Navegando por Assunto "Sistemas de recuperação da informação - Segurança"

Filtrar resultados informando o último nome do autor
Agora exibindo 1 - 4 de 4
  • Imagem de Miniatura
    Item
    Análise da utilização de aprendizado de máquina na redução do volume de alertas benignos
    (2019) Simião, Augusto Fernando de Melo; Soares, Rodrigo Gabriel Ferreira; http://lattes.cnpq.br/2526739219416964; http://lattes.cnpq.br/0529129636604731
    To aid in combating cyber attacks, Managed Security Services Providers (MSSPs) use SIEMs (Security Information and Event Management). SIEMs are able to aggregate, process and correlate vast amounts of events from different systems, alerting security analysts of the existence of threats, such as computer viruses and cyber attacks, in computer networks. However, SIEMs are known for the high rates of benign alertas (non-threatening alerts) warnings relative to malign alerts (threatening alerts). Due to the high volumes and prevalence of benign alertas, the analyst ignores alerts as a whole, which includes those that represent potential threats, thereby increasing the risk of a network compromise. This phenomenon is known as alert fatigue and has been a frequent target of applying machine learning techniques to reduce the volume of benign alerts. Modern SIEMs use machine learning, in correlation of events, so that only alerts that actually represent possible threats are reported. However, this correlation does not consider the analyst’s deliberation, thus allowing SIEMs to continue to generate alerts previously identified as benign. This paper investigates the use of the algorithms Naïve Bayesian Learning, Decision Tree and Random Forest, to reduce the volume of benign alerts using alerts previously identified by analysts, rather than the chain of events that generate such alerts. In this way, it was possible to show, through experiments, that supervised machine learning techniques can be applied in the identification of alerts previously identified as benign.
  • Imagem de Miniatura
    Item
    Análise das técnicas de segurança do framework laravel contra ataques as aplicações web
    (2019-07-11) Pacheco, Felipe Guimarães; Vanderlei, Igor Medeiros; http://lattes.cnpq.br/7448139435512224
    Web applications are increasingly present in our daily lives, helping us in various tasks, such as banking transactions, shopping sites, business systems, social networks, among others. A good part of these applications store and process data provided by the customer, where they are often confidential and need protection. To streamline the application development delivery process, many developers choose to make use of frameworks in designing the features of their projects. As a result, information security is not prioritized, and may cause future problems, such as attacks on web applications. Attacks on web applications are commonplace among crackers, given that these applications are not limited to an organization’s internal attacks alone, but to any user who access the internet. In the light of this, this work was developed that addresses an exploratory research aiming to present the integrated security techniques to the Laravel framework, analyzing each vulnerability by performing con-tra tests each using penetration tools and checking the resources present in the framework. The ten vulnerabilities listed by OWASP Top Ten, one of the data security projects developed by OWASP (Open Web Application Security Project) and aims to present the ten vulnerabilities of Internet applications that can cause more damage to systems on the Internet. Throughout the experiments, it is possible to illustrate to which vulnerabilities Laravel has defense mechanisms and how developers can use them to protect user data and against which vulnerabilities the organization does not have resources against external attacks.
  • Imagem de Miniatura
    Item
    Análise e proposta de diretrizes para um sistema de gerenciamento de segurança da informação no Instituto Nacional do Seguro Social de Garanhuns – INSS/GEXGAR
    (2019-07-11) Soares, Samir Josué Laranjeira; Ximenes, Assuero Fonseca; http://lattes.cnpq.br/0060135791012696
  • Imagem de Miniatura
    Item
    QRQueijo: sistema para validação e emissão de identificadores de queijos utilizando Blockchain
    (2019-07-12) Silva, Ademário José da; Mendonça, Sérgio Francisco Tavares de Oliveira; http://lattes.cnpq.br/6313698968060384; http://lattes.cnpq.br/3733518574144348
    The food chain in the food industry has generated more and more information about its processes. Ensuring the integrity and security of this information has been a challenge. The current work aims to understand and evaluate what kind of information is generated in these processes, as well as from the results obtained, implement a solution that can generate identifiers for cheeses and through a local Blockchain network validate this information, as well as from a mobile application it is possible to view this data. For this, it was necessary to understand the structure of Blockchain and its characteristics in relation to information security through a bibliographic search. Important points of traceability have been identified for food production processes. With the results it was possible to model and implement a web system capable of recording data about a cheese and its manufacturer in a local Blockchain network, validating the information provided and made available to its consumers through the QRQuejio (Android) application, in which the cheese was transported. And, using a multi-level query system, check the authenticity of the records by reading the system database and the local Blockchain to confirm the authenticity of the record.