1,721,394 research outputs found
Testing of Native Immune System for the Protection of Computer Networks
No full textThis paper presents an evaluation of exhaustive testing of NAIS, a native artificial immune system for the protection of computer networks. NAIS is a network intrusion detection system inspired by the biological innate, or native, immune system. NAIS is based on a few observations. In the first place, malicious users very often try to gain superuser privileges by exploiting process bugs. In the second place, most network intrusions take place while server administrators are not connected to the server, and cannot control the running processes. In the third place, more and more often LAN administrators try to protect their networks from some of the damage caused by intrusions by running different services on different machines. NAIS runs on mono-service servers. It consists of a collection of digital macrophages that scan the network for dangerous non-self processes, and kill them right away. Our testing of NAIS proved: (a) the absence of autoimmune threats to the hosting system (no risk that the immune system attacks the system it is supposed to protect), and (b) a strong, and reliable discrimination between intrusive (non-self) and regular (self) system processes
Artificial immune system based on interval type-2 fuzzy set paradigm
No full textThis paper discusses the design and engineering of a biologically-inspired intrusion detection system, based on interval type-2 fuzzy set paradigm, for protecting computer networks. To this end, we have proposed a performance-based Artificial Immune System (AIS) that mimics the workings of an adaptive immune system and consists of a number of running artificial white blood cells, which search, recognize, store and deny anomalous behaviors on individual hosts. The proposed AIS monitors the system through analyzing the set of parameters to provide general information on its state. For the analysis, we have suggested a dynamic technique based on interval type-2 fuzzy set paradigm that enable identifying the system status - i.e. Non-Attack, Suspicious-Non-Attack, Non-Decidable, Suspicious-Attack, Attack. In conclusion, for proving the effectiveness of the suggested model, an exhaustive testing is conducted and results are reported
Detecting misbehaving nodes in MANET with an artificial immune system based on type-2 fuzzy sets
No full textLast decade has witnessed an enormous growth in wireless networks that naturally has brought some new research challenges. Related studies conducted have covered several research areas like routing protocols, encrypted authentication protocols, misbehavior detection system and a number of innovative solutions, biologically-inspired and not, have been suggested to several open problems. In this position paper, we present a biologically- inspired type-2 fuzzy set recognition algorithm for detecting misbehaving nodes in an ad-hoc wireless network. This work investigates the possibility of detecting misbehaving nodes, learning bad behaviors, protecting the network from reinfection and mitigating the problem of routing misbehavior without human intervention, exploiting biological techniques evolved over millions of years. In order to protect the system of unwanted behaviors and take under control the number of false positive, our solution mimics the binding process between lymphocytes receptors of the immune cells and antigens
Secure electronic bills of lading: blind counts and digital signatures
No full textElectronic documents used in the framework of the goods delivery industry—i.e. electronic bills of lading (e-BOLs)—are the enablers of any payment, and therefore exposed to frauds. As of today, e-BOLs are handled by special private companies, which provide paperless trading services through their trade chains. This paper contributes a zero-knowledge open solution to the problem of designing secure electronic bills of lading, in the framework of a shipper-carrier-buyer transmission model. The suggested solution is a cryptographic protocol based on digital signatures and blind merchandise counts—that is, counts that do not reveal any information about actually counted quantities. The model is designed to mitigate a number of security threats and assumes the existence of both a trusted third party and a bank in charge of payment procedures. The paper discusses the drawbacks of the existing proprietary solutions and shows how the suggested open protocol addresses them
A biologically-inspired type-2 fuzzy set based algorithm for detecting misbehaving nodes in ad-hoc wireless networks
No full textImplementation of routing protocols in mobile adhoc networks relies on efficient node cooperation.
However, node misbehavior is a common phenomenon, thus, ad-hoc networks are subject to packet dropping, packet modification, packet misrouting, selfish node behavior, and so on. In this paper, a biologically-inspired type-2 fuzzy set recognition algorithm for detecting misbehaving nodes in an ad-hoc wireless network is presented.
Such algorithm, inspired by danger theory and
antigen presenting cells, would be implemented in an Artificial Immune System (AIS) for detecting misbehaving nodes without human intervention
La Frentania. Profilo storico, archeologico e topografico (VI-I sec. a.C.)
No full textQuesta tesi nasce dal desiderio di tracciare un profilo diacronico dell’occupazione della regione frentana, nella zona compresa tra il corso del fiume Foro e il fiume Biferno, nella fascia costiera dell’Abruzzo meridionale e del Molise. Se ne traccia un profilo storico, archeologico e topografico
Electronic Bill of Lading : a Cryptographic Protocol
No full textThis paper presents a zero-knowledge solution to the problem of designing secure, EDI-compliant bills of lading for a shipper-carrier-holder model. Our solution is cryptographic protocol based on digital signatures and blind merchandise counts, that is, counts that do not reveal any information about the quantities actually counted. We show that the suggested protocol voids a number fraud schemes
EZK: a zero knowledge tool for generating, handling and securing electronic bills of lading
No full textEZK is a tool for generating, handling, and securing electronic bills of lading. EZK implements the cryptographic protocol suggested by Pagnoni and Visconti in (Pagnoni and Visconti, 2006), cryptographic protocol that is based on a shipper-carrier-holder model. This protocol makes use of (a) blind merchandise counts, or zero-knowledge counts, - that is, counts that do not reveal any information about the quantities actually counted, - (b) secure timestamps, and (c) digital signatures. We show how EZK generates and handles order e-BOLs and how the cryptographic techniques implemented in EZK make a number of common fraud schemes impossible
SIGNET : a Tool for Securing Complex Petri-Net Projects
No full textSIGNETTM is a multifunctional tool for making secure large, complex Petri net projects. It provides for: (a) authentication, digital signature, and public-key encryption of net plans and their analysis (reachability graphs and net invariants) to be transmitted or stored, and (b) detection and correction of marking errors in Petri nets used for monitoring system implementations
An innate immune system for the protection of computer networks
No full textThis paper presents design, implementation, and testing of NAIS, an artificial immune system for the protection of computer networks. Inspired by the biological innate immune system, NAIS consists of a collection of digital macrophages that scan the network for dangerous non-self processes, and kill them. NAIS is based on the observation that all significant network attacks are preceded by preparatory small-scale intrusions meant to gather the necessary information – information on servers and operating systems, logins, weak passwords, ill-installed or poorly maintained services, etc. This information is used to bypass the network’s defense barriers – access controls, firewalls – and to gain access to the machine before it is attacked. Such preparatory intrusions do not generate new processes, however the subsequent, actual intrusion will. Such processes will be recognized as non-self by the digital macrophages run by NAIS, and killed right away, thus defusing the attack. Telling illegal new processes from legal ones is a difficult matter, and amounts to providing a strong definition of non-self process. Our testing of NAIS proved our definition to be quite effective in protecting networks of one-service computers
- …
