On the application of locality to network intrusion detection working-set analysis of real and synthetic network server traffic /

Lee, Robert.

January 2009

Thesis (Ph.D.)--University of Central Florida, 2009. / Adviser: Sheau-Dong Lang. Includes bibliographical references (p. 117-119).

Computer networks Computer security.

A study on privacy-preserving clustering

Cui, Yingjie.

January 2009

Thesis (M. Phil.)--University of Hong Kong, 2010. / Includes bibliographical references (leaves 87-90). Also available in print.

Database security. Cluster analysis

Social security in rural China : a case study of Pan Yu County /

Lau, Kam-lun, Edmond.

January 1987

Thesis--M.S.W., University of Hong Kong, 1987.

Social security China

The role of the National Security and Defense Council of Ukraine in political decision-making process /

Syvak, Oleksiy.

January 2003

Thesis (M.A. in International Security and Civil-Military Relations)--Naval Postgraduate School, March 2003. / Thesis advisor(s): Donald Abenheim, Mikhail Tsypkin. Includes bibliographical references (p. 65-68). Also available online.

National security Ukraine

Security perception : within and beyond the traditional approach /

Malec, Mieczyslaw.

January 2003

Thesis (M.A. in National Security Affairs)--Naval Postgraduate School, June 2003. / Thesis advisor(s): Jeffrey Knopf, Boris Keyser. Includes bibliographical references (p. 69-73). Also available online.

Security, International. Threats.

Actual and Perceived Information Systems Security

Oscarson, Per

January 2007

As the Internet becomes the major information infrastructure in most sectors, the importance of Information Systems (IS) security steadily increases. While reaching a certain level of actual IS security is vital for most businesses, this level must also be perceived as acceptable by stakeholders. Businesses have to maintain a certain level of security and be able to assess the level of other actors’ security. IS security is abstract and complex, however, and difficult to estimate and measure. This thesis uses epistemic and ontological frameworks to study the conceptual nature of IS security and separate the concepts of actual and perceived IS security. A well-known event is used to illustrate the conceptual discussion: the Sasser worm that was spread around the world in 2004. This study also includes a smaller case study from the City of Stockholm, where about 4,000 computers were infected by Sasser. The outcome of the study is that actual IS security should be treated as a dynamic condition that is influenced by three different objects: information assets, threat objects and security mechanisms. Incidents are processes that are ruled by the conditions of these three objects and affect the states of confidentiality, integrity and availability of information assets. The concepts of threat, risk and trust remain at epistemic level, i.e. perceptions. Perceptions of IS security can differ depending on their social establishment and are classified as subjective judgements, inter-subjective judgements or institutional facts. While actual IS security conditions can influence actors’ perceptions of IS security, perceived IS security can also influence actual IS security.

Information systems security

IS security

IT security

Information security

Actual and perceived

Information science

Informationslära

A knowledge-based decision support system for computer disaster prevention in IT centres

Danish, Tawfig Yousef

January 1994

In analysing the extent to which adequate research work may have been undertaken in the specific area of computer disaster prevention, it was found that little work had been done. In the real-life situation, it was also concluded that, in the vast majority of cases, no adequate disaster prevention controls were in use at IT installations. Guidance for the analysis and management of the risk associated with computer disasters, as a result, has also been inadequate and lacking in uniformity, specially in the areas of risk identification and risk entities interactions and relationships. This research has involved developing and delivering a methodology which would help IT risk managers in implementing effective computer disaster prevention controls. A knowledge based system (KBS) approach has been used to build a prototype system which provides full support in this important area of decision making, and to show how the representation of risks can be handled.

658

Risk management; Security

Voiceprint Vault : voice authentication service

Henderson, Paul Martin

09 December 2013

In a world dominated by smartphones, cloud computing, and online accounts, security of personal and corporate data is a critical concern. Voiceprint Vault provides a voice authentication service that can be used in a multitude of applications to secure sensitive data. Voiceprint Vault includes the following high-level features: - Cloud-based voice authentication using trusted signal processing algorithms - Multifactor authentication with use of optional password - Cross-platform compatibility using secure web requests to authenticate - Built-in storage and synching of private user data - Java library to facilitate integration with Android applications The Voiceprint Vault service allows users of an application to create an account, provide a voice sample, and then access the account with a simple spoken phrase. When users access their account, their voice sample is analyzed and compared to their training recordings. This system can be tailored to the needs of a particular user with per-user security options. It provides the convenience of voice access, but also allows for a password to be used for increased security. The Voiceprint Vault service is designed to allow application developers to integrate an existing, tested authentication system into their app rather than creating their own authentication system. The Voiceprint Vault server provides application specific repositories that developers can create to hold all user data, cryptographic information, and voice samples. The user data stored on the Voiceprint Vault server provides built-in synchronization across all connected devices. A reference implementation is provided that demonstrates the use of Voiceprint Vault authentication. The reference implementation is an Android app that uses the voice authentication service to protect access to personal notes, tasks, and dates that are synched across devices. Detailed instructions for integrating Voiceprint Vault into an existing application are also provided with the reference implementation. The accuracy of voiceprint authentication was investigated and optimized for a set of sample users and recordings. The security features and dangers of such a system are described along with recommendations for safe use. The optimal parameters to be used in the voice authentication algorithms are also presented in this report. / text

Voiceprint

Biometric

Security

Authentication

Rethinking operating system trust

Hofmann, Owen Sebastian

25 February 2014

Operating system kernels present a difficult security challenge. Despite their millions of lines of code and broad, complex attack surface, they remain a trusted component shared between all applications. If an attacker can combine an exploit for any application on a system with a kernel exploit or privilege escalation, the attacker can then control any other application, regardless of whether the second application was itself vulnerable. This dissertation presents two hypervisor-based systems: OSck, which increases the trustworthiness of a guest kernel by detecting kernel rootkits, and InkTag, which removes the need for an application to trust the kernel at all. Vital to both systems is their use of information from a potentially malicious kernel. These systems rely on information from the kernel about its own functionality to make their implementation simpler, more efficient, and more secure. Importantly, although they rely on this information, they do not trust it. A kernel that lies about its functionality to appear benign will be detected, as will a kernel that simply acts maliciously. OSck detects kernel rootkits: malicious software programs that are particularly difficult to detect because they modify internal kernel operation to hide their presence. Running concurrently with an operating system and isolated by the hypervisor, OSck verifies safety properties for large portions of the kernel heap with minimal overhead, by deducing type information from unmodified kernel source code and in-memory kernel data structures. InkTag gives strong safety guarantees to trusted applications, even in the presence of a malicious operating system. InkTag isolates applications from the operating system, and enables applications to validate that the kernel is acting in good faith, for example by ensuring that the kernel is mapping the correct file data into the application's address space. InkTag introduces paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. InkTag requires that the kernel prove to the hypervisor that its updates to application state (such as page tables) are valid, and also to prove to the application that its responses to system calls are consistent. InkTag is also the first system of its kind to implement access control, secure naming, and consistency for data on stable storage. / text

Operating systems

Virtualization

Security

Secure navigation and timing without local storage of secret keys

Wesson, Kyle D.

27 June 2014

Civil Global Navigation Satellite System (GNSS) signals are broadcast unencrypted worldwide according to an open-access standard. The virtues of open-access and global availability have made GNSS a huge success. Yet the transparency and predictability of these signals renders them easy to counterfeit, or spoof. During a spoofing attack, a malefactor broadcasts counterfeit GNSS signals that deceive a victim receiver into reporting the spoofer-controlled position or time. Given the extensive integration of civil GNSS into critical national infrastructure and safety-of-life applications, a successful spoofing attack could have serious and significant consequences. Unlike civil GNSS signals, military GNSS signals employ symmetric-key encryption, which serves as a defense against spoofing attacks and as a barrier to unauthorized access. Despite the effectiveness of the symmetric-key approach, it has significant drawbacks and is impractical for civil applications. First, symmetric-key encryption requires tamper-resistant receivers to protect the secret keys from unauthorized discovery and dissemination. Manufacturing a tamper-resistant receiver increases cost and limits manufacturing to trusted foundries. Second, key management is problematic and burdensome despite the recent introduction of over-the-air keying. Third, even symmetric-key encryption remains somewhat vulnerable to specialized spoofing attacks. I propose an entirely new approach to navigation and timing security that avoids the shortcomings of the symmetric-key approach while maintaining a high resistance to spoofing. My first contribution is a probabilistic framework that develops necessary components of signal authentication. Based on the framework, I develop an asymmetric-key cryptographic signal authentication technique and a non-cryptographic spoofing detection technique, both of which operate without a secret key stored locally in a secure receiver. These anti-spoofing techniques constitute the remaining two contributions of this dissertation. They stand as viable spoofing defenses for civil users and could augment---or even replace---current and planned military anti-spoofing measures. Finally, I offer an in-depth case study of the security vulnerabilities and possible cryptographic enhancements of a modern GNSS-based aviation surveillance technology in the context of the technical and regulatory aviation environment. / text

GPS

GNSS

Security

Spoofing