Loading...
Search for:
firewall
0.009 seconds
Specification and verification of security policies in firewalls
, Article Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) ; Volume 2510 , 2002 , Pages 154-163 ; 03029743 (ISSN) ; Rezvani, M ; Sharif University of Technology
2002
Abstract
Rules are used as a way of managing and configuring firewalls to fulfill security requirements in most cases. Managers have to specify their organizational security policies using low level and order-dependent rules. Furthermore, dependency of firewalls to the network topology, frequent changes in network topology (specially in dynamic networks), and lack of a method for analysis and verification of specified security policy may reduce to inconsistencies and security holes. Existence of a higher level environment for security policy specification can rectify part of the problems. In this paper we present a language for high level and formal specification of security policy in firewalls....
Web Application Attack Pattern Extraction using Deep Learning
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
One of the most important requirements in deploying a security system is to ensure the effectiveness and absence of bypass patterns. This is especially important for attack-based detection systems. One of the systems that has recently attracted the attention of network administrators is Web Application Firewall (WAF). The purpose of this thesis is to propose a deep learning approach to identify the pattern of SQL Injection (SQLi) attacks which could potentially bypass a WAF. We delve into the problem of detecting SQLi attacks among a very large dataset of existing SQL queries. To this end, we use one of the latest implementation of Recurrent Neural Network (RNN) called Long Short-Term Memory...
Web driven alert verification
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; Sep , 2014 , p. 180-185 ; Sepahi, A ; Jalili, R ; Sharif University of Technology
Abstract
A web attack is an attack against a web server through the HTTP Protocol. By analyzing known web attacks, we find out that each one has its own behavior. Vestiges of their behavior could be detected in non-body parts of the HTTP Protocol. Such information can be used to verify web alerts generated by Web Application Firewalls (WAFs) and Web Intrusion Detection Systems (Web IDSs). In this paper, we propose a method to verify web alerts generated by mentioned sensors. The goal of the alert verification component is to eliminate or tag alerts that do not represent successful attacks. Our approach is based on analyzing HTTP Transaction metadata, including Request method, Request Headers, Status...
Attack Detection in Web Applications Firewall by Learning from Application’s Source Code
, M.Sc. Thesis Sharif University of Technology ; Amini, Morteza (Supervisor)
Abstract
Due to increasing web-based attacks against web applications and inefficiency of intrusion detection and prevention systems for detecting and preventing web attacks in the application layer, web application firewalls (WAF) developed to deal with this problem. There are most common attacks affecting today’s web applications like SQL Injection (SQLi), Cross-Site Scripting (XSS) and Logical attacks. The Logical attack focuses on the abuse or exploitation of a web application’s logic flow, and unlike SQLi and XSS, it depends on the web application functionality. Nowadays, there are a lot of methods for designing a WAF which are divided into two categories: Signature-based and Anomaly-based...
Implementing a Software-Defined-Network Firewall on FPGA
, M.Sc. Thesis Sharif University of Technology ; Jahangir, Amir Hossein (Supervisor)
Abstract
Software defined networks are developed to provide programmability and a centralized view in networks by decoupling control plane from data plane. Software defined networks are now well received,and these networks are evolving every day. This is while more attention has been paid to widen the application of these networks and eliminating the shortcomings in their performance. On the other hand, in very large networks, the issue of efficiency and processing speed is of great importance. However, performance in these networks is not satisfactory, especially in single controller based SDN due to the complex processing of packets in a unique controller. Security needs are also of great...
A risk-based decision making approach to determine fireproofing requirements against jet fires
, Article Journal of Loss Prevention in the Process Industries ; Volume 26, Issue 4 , 2013 , Pages 771-781 ; 09504230 (ISSN) ; Rad, A ; Kareshki, H ; Abdolhamidzadeh, B ; Parvizsedghy, R ; Rashtchian, D ; Sharif University of Technology
2013
Abstract
API Publication 2218 is one of the most referred practices for fireproofing of onshore structural supports. Despite the extensive citation, it solely considers the effects of pool fire and rarely addresses jet fire outcomes. This absence of an explicit approach is common among all the other major references. Therefore, the basic objective of this paper is to introduce a new approach for determination of the necessity for fireproofing of structural supports against jet fires. For this purpose, the flame geometry and duration of jet fires are simulated for different leak sizes in identified fire potential sources. Then, following a worst-case analysis, those structures that may be impinged by...
Capturing an intruder in the pyramid
, Article 1st International Computer Science Symposium in Russia, CSR 2006, St. Petersburg, 8 June 2006 through 12 June 2006 ; Volume 3967 LNCS , 2006 , Pages 580-590 ; 03029743 (ISSN) ; Imani, N ; Sarbazi Azad, H ; Sharif University of Technology
Springer Verlag
2006
Abstract
In this paper, we envision a solution for the problem of capturing an intruder in one of the most popular interconnection topologies, namely the pyramid. A set of agents collaborate to capture a hostile intruder in the network. While the agents can move in the network one hop at a time, the intruder is assumed to be arbitrarily fast, i.e. it can traverse any number of nodes contiguously as far as there are no agents in those nodes. Here we consider a new version of the problem where each agent can replicate new agents when needed, i.e. the algorithm starts with a single agent and new agents are created on demand. In particular, we propose two different algorithms on the pyramid network and...
Hardware Acceleration of Deep Learning based Firewalls Using FPGA
, M.Sc. Thesis Sharif University of Technology ; Jahangir, Amir Hossein (Supervisor)
Abstract
In recent years, due to the drawback of rule-based firewalls in detecting unknown attacks, using neural networks has got more attention to be used in firewalls. As the computation load of neural networks are so much there is a need to decrease the processing time and power consumption as they are under load 24/7. Although there have been huge achievements in the usage of graphics processing units (which contain numerous processing cores) in neural networks, their high power consumption has made the scientists think about an alternative to implement neural networks. Field Programmable Gate Array (FPGA) is one of the most serious candidates to be used for implementing neural networks. The goal...
Reliability evaluation of power grids considering integrity attacks against substation protective IEDs
, Article IEEE Transactions on Industrial Informatics ; Volume 16, Issue 2 , 2020 , Pages 1035-1044 ; Fotuhi Firuzabad, M ; Farzin, H ; Sharif University of Technology
IEEE Computer Society
2020
Abstract
Secure operation of protective intelligent electronic devices (IEDs) has been recognized as a crucial issue for power grids. By gaining access to substation IEDs, intruders can severely disrupt the operation of protection systems. This paper develops an analytical reliability assessment framework for quantifying the impacts of the hypothesized integrity attacks against protection systems. Petri net models are used to simulate possible intrusion scenarios into substation networks. The cyber network model is constructed from firewall, intrusion prevention system (IPS), and password models, which are three types of defense mechanisms for protecting substation networks. In this paper, two main...