Elvis Pontes

An effective intrusion detection approach for jamming attacks on RFID systems

Private companies and government have decided to provide Radio Frequency Identification (RFID) systems in places of free access to the population. However, as a result of such exposition, these systems become vulnerable to Denial of Service (DoS) attacks that can cause unavailability in the services. Furthermore, another complicating factor in that context regards the equipment or devices used on RFID systems, since they operate in frequency bands reserved for secondary communication systems, and consequently they have too few computational resources to deal with malicious electromagnetic interferences. Therefore, in this paper an Intrusion Detection System (IDS) is proposed to identify the occurrence of the malicious behavior and to notify the system operator about one specific type of electromagnetic interference in RFID systems - the Jamming attack. The obtained results of the system show the jamming attacks are detected prior of having a significant impact on the communication between the RFID reader and the tag - i.e., the jamming attack was detected even with insufficient power to impact on communication.

Fifth derivative Gaussian pulse generator for UWB Breast Cancer Detection System

Design and test results of a fabricated integrated circuit Fifth-Order Derivative Gaussian Pulse Generator - FODGPG in a standard IBM 0.18 μm CMOS technology is presented. Is proposed a FODGPG that uses: (a) static inverters based delay circuit; (b) Phase Detector with n-dynamic block, n-Latch and static inverter and (c) NMOS Pulse Shaping circuit designed for high speed. The Transistor Dimensions were defined in order to obtain adequate characteristic of a fifth derivative Gaussian Pulse considering required specifications of Breast Cancer Detection System. Full custom layout with minimal dimensions was implemented. Five different fabricated ICs were tested and values of power supply, peak to peak voltage and width pulse were measured. The measured power supply was 244 μW, output pulse peak to peak amplitude was 115.2 mV and pulse width of 407.8 ps with a sinusoidal input signal of 100 MHz. The Pulse Generator circuit was tested resulting in Power Spectral Density with bandwidth of 0.6 GHz to 7.8 GHz that is adequate for UWB applications in Breast Cancer Detection.

Grey model and polynomial regression for identifying malicious nodes in MANETs

Nodes positioning is an essential issue for diverse applications in Mobile Ad Hoc Networks (MANETs). However, besides misbehaving nodes that could cause power depletion, MANETs are also susceptible to cyber-attacks, which can make the network unstable and/or unavailable. Therefore, considering the gaps aforementioned, the goal of this paper is to propose a model for identifying malicious/misbehaving nodes by: (1) the use of two forecasting methods (Grey Model and Polynomial Regression); (2) variability analysis; and (3) simulation of fake node positions. The obtained results allow concluding our model has high rate of accuracy for detecting malicious/misbehaving nodes.

Methodologies, Tools and New Developments for E-Learning

tasks which require complex activities whose performance cannot be univocally allocated, for example, a learning process. User tasks which are performed by the user, for instance, thinking or reasoning by the learner. Application tasks which are completely executed by the software product, for instance showing learning objects or a lesson. Interaction tasks. These tasks are performed by the user interacting with a computer, for instance, seeing a presentation, hearing a recorded presentation or reading bibliography. Table 15.1: Types of tasks of ConcurTaskTrees used in our task model proposal 411

Viterbi algorithm for detecting DDoS attacks

Distributed denial of service attacks aim at making a given computational resource unavailable to users. A substantial portion of commercial Intrusion Detection Systems operates only with detection techniques based on rules for the recognition of pre-established behavioral patterns (called signatures) that can be used to identify these types of attacks. However, the characteristics of these attacks are adaptable, compromising thus the efficiency of IDS mechanisms. Thus, the goal of this paper is to evaluate the feasibility of using the Hidden Markov Model based on Viterbi algorithm to detect distributed denial of service attacks in data communication networks. Two main contributions of this work can be described: the ability to identify anomalous behavior patterns in the data traffic with the Viterbi algorithm, as well as, to obtain feasible levels of accuracy in the detection of distributed denial of service attacks.

A Comprehensive Risk Management Framework for Approaching the Return on Security Investment (ROSI)

For designing cost-effective security strategies, organizations need practical and complete frameworks for security and risk management (RM), with methods for measuring and managing risks within organizations. In the recent years computer systems have become more present in all economic fields, improving activities in the industry, commerce, government, and researching areas. For the near future the same growing rate of cyber technology is projected for all those areas (Federal Information Security Management Act [FISMA], 2002). On the other hand, threats for this new way of doing business are also growing significantly: hackers, computer viruses, cyber-terrorists are making headlines daily (Internet Crime Complaint Center [IC3], 2008). Consequently, security has also become priority in all aspects of life, including business supported by computer systems (Sonnenreich et al, 2006). In this reasoning line, some major points may worry researchers, technology implementers, decision makers and investors: 1) the framework to be adopted in organizations for making business secure; 2) managing security and risk levels in organizations for making business workable; 3) mainly, the return of security investment has to be measured to make business profitable. For business, when the topic is security, it is hard not to consider the associated financial aspect, as any other costs (time, processing, electric power, throughput, etc.) (Pontes et al, 2009a, 2009b, 2009c, 2010). However, for the decision makers it does not matter whether firewalls or soldiers are going to protect the Enterprise Resource Planning (ERP) system and/or other servers. Instead, decision makers have to be aware of the costs related to security and the consequences on the bottom line, both for the present day and for the time yet to come (Sonnenreich et al, 2006). So, it is important that Information Technologic (IT) and Information Security (IS) professionals to be aware about how to justify costs and investments in IS (National Institute of Standards and Technology [NIST] SP800-65, 2005), (International Standardization Organization, [ISO] TR 13569, 2005). Besides, all the related security costs must be correctly presented faced to the real necessities. Risk Management (RM) and Risk Analysis (RA) are efficient means for both: to show the needs of protection and the impact in the overall business activity (ISO 13335, 2004), (ISO 27005, 2008). Usually employed together with RM, the Cost-Benefit Analysis (CBA) may identify the costeffectiveness for the security countermeasures, supporting the statements of the IT or IS

Energy-efficient node position identification through payoff matrix and variability analysis

Applications for mobile ad-hoc networks are heavily dependent on information about the nodes positions. Since the network may include malicious nodes providing bogus data (e.g., fake positions), the reliability of this information is critical. Although this problem has been addressed by some predictive models, challenges still exist regarding (a) the accuracy/security of such models, (b) the potential advantages of combining different prediction models, (c) the power consumption resulting from the simultaneous application of multiple models, and (d) the lack of strategic approaches in the analysis of information aiming to find the most advantageous data and balance divergent results. To address these issues, we analyze in this paper the performance of two prediction methods: linear regression and Grey model. We have evaluated their corresponding energy costs for reliably identifying each node position. The results, obtained via simulations, are added to independent vectors and statistical indicators are gathered to create a game theory payoff matrix. The proposed model allows the evaluation of the predictive methods either individually or collectively, facilitating the identification of the best parameters for a target energy saving profile.

Predicting model for identifying the malicious activity of nodes in MANETs

For many applications based on Mobile Ad Hoc Networks (MANETs), the position of the nodes is generally hard to be determined. In sensor networks, for instance, such information may be critical for the MANETs. Additionally, one problem to be faced in this scenario is the fake parameters broadcasted by misbehaving/malicious nodes, which can either compromise results about positioning, or deplete power resources of mobile devices. Therefore, in this paper we propose a model for (1) identifying the fake parameters broadcasted in the network, and for (2) detecting the malicious/misbehaving nodes. The Linear Regression and Variance Analysis (LRVA) are both the basis for the multi-step-ahead predictions in this paper. Through NS-2 and Avrora, we simulated the movement and energy consumption of nodes in a MANET, analyzing the time series of beacon-packets exchanged in the network. As a result of the LRVA employment, the fake parameters broadcasted in the network were detected, with the malicious/misbehaving nodes identified. The simulations presented in this paper show low power consumption, which allows the jointly employment of LRVA with other security techniques in the MANETs.

PRBS/EWMA based model for predicting burst attacks (Brute Froce, DoS) in computer networks

Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the todays computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.

Earthquake Prediction: Analogy with Forecasting Models for Cyber Attacks in Internet and Computer Systems

Currently, security of the cyber space (computer networks and the Internet) is mostly based on detection and/or blocking of attacks by the use of Intrusion Detection and Prevention System (IDPS), according to (National Institute of Standards and Technology [NIST SP80094], 2010). However IDPS lacks in security as it is based on postmortem approaches threats and attacks are identified and/or blocked only after they can inflict serious damage to the computer systems either while attacks are happening, or when attacks have already imposed losses to the systems (Haslum et al, 2008). On the subject of earthquakes, one can notice the same kind of limitation: once an earthquake has already begun, devices can provide warnings with just few seconds before major shaking arrives at a given location (Bleier & Freund, 2005), (Su & Zhu, 2009). In the cyber space context, intending to cover the deficiency of late warnings, predicting techniques have already been approached in a small number of studies for cyber attacks in the last few years (Pontes & Zucchi, 2010), (Haslum et al, 2008), (Lai-Chenq, 2007), (Yin et al 2004).