ﻻ يوجد ملخص باللغة العربية
This paper identifies an intrusion surveillance framework which provides an analyst with the ability to investigate and monitor cyber-attacks in a covert manner. Where cyber-attacks are perpetrated for the purposes of espionage the ability to understand an adversarys techniques and objectives are an important element in network and computer security. With the appropriate toolset, security investigators would be permitted to perform both live and stealthy counter-intelligence operations by observing the behaviour and communications of the intruder. Subsequently a more complete picture of the attackers identity, objectives, capabilities, and infiltration could be formulated than is possible with present technologies. This research focused on developing an extensible framework to permit the covert investigation of malware. Additionally, a Universal Serial Bus (USB) Mass Storage Device (MSD) based covert channel was designed to enable remote command and control of the framework. The work was validated through the design, implementation and testing of a toolset.
An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically work collabo
Networks are vulnerable to disruptions caused by malicious forwarding devices. The situation is likely to worsen in Software Defined Networks (SDNs) with the incompatibility of existing solutions, use of programmable soft switches and the potential o
Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the task of autom
Modern vehicles are complex cyber-physical systems made of hundreds of electronic control units (ECUs) that communicate over controller area networks (CANs). This inherited complexity has expanded the CAN attack surface which is vulnerable to message
Machine-learning based intrusion detection classifiers are able to detect unknown attacks, but at the same time, they may be susceptible to evasion by obfuscation techniques. An adversary intruder which possesses a crucial knowledge about a protectio