Poznań, Poland


Poznań, Poland
Time filter
Source Type

Choras M.,ITTI Ltd. | Choras M.,Institute of Telecommunications | Kozik R.,ITTI Ltd. | Kozik R.,Institute of Telecommunications | And 4 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2011

In this paper a concept and an architecture of the Federated Networks Protection System (FNPS) is proposed. The system components are described and, particularly, the Decision Module (FNPS-DM) is discussed. The major contributions of the paper are: concept of federated networks security, the proposition of the network events correlation approach and semantic notations aimed at detecting complex cyber attacks and 0-day exploits. Moreover P2P based communication between federated networks is proposed. © 2011 Springer-Verlag.

Choras M.,ITTI Ltd. | Choras M.,University of Technology and Life Sciences in Bydgoszcz | Saganowski L.,ITTI Ltd. | Saganowski L.,University of Technology and Life Sciences in Bydgoszcz | And 4 more authors.
Expert Systems | Year: 2012

In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper is novel framework for network security based on the correlation approach as well as new signal-based algorithm for intrusion detection on the basis of the Matching Pursuit (MP) algorithm. As to our best knowledge, we are the first to use MP for intrusion and anomaly detection in computer networks. In the presented experiments, we proved that our solution gives better results than intrusion detection based on discrete wavelet transform. © 2011 Blackwell Publishing Ltd.

Choras M.,ITTI Ltd. | Choras M.,University of Technology and Life Sciences in Bydgoszcz | D'Antonio S.,Consorzio Interuniversitario Nazionale per nformatica | Kozik R.,University of Technology and Life Sciences in Bydgoszcz | Holubowicz W.,Adam Mickiewicz University
WEBIST 2010 - Proceedings of the 6th International Conference on Web Information Systems and Technology | Year: 2010

In this paper our approach to heterogeneous networks vulnerability handling is presented. Vulnerabilities of heterogeneous networks like satellite, GSM/GPRS, UMTS, wireless sensor networks and the Internet have been identified, classified and described in the framework of the European co-funded project, named INTERSECTION (INfrastructure for heTErogeneous, Resilient, SEcure, Complex, Tightly Inter-Operating Networks). Since computer security incidents usually occur across administrative domains and interconnected networks it is quite clear that it would be advantageous for different organizations and network operators to be able to share data on network vulnerabilities. The exchange of vulnerability information and statistics would be crucial for proactive identification of trends that can lead to incident prevention. Network operators have always been reticent to disclose information about attacks on their systems or through their networks. However, this tendency seems to be overcome by the new awareness that it is only through cooperation that networking infrastructures can be made robust to attacks and failures. Starting from these considerations, we developed two components, namely INTERSECTION Vulnerability Database (IVD) and Project INTERSECTION Vulnerability Ontology Tool (PIVOT), for vulnerability data management and classification. Both tools will be presented in this paper.

Choras M.,University of Technology and Life Sciences in Bydgoszcz | Choras M.,ITTI Ltd.
Cybernetics and Systems | Year: 2013

In this article, a comprehensive approach to information sharing framework aimed at increasing network security and survivability is presented. Currently, in order to defend complex cyber-attacks and sophisticated cybercrime, comprehensive means of ensuring network security and survivability are highly demanded. Comprehensive is understood as (at least) technical, human, organizational, and regulatory dimensions, whereas technical means that both on-line and off-line aspects should be carefully taken into account. The focus of this article is on the technical dimension and, in particular, on information exchange mechanisms for on-line and off-line dimension. Firstly, the on-line information exchange mechanism dedicated for interconnected federated networks is described. Then, a proposition of the off-line network information sharing approach regarding results of the risk assessment, cybersecurity audits, threat ranking, etc., is discussed. Developments and results of information sharing mechanisms in both on-line and off-line network security dimensions are also described. Copyright © 2013 Taylor & Francis Group, LLC.

Maszewski M.,University of Technology and Life Sciences in Bydgoszcz | Wachowiak M.,ITTI Ltd | Taberski G.,Adam Mickiewicz University
Advances in Intelligent Systems and Computing | Year: 2014

A background subtraction and movement detection is a very popular subject of investigation in the video processing domain. Despite number of already proposed algorithms and methods the question of suitability of such algorithms in dynamically changing, realistic environment holds (e.g. parking lots). In this paper authors compare three different implementations of the saliency-based algorithms and Gaussian Mixture Model algorithm for different cameras on a parking lot. Authors show that matching algorithms to the scene can be improved by managing semantic knowledge about the scene. © Springer International Publishing Switzerland 2014.

Choras M.,ITTI Ltd. | Choras M.,Institute of Telecommunications | Kozik R.,ITTI Ltd. | Kozik R.,Institute of Telecommunications
Communications in Computer and Information Science | Year: 2011

In this paper we present semantic approach to network event correlation for large-scale federated intrusion detection system. The major contributions of this paper are: network event correlation mechanism and semantic reasoning based on the ontology. Our propositions and deployments are used in Federated Networks Protection System as a part of the Decision Module. © 2011 Springer-Verlag.

Choras M.,ITTI Ltd. | Choras M.,Institute of Telecommunications | Kozik R.,Institute of Telecommunications | Puchalski D.,ITTI Ltd. | And 2 more authors.
Advances in Intelligent Systems and Computing | Year: 2013

In this paper we prove that the correlation approach to SQL Injection Attacks allows improving results of such attacks detection. Moreover, we propose a novel method for SQLIA detection based on the genetic algorithm for determining anomalous queries. Experimental scenario is also described and the achieved results are reported. © 2013 Springer-Verlag Berlin Heidelberg.

Choras M.,ITTI Ltd | Choras M.,Institute of Telecommunications | Kozik R.,Institute of Telecommunications
Advances in Intelligent Systems and Computing | Year: 2014

The growing use of cloud services, increased number of users, novel mobile operating systems and changes in network infrastructures that connect devices create novel challenges for cyber security. In order to counter arising threats, network security mechanisms and protection schemes also evolve and use sophisticated sensors and methods. The drawback is that the more sensors (probes) are applied and the more information they acquire, the volume of data to process grows significantly. In this paper, we present real-time network data analysis mechanism. We also show the results for SQL Injection Attacks detection. © Springer International Publishing Switzerland 2014.

Kozik R.,Institute of Telecommunications | Choras M.,Institute of Telecommunications | Choras M.,ITTI Ltd
Advances in Intelligent Systems and Computing | Year: 2014

The increased usage of cloud services, growing number of users, changes in network infrastructure that connect devices running mobile operating systems, and constantly evolving network technology cause novel challenges for cyber security that have never been foreseen before. As a result, to counter arising threats, network security mechanisms, sensors and protection schemes have also to evolve in order to address the needs and problems of nowadays users. © Springer International Publishing Switzerland 2014.

Holubowicz W.,Adam Mickiewicz University | Dymowski W.,ITTI Ltd. | Springer T.,ITTI Ltd.
2012 Military Communications and Information Systems Conference, MCC 2012 | Year: 2012

The paper is aimed to present an approach to managing military experience and the software tool dedicated for this purpose. This approach (SIMS Lesson Learnt methodology) and the tool (SIMS Lesson Learnt tool) are one of the results of the European Defence Agency founded SIMS project focusing on force protection issues. The developed methodology is based on a recurrent and continuous lesson learnt process where phases of acquiring, analyzing and applying experience can be distinguished. In order to improve dissemination of knowledge, each phase of LL process is reached as soon as possible. Additionally, new information resulting from each phase is available for the widest possible range of all those concerned. To support lesson learnt process activities, a dedicated IT tool - SIMS LL - has been developed. The SIMS LL tool uses various methods of interactive, visual representation of the lesson learnt related data to enhance the operator cognition. The analysis of the data in terms of the SIMS LL tool refers mostly to identification of correlations between particular data entities (e.g. events, human terrain information) and drawing conclusions from such correlations. As a result of the analysis, lesson learnt related data entity with relevant correlations is being created (e.g. an observation with correlated events, lessons identified). In the end a recommendation which is a key product of analysing lesson learnt related data can be defined. Such recommendations may be a proposition of a certain change in regulations, the system of training and doctrines, based on the analyzed experiences and affecting directly safety and effectiveness of future military missions. © 2012 Military Univ of Tech.

Loading ITTI Ltd. collaborators
Loading ITTI Ltd. collaborators