Spelling suggestions: "subject:" attack"" "subject:" cuttack""
11 |
A Model for Calculating Damage Potential in Computer SystemsJanuary 2019 (has links)
abstract: For systems having computers as a significant component, it becomes a critical task to identify the potential threats that the users of the system can present, while being both inside and outside the system. One of the most important factors that differentiate an insider from an outsider is the fact that the insider being a part of the system, owns privileges that enable him/her access to the resources and processes of the system through valid capabilities. An insider with malicious intent can potentially be more damaging compared to outsiders. The above differences help to understand the notion and scope of an insider.
The significant loss to organizations due to the failure to detect and mitigate the insider threat has resulted in an increased interest in insider threat detection. The well-studied effective techniques proposed for defending against attacks by outsiders have not been proven successful against insider attacks. Although a number of security policies and models to deal with the insider threat have been developed, the approach taken by most organizations is the use of audit logs after the attack has taken place. Such approaches are inspired by academic research proposals to address the problem by tracking activities of the insider in the system. Although tracking and logging are important, it is argued that they are not sufficient. Thus, the necessity to predict the potential damage of an insider is considered to help build a stronger evaluation and mitigation strategy for the insider attack. In this thesis, the question that seeks to be answered is the following: `Considering the relationships that exist between the insiders and their role, their access to the resources and the resource set, what is the potential damage that an insider can cause?'
A general system model is introduced that can capture general insider attacks including those documented by Computer Emergency Response Team (CERT) for the Software Engineering Institute (SEI). Further, initial formulations of the damage potential for leakage and availability in the model is introduced. The model usefulness is shown by expressing 14 of actual attacks in the model and show how for each case the attack could have been mitigated. / Dissertation/Thesis / Masters Thesis Computer Science 2019
|
12 |
Cyber-Attack Modeling Analysis Techniques: An OverviewAl-Mohannadi, Hamad, Mirza, Qublai K.A., Namanya, Anitta P., Awan, Irfan U., Cullen, Andrea J., Pagna Disso, Jules F. January 2016 (has links)
Yes / Cyber attack is a sensitive issue in the world
of Internet security. Governments and business organisations
around the world are providing enormous effort to secure their
data. They are using various types of tools and techniques to
keep the business running, while adversaries are trying to breach
security and send malicious software such as botnets, viruses,
trojans etc., to access valuable data. Everyday the situation is
getting worse because of new types of malware emerging to attack
networks. It is important to understand those attacks both before
and after they happen in order to provide better security to
our systems. Understanding attack models provide more insight
into network vulnerability; which in turn can be used to protect
the network from future attacks. In the cyber security world, it
is difficult to predict a potential attack without understanding
the vulnerability of the network. So, it is important to analyse
the network to identify top possible vulnerability list, which will
give an intuitive idea to protect the network. Also, handling an
ongoing attack poses significant risk on the network and valuable
data, where prompt action is necessary. Proper utilisation of
attack modelling techniques provide advance planning, which
can be implemented rapidly during an ongoing attack event. This
paper aims to analyse various types of existing attack modelling
techniques to understand the vulnerability of the network; and
the behaviour and goals of the adversary. The ultimate goal is to
handle cyber attack in efficient manner using attack modelling
techniques.
|
13 |
A Military Planning Methodology for Conducting Cyber Attacks on Power GridSaglam, Mehmet 09 July 2014 (has links)
Power grids are regarded as significant military targets and have been targeted with kinetic attacks in previous military operations. These attacks resulted in significant levels of physical destruction, which, in the long-term, both undermined the success of the operations and caused severe adverse effects on the human terrain. Since power grids have grown as a result of introducing advanced technologies, they have also become more dependent upon cyberspace and are thus exposed to cyber attacks. Since cyber attacks have demonstrated the ability to creating physical/nonphysical effects with surgical precision, they have emerged as a credible option for disrupting power operations for a reasonable duration. However, these types of attacks sometimes require complex coordination with entities from distinct fields for efficient planning; a lack of awareness of the global picture about how to conduct these attacks could result in miscalculations and cause a repeat of the same past failures.
Motivated by this fact, this thesis holistically analyzes the steps involved in conducting cyber attacks on power grids for the purpose of gaining military superiority and provides a comparison for the capabilities, challenges, and opportunities of kinetic and cyber attacks. For the purpose of creating a comprehensive framework for this thesis, the following considerations have been incorporated: the analyses of goals, targets, solutions, and effects of previous military operations; the physical and cyber infrastructures of power grids; and the features, challenges, and opportunities of cyber attacks. To present the findings, this document has adopted a novel military methodology for both the cyber attack analysis and the comparison of the means. / Master of Science
|
14 |
Policing the 'Phoenix Society' : An examination of the police role in the immediate period surrounding a nuclear attack on the United KingdomButcher, B. D. January 1986 (has links)
No description available.
|
15 |
Vulnerabililty Analysis of Multi-Factor Authentication ProtocolsGarrett, Keith 01 January 2016 (has links)
In this thesis, the author hypothesizes that the use of computationally intensive mathematical operations in password authentication protocols can lead to security vulnerabilities in those protocols. In order to test this hypothesis: 1. A generalized algorithm for cryptanalysis was formulated to perform a clogging attack (a formof denial of service) on protocols that use computationally intensive modular exponentiation to guarantee security. 2. This technique was then applied to cryptanalyze four recent password authentication protocols, to determine their susceptibility to the clogging attack. The protocols analyzed in this thesis differ in their usage of factors (smart cards, memory drives, etc.) or their method of communication (encryption, nonces, timestamps, etc.). Their similarity lies in their use of computationally intensivemodular exponentiation as amediumof authentication. It is concluded that the strengths of all the protocols studied in this thesis can be combined tomake each of the protocols secure from the clogging attack. The conclusion is supported by designing countermeasures for each protocol against the clogging attack.
|
16 |
Eigen-Image-Based Watermarking AttackLu, Yi-chun 01 July 2006 (has links)
The rapid development of Internet introduces a new set of challenging problem regarding security. To prevent unauthorized copying of digital production from distributing is one of the significant problems. Digital watermarking is a potential method for protecting the ownership rights on digital audio, image and video data. An attack succeeds in defeating a watermarked article if it impairs the watermarking information beyond acceptable limits while maintaining the perceptual quality of the attacked article. Namely, attacks on digital watermarked article must consider both watermarking information survival and the distortion of the attacked stego-media.
Current attack benchmarks do not exploit as much knowledge of the watermarked image as possible, also they do not consider the distortion of the attacked stego-media. In this paper, various attacks on digital watermarking have been investigated, and a categorization of different attacks was roughly given; Besides, an Eigen-image-based (ED-based) attack is proposed to deliberately impair the watermarking information without excessively distorting the attacked stego-media, that is not currently included in those benchmark tools.
|
17 |
MAC Constructions: Security Bounds and Distinguishing AttacksMandal, Avradip 17 May 2007 (has links)
We provide a simple and improved security analysis of PMAC, a
Parallelizable MAC (Message Authentication Code) defined over
arbitrary messages. A similar kind of result was shown by Bellare,
Pietrzak and Rogaway at Crypto 2005, where they have provided an
improved bound for CBC (Cipher Block Chaining) MAC, which was
introduced by Bellare, Killan and Rogaway at Crypto 1994. Our
analysis idea is much more simpler to understand and is borrowed
from the work by Nandi for proving Indistinguishability at
Indocrypt 2005 and work by Bernstein. It shows that the advantage
for any distinguishing attack for n-bit PMAC based on a random
function is bounded by O(??q / 2^n), where
?? is the total number of blocks in all q queries made by
the attacker. In the original paper by Black and Rogaway at
Eurocrypt 2002 where PMAC was introduced, the bound is
O(??^2 / 2^n).
We also compute the collision probability of CBC MAC for suitably
chosen messages. We show that the probability is ??( lq^2 / N) where l is the number of message blocks, N is the
size of the domain and q is the total number of queries. For
random oracles the probability is O(q^2 / N). This improved
collision probability will help us to have an efficient
distinguishing attack and MAC-forgery attack. We also show that the
collision probability for PMAC is ??(q^2 / N) (strictly greater
than the birthday bound). We have used a purely combinatorial
approach to obtain this bound. Similar analysis can be made for
other CBC MAC extensions like XCBC, TMAC and OMAC.
|
18 |
Pearl Harbor a case study in administration /Habbe, Donald Edwin, January 1900 (has links)
Thesis (Ph. D.)--University of Wisconsin--Madison, 1957. / Typescript. eContent provider-neutral record in process. Description based on print version record. Includes bibliographical references (leaves 255-260).
|
19 |
The mechanism and treatment of shock accompanying acute myocardial infarctionWeingarten, Charles H. January 1959 (has links)
Thesis (M.D.)—Boston University
|
20 |
Zabezpečení bezdrátových sítí a možné útoky na tyto sítě / Wireless networks security and possible attacks on these networksVlček, Peter January 2010 (has links)
The first of the main objectives of this work was to examine and study the different types of attacks on wireless networks. This work is focused on the most commonly occurring types of attacks such as WEP/WPA/WPA2 cracking, a Man in the Middle attack (MIM), Dictionary attacks, MAC spoofing and finally Denial of Service attacks. Description of individual attacks is also accompanied by detailed instructions on how to carry out these attacks on the Windows platform. It is described how to detect various attacks and identified. It is then implemented software that is able to identify possible risk of selected types of attacks. This software belongs to a group of wireless intrusion prevention system (WIDS). It focuses on attacks WEP/WPA/WPA2 type of cracking, Dictionary attacks and MAC spoofing. For the implementation of defense against attack by a Man in the Middle (MIM) and Denial of Service attack would need special monitoring equipment.
|
Page generated in 0.028 seconds