Πλοήγηση ανά Συγγραφέας "Kefaloukos, Ioannis-Georgios"

Τώρα δείχνει 1 - 2 of 2
  • Μικρογραφία εικόνας
    Τεκμήριο
    Automated network data-driven seed generation for gray-box fuzzers based on generative adversarial network.
    (ΕΛΜΕΠΑ, Σχολή Μηχανικών (ΣΜΗΧ), ΠΜΣ Μηχανικών Πληροφορικής, 2024-09-03) Kefaloukos, Ioannis-Georgios; Κεφαλούκος, Ιωάννης-Γεώργιος; Markakis, Evangelos; Μαρκάκης, Ευάγγελος
    Cyber-attacks are assaults launched by cybercriminals utilizing network-enabled entities. Nowadays, the ever-increasing number of heterogeneous internet-connected entities has resulted in a wider cyber-threat landscape due to the exposure of their resources, services, and interfaces, potentially rendering the network prone to malicious attacks. With the introduction of new and the updation of existing architectural paradigms and methodologies such as Cloud Computing (CC), Fog Computing (FC), Extreme Edge Computing (EC), Internet of Things (loT), and Machine Learning (ML) and with the abundance of Information and Communications Technology (ICT) resources the attackers have devised more sophisticated ways to achieve their objectives. In our current era, the complexity that occurs in an ICT environment leads to new vulnerabilities within a network. At the same time, modern cybersecurity tools such as Intrusion Detection Systems (IDS), Anomaly Detection (AD), etc. focus on generic vulnerability categories. These issues, combined with the increase in variety and volume of cyber-attacks, pose an immense threat to everyone. Securing every connected entity within a network is a time-consuming, tedious, and challenging task, thus, a way to detect and address new vulnerabilities and bugs that each device and service contains had to be devised. Evidently, the detection of these vulnerabilities and bugs has to be automated, considering the number of services that co-exist in an entity and the vast number of different entities that co-exist within a network, thus guaranteeing its smooth operation. For that reason. fuzzing, an automated software testing technique, has gained traction for its potential to identify known and unknown vulnerabilities. However, prevailing fuzzing approaches often require human intervention in various steps of the process such as seed file generation, provide limited code coverage, and are resource-intensive. This work aims to explore automating and fine-tuning the seed file generation within grey-box fuzzers. To overcome these challenges, we propose a solution that automates seed refinement utilising a Generative Adversarial Network (GAN) in conjunction with dynamic network monitoring. By producing refined seed files and prioritizing them for testing, our approach aims to enhance vulnerability detection capabilities, deepening coverage while reducing processing time.
  • Μικρογραφία εικόνας
    Τεκμήριο
    Vulnerability assessment as a service over SDN infrastructures.
    (ΕΛ.ΜΕ.ΠΑ., ΣΧΟΛΗ ΜΗΧΑΝΙΚΩΝ (ΣΜΗΧ), Τμήμα Ηλεκτρολόγων Μηχανικών και Μηχανικών Υπολογιστών, 2020-10-22) Kefaloukos, Ioannis-Georgios; Κεφαλούκος, Ιωάννης-Γεώργιος
    The eruption of new technologies and paradigms such as cloud/edge computing and the Internet of Things, has brought a new era in the ICT domain, by extending ICT resources to infinity, thus allowing for the development and deployment of complex and resource-demanding applications and services, and by introducing millions or even billions of diverse network-enabled devices, providing context and valuable information. Apart from the tremendous positive aspects of this technological revolution, several issues have also been risen, the majority of which concern the security and privacy of infrastructures, data and by extension, the end-users/stakeholders. Large infrastructures face the pitfall of devices entering and exiting their networks, services and terminals operated by untrained and (Cyber) security unaware personnel, render them prone to malicious attacks. Towards addressing these issues, this thesis presents a pure-SDN automated framework that monitors and detects existing and newly-introduced network-enabled entities (devices, services, Virtual Machines, etc.) and assesses them against known vulnerabilities, produces a vulnerability score, based on the CVSS V3.0 standard, and assigns them to a connection-appropriate network slice, depending on the severity of the result/score. This framework was evaluated through a series of measurements and by-far outperformed other research initiatives by more than 70%.