PDF)
- Title
- Unifying the conceptual levels of network security through the use of patterns.
- Creator
- Kumar, Ajoy, Fernandez, Eduardo B., Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
Network architectures are described by the International Standard for Organization (ISO), which contains seven layers. The internet uses four of these layers, of which three are of interest to us. These layers are Internet Protocol (IP) or Network Layer, Transport Layer and Application Layer. We need to protect against attacks that may come through any of these layers. In the world of network security, systems are plagued by various attacks, internal and external, and could result in Denial...
Show moreNetwork architectures are described by the International Standard for Organization (ISO), which contains seven layers. The internet uses four of these layers, of which three are of interest to us. These layers are Internet Protocol (IP) or Network Layer, Transport Layer and Application Layer. We need to protect against attacks that may come through any of these layers. In the world of network security, systems are plagued by various attacks, internal and external, and could result in Denial of Service (DoS) and/or other damaging effects. Such attacks and loss of service can be devastating for the users of the system. The implementation of security devices such as Firewalls and Intrusion Detection Systems (IDS), the protection of network traffic with Virtual Private Networks (VPNs), and the use of secure protocols for the layers are important to enhance the security at each of these layers.We have done a survey of the existing network security patterns and we have written the missing patterns. We have developed security patterns for abstract IDS, Behavior–based IDS and Rule-based IDS and as well as for Internet Protocol Security (IPSec) and Transport Layer Security (TLS) protocols. We have also identified the need for a VPN pattern and have developed security patterns for abstract VPN, an IPSec VPN and a TLS VPN. We also evaluated these patterns with respect to some aspects to simplify their application by system designers. We have tried to unify the security of the network layers using security patterns by tying in security patterns for network transmission, network protocols and network boundary devices.
Show less - Date Issued
- 2014
- PURL
- http://purl.flvc.org/fau/fd/FA00004132, http://purl.flvc.org/fau/fd/FA00004132
- Subject Headings
- Computer architecture, Computer network architectures, Computer network protocols, Computer network protocols, Computer networks -- Security measures, Expert systems (Computer science)
- Format
- Document (PDF)
- Title
- Controlling access to physical locations.
- Creator
- Desouza-Doucet, Ana C., Florida Atlantic University, Fernandez, Eduardo B.
- Abstract/Description
-
The need to secure and control access to rooms in premises has shifted from allowing some people to enter a room to giving permission to specific persons to access a room and recording who entered the room and the time they spent in it. With such need for higher security in mind, we design an access control system for controlling physical access of people to locations or to specific units in these locations. Our study gives emphasis to the organization of physical locations, including nested...
Show moreThe need to secure and control access to rooms in premises has shifted from allowing some people to enter a room to giving permission to specific persons to access a room and recording who entered the room and the time they spent in it. With such need for higher security in mind, we design an access control system for controlling physical access of people to locations or to specific units in these locations. Our study gives emphasis to the organization of physical locations, including nested rooms, and the approach used to assign permission to people to access such locations. We also define some security policies to be used in such model as well as appropriate user interfaces. Finally, we develop two patterns based on our model.
Show less - Date Issued
- 2006
- PURL
- http://purl.flvc.org/fcla/dt/13328
- Subject Headings
- Software architecture, Computer networks--Access control, Computer security, Object-oriented programming (Computer science), Smart cards--Security measures
- Format
- Document (PDF)
- Title
- Universal physical access control system (UPACS).
- Creator
- Carryl, Clyde, Alhalabi, Bassem A., Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
This research addresses the need for increased interoperability between the varied access control systems in use today, and for a secure means of providing access to remote physical devices over untrusted networks. The Universal Physical Access Control System (UPACS) is an encryption-enabled security protocol that provides a standard customizable device control mechanism that can be used to control the behavior of a wide variety of physical devices, and provide users the ability to securely...
Show moreThis research addresses the need for increased interoperability between the varied access control systems in use today, and for a secure means of providing access to remote physical devices over untrusted networks. The Universal Physical Access Control System (UPACS) is an encryption-enabled security protocol that provides a standard customizable device control mechanism that can be used to control the behavior of a wide variety of physical devices, and provide users the ability to securely access those physical devices over untrusted networks.
Show less - Date Issued
- 2015
- PURL
- http://purl.flvc.org/fau/fd/FA00004354, http://purl.flvc.org/fau/fd/FA00004354
- Subject Headings
- Body area networks (Electronics), Computational complexity, Computer network protocols, Computer security, Cryptography, Data encryption (Computer science), Data structures (Computer science), Telecommunication -- Security measures
- Format
- Document (PDF)
- Title
- Enabling access for mobile devices to the web services resource framework.
- Creator
- Mangs, Jan Christian., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
The increasing availability of Web services and grid computing has made easier the access and reuse of different types of services. Web services provide network accessible interfaces to application functionality in a platform-independent manner. Developments in grid computing have led to the efficient distribution of computing resources and power through the use of stateful web services. At the same time, mobile devices as a platform of computing have become a ubiquitous, inexpensive, and...
Show moreThe increasing availability of Web services and grid computing has made easier the access and reuse of different types of services. Web services provide network accessible interfaces to application functionality in a platform-independent manner. Developments in grid computing have led to the efficient distribution of computing resources and power through the use of stateful web services. At the same time, mobile devices as a platform of computing have become a ubiquitous, inexpensive, and powerful computing resource. Concepts such as cloud computing has pushed the trend towards using grid concepts in the internet domain and are ideally suited for internet-supported mobile devices. Currently, there are a few complete implementations that leverage mobile devices as a member of a grid or virtual organization. This thesis presents a framework that enables the use of mobile devices to access stateful Web services on a Globus-based grid. To illustrate the presented framework, a user-friendly mobile application has been created that utilizes the framework libraries do to demonstrate the various functionalities that are accessible from any mobile device that supports Java ME.
Show less - Date Issued
- 2008
- PURL
- http://purl.flvc.org/FAU/186290
- Subject Headings
- User interfaces (Computer systems), Data structures (Computer science), Mobile computing, Security measures, Mobile communication systems, Computational grids (Computer systems)
- Format
- Document (PDF)
- Title
- Password-authenticated two-party key exchange with long-term security.
- Creator
- Gao, WeiZheng., Charles E. Schmidt College of Science, Department of Mathematical Sciences
- Abstract/Description
-
In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the...
Show moreIn the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `.
Show less - Date Issued
- 2012
- PURL
- http://purl.flvc.org/FAU/3342105
- Subject Headings
- Data encryption (Computer science), Computer networks (Security measures), Software protection, Computers, Access control, Passwords
- Format
- Document (PDF)
- Title
- Application level intrusion detection using a sequence learning algorithm.
- Creator
- Dong, Yuhong., Florida Atlantic University, Hsu, Sam, Rajput, Saeed, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
An un-supervised learning algorithm on application level intrusion detection, named Graph Sequence Learning Algorithm (GSLA), is proposed in this dissertation. Experiments prove its effectiveness. Similar to most intrusion detection algorithms, in GSLA, the normal profile needs to be learned first. The normal profile is built using a session learning method, which is combined with the one-way Analysis of Variance method (ANOVA) to determine the value of an anomaly threshold. In the proposed...
Show moreAn un-supervised learning algorithm on application level intrusion detection, named Graph Sequence Learning Algorithm (GSLA), is proposed in this dissertation. Experiments prove its effectiveness. Similar to most intrusion detection algorithms, in GSLA, the normal profile needs to be learned first. The normal profile is built using a session learning method, which is combined with the one-way Analysis of Variance method (ANOVA) to determine the value of an anomaly threshold. In the proposed approach, a hash table is used to store a sparse data matrix in triple data format that is collected from a web transition log instead of an n-by-n dimension matrix. Furthermore, in GSLA, the sequence learning matrix can be dynamically changed according to a different volume of data sets. Therefore, this approach is more efficient, easy to manipulate, and saves memory space. To validate the effectiveness of the algorithm, extensive simulations have been conducted by applying the GSLA algorithm to the homework submission system at our computer science and engineering department. The performance of GSLA is evaluated and compared with traditional Markov Model (MM) and K-means algorithms. Specifically, three major experiments have been done: (1) A small data set is collected as a sample data, and is applied to GSLA, MM, and K-means algorithms to illustrate the operation of the proposed algorithm and demonstrate the detection of abnormal behaviors. (2) The Random Walk-Through sampling method is used to generate a larger sample data set, and the resultant anomaly score is classified into several clusters in order to visualize and demonstrate the normal and abnormal behaviors with K-means and GSLA algorithms. (3) Multiple professors' data sets are collected and used to build the normal profiles, and the ANOVA method is used to test the significant difference among professors' normal profiles. The GSLA algorithm can be made as a module and plugged into the IDS as an anomaly detection system.
Show less - Date Issued
- 2006
- PURL
- http://purl.flvc.org/fcla/dt/12220
- Subject Headings
- Data mining, Parallel processing (Electronic computers), Computer algorithms, Computer security, Pattern recognition systems
- Format
- Document (PDF)
- Title
- Efficient and Effective Searching m Unstructured FileSharing Peer-to-Peer Networks.
- Creator
- Li, Xiuqi, Wu, Jie, Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
Peer-to-peer (P2P) networking has been receiving increasing attention from the research community recently. How to conduct efficient and effective searching in such networks has been a challenging research topic. This dissertation focuses on unstructured file-sharing peer-to-peer networks. Three novel searching schemes are proposed, implemented, and evaluated. In the first scheme named ISRL (Intelligent Search by Reinforcement Learning), we propose to systematically learn the best route to...
Show morePeer-to-peer (P2P) networking has been receiving increasing attention from the research community recently. How to conduct efficient and effective searching in such networks has been a challenging research topic. This dissertation focuses on unstructured file-sharing peer-to-peer networks. Three novel searching schemes are proposed, implemented, and evaluated. In the first scheme named ISRL (Intelligent Search by Reinforcement Learning), we propose to systematically learn the best route to desired files through reinforcement learning when topology adaptation is impossible or infeasible. To discover the best path to desired files, ISRL not only explores new paths by forwarding queries to randomly chosen neighbors, but also exploits the paths that have been discovered for reducing the cumulative query cost. Three models of ISRL are put forwarded: a basic version for finding one desired file, MP-ISRL (MP stands for Multiple-Path ISRL) for finding at least k files, and C-ISRL (C refers to Clustering) for reducing maintenance overhead through clustering when there are many queries. ISRL outperforms existing searching approaches in unstructured peer-to-peer networks by achieving similar query quality with lower cumulative query cost. The experimental results confirm the performance improvement of ISRL. The second approach, HS-SDBF (Hint-based Searching by Scope Decay Bloom Filter), addresses the issue of effective and efficient hint propagation. We design a new data structure called SDBF (Scope Decay Bloom Filter) to represent and advertise probabilistic hints. Compared to existing proactive schemes, HSSDBF can answer many more queries successfully at a lower amortized cost considering both the query traffic and hint propagation traffic. Both the analytic and the experimental results support the performance improvement of our protocol. The third algorithm, hybrid search, seeks to combine the benefits of both forwarding and non-forwarding searching schemes. In this approach, a querying source directly probes its own extended neighbors and forwards a query to a subset of its extended neighbors and guides these neighbors to probe their own extended neighbors on its behalf. The hybrid search is able to adapt query execution to the popularity of desired files without generating too much state maintenance overhead because of the 1-hop forwarding inherent in the approach. It achieves a higher query efficiency than the forwarding scheme and a better success rate than the non-forwarding approach. To the best of our knowledge, this work is the first attempt to integrate forwarding and non-forwarding schemes. Simulation results demonstrate the effectiveness of the hybrid search.
Show less - Date Issued
- 2006
- PURL
- http://purl.flvc.org/fau/fd/FA00012572
- Subject Headings
- Peer-to-peer architecture (Computer networks), Computer security, Database searching, Internetworking (Telecommunication), Heterogeneous computing
- Format
- Document (PDF)
- Title
- Reputation-based system for encouraging cooperation of nodes in mobile ad hoc networks.
- Creator
- Anantvalee, Tiranuch., Florida Atlantic University, Wu, Jie
- Abstract/Description
-
In a mobile ad hoc network, node cooperation in packet forwarding is required for the network to function properly. However, since nodes in this network usually have limited resources, some selfish nodes might intend not to forward packets to save resources for their own use. To discourage such behavior, we propose RMS, a reputation-based system, to detect selfish nodes and respond to them by showing that being cooperative will benefit there more than being selfish. We also detect, to some...
Show moreIn a mobile ad hoc network, node cooperation in packet forwarding is required for the network to function properly. However, since nodes in this network usually have limited resources, some selfish nodes might intend not to forward packets to save resources for their own use. To discourage such behavior, we propose RMS, a reputation-based system, to detect selfish nodes and respond to them by showing that being cooperative will benefit there more than being selfish. We also detect, to some degree, nodes who forward only the necessary amount of packets to avoid being detected as selfish. We introduce the use of a state model to decide what we should do or respond to nodes in each state. In addition, we introduce the use of a timing period to control when the reputation should be updated and to use as a timeout for each state. The simulation results show that RMS can identify selfish nodes and punish them accordingly, which provide selfish nodes with an incentive to behave more cooperatively.
Show less - Date Issued
- 2006
- PURL
- http://purl.flvc.org/fcla/dt/13406
- Subject Headings
- Computer networks--Security measures, Wireless communication systems, Routers (Computer networks), Computer network architectures
- Format
- Document (PDF)
- Title
- SELECTED APPLICATIONS OF MPC.
- Creator
- Ghaseminejad, Mohammad Raeini, Liu, Feng-Hao, Nojoumian, Mehrdad, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
Secure multiparty computation (secure MPC) is a computational paradigm that enables a group of parties to evaluate a public function on their private data without revealing the data (i.e., by preserving the privacy of their data). This computational approach, sometimes also referred to as secure function evaluation (SFE) and privacy-preserving computation, has attracted significant attention in the last couple of decades. It has been studied in different application domains, including in...
Show moreSecure multiparty computation (secure MPC) is a computational paradigm that enables a group of parties to evaluate a public function on their private data without revealing the data (i.e., by preserving the privacy of their data). This computational approach, sometimes also referred to as secure function evaluation (SFE) and privacy-preserving computation, has attracted significant attention in the last couple of decades. It has been studied in different application domains, including in privacy-preserving data mining and machine learning, secure signal processing, secure genome analysis, sealed-bid auctions, etc. There are different approaches for realizing secure MPC. Some commonly used approaches include secret sharing schemes, Yao's garbled circuits, and homomorphic encryption techniques. The main focus of this dissertation is to further investigate secure multiparty computation as an appealing area of research and to study its applications in different domains. We specifically focus on secure multiparty computation based on secret sharing and fully homomorphic encryption (FHE) schemes. We review the important theoretical foundations of these approaches and provide some novel applications for each of them. For the fully homomorphic encryption (FHE) part, we mainly focus on FHE schemes based on the LWE problem [142] or RLWE problem [109]. Particularly, we provide a C++ implementation for the ring variant of a third generation FHE scheme called the approximate eigenvector method (a.k.a., the GSW scheme) [67]. We then propose some novel approaches for homomorphic evaluation of common functionalities based on the implemented (R)LWE [142] and [109] and RGSW [38,58] schemes. We specifically present some constructions for homomorphic computation of pseudorandom functions (PRFs). For secure computation based on secret sharing [150], we provide some novel protocols for secure trust evaluation (STE). Our proposed STE techniques [137] enable the parties in trust and reputation systems (TRS) to securely assess their trust values in each other while they keep their input trust values private. It is worth mentioning that trust and reputation are social mechanisms which can be considered as soft security measures that complement hard security measures (e.g., cryptographic and secure multiparty computation techniques) [138, 171].
Show less - Date Issued
- 2022
- PURL
- http://purl.flvc.org/fau/fd/FA00014018
- Subject Headings
- Data encryption (Computer science), Computers, privacy and data protection, Computer security
- Format
- Document (PDF)
- Title
- A Network Telescope Approach for Inferring and Characterizing IoT Exploitations.
- Creator
- Neshenko, Nataliia, Bou-Harb, Elias, Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
While the seamless interconnection of IoT devices with the physical realm is envisioned to bring a plethora of critical improvements on many aspects and in diverse domains, it will undoubtedly pave the way for attackers that will target and exploit such devices, threatening the integrity of their data and the reliability of critical infrastructure. The aim of this thesis is to generate cyber threat intelligence related to Internet-scale inference and evaluation of malicious activities...
Show moreWhile the seamless interconnection of IoT devices with the physical realm is envisioned to bring a plethora of critical improvements on many aspects and in diverse domains, it will undoubtedly pave the way for attackers that will target and exploit such devices, threatening the integrity of their data and the reliability of critical infrastructure. The aim of this thesis is to generate cyber threat intelligence related to Internet-scale inference and evaluation of malicious activities generated by compromised IoT devices to facilitate prompt detection, mitigation and prevention of IoT exploitation. In this context, we initially provide a unique taxonomy, which sheds the light on IoT vulnerabilities from five di↵erent perspectives. Subsequently, we address the task of inference and characterization of IoT maliciousness by leveraging active and passive measurements. To support large-scale empirical data analytics in the context of IoT, we made available corresponding raw data through an authenticated platform.
Show less - Date Issued
- 2018
- PURL
- http://purl.flvc.org/fau/fd/FA00013089
- Subject Headings
- Internet of things., Internet of things--Security measures., Cyber intelligence (Computer security)
- Format
- Document (PDF)
- Title
- MACHINE LEARNING ALGORITHMS FOR PREDICTING BOTNET ATTACKS IN IOT NETWORKS.
- Creator
- Leevy, Joffrey, Khoshgoftaar, Taghi M., Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
The proliferation of Internet of Things (IoT) devices in various networks is being matched by an increase in related cybersecurity risks. To help counter these risks, big datasets such as Bot-IoT were designed to train machine learning algorithms on network-based intrusion detection for IoT devices. From a binary classification perspective, there is a high-class imbalance in Bot-IoT between each of the attack categories and the normal category, and also between the combined attack categories...
Show moreThe proliferation of Internet of Things (IoT) devices in various networks is being matched by an increase in related cybersecurity risks. To help counter these risks, big datasets such as Bot-IoT were designed to train machine learning algorithms on network-based intrusion detection for IoT devices. From a binary classification perspective, there is a high-class imbalance in Bot-IoT between each of the attack categories and the normal category, and also between the combined attack categories and the normal category. Within the scope of predicting botnet attacks in IoT networks, this dissertation demonstrates the usefulness and efficiency of novel machine learning methods, such as an easy-to-classify method and a unique set of ensemble feature selection techniques. The focus of this work is on the full Bot-IoT dataset, as well as each of the four attack categories of Bot-IoT, namely, Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Reconnaissance, and Information Theft. Since resources and services become inaccessible during DoS and DDoS attacks, this interruption is costly to an organization in terms of both time and money. Reconnaissance attacks often signify the first stage of a cyberattack and preventing them from occurring usually means the end of the intended cyberattack. Information Theft attacks not only erode consumer confidence but may also compromise intellectual property and national security. For the DoS experiment, the ensemble feature selection approach led to the best performance, while for the DDoS experiment, the full set of Bot-IoT features resulted in the best performance. Regarding the Reconnaissance experiment, the ensemble feature selection approach effected the best performance. In relation to the Information Theft experiment, the ensemble feature selection techniques did not affect performance, positively or negatively. However, the ensemble feature selection approach is recommended for this experiment because feature reduction eases computational burden and may provide clarity through improved data visualization. For the full Bot-IoT big dataset, an explainable machine learning approach was taken using the Decision Tree classifier. An easy-to-learn Decision Tree model for predicting attacks was obtained with only three features, which is a significant result for big data.
Show less - Date Issued
- 2022
- PURL
- http://purl.flvc.org/fau/fd/FA00013933
- Subject Headings
- Machine learning, Internet of things--Security measures, Big data, Intrusion detection systems (Computer security)
- Format
- Document (PDF)
- Title
- Formal specification of authorization and user group models for object-oriented databases.
- Creator
- Wei, Dong., Florida Atlantic University, Fernandez, Eduardo B., France, Robert B., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
The use of formal methods has become increasingly important for software development. In this thesis, we present the formal specifications for a method-based authorization model for object-oriented databases. We also formalize a proposed user group structuring. We start from an existing OMT (Object Modeling Technique) description and we use Z as language for formal specification. This specification gives a precise definition of the policies and functions of this authorization system. This can...
Show moreThe use of formal methods has become increasingly important for software development. In this thesis, we present the formal specifications for a method-based authorization model for object-oriented databases. We also formalize a proposed user group structuring. We start from an existing OMT (Object Modeling Technique) description and we use Z as language for formal specification. This specification gives a precise definition of the policies and functions of this authorization system. This can be used as a basis for implementation and possible verification in those cases where a high level of security is required.
Show less - Date Issued
- 1995
- PURL
- http://purl.flvc.org/fcla/dt/15175
- Subject Headings
- Object-oriented databases, Computer software--Development, Database security
- Format
- Document (PDF)
- Title
- Security in voice over IP networks.
- Creator
- Pelaez, Juan C., Florida Atlantic University, Fernandez, Eduardo B., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
Voice over IP (VoIP) is revolutionizing the global communications system by allowing human voice and fax information to travel over existing packet data networks along with traditional data packets. The convergence of voice and data in one simplified network brings both benefits and constraints to users. Among the several issues that need to be addressed when deploying this technology, security is one of the most critical. This thesis will present a combination of security patterns based on...
Show moreVoice over IP (VoIP) is revolutionizing the global communications system by allowing human voice and fax information to travel over existing packet data networks along with traditional data packets. The convergence of voice and data in one simplified network brings both benefits and constraints to users. Among the several issues that need to be addressed when deploying this technology, security is one of the most critical. This thesis will present a combination of security patterns based on the systematic analysis of attacks against a VoIP network and the existing techniques to mitigate these attacks, providing good practices for all IP telephony systems. The VoIP Security Patterns which are based on object-oriented modeling, will help network designers to improve the level of security not only in voice but also in data, video, and fax over IP networks.
Show less - Date Issued
- 2004
- PURL
- http://purl.flvc.org/fcla/dt/13190
- Subject Headings
- Internet telephony--Security measures, Computer network protocols, Multimedia systems
- Format
- Document (PDF)
- Title
- A comparative study of classification algorithms for network intrusion detection.
- Creator
- Wang, Yunling., Florida Atlantic University, Khoshgoftaar, Taghi M., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
As network-based computer systems play increasingly vital roles in modern society, they have become the targets of criminals. Network security has never been more important a subject than in today's extensively interconnected computer world. Intrusion Detection Systems (IDS) have been used along with the data mining techniques to detect intrusions. In this thesis, we present a comparative study of intrusion detection using a decision-tree learner (C4.5), two rule-based learners (ripper and...
Show moreAs network-based computer systems play increasingly vital roles in modern society, they have become the targets of criminals. Network security has never been more important a subject than in today's extensively interconnected computer world. Intrusion Detection Systems (IDS) have been used along with the data mining techniques to detect intrusions. In this thesis, we present a comparative study of intrusion detection using a decision-tree learner (C4.5), two rule-based learners (ripper and ridor), a learner to combine decision trees and rules (PART), and two instance-based learners (IBK and Nnge). We investigate and compare the performance of IDSs based on the six techniques, with respect to a case study of the DAPAR KDD-1999 network intrusion detection project. Investigation results demonstrated that data mining techniques are very useful in the area of intrusion detection.
Show less - Date Issued
- 2004
- PURL
- http://purl.flvc.org/fcla/dt/13102
- Subject Headings
- Computer networks--Security measures, Data mining, Decision trees
- Format
- Document (PDF)
- Title
- ILLUMINATING CYBER THREATS FOR SMART CITIES: A DATA-DRIVEN APPROACH FOR CYBER ATTACK DETECTION WITH VISUAL CAPABILITIES.
- Creator
- Neshenko, Nataliia, Furht, Borko, Bou-Harb, Elias, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
A modern urban infrastructure no longer operates in isolation but instead leverages the latest technologies to collect, process, and distribute aggregated knowledge to improve the quality of the provided services and promote the efficiency of resource consumption. However, the ambiguity of ever-evolving cyber threats and their debilitating consequences introduce new barriers for decision-makers. Numerous techniques have been proposed to address the cyber misdemeanors against such critical...
Show moreA modern urban infrastructure no longer operates in isolation but instead leverages the latest technologies to collect, process, and distribute aggregated knowledge to improve the quality of the provided services and promote the efficiency of resource consumption. However, the ambiguity of ever-evolving cyber threats and their debilitating consequences introduce new barriers for decision-makers. Numerous techniques have been proposed to address the cyber misdemeanors against such critical realms and increase the accuracy of attack inference; however, they remain limited to detection algorithms omitting attack attribution and impact interpretation. The lack of the latter prompts the transition of these methods to operation difficult to impossible. In this dissertation, we first investigate the threat landscape of smart cities, survey and reveal the progress in data-driven methods for situational awareness and evaluate their effectiveness when addressing various cyber threats. Further, we propose an approach that integrates machine learning, the theory of belief functions, and dynamic visualization to complement available attack inference for ICS deployed in the realm of smart cities. Our framework offers an extensive scope of knowledge as opposed to solely evident indicators of malicious activity. It gives the cyber operators and digital investigators an effective tool to dynamically and visually interact, explore and analyze heterogeneous, complex data, and provide rich context information. Such an approach is envisioned to facilitate the cyber incident interpretation and support a timely evidence-based decision-making process.
Show less - Date Issued
- 2021
- PURL
- http://purl.flvc.org/fau/fd/FA00013813
- Subject Headings
- Smart cities, Cyber intelligence (Computer security), Visual analytics, Threats
- Format
- Document (PDF)
- Title
- Group structures in object-oriented database authorization.
- Creator
- Fernandez, Minjie Hua., Florida Atlantic University, Wu, Jie
- Abstract/Description
-
When there are a large number and a variety of users in a system, the authorization rules for these users will become too difficult and cumbersome to maintain and the evaluation algorithm would not be efficient. Also, it is hard for security administrators to understand why a specific user is given a set of rights. In this thesis we develop group structures to solve these problems. Groups of users rather than individual users are subjects that receive access rights from the authorization...
Show moreWhen there are a large number and a variety of users in a system, the authorization rules for these users will become too difficult and cumbersome to maintain and the evaluation algorithm would not be efficient. Also, it is hard for security administrators to understand why a specific user is given a set of rights. In this thesis we develop group structures to solve these problems. Groups of users rather than individual users are subjects that receive access rights from the authorization system. We present structurings and primitives for user groups. Although they are presented in the context of an object-oriented database system they are general and could be applied to other data model, and even in operating systems.
Show less - Date Issued
- 1992
- PURL
- http://purl.flvc.org/fcla/dt/14878
- Subject Headings
- Electronic data processing--Security measures, User interfaces (Computer systems)
- Format
- Document (PDF)
- Title
- NETWORK INTRUSION DETECTION AND DEEP LEARNING MECHANISMS.
- Creator
- Chatterjee, Suvosree, Cardei, Ionut, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
Cyber attack is a strong threat to the digital world. So, it’s very essential to keep the network safe. Network Intrusion Detection system is the system to address this problem. Network Intrusion Detection system functions like a firewall, and monitors incoming and outgoing traffic like ingress and egress filtering fire wall. Network Intrusion Detection System does anomaly and hybrid detection for detecting known and unknown attacks. My thesis discusses about the several network cyber attacks...
Show moreCyber attack is a strong threat to the digital world. So, it’s very essential to keep the network safe. Network Intrusion Detection system is the system to address this problem. Network Intrusion Detection system functions like a firewall, and monitors incoming and outgoing traffic like ingress and egress filtering fire wall. Network Intrusion Detection System does anomaly and hybrid detection for detecting known and unknown attacks. My thesis discusses about the several network cyber attacks we face nowadays and I created several Deep learning models to detect accurately, I used NSL-KDD dataset which is a popular dataset, that contains several network attacks. After experimenting with different deep learning models I found some disparities in the training accuracy and validation accuracy, which is a clear indication of overfitting. To reduce the overfitting I introduced regularization and dropout in the models and experimented with different hyperparameters.
Show less - Date Issued
- 2023
- PURL
- http://purl.flvc.org/fau/fd/FA00014128
- Subject Headings
- Deep learning (Machine learning), Cyberterrorism, Intrusion detection systems (Computer security)
- Format
- Document (PDF)
- Title
- ENHANCING IOT DEVICES SECURITY: ENSEMBLE LEARNING WITH CLASSICAL APPROACHES FOR INTRUSION DETECTION SYSTEM.
- Creator
- Alotaibi, Yazeed, Ilyas, Mohammad, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
The Internet of Things (IoT) refers to a network of interconnected nodes constantly engaged in communication, data exchange, and the utilization of various network protocols. Previous research has demonstrated that IoT devices are highly susceptible to cyber-attacks, posing a significant threat to data security. This vulnerability is primarily attributed to their susceptibility to exploitation and their resource constraints. To counter these threats, Intrusion Detection Systems (IDS) are...
Show moreThe Internet of Things (IoT) refers to a network of interconnected nodes constantly engaged in communication, data exchange, and the utilization of various network protocols. Previous research has demonstrated that IoT devices are highly susceptible to cyber-attacks, posing a significant threat to data security. This vulnerability is primarily attributed to their susceptibility to exploitation and their resource constraints. To counter these threats, Intrusion Detection Systems (IDS) are employed. This study aims to contribute to the field by enhancing IDS detection efficiency through the integration of Ensemble Learning (EL) methods with traditional Machine Learning (ML) and deep learning (DL) models. To bolster IDS performance, we initially utilize a binary ML classification approach to classify IoT network traffic as either normal or abnormal, employing EL methods such as Stacking and Voting. Once this binary ML model exhibits high detection rates, we extend our approach by incorporating a ML multi-class framework to classify attack types. This further enhances IDS performance by implementing the same Ensemble Learning methods. Additionally, for further enhancement and evaluation of the intrusion detection system, we employ DL methods, leveraging deep learning techniques, ensemble feature selections, and ensemble methods. Our DL approach is designed to classify IoT network traffic. This comprehensive approach encompasses various supervised ML, and DL algorithms with ensemble methods. The proposed models are trained on TON-IoT network traffic datasets. The ensemble approaches are evaluated using a comprehensive metrics and compared for their effectiveness in addressing this classification tasks. The ensemble classifiers achieved higher accuracy rates compared to individual models, a result attributed to the diversity of learning mechanisms and strengths harnessed through ensemble learning. By combining these strategies, we successfully improved prediction accuracy while minimizing classification errors. The outcomes of these methodologies underscore their potential to significantly enhance the effectiveness of the Intrusion Detection System.
Show less - Date Issued
- 2023
- PURL
- http://purl.flvc.org/fau/fd/FA00014304
- Subject Headings
- Internet of things, Intrusion detection systems (Computer security), Machine learning
- Format
- Document (PDF)