A Novel Scalable Key Management Protocol for Wireless Sensor Networks

Rahman, Musfiq

26 March 2013

Wireless Sensor Networks (WSNs) are ad-hoc networks consisting of tiny battery- operated wireless sensors. The sensor nodes are lightweight in terms of memory, computation, energy and communication. These networks are usually deployed in unsecured, open, and harsh environments, where it is difficult for humans to perform continuous monitoring. Consequently, it is very crucial to provide security mecha- nisms for authenticating data among sensor nodes. Key management is a pre-requisite for any security mechanism. Efficient distribution and management of keys in WSNs is a challenging task. Many standard key establishment techniques have been pro- posed using symmetric cryptosystems. Unfortunately, these systems often fail to pro- vide a good trade-off between memory and security and since WSNs are lightweight in nature, these cryptosystems are not feasible. On the other hand, public key in- frastructure (PKI) is infeasible in WSNs because of its continuous requirement of a trusted third party and heavy computational demands for certificate verification. Pairing-Based Cryptography (PBC) has paved the way for how parties can agree on keys without any interaction. It has relaxed the requirement of expensive certificate verification on PKI systems. In this thesis, we propose a new hybrid identity-based non-interactive key management protocol for WSNs, which leverages the benefits of both symmetric key based cryptosystems and pairing-based cryptosystems. The pro- posed protocol is scalable, suits many applications and can be deployed in multiple types of networks without modifications. We also provide mechanisms for key refresh when the network topology changes. A security analysis is presented to prove that the scheme is resilient to many types of attacks. To validate our scheme, we have implemented it on Crossbow TelosB motes running TinyOS and analyzed the perfor- mance in terms of memory, communication, computation and energy consumption. The results indicate that our scheme can be deployed efficiently to provide high level of security in a large-scale network without increasing memory, communication and energy overheads.

Key Management

PBC

Security

Wireless Sensor Network

WSN

WSN Security

A NOVEL AND GENERIC METHOD FOR EXAMINING THE RELATIONSHIP BETWEEN ENERGY SECURITY AND DIVERSITY OF AN ENERGY SYSTEM

Ranjan, Ashish

06 December 2013

In an energy system, diversity of supply—that is, reliance on a variety of mutually disparate energy suppliers and their energy supplies—is seen by many researchers and policymakers as an important component of energy security. This thesis describes a novel and generic method for examining the relationship between energy security (as represented by an energy-security index derived from a set of energy security indicators) and diversity (as defined by the Shannon-Wiener diversity index) of an energy system, its entities, and flows. While diversity is often presented by policy makers as being essential to maintaining or improving the energy security of an energy system, the thesis employs the equations associated with the two indices to show that a diverse supply need not be secure and a secure supply need not be diverse. Several examples of the relationship and the events that can affect it are also provided. / N/A

Energy security

Diversity

Energy-security index

Shannon-Wiener diversity index

Protecting Networked Systems from Malware Threats

Shin, Seungwon

16 December 2013

Currently, networks and networked systems are essential media for us to communicate with other people, access resources, and share information. Reading (or sending) emails, navigating web sites, and uploading pictures to social medias are common behaviors using networks. Besides these, networks and networked systems are used to store or access sensitive or private information. In addition, major economic activities, such as buying food and selling used cars, can also be operated with networks. Likewise, we live with networks and networked systems. As network usages are increasing and popular, people face the problems of net- work attacks. Attackers on the networks can steal people’s private information, mislead people to pay money for fake products, and threaten people, who operate online commercial sites, by bothering their services. There are much more diverse types of network attacks that torture many people using networks, and the situation is still serious. The proposal in this dissertation starts from the following two research questions: (i) what kind of network attack is prevalent and how we can investigate it and (ii) how we can protect our networks and networked systems from these attacks. Therefore, this dissertation spans two main areas to provide answers for each question. First, we analyze the behaviors and characteristics of large-scale bot infected hosts, and it provides us new findings of network malware and new insights that are useful to detect (or defeat) recent network threats. To do this, we investigate the characteristics of victims infected by recent popular botnet - Conficker, MegaD, and Srizbi. In addition, we propose a method to detect these bots by correlating network and host features. Second, we suggest new frameworks to make our networks secure based on the new network technology of Software Defined Networking (SDN). Currently, SDN technology is considered as a future major network trend, and it can dynamically program networks as we want. Our suggested frameworks for SDN can be used to devise network security applications easily, and we also provide an approach to make SDN technology secure.

Network Security

Software Defined Networking Security

Botnet Detection

A framework and theory for cyber security assessments

Sommestad, Teodor

January 2012

Information technology (IT) is critical and valuable to our society. An important type of IT system is Supervisor Control And Data Acquisition (SCADA) systems. These systems are used to control and monitor physical industrial processes like electrical power supply, water supply and railroad transport. Since our society is heavily dependent on these industrial processes we are also dependent on the behavior of our SCADA systems. SCADA systems have become (and continue to be) integrated with other IT systems they are thereby becoming increasingly vulnerable to cyber threats. Decision makers need to assess the security that a SCADA system’s architecture offers in order to make informed decisions concerning its appropriateness. However, data collection costs often restrict how much information that can be collected about the SCADA system’s architecture and it is difficult for a decision maker to know how important different variables are or what their value mean for the SCADA system’s security. The contribution of this thesis is a modeling framework and a theory to support cyber security vulnerability assessments. It has a particular focus on SCADA systems. The thesis is a composite of six papers. Paper A describes a template stating how probabilistic relational models can be used to connect architecture models with cyber security theory. Papers B through E contribute with theory on operational security. More precisely, they contribute with theory on: discovery of software vulnerabilities (paper B), remote arbitrary code exploits (paper C), intrusion detection (paper D) and denial-of-service attacks (paper E). Paper F describes how the contribution of paper A is combined with the contributions of papers B through E and other operationalized cyber security theory. The result is a decision support tool called the Cyber Security Modeling Language (CySeMoL). This tool produces a vulnerability assessment for a system based on an architecture model of it. / Informationsteknik (IT) är kritiskt och värdefullt för vårt samhälle. En viktig typ av IT-system är de styrsystem som ofta kallas SCADA-system (från engelskans "Supervisor Control And Data Acquisition"). Dessa system styr och övervakar fysiska industriella processer så som kraftförsörjning, vattenförsörjning och järnvägstransport. Eftersom vårt samhälle är beroende av dessa industriella processer så är vi också beroende av våra SCADA-systems beteende. SCADA-system har blivit (och fortsätter bli) integrerade med andra IT system och blir därmed mer sårbara för cyberhot. Beslutsfattare behöver utvärdera säkerheten som en systemarkitektur erbjuder för att kunna fatta informerade beslut rörande dess lämplighet. Men datainsamlingskostnader begränsar ofta hur mycket information som kan samlas in om ett SCADA-systems arkitektur och det är svårt för en beslutsfattare att veta hur viktiga olika variabler är eller vad deras värden betyder för SCADA-systemets säkerhet. Bidraget i denna avhandling är ett modelleringsramverk och en teori för att stödja cybersäkerhetsutvärderingar. Det har ett särskilt focus på SCADA-system. Avhandlingen är av sammanläggningstyp och består av sex artiklar. Artikel A beskriver en mall för hur probabilistiska relationsmodeller kan användas för att koppla samman cybersäkerhetsteori med arkitekturmodeller. Artikel B till E bidrar med teori inom operationell säkerhet. Mer exakt, de bidrar med teori angående: upptäckt av mjukvarusårbarheter (artikel B), fjärrexekvering av godtycklig kod (artikel C), intrångsdetektering (artikel D) och attacker mot tillgänglighet (artikel E). Artikel F beskriver hur bidraget i artikel A kombineras med bidragen i artikel B till E och annan operationell cybersäkerhetsteori. Resultatet är ett beslutsstödsverktyg kallat Cyber Security Modeling Language (CySeMoL). Beslutsstödsverktyget producerar sårbarhetsutvärdering för ett system baserat på en arkitekturmodell av det. / <p>QC 20121018</p>

cyber security

security assessment

vulnerability assessment

architecture modeling

enterprise architecture

New Challenges for Pacific Security : A Comparative Examination of Illicit Drugs and Insecurity between Pacific and Caribbean States: An Evolving Parallel?

Milne, Tim David

January 2008

The primary motivation behind this thesis was to examine how illicit drugs represent a multidimensional threat to the security of Pacific island states and the region as a whole. However, this research was presented with significant challenges before it began, which included the illegality of the subject matter, the confidentiality of law enforcement intelligence and the fact that there was a near total absence of academic research and statistics concerning drugs within the region. In order to overcome these challenges, this thesis blends a synthesis of conflict and security literature, reports from international and non-governmental organisations and the concepts of securitisation developed by Barry Buzan, Ole Waever & Jaap de Wilde in Security: A Framework for Analysis (1998). The domestic environment of the states that form the case studies are examined, the negative influences of drugs are presented and the perceptions and responses of the governments are discussed. Furthermore, the comparative aspect of this thesis, where two case studies are drawn from the Caribbean, Jamaica and Haiti, and two from the Pacific, Papua New Guinea and Fiji, ensures a thorough understanding of the complex challenges posed to state security, and provides a window for examining how states with similar characteristic and weaknesses are threatened by drugs. For example, throughout Papua New Guinea, marijuana has facilitated the acquisition of small arms and light weapons by both criminal groups and villages involved in conflict. In Fiji, there is the potential for the trafficking of drugs to destabilise the state by providing support to criminal groups and those currently involved with transnational criminal activities. This thesis concludes that the cultivation, production and trafficking of illicit drugs present an immediate and long-term threat to the Pacific, and that the security architecture for the region must be enhance to combat this formidable threat.

Illicit drugs

Pacific

Caribbean

New Security Theory

Security

Buzan

ISM: Irrelevant Soporific Measures - Giving Information Security Management back its groove using sociomateriality

Kanane, Aahd, Grundstrom, Casandra

January 2015

Information security management is now a major concern for any organization regardless of its type, size, or activity field. Having an information security system that ensures theavailability, the confidentiality, and the integrity of information is not an option anymorebut a necessity. Information security management identifies difficulties with user behaviourand compliance that is centralized around policies, perceptions, and practices. In order to address how they affect information security management, these three issues are holistically explored using a sociomaterial framework to engage the understanding of human andnonhuman components. A case study of a university in Sweden was conducted and it was found that despite the sophistication of the IT system, human behaviours are a pertinent component of information security management, and not one that can be ignored.

information security management

sociomateriality

users’ compliance

Empowering bystanders to facilitate Internet censorship measurement and circumvention

Burnett, Samuel Read

27 August 2014

Free and open exchange of information on the Internet is at risk: more than 60 countries practice some form of Internet censorship, and both the number of countries practicing censorship and the proportion of Internet users who are subject to it are on the rise. Understanding and mitigating these threats to Internet freedom is a continuous technological arms race with many of the most influential governments and corporations. By its very nature, Internet censorship varies drastically from region to region, which has impeded nearly all efforts to observe and fight it on a global scale. Researchers and developers in one country may find it very difficult to study censorship in another; this is particularly true for those in North America and Europe attempting to study notoriously pervasive censorship in Asia and the Middle East. This dissertation develops techniques and systems that empower users in one country, or bystanders, to assist in the measurement and circumvention of Internet censorship in another. Our work builds from the observation that there are people everywhere who are willing to help us if only they knew how. First, we develop Encore, which allows webmasters to help study Web censorship by collecting measurements from their sites' visitors. Encore leverages weaknesses in cross-origin security policy to collect measurements from a far more diverse set of vantage points than previously possible. Second, we build Collage, a technique that uses the pervasiveness and scalability of user-generated content to disseminate censored content. Collage's novel communication model is robust against censorship that is significantly more powerful than governments use today. Together, Encore and Collage help people everywhere study and circumvent Internet censorship.

Computer networking

Network security

Internet censorship

Security and privacy

Internet measurement

Data encryption using RSA public-key cryptosystem / Data encryption using Rivest-Shamir-Adleman public-key cryptosystem

Clevenger, Mark Allen

January 1996

The RSA data encryption algorithm was developed by Ronald Rivest, Adi Shamir and Leonard Adelman in 1978 and is considered a de facto standard for public-key encryption. This computer science thesis demonstrates the author's ability to engineer a software system based on the RSA algorithm. This adaptation of the RSA encryption process was devised to be used on any type of data file, binary as well as text. In the process of developing this computer system, software tools were constructed that allow the exploration of the components of the RSA encryption algorithm. The RSA algorithm was further interpolated as a method of providing software licensing, that is, a manner in which authorization to execute a particular piece of software can be determined at execution time. This document summarizes the RSA encryption process and describes the tools utilized to construct a computer system based on this algorithm. / Department of Computer Science

Data encryption (Computer science)

Computer security.

Telecommunication -- Security measures.

Computer security : data control and protection

Neophytou, Andonis

January 1992

Computer security is a crucial area for any organization based on electronic devices that process data. The security of the devices themselves and the data they process are the backbone of the organization. Until today there have been no completely secure systems or procedures until and a lot of research is being done in this area. It impossible for a machine or a mechanical procedure to "guess" all possible events and lead to conclusive, cohesive and comprehensive secure systems, because of: 1) the human factor, and 2) acts of nature (fire, flood etc). However, proper managerial control can alleviate the extent of the damage caused by those factors.The purpose of this study is to examine the different frameworks of computer security. Emphasis is given to data/database security and the various kinds of attacks on the data. Controls over these attacks and preventative measures will be discussed, and high level language programs will demonstrate the protection issues. The Oracle, SOL query language will be used to demonstrate these controls and prevention measures. In addition the FORTRAN high level language will be used in conjunction with SOL (Only the FORTRAN and COBOL compilers are available for embedded SOL). The C language will be used to show attacks on password files and also as an encryption/decryption program.This study was based mainly on research. An investigation of literature spanning the past decade, was examined to produce the ideas and methods of prevention and control discussed in the study. / Department of Computer Science

Computer security.

Data protection.

Database security.

Computer crimes.

Improving Computer Security Dialogs: An Exploration of Attention and Habituation

Bravo-Lillo, Cristian Antonio

01 February 2014

Computer dialogs communicate important security messages, but their excessive use has produced habituation: a strong tendency by computer users to ignore security dialogs. Unlike physical warnings, whose design and use is regulated by law and based on years of research, computer security dialogs are often designed in an arbitrary manner. We need scientific solutions to produce dialogs that users will heed and understand. Currently, we lack an understanding of the factors that drive users’ attention to security dialogs, and how to counteract habituation. Studying computer security behavior is difficult because a) users are more likely to expose themselves to risk in a lab experiment than in daily life, b) the size of observed effects is usually very small, which makes it necessary to collect many observations, and c) it is complex to balance research interests and the ethical duty not to harm. My thesis makes two contributions: a novel methodology to study behavioral responses to security dialogs in a realistic, ethical way with high levels of ecological validity, and a novel technique to increase and retain attention to security dialogs, even in the presence of habituation.

usable security

computer security dialogs

attractors

habituation

attention