Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction c... more Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction compose the IP-connected Internet of Things (IoT). These devices are resource constrained in processing, memory, and energy-battery operated. IoT devices can have various applications. Although, when directly connected to the Internet they are susceptible to threats (e.g., malicious tamper of packet content to reduce the reliability of device data, the flood of requisitions for the devices to drain their energy). In this way, the literature shows the use of end-toend security to provide confidentiality, authenticity, and integrity of IoT devices data. However, even with the benefit of secure IoT data, they are not enough to ensure reliable measurements. For this reason, this work presents a reliability model for IoT, focused on the identification of anomalous measurements (using multivariate statistics). In the experiments, we use spatial (proximity) and temporal (time interval variation) correlation, and datasets with true and false data. Additionally, we use an end-to-end secure scenario and analysis of energy consumption. The results prove the feasibility of the triad: reliability (within a system that identifies the type of the anomalous measurements), security, and low energy consumption.
Industrial Control Systems (ICS) networks offer a high level of automation combined with high lev... more Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality, and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gateway to enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the sim...
Journal of Information Security and Cryptography (Enigma)
Transparency and security in an electoral process are fundamental to the legitimacy of the result... more Transparency and security in an electoral process are fundamental to the legitimacy of the results and the confidence of voters. Thus, it is necessary to assess opportunities to improve traditional voting systems. Among the main problems is the lack of transparency, due to the impossibility of a voter checking their vote and the lack of access to the source from which the results are obtained. Another problem is mobility, due to the impossibility of performing remote voting, as traditional voting systems continue to require the physical presence of the voter in an electoral zone. Thus, the objective of this work is to propose a voting system that is functional, transparent, safe, and accessible to everyone. Voters can vote through a mobile application with biometric authentication using fingerprint and password access. In our proposal, votes are registered in an Ethereum Blockchain through a Smart Contract, allowing the voter to check their vote. The results are expected to collabor...
Resumo: O ordenamento jurídico brasileiro define os crimes cibernéticos como próprios ou imprópri... more Resumo: O ordenamento jurídico brasileiro define os crimes cibernéticos como próprios ou impróprios. O crime cibernético próprio pode ser simplificadamente definido como aquele onde o bem jurídico tutelado é a informática, por exemplo, no caso de destruição de uma base de dados. Já o crime cibernético impróprio, refere-se ao emprego de recursos informáticos como auxiliares na prática de ilícitos, como o uso das mídias sociais para ataques a honra. Logo, o computador poderá se tornar um local de crime, no qual a abordagem in vivo poderá produzir evidências reconhecidamente relevantes, tais como a identificação dos processos em execução e das conexões de rede ativas, dentre outras informações normalmente indisponíveis em análises post-mortem. Palavras-Chave: Crimes cibernéticos; local de crime; in vivo; post-mortem. Abstract: The Brazilian legal system defines cybercrimes as proper or improper. In a simple way, proper cybercrimes can be defined as the one where the legal good protected is the information technology, for example, in case of destruction of a database. Improper cybercrime, however, refers to the use of computer resources as an aid to illicit practices, such as the use of social media to attack honor. Therefore, the computer may turn into a crime scene, where the in vivo approach could produce relevant evidence, such as the identification of running processes and active network connections, among other information not usually available in post-mortem analysis. Introdução O expressivo crescimento verificado em relação ao uso dos recursos e serviços computacionais ao longo das últimas décadas trouxe consigo novas e deturpadas formas de utilização dos computadores, os quais passaram a ser empregados também como poderosas ferramentas em condutas delituosas, fato que, dentre outras maneiras, pode ser verificado por meio
Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction c... more Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction compose the IP-connected Internet of Things (IoT). These devices are resource constrained in processing, memory, and energy—battery operated. IoT devices can have various applications. Although, when directly connected to the Internet they are susceptible to threats (e.g., malicious tamper of packet content to reduce the reliability of device data, the flood of requisitions for the devices to drain their energy). In this way, the literature shows the use of end-to-end security to provide confidentiality, authenticity, and integrity of IoT devices data. However, even with the benefit of secure IoT data, they are not enough to ensure reliable measurements. For this reason, this work presents a reliability model for IoT, focused on the identification of anomalous measurements (using multivariate statistics). In the experiments, we use spatial (proximity) and temporal (time interval variation) correlation, and datasets with true and false data. Additionally, we use an end-to-end secure scenario and analysis of energy consumption. The results prove the feasibility of the triad: reliability (within a system that identifies the type of the anomalous measurements), security, and low energy consumption.
E-learning enables students to pace their studies according to their needs, making learning acces... more E-learning enables students to pace their studies according to their needs, making learning accessible to (1) people who do not have enough free time for studying - they can program their lessons according to their available schedule; (2) those far from a school (geographical issues), or the ones unable to attend classes due to some physical or medical restriction. Therefore, cultural, geographical and physical obstructions can be removed, making it possible for students to select their path and time for the learning course. Students are then allowed to choose the main objectives they are suitable to fulfill. This book regards E-learning challenges, opening a way to understand and discuss questions related to long-distance and lifelong learning, E-learning for people with special needs and, lastly, presenting case study about the relationship between the quality of interaction and the quality of learning achieved in experiences of E-learning formation.
Technology development, mainly for telecommunications and computer systems, was a key factor for ... more Technology development, mainly for telecommunications and computer systems, was a key factor for the interactivity and, thus, for the expansion of e-learning. This book is divided into two parts, presenting some proposals to deal with e-learning challenges, opening up a way of learning about and discussing new methodologies to increase the interaction level of classes and implementing technical tools for helping students to make better use of e-learning resources. In the first part, the reader may find chapters mentioning the required infrastructure for e-learning models and processes, organizational practices, suggestions, implementation of methods for assessing results, and case studies focused on pedagogical aspects that can be applied generically in different environments. The second part is related to tools that can be adopted by users such as graphical tools for engineering, mobile phone networks, and techniques to build robots, among others. Moreover, part two includes some chapters dedicated specifically to e-learning areas like engineering and architecture.
With the resources provided by communication technologies, E-learning has been employed in multip... more With the resources provided by communication technologies, E-learning has been employed in multiple universities, as well as in wide range of training centers and schools. This book presents a structured collection of chapters, dealing with the subject and stressing the importance of E-learning. It shows the evolution of E-learning, with discussion about tools, methodologies, improvements and new possibilities for long-distance learning. The book is divided into three sections and their respective chapters refer to three macro areas. The first section of the book covers methodologies and tools applied for E-learning, considering collaborative methodologies and specific environments. The second section is about E-learning assessment, highlighting studies about E-learning features and evaluations for different methodologies. The last section deals with the new developments in E-learning, emphasizing subjects like knowledge building in virtual environments, new proposals for architectures in tutoring systems, and case studies.
Currently, security of the cyber space (computer networks and the Internet) is mostly based on de... more Currently, security of the cyber space (computer networks and the Internet) is mostly based on detection and/or blocking of attacks by the use of Intrusion Detection and Prevention System (IDPS), according to (National Institute of Standards and Technology [NIST SP800-94], 2010). However IDPS lacks in security as it is based on postmortem approaches - threats and attacks are identified and/or blocked only after they can inflict serious damage to the computer systems either while attacks are happening, or when attacks have already imposed losses to the systems (Haslum et al, 2008). On the subject of earthquakes, one can notice the same kind of limitation: once an earthquake has already begun, devices can provide warnings with just few seconds before major shaking arrives at a given location (Bleier & Freund, 2005), (Su & Zhu, 2009). In the cyber space context, intending to cover the deficiency of late warnings, predicting techniques have already been approached in a small number of studies for cyber attacks in the last few years (Pontes & Zucchi, 2010), (Haslum et al, 2008), (Lai-Chenq, 2007), (Yin et al 2004).
Among the problems encountered in the use of
Intrusion Detection Systems (IDS), can be listed th... more Among the problems encountered in the use of
Intrusion Detection Systems (IDS), can be listed the
difficulty to understand the strategies of the attacks and the
huge amount of alerts generated. The analysis of alerts can
be difficult because many alerts are kind of false positive
and eventually lead to false results. Correlate alerts issued
by an IDS based on its causes and consequences is a way of
highlighting strategies and establish links between the
attacks. However, many alerts, called isolates did not
correlate to others. Within this context, the ideal is to check
the veracity of alerts (isolated and correlated) through
other sources (cross-correlation), for example, logs taken
from the operating system. Therefore, the objective is to
propose an Event Analysis System (SAE) which allows
multi-correlate security alerts information from a SDI with
the operating system logs and analyze the alerts isolates for
the identification of false positives alerts.
Risk Management in Environment, Production and Economy, Sep 12, 2011
The goal of this chapter is to propose a comprehensive RM framework, in which the traditional app... more The goal of this chapter is to propose a comprehensive RM framework, in which the traditional approach (with the establishment of risk levels to attend the business requirements) is extended to add a new phase for handling variables concerning ROSI statements. As a result we intend to address the impact of the comprehensive RM framework over the traditional RM in IS, in order to obtain cost-effectiveness of IS controls, educing uncertainties and risks in IT environment, and finally improving the probability of ositive rates of ROSI.
Adaptive E-learning was proposed to be suitable for students with unique profiles, particular int... more Adaptive E-learning was proposed to be suitable for students with unique profiles, particular interests, and from different domains of knowledge, so profiles may consider specific goals of the students, as well as different preferences, knowledge level, learning style, rendering psychological profile, and more. Another approach to be taken into account today is the self-directed learning. Unlike the adaptive E-learning, the Self-directed learning is related to independence or autonomy in learning; it is a logical link for readiness for E-learning, where students pace their classes according to their own needs.This book provides information on the On-Job Training and Interactive Teaching for E-learning and is divided into four sections. The first section covers motivations to be considered for E-learning while the second section presents challenges concerning E-learning in areas like Engineering, Medical education and Biological Studies. New approaches to E-learning are introduced in the third section, and the last section describes the implementation of E-learning Environments.
Applications for mobile ad-hoc networks are heavily dependent on information about the nodes posi... more Applications for mobile ad-hoc networks are heavily dependent on information about the nodes positions. Since the network may include malicious nodes providing bogus data (e.g., fake positions), the reliability of this information is critical. Although this problem has been addressed by some predictivemodels, challenges still exist regarding (a) the accuracy/security of such models, (b) the potential advantages of combining different prediction models, (c) the power consumption resulting from the simultaneous application of multiple models, and (d) the lack of strategic approaches in the analysis of information aiming to find the most advantageous data and balance divergent results. To address these issues, we analyze in this paper the performance of two prediction methods: linear regression and Grey model. We have evaluated their corresponding energy costs for reliably identifying each node position. The results, obtained via simulations, are added to independent vectors and statistical indicators are gathered to create a game theory payoffmatrix. The proposed model allows the evaluation of the predictive methods either individually or collectively, facilitating the identification of the best parameters for a target energy saving profile.
Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today’s comp... more Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today’s computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for antici- pating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
Adaptive E-learning was proposed to be suitable for students with unique profiles, particular int... more Adaptive E-learning was proposed to be suitable for students with unique profiles, particular interests, and from different domains of knowledge, so profiles may consider specific goals of the students, as well as different preferences, knowledge level, learning style, rendering psychological profile, and more. Another approach to be taken into account today is the self-directed learning. Unlike the adaptive E-learning, the Self-directed learning is related to independence or autonomy in learning; it is a logical link for readiness for E-learning, where students pace their classes according to their own needs.This book provides information on the On-Job Training and Interactive Teaching for E-learning and is divided into four sections. The first section covers motivations to be considered for E-learning while the second section presents challenges concerning E-learning in areas like Engineering, Medical education and Biological Studies. New approaches to E-learning are introduced in the third section, and the last section describes the implementation of E-learning Environments.
Technology development, mainly for telecommunications and computer systems, was a key factor for ... more Technology development, mainly for telecommunications and computer systems, was a key factor for the interactivity and, thus, for the expansion of e-learning. This book is divided into two parts, presenting some proposals to deal with e-learning challenges, opening up a way of learning about and discussing new methodologies to increase the interaction level of classes and implementing technical tools for helping students to make better use of e-learning resources. In the first part, the reader may find chapters mentioning the required infrastructure for e-learning models and processes, organizational practices, suggestions, implementation of methods for assessing results, and case studies focused on pedagogical aspects that can be applied generically in different environments. The second part is related to tools that can be adopted by users such as graphical tools for engineering, mobile phone networks, and techniques to build robots, among others. Moreover, part two includes some chapters dedicated specifically to e-learning areas like engineering and architecture.
E-learning enables students to pace their studies according to their needs, making learning acces... more E-learning enables students to pace their studies according to their needs, making learning accessible to (1) people who do not have enough free time for studying - they can program their lessons according to their available schedule; (2) those far from a school (geographical issues), or the ones unable to attend classes due to some physical or medical restriction. Therefore, cultural, geographical and physical obstructions can be removed, making it possible for students to select their path and time for the learning course. Students are then allowed to choose the main objectives they are suitable to fulfill. This book regards E-learning challenges, opening a way to understand and discuss questions related to long-distance and lifelong learning, E-learning for people with special needs and, lastly, presenting case study about the relationship between the quality of interaction and the quality of learning achieved in experiences of E-learning formation.
For many applications based on Mobile Ad Hoc Networks
(MANETs), the position of the nodes is gene... more For many applications based on Mobile Ad Hoc Networks (MANETs), the position of the nodes is generally hard to be determined. In sensor networks, for instance, such information may be critical for the MANETs. Additionally, one problem to be faced in this scenario is the fake parameters broadcasted by misbehaving/malicious nodes, which can either compromise results about positioning, or deplete power resources of mobile devices. Therefore, in this paper we propose a model for (1) identifying the fake parameters broadcasted in the network, and for (2) detecting the malicious/misbehaving nodes. The Linear Regression and Variance Analysis (LRVA) are both the basis for the multi-step-ahead predictions in this paper. Through NS-2 and Avrora, we simulated the movement and energy consumption of nodes in a MANET, analyzing the time series of beacon-packets exchanged in the network. As a result of the LRVA employment, the fake parameters broadcasted in the network were detected, with the malicious/misbehaving nodes identified. The simulations presented in this paper show low power consumption, which allows the jointly employment of LRVA with other security techniques in the MANETs.
Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction c... more Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction compose the IP-connected Internet of Things (IoT). These devices are resource constrained in processing, memory, and energy-battery operated. IoT devices can have various applications. Although, when directly connected to the Internet they are susceptible to threats (e.g., malicious tamper of packet content to reduce the reliability of device data, the flood of requisitions for the devices to drain their energy). In this way, the literature shows the use of end-toend security to provide confidentiality, authenticity, and integrity of IoT devices data. However, even with the benefit of secure IoT data, they are not enough to ensure reliable measurements. For this reason, this work presents a reliability model for IoT, focused on the identification of anomalous measurements (using multivariate statistics). In the experiments, we use spatial (proximity) and temporal (time interval variation) correlation, and datasets with true and false data. Additionally, we use an end-to-end secure scenario and analysis of energy consumption. The results prove the feasibility of the triad: reliability (within a system that identifies the type of the anomalous measurements), security, and low energy consumption.
Industrial Control Systems (ICS) networks offer a high level of automation combined with high lev... more Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality, and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gateway to enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the sim...
Journal of Information Security and Cryptography (Enigma)
Transparency and security in an electoral process are fundamental to the legitimacy of the result... more Transparency and security in an electoral process are fundamental to the legitimacy of the results and the confidence of voters. Thus, it is necessary to assess opportunities to improve traditional voting systems. Among the main problems is the lack of transparency, due to the impossibility of a voter checking their vote and the lack of access to the source from which the results are obtained. Another problem is mobility, due to the impossibility of performing remote voting, as traditional voting systems continue to require the physical presence of the voter in an electoral zone. Thus, the objective of this work is to propose a voting system that is functional, transparent, safe, and accessible to everyone. Voters can vote through a mobile application with biometric authentication using fingerprint and password access. In our proposal, votes are registered in an Ethereum Blockchain through a Smart Contract, allowing the voter to check their vote. The results are expected to collabor...
Resumo: O ordenamento jurídico brasileiro define os crimes cibernéticos como próprios ou imprópri... more Resumo: O ordenamento jurídico brasileiro define os crimes cibernéticos como próprios ou impróprios. O crime cibernético próprio pode ser simplificadamente definido como aquele onde o bem jurídico tutelado é a informática, por exemplo, no caso de destruição de uma base de dados. Já o crime cibernético impróprio, refere-se ao emprego de recursos informáticos como auxiliares na prática de ilícitos, como o uso das mídias sociais para ataques a honra. Logo, o computador poderá se tornar um local de crime, no qual a abordagem in vivo poderá produzir evidências reconhecidamente relevantes, tais como a identificação dos processos em execução e das conexões de rede ativas, dentre outras informações normalmente indisponíveis em análises post-mortem. Palavras-Chave: Crimes cibernéticos; local de crime; in vivo; post-mortem. Abstract: The Brazilian legal system defines cybercrimes as proper or improper. In a simple way, proper cybercrimes can be defined as the one where the legal good protected is the information technology, for example, in case of destruction of a database. Improper cybercrime, however, refers to the use of computer resources as an aid to illicit practices, such as the use of social media to attack honor. Therefore, the computer may turn into a crime scene, where the in vivo approach could produce relevant evidence, such as the identification of running processes and active network connections, among other information not usually available in post-mortem analysis. Introdução O expressivo crescimento verificado em relação ao uso dos recursos e serviços computacionais ao longo das últimas décadas trouxe consigo novas e deturpadas formas de utilização dos computadores, os quais passaram a ser empregados também como poderosas ferramentas em condutas delituosas, fato que, dentre outras maneiras, pode ser verificado por meio
Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction c... more Wireless sensor and actuator devices with direct IPv6 Internet access with no human interaction compose the IP-connected Internet of Things (IoT). These devices are resource constrained in processing, memory, and energy—battery operated. IoT devices can have various applications. Although, when directly connected to the Internet they are susceptible to threats (e.g., malicious tamper of packet content to reduce the reliability of device data, the flood of requisitions for the devices to drain their energy). In this way, the literature shows the use of end-to-end security to provide confidentiality, authenticity, and integrity of IoT devices data. However, even with the benefit of secure IoT data, they are not enough to ensure reliable measurements. For this reason, this work presents a reliability model for IoT, focused on the identification of anomalous measurements (using multivariate statistics). In the experiments, we use spatial (proximity) and temporal (time interval variation) correlation, and datasets with true and false data. Additionally, we use an end-to-end secure scenario and analysis of energy consumption. The results prove the feasibility of the triad: reliability (within a system that identifies the type of the anomalous measurements), security, and low energy consumption.
E-learning enables students to pace their studies according to their needs, making learning acces... more E-learning enables students to pace their studies according to their needs, making learning accessible to (1) people who do not have enough free time for studying - they can program their lessons according to their available schedule; (2) those far from a school (geographical issues), or the ones unable to attend classes due to some physical or medical restriction. Therefore, cultural, geographical and physical obstructions can be removed, making it possible for students to select their path and time for the learning course. Students are then allowed to choose the main objectives they are suitable to fulfill. This book regards E-learning challenges, opening a way to understand and discuss questions related to long-distance and lifelong learning, E-learning for people with special needs and, lastly, presenting case study about the relationship between the quality of interaction and the quality of learning achieved in experiences of E-learning formation.
Technology development, mainly for telecommunications and computer systems, was a key factor for ... more Technology development, mainly for telecommunications and computer systems, was a key factor for the interactivity and, thus, for the expansion of e-learning. This book is divided into two parts, presenting some proposals to deal with e-learning challenges, opening up a way of learning about and discussing new methodologies to increase the interaction level of classes and implementing technical tools for helping students to make better use of e-learning resources. In the first part, the reader may find chapters mentioning the required infrastructure for e-learning models and processes, organizational practices, suggestions, implementation of methods for assessing results, and case studies focused on pedagogical aspects that can be applied generically in different environments. The second part is related to tools that can be adopted by users such as graphical tools for engineering, mobile phone networks, and techniques to build robots, among others. Moreover, part two includes some chapters dedicated specifically to e-learning areas like engineering and architecture.
With the resources provided by communication technologies, E-learning has been employed in multip... more With the resources provided by communication technologies, E-learning has been employed in multiple universities, as well as in wide range of training centers and schools. This book presents a structured collection of chapters, dealing with the subject and stressing the importance of E-learning. It shows the evolution of E-learning, with discussion about tools, methodologies, improvements and new possibilities for long-distance learning. The book is divided into three sections and their respective chapters refer to three macro areas. The first section of the book covers methodologies and tools applied for E-learning, considering collaborative methodologies and specific environments. The second section is about E-learning assessment, highlighting studies about E-learning features and evaluations for different methodologies. The last section deals with the new developments in E-learning, emphasizing subjects like knowledge building in virtual environments, new proposals for architectures in tutoring systems, and case studies.
Currently, security of the cyber space (computer networks and the Internet) is mostly based on de... more Currently, security of the cyber space (computer networks and the Internet) is mostly based on detection and/or blocking of attacks by the use of Intrusion Detection and Prevention System (IDPS), according to (National Institute of Standards and Technology [NIST SP800-94], 2010). However IDPS lacks in security as it is based on postmortem approaches - threats and attacks are identified and/or blocked only after they can inflict serious damage to the computer systems either while attacks are happening, or when attacks have already imposed losses to the systems (Haslum et al, 2008). On the subject of earthquakes, one can notice the same kind of limitation: once an earthquake has already begun, devices can provide warnings with just few seconds before major shaking arrives at a given location (Bleier & Freund, 2005), (Su & Zhu, 2009). In the cyber space context, intending to cover the deficiency of late warnings, predicting techniques have already been approached in a small number of studies for cyber attacks in the last few years (Pontes & Zucchi, 2010), (Haslum et al, 2008), (Lai-Chenq, 2007), (Yin et al 2004).
Among the problems encountered in the use of
Intrusion Detection Systems (IDS), can be listed th... more Among the problems encountered in the use of
Intrusion Detection Systems (IDS), can be listed the
difficulty to understand the strategies of the attacks and the
huge amount of alerts generated. The analysis of alerts can
be difficult because many alerts are kind of false positive
and eventually lead to false results. Correlate alerts issued
by an IDS based on its causes and consequences is a way of
highlighting strategies and establish links between the
attacks. However, many alerts, called isolates did not
correlate to others. Within this context, the ideal is to check
the veracity of alerts (isolated and correlated) through
other sources (cross-correlation), for example, logs taken
from the operating system. Therefore, the objective is to
propose an Event Analysis System (SAE) which allows
multi-correlate security alerts information from a SDI with
the operating system logs and analyze the alerts isolates for
the identification of false positives alerts.
Risk Management in Environment, Production and Economy, Sep 12, 2011
The goal of this chapter is to propose a comprehensive RM framework, in which the traditional app... more The goal of this chapter is to propose a comprehensive RM framework, in which the traditional approach (with the establishment of risk levels to attend the business requirements) is extended to add a new phase for handling variables concerning ROSI statements. As a result we intend to address the impact of the comprehensive RM framework over the traditional RM in IS, in order to obtain cost-effectiveness of IS controls, educing uncertainties and risks in IT environment, and finally improving the probability of ositive rates of ROSI.
Adaptive E-learning was proposed to be suitable for students with unique profiles, particular int... more Adaptive E-learning was proposed to be suitable for students with unique profiles, particular interests, and from different domains of knowledge, so profiles may consider specific goals of the students, as well as different preferences, knowledge level, learning style, rendering psychological profile, and more. Another approach to be taken into account today is the self-directed learning. Unlike the adaptive E-learning, the Self-directed learning is related to independence or autonomy in learning; it is a logical link for readiness for E-learning, where students pace their classes according to their own needs.This book provides information on the On-Job Training and Interactive Teaching for E-learning and is divided into four sections. The first section covers motivations to be considered for E-learning while the second section presents challenges concerning E-learning in areas like Engineering, Medical education and Biological Studies. New approaches to E-learning are introduced in the third section, and the last section describes the implementation of E-learning Environments.
Applications for mobile ad-hoc networks are heavily dependent on information about the nodes posi... more Applications for mobile ad-hoc networks are heavily dependent on information about the nodes positions. Since the network may include malicious nodes providing bogus data (e.g., fake positions), the reliability of this information is critical. Although this problem has been addressed by some predictivemodels, challenges still exist regarding (a) the accuracy/security of such models, (b) the potential advantages of combining different prediction models, (c) the power consumption resulting from the simultaneous application of multiple models, and (d) the lack of strategic approaches in the analysis of information aiming to find the most advantageous data and balance divergent results. To address these issues, we analyze in this paper the performance of two prediction methods: linear regression and Grey model. We have evaluated their corresponding energy costs for reliably identifying each node position. The results, obtained via simulations, are added to independent vectors and statistical indicators are gathered to create a game theory payoffmatrix. The proposed model allows the evaluation of the predictive methods either individually or collectively, facilitating the identification of the best parameters for a target energy saving profile.
Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today’s comp... more Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today’s computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for antici- pating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
Adaptive E-learning was proposed to be suitable for students with unique profiles, particular int... more Adaptive E-learning was proposed to be suitable for students with unique profiles, particular interests, and from different domains of knowledge, so profiles may consider specific goals of the students, as well as different preferences, knowledge level, learning style, rendering psychological profile, and more. Another approach to be taken into account today is the self-directed learning. Unlike the adaptive E-learning, the Self-directed learning is related to independence or autonomy in learning; it is a logical link for readiness for E-learning, where students pace their classes according to their own needs.This book provides information on the On-Job Training and Interactive Teaching for E-learning and is divided into four sections. The first section covers motivations to be considered for E-learning while the second section presents challenges concerning E-learning in areas like Engineering, Medical education and Biological Studies. New approaches to E-learning are introduced in the third section, and the last section describes the implementation of E-learning Environments.
Technology development, mainly for telecommunications and computer systems, was a key factor for ... more Technology development, mainly for telecommunications and computer systems, was a key factor for the interactivity and, thus, for the expansion of e-learning. This book is divided into two parts, presenting some proposals to deal with e-learning challenges, opening up a way of learning about and discussing new methodologies to increase the interaction level of classes and implementing technical tools for helping students to make better use of e-learning resources. In the first part, the reader may find chapters mentioning the required infrastructure for e-learning models and processes, organizational practices, suggestions, implementation of methods for assessing results, and case studies focused on pedagogical aspects that can be applied generically in different environments. The second part is related to tools that can be adopted by users such as graphical tools for engineering, mobile phone networks, and techniques to build robots, among others. Moreover, part two includes some chapters dedicated specifically to e-learning areas like engineering and architecture.
E-learning enables students to pace their studies according to their needs, making learning acces... more E-learning enables students to pace their studies according to their needs, making learning accessible to (1) people who do not have enough free time for studying - they can program their lessons according to their available schedule; (2) those far from a school (geographical issues), or the ones unable to attend classes due to some physical or medical restriction. Therefore, cultural, geographical and physical obstructions can be removed, making it possible for students to select their path and time for the learning course. Students are then allowed to choose the main objectives they are suitable to fulfill. This book regards E-learning challenges, opening a way to understand and discuss questions related to long-distance and lifelong learning, E-learning for people with special needs and, lastly, presenting case study about the relationship between the quality of interaction and the quality of learning achieved in experiences of E-learning formation.
For many applications based on Mobile Ad Hoc Networks
(MANETs), the position of the nodes is gene... more For many applications based on Mobile Ad Hoc Networks (MANETs), the position of the nodes is generally hard to be determined. In sensor networks, for instance, such information may be critical for the MANETs. Additionally, one problem to be faced in this scenario is the fake parameters broadcasted by misbehaving/malicious nodes, which can either compromise results about positioning, or deplete power resources of mobile devices. Therefore, in this paper we propose a model for (1) identifying the fake parameters broadcasted in the network, and for (2) detecting the malicious/misbehaving nodes. The Linear Regression and Variance Analysis (LRVA) are both the basis for the multi-step-ahead predictions in this paper. Through NS-2 and Avrora, we simulated the movement and energy consumption of nodes in a MANET, analyzing the time series of beacon-packets exchanged in the network. As a result of the LRVA employment, the fake parameters broadcasted in the network were detected, with the malicious/misbehaving nodes identified. The simulations presented in this paper show low power consumption, which allows the jointly employment of LRVA with other security techniques in the MANETs.
Uploads
Papers by A. Guelfi
Intrusion Detection Systems (IDS), can be listed the
difficulty to understand the strategies of the attacks and the
huge amount of alerts generated. The analysis of alerts can
be difficult because many alerts are kind of false positive
and eventually lead to false results. Correlate alerts issued
by an IDS based on its causes and consequences is a way of
highlighting strategies and establish links between the
attacks. However, many alerts, called isolates did not
correlate to others. Within this context, the ideal is to check
the veracity of alerts (isolated and correlated) through
other sources (cross-correlation), for example, logs taken
from the operating system. Therefore, the objective is to
propose an Event Analysis System (SAE) which allows
multi-correlate security alerts information from a SDI with
the operating system logs and analyze the alerts isolates for
the identification of false positives alerts.
(MANETs), the position of the nodes is generally hard to
be determined. In sensor networks, for instance, such information
may be critical for the MANETs. Additionally, one problem to
be faced in this scenario is the fake parameters broadcasted
by misbehaving/malicious nodes, which can either compromise
results about positioning, or deplete power resources of mobile
devices. Therefore, in this paper we propose a model for (1)
identifying the fake parameters broadcasted in the network, and
for (2) detecting the malicious/misbehaving nodes. The Linear
Regression and Variance Analysis (LRVA) are both the basis for
the multi-step-ahead predictions in this paper. Through NS-2 and
Avrora, we simulated the movement and energy consumption of
nodes in a MANET, analyzing the time series of beacon-packets
exchanged in the network. As a result of the LRVA employment,
the fake parameters broadcasted in the network were detected,
with the malicious/misbehaving nodes identified. The simulations
presented in this paper show low power consumption, which
allows the jointly employment of LRVA with other security
techniques in the MANETs.
Intrusion Detection Systems (IDS), can be listed the
difficulty to understand the strategies of the attacks and the
huge amount of alerts generated. The analysis of alerts can
be difficult because many alerts are kind of false positive
and eventually lead to false results. Correlate alerts issued
by an IDS based on its causes and consequences is a way of
highlighting strategies and establish links between the
attacks. However, many alerts, called isolates did not
correlate to others. Within this context, the ideal is to check
the veracity of alerts (isolated and correlated) through
other sources (cross-correlation), for example, logs taken
from the operating system. Therefore, the objective is to
propose an Event Analysis System (SAE) which allows
multi-correlate security alerts information from a SDI with
the operating system logs and analyze the alerts isolates for
the identification of false positives alerts.
(MANETs), the position of the nodes is generally hard to
be determined. In sensor networks, for instance, such information
may be critical for the MANETs. Additionally, one problem to
be faced in this scenario is the fake parameters broadcasted
by misbehaving/malicious nodes, which can either compromise
results about positioning, or deplete power resources of mobile
devices. Therefore, in this paper we propose a model for (1)
identifying the fake parameters broadcasted in the network, and
for (2) detecting the malicious/misbehaving nodes. The Linear
Regression and Variance Analysis (LRVA) are both the basis for
the multi-step-ahead predictions in this paper. Through NS-2 and
Avrora, we simulated the movement and energy consumption of
nodes in a MANET, analyzing the time series of beacon-packets
exchanged in the network. As a result of the LRVA employment,
the fake parameters broadcasted in the network were detected,
with the malicious/misbehaving nodes identified. The simulations
presented in this paper show low power consumption, which
allows the jointly employment of LRVA with other security
techniques in the MANETs.