Sharif Digital Repository

Access control, which is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied, plays an important role in the system security. The existing of non-monotonicity property in a deduction and decision making process means that some of the previous deductions or decisions may be retracted by adding new information and premises. Based on the definition, in a non-monotonic access control system, adding new information or access control rules may invalidate some of the previous conclusions (permissions/prohibitions). The requirements such as decision making based on the imperfect information, supporting... 

Portfolio is a collection of different stocks for investment. The investors' objectives in portfolio formation are to get the highest return against exposure to the lowest risk. Portfolio Optimization Problem is one of the most complicated problems in investment and finance. It may be simply explained as follows: Let's imagine a set of N stocks for selection. We would like to see what percentage of the total amount of investment should be dedicated to each stock to maximize portfolio's total return and minimize its total risk.
Portfolio Optimization Problem is a NP-Hard problem and generally there exists no polynomial-time deterministic algorithm to find a precise solution to such a... 

Hub and Spoke networks come into play when considering direct link between all origins and destinations is either impossible or expensive in a transportation system. In this kind of problems, some nodes are chosen as hub from all origin and destination nodes to collect flows and then distribute them. Implementing hub network leads to minimizing transportation cost, sorting flows and conveying them in economies of scale. Otherwise, shipping flows directly may cause decreasing the travelling distance and the delivery time consequently. In this dissertation, combination of hub network and direct shipment is investigated. To obtain the optimal hub locations and direct links between non-hub nodes... 

In real life, we can not always expect agents and authorities to have the same desires. Also when it comes to conflicts, agents always tend to break the authorities’ norms to follow their own strategies. Hence we can not expect strict norms to model an actual real life situation.In this article we introduce punishment normative systems, based on multi-agent Marokov chain processes (MMDPs). We try to extend the punishment idea to be also applicable on long-run and infinite strategies. We consider a version of the multi-agent model that is widely used in different situations and then provide an algorithm to find a fair normative system that distributes obligations equally on the agents, while... 

This dissertation attempts to develop four inventory control models for two-echelon supply chains. For the all models, the retailers face Poisson demand and lost sales during a stockout. There is also a time-dependent holding cost and a cost per unit of lost sales. However, there is no (or negligible) cost associated with placing an order.
For the first model, we consider a two-echelon inventory system with one central warehouse and a number of retailers. The central warehouse applies (R, Q) policy and retailers apply base stock policy. In this model, we approximate the arrival process of the central warehouse and obtain the total cost of the system, as well as the optimal solution.... 

Production scheduling is such a key issue that directly influences on the performance of the machines and efficiency of production line. This category of problems is to find simultaneously the lot sizes and their sequence over a finite set of planning periods.
In this Thesis a multi objective production planning and job shop scheduling problem is investigated. The objectives are minimization of the production cost and minimization of production time smoothness in consecutive periods. As the problem is shown to be NP-hard, two multi-objectives genetic algorithms with two approaches in selection of parents and crowding distance index are proposed to solve this problem. In these two meta... 

The rapid growth and increase in complexity of modern network and communication systems have made a demand for protecting organizations’ sensitive data and resources from malicious intrusions. Attackers and intruders perform malicious attacks by exploiting vulnerabilities, weaknesses, and flaws in computer systems using novel and advanced techniques. Traditional security mechanisms, such as authentication, access control, and firewall cannot prevent these attacks. Therefore, Intrusion detection systems (IDSs) are employed to detect abnormal activities and monitor network traffic and hosts’ events. These systems suffer from several limitations, including generating a huge amount of alerts and... 

With the growing deployment of host and network intrusion detection systems, analyzing generated alerts from these systems becomes critically important and challenging due to its complexity and high amount of data. A perfect intrusion detection system would be able to identify all the attacks without raising any false and non-relevant alarms. Unfortunately, false alarms are commonplace in intrusion detection systems. Non-relevant alerts, which are associated with attacks that were not successful, are also common. The process of identifying false and non-relevant alerts is called alert verification. Also nowadays, web applications are widely used in critical and important roles (e.g.,... 

With the growing deployment of host and network intrusion detection systems, analyzing generated alerts from these systems becomes critically important and challenging due to its complexity and high amount of data. Alert Correlation systems are a possible solution for deep analysis of incoming alerts in response to potential attacks against enterprise networks. Although several known alert correlation systems have been proposed for this purpose so far, most of them do not support high amount of input due to their centralized architecture. In this thesis, we propose a system architecture and approach for alert correlation to be extensible, flexible, and modular. The architecture encompasses... 

This research deals with a supply chain consisting of one vendor and several retailers. Every retailer orders a fixed discrete quantity in fixed discrete time intervals. Order quantity and order cycle of each retailer could be different from the others. The vendor orders the required quantity to a supplier to fulfill the received demands. Also the vendor orders a discrete quantity, which will be immediately received at the vendor’s warehouse. In this supply chain system, the lead-time is assumed to be zero and shortage is allowed for vendor. The aim is to find minimum vendor’s inventory cost. We proposed a backward Dynamic Programming algorithm for the model. The algorithm creates vendor’s... 

Extensive growth of the internet has had a profound effect on the business environment and rise to a phenomenon known as electronic commerce.electronic commerce has an important role in improvement of organization performance and likewise,has influence in everyday life.despite its name,e commerce is not fully automated.typically,online transactions require a significant level of human intervention.to achieve high degree of automation,we need a new model of software.this model is based upon the notion of agents.agents can act in different stages of e-commerce.one of the most important of these stages is negotiation.negotiation capabilities are essential for e-commerce systems.the agents... 

Recently many organizations outsource their data to an external server due to easier data maintenance. One of the security issues in data outsourcing scenario is the enforcement of data owner’s access control policies. This includes some challenges; namely, the number of keys needed to access authorized resources, efficient policy updating, write access control enforcement, user and data owner overhead, and preserving confidentiality of data and policies . Most of the existing proposed solutions address only some of these challenges, while they impose high overhead on both the data owner and users. Moreover, most of them address enfrocement of policies in form of access control matrix and... 

Insider threat is a significant security risk for organizations and hard to detect. Most of introduced detection methods need contextual data entries about users, or preprocessed user activity logs to detect insider threats while it is costly and time-consuming. In this thesis, we introduce a behavior analysis method that learns its context and detects multiple types of insider threats from raw logs and network traffic in real-time. This method, named XABA, learns user roles and exclusive behaviors, through analyzing raw logs related to each network session of the user. Then it checks for some abnormal patterns, and if so, triggers the appropriate alert. XABA is implemented on the big-stream... 

Differential privacy provides a powerful definition for protecting data privacy by adding noise. Differential privacy mechanisms add noise to the responses of queries made to a database. Differential privacy challenges the learning of useful information from a dataset without leaking any information about the individuals present in that dataset. However, studies have shown that these mechanisms make assumptions about the data that, if not met, can lead to privacy leaks. One of these assumptions is the lack of correlation between data. If an attacker is aware of the correlation between data, common mechanisms cannot guarantee differential privacy.This thesis proposes a solution for adding... 

Recent advances in Machine Learning and specially Deep Learning, have caused a dramatic increase in the use of these algorithms in different applications, such as sickness diagnosis, anomaly detection, malware detection, and etc. Since training deep neural networks requires a high cost in terms of both gathering loads of labeled data and computing and human resources, deep learning models are a part of an organization’s intellectual property and so, the importance of securing these models is increasing. One of the most important types of attacks that compromises the security of deep neural networks is black-box adversarial example attack. In adversarial example attacks, the adversary... 

Trust management is a new security solution for situations that there is not enough information about the members of a system. As other security solutions, trust management solutions are not secure against attacks and malicious behaviors. Collusion is one of the most destructive malicious behaviors in these systems. Colluders seek to unfairly affect the trust system. Most of the trust models are vulnerable against this malicious behavior or consider only a limited set of collusion scenarios to resist. Some other mitigation approaches are specific to a trust model and cannot be used by other models. One of the methods to implement trust is exploiting reputation. Reputation systems can be... 

Agent-Oriented Software Engineering is one of the novel and growing paradigms in computer science, which provides systematic approaches for analysis, designing, implementation and maintenance of multi-agent systems. Agents are the main entities of the agent-oriented software systems. Agents are autonomous and behave flexibly and intelligently. This paradigm is appropriate for developing open, complex, flexible and distributed systems. Design pattern is a general reusable solution to a commonly occurring problem within a specific context in software design. Using patterns in software design has many benefits such as increasing the quality and robustness of the software. Regarding the fact...