Global ETD Search

191	Secure and Efficient Implementations of Cryptographic Primitives Guo, Xu 30 May 2012 (has links) Nowadays pervasive computing opens up many new challenges. Personal and sensitive data and computations are distributed over a wide range of computing devices. This presents great challenges in cryptographic system designs: how to protect privacy, authentication, and integrity in this distributed and connected computing world, and how to satisfy the requirements of different platforms, ranging from resource constrained embedded devices to high-end servers. Moreover, once mathematically strong cryptographic algorithms are implemented in either software or hardware, they are known to be vulnerable to various implementation attacks. Although many countermeasures have been proposed, selecting and integrating a set of countermeasures thwarting multiple attacks into a single design is far from trivial. Security, performance and cost need to be considered together. The research presented in this dissertation deals with the secure and efficient implementation of cryptographic primitives. We focus on how to integrate cryptographic coprocessors in an efficient and secure way. The outcome of this research leads to four contributions to hardware security research. First, we propose a programmable and parallel Elliptic Curve Cryptography (ECC) coprocessor architecture. We use a systematic way of analyzing the impact of System-on-Chip (SoC) integration to the cryptographic coprocessor performance and optimize the hardware/software codesign of cryptographic coprocessors. Second, we provide a hardware evaluation methodology to the NIST SHA-3 standardization process. Our research efforts cover both of the SHA-3 fourteen Second Round candidates and five Third Round finalists. We design the first SHA-3 benchmark chip and discuss the technology impact to the SHA-3 hardware evaluation process. Third, we discuss two technology dependent issues in the fair comparison of cryptographic hardware. We provide a systematic approach to do a cross-platform comparison between SHA-3 FPGA and ASIC benchmarking results and propose a methodology for lightweight hash designs. Finally, we provide guidelines to select implementation attack countermeasures in ECC cryptosystem designs. We discuss how to integrate a set of countermeasures to resist a collection of side-channel analysis (SCA) attacks and fault attacks. The first part of the dissertation discusses how system integration can affect the efficiency of the cryptographic primitives. We focus on the SoC integration of cryptographic coprocessors and analyze the system profile in a co-simulation environment and then on an actual FPGA-based SoC platform. We use this system-level design flow to analyze the SoC integration issues of two block ciphers: the existing Advanced Encryption Standard (AES) and a newly proposed lightweight cipher PRESENT. Next, we use hardware/software codesign techniques to design a programmable ECC coprocessor architecture which is highly flexible and scalable for system integration into a SoC architecture. The second part of the dissertation describes our efforts in designing a hardware evaluation methodology applied to the NIST SHA-3 standardization process. Our Application Specific Integrated Circuit (ASIC) implementation results of five SHA-3 finalists are the first ASIC real measurement results reported in the literature. As a contribution to the NIST SHA-3 competition, we provide timely ASIC implementation cost and performance results of the five SHA-3 finalists in the SHA-3 standard final round evaluation process. We define a consistent and comprehensive hardware evaluation methodology to the NIST SHA-3 standardization process from Field Programmable Gate Array (FPGA) prototyping to ASIC implementation. The third part of the dissertation extends the discussion on hardware benchmarking of NIST SHA-3 candidates by analyzing the impact of technology to the fair comparison of cryptographic hardware. First, a cross-platform comparison between the FPGA and ASIC results of SHA-3 designs demonstrates the gap between two sets of benchmarking results. We describe a systematic approach to analyze a SHA-3 hardware benchmark process for both FPGAs and ASICs. Next, by observing the interaction of hash algorithm design, architecture design, and technology mapping, we propose a methodology for lightweight hash implementation and apply it to CubeHash optimizations. Our ultra-lightweight design of the CubeHash algorithm represents the smallest ASIC implementation of this algorithm reported in the literature. Then, we introduced a cost model for analyzing the hardware cost of lightweight hash implementations. The fourth part of the dissertation discusses SCA attacks and fault attacks resistant cryptosystem designs. We complete a comprehensive survey of state-of-the-art of secure ECC implementations and propose a methodology on selecting countermeasures to thwart multiple side-channel attacks and fault attacks. We focus on a systematic way of organizing and understanding known attacks and countermeasures. / Ph. D. Block Cipher Side-Channel Attacks SHA-3 Hash Function System-on-Chip Cryptographic Coprocessor Elliptic Curve Cryptography Fault Attacks
192	Adversarial Attacks On Graph Convolutional Transformer With EHR Data Siddhartha Pothukuchi (18437181) 28 April 2024 (has links) <p dir="ltr">This research explores adversarial attacks on Graph Convolutional Transformer (GCT) models that utilize Electronic Health Record (EHR) data. As deep learning models become increasingly integral to healthcare, securing their robustness against adversarial threats is critical. This research assesses the susceptibility of GCT models to specific adversarial attacks, namely the Fast Gradient Sign Method (FGSM) and the Jacobian-based Saliency Map Attack (JSMA). It examines their effect on the model’s prediction of mortality and readmission. Through experiments conducted with the MIMIC-III and eICU datasets, the study finds that although the GCT model exhibits superior performance in processing EHR data under normal conditions, its accuracy drops when subjected to adversarial conditions—from an accuracy of 86% with test data to about 57% and an area under the curve (AUC) from 0.86 to 0.51. These findings averaged across both datasets and attack methods, underscore the urgent need for effective adversarial defense mechanisms in AI systems used in healthcare. This thesis contributes to the field by identifying vulnerabilities and suggesting various strategies to enhance the resilience of GCT models against adversarial manipulations.</p> Adversarial machine learning Deep learning adversarial attacks and defenses adversarial machine learning (AdvML) deep learning EHR Analysis Evasion attacks
193	Homegrown terorismus / Homegrown Terrorism Chlupáčová, Kamila January 2016 (has links) The aim of this work is explanation of the concept of homegrown terrorism based on an analysis of selected terrorist attacks; and creates a definition for this completely new phenomenon. For the processing of the topic I chose a comparative case study method, which is applied to the exploration of three terrorist attacks (terrorist attacks in London 2005, attacks in editorial office of Charlie Hebdo in 2015 and terrorist attacks in Paris 2015). Basic investigated dependent variable is homegrown terrorism and the independent variables are concepts "belonging" and "autonomy". Variables that are connected to the concept of "belonging" include the origin of the attackers and links to the Western countries, the concept of "autonomy" is linked to the independence of the attackers to terrorist groups abroad and self-training of the attackers and finally motives of the attackers include the role of religion, the social situation of the attackers and hatred of invaders towards the West. The variables above are applied to each terrorist attack separately in the form of table data. Each dependent and independent variable may be positive or negative. According to this research, I found that each particular attack was different in certain characteristics from the previous one and therefore it is difficult to...
194	thesis.pdf Jianliang Wu (15926933) 30 May 2023 (has links) <p>Bluetooth is the de facto standard for short-range wireless communications. Besides Bluetooth Classic (BC), Bluetooth also consists of Bluetooth Low Energy (BLE) and Bluetooth Mesh (Mesh), two relatively new protocols, paving the way for its domination in the era of IoT and 5G. Meanwhile, attacks against Bluetooth, such as BlueBorne, BleedingBit, KNOB, BIAS, and BThack, have been booming in the past few years, impacting the security and privacy of billions of devices. These attacks exploit both design issues in the Bluetooth specification and vulnerabilities of its implementations, allowing for privilege escalation, remote code execution, breaking cryptography, spoofing, device tracking, etc.</p> <p><br></p> <p>To secure Bluetooth, researchers have proposed different approaches for both Bluetooth specification (e.g., formal analysis) and implementation (e.g., fuzzing). However, existing analyses of the Bluetooth specification and implementations are either done manually, or the automatic approaches only cover a small part of the targets. As a consequence, current research is far from complete in securing Bluetooth.</p> <p><br></p> <p>Therefore, in this dissertation, we propose the following research to provide missing pieces in prior research toward completing Bluetooth security research in terms of both Bluetooth specification and implementations. (i) For Bluetooth security at the specification level, we start from one protocol in Bluetooth, BLE, and focus on the previously unexplored reconnection procedure of two paired BLE devices. We conduct a formal analysis of this procedure defined in the BLE specification to provide security guarantees and identify new vulnerabilities that allow spoofing attacks. (ii) Besides BLE, we then formally verify other security-critical protocols in all Bluetooth protocols (BC, BLE, and Mesh). We provide a comprehensive formal analysis by covering the aspects that prior research fails to include (i.e., all possible combinations of protocols and protocol configurations) and considering a more realistic attacker model (i.e., semi-compromised device). With this model, we are able to rediscover five known vulnerabilities and reveal two new issues that affect BC/BLE dual-stack devices and Mesh devices, respectively. (iii) In addition to the formal analysis of specification security, we propose and build a comprehensive formal model to analyze Bluetooth privacy (i.e., device untraceability) at the specification level. In this model, we convert device untraceability into a reachability problem so that it can be verified using existing tools without introducing false results. We discover four new issues allowed in the specification that can lead to eight device tracking attacks. We also evaluate these attacks on 13 Bluetooth implementations and find that all of them are affected by at least two issues. (iv) At the implementation level, we improve Bluetooth security by debloating (i.e., removing code) Bluetooth stack implementations, which differs from prior automatic approaches, such as fuzzing. We keep only the code of needed functionality by a user and minimize their Bluetooth attack surface by removing unneeded Bluetooth features in both the host stack code and the firmware. Through debloating, we can remove 20 known CVEs and prevent a wide range of attacks again Bluetooth. With the research presented in this thesis, we improve Bluetooth security and privacy at both the specification and implementation levels.</p> System and network security Mobile computing Bluetooth low-energy Security & privacy factors Bluetooth Classic Bluetooth Mesh Man-in-the-middle (MITM) attacks Device tracking Formal Analysis Program Analysis Debloating Spoofing attacks Reflection attacks
195	Impacts of misbehavior in Intelligent Transportation Systems (ITS) : The case of cooperative maneuvers / Påverkan av felaktigt beteende i Intelligenta Transportsystem (ITS) : Fallet med kooperativa manövrar Henriksson, Andreas January 2022 (has links) Connected and autonomous vehicles are emerging technologies that have fostered the Intelligent Transportation System (ITS). ITS has the objective of optimizing traffic safety, mobility, and fuel consumption. To achieve this, a range of different services are provided that utilize communication in a vehicular network. One of these services that has received a lot of attention lately due to its ongoing standardization is the Maneuver Coordination Service (MCS). MCS has already shown great potential in the support of complex traffic areas, also called Transition Area (TA), where vehicles must cooperate to avoid Transition of Controls (ToCs). ITS-services often rely on communicated data; small errors, such as inaccessible or incorrect data, can cause the system to behave incorrectly. Signal interference (jamming) can cause communication interruptions, making vehicles unaware of each other. Incorrect data can be intentional due to data injection attacks, but also unintentional due to malfunctioning sensors, making vehicles incorrectly aware of each other. Incorrect behavior in systems such as ITS can lead to traffic congestion or even life-threatening collisions. This study focuses on MCS and examines traffic behavior when the service, in a generic traffic scenario, is subjected to jamming and falsification attacks with a variety of strategies (negative and positive speed, acceleration and position offset). We considered external attackers (not authenticated) that can disrupt communication, as well as internal attackers (authenticated) that are limited to tampering with outgoing data. Through severe collisions and travel time delays, the results show an impact on both safety and mobility. The results also show that different attacks with different impacts on the adversary can cause similar effects on the traffic, thus allowing the adversary to choose attacks based on the desired impact and its rationality, i.e. its willingness to be part of the impact. The study also proposes an extension to an already proposed Maneuver Coordination Protocol (MCP). We show that our extended MCP can be beneficial in avoiding dangerous maneuvers that could lead to collisions with cars in the blind spot. / Uppkopplade och autonoma fordon är framväxande teknologier som har främjat Intelligenta Transporteringssystem (ITS). ITS har som mål att optimera trafiksäkerhet, mobilitet och bränsleförbrukning. För att uppnå detta tillhandahålls en rad olika tjänster som utnyttjar kommunikation i ett fordonsnät. En av dessa tjänster som har fått mycket uppmärksamhet under den senaste tiden, tack vare sin pågående standardisering, är Manöverkoordinationtjänsten (MCS). MCS har redan visat stor potential för att stödja komplexa trafikområden, även kallade Övergångsområden (TA), där fordon måste samarbeta för att undvika kontrollövergångar (ToCs). ITS-tjänster förlitar sig ofta på kommunicerad data; små fel, som otillgängliga eller felaktiga data, kan göra att systemet beter sig felaktigt. Signalstörningar kan orsaka kommunikationsavbrott, vilket gör fordon omedvetna om varandra. Felaktig data kan vara avsiktliga på grund av datainjektionsattacker, men också oavsiktliga på grund av felaktiga sensorer, vilket gör fordon felaktigt medvetna om varandra. Felaktigt beteende i system som ITS kan leda till trafikstockningar eller till och med livshotande kollisioner. Denna studie fokuserar på MCS och undersöker trafikbeteendet när tjänsten, i ett generiskt trafikscenario, utsätts för signalstörningar och förfalskningsattacker med en mängd olika strategier (negativ och positiv hastighet, acceleration och positionsförskjutning). Vi tog hänsyn till externa angripare (ej autentiserade) som kan störa kommunikationen, såväl som interna angripare (autentiserade) som är begränsade till att manipulera utgående data. Genom allvarliga kollisioner och restidsförseningar visar resultaten en inverkan på både säkerhet och mobilitet. Resultaten visar också att olika attacker med olika inverkan på angriparen kan orsaka liknande effekter på trafiken, vilket gör att angriparen kan välja attacker baserat på den önskade effekten och rationaliteten, d.v.s. dens villighet att vara en del av påverkan. Studien föreslår också en utökning av en redan föreslagen MCP. Vi visar att vårt utökade MCP kan vara till nytta för att undvika farliga manövrar som kan leda till kollisioner med bilar i döda vinkeln. Intelligent Transportation System Connected vehicles Vehicular Communication Cooperative maneuvers Maneuver Coordination Networks attacks Selective jamming attacks Falsification attacks Intelligenta transporteringssytem Uppkopplade fordon Fordonskommunikation Kooperativa manövrar Manöverkoordinering Nätverks attacker Selektiva utstörningsattacker Förfalskningsattacker Computer and Information Sciences Data- och informationsvetenskap
196	An Investigation of People’s Perception of Digital Threats / Formalisering av inneslutningstrategier i ett ramverk för probabilistisk hotmodellering Rabbani, Wasila January 2024 (has links) This project examines cyber threats and their impact on individuals and organizations. The thesis focuses on a thorough literature review and uses surveys for primary data collection. The quantitative method was chosen to gather numeric data on these threats. The methodology classifies digital threats and analyzes survey results about these threats. It also gathers data on the perceived difficulty of these threats and compares general beliefs with expert opinions and statistical data from literature. Surveys targeted individuals aged 20-45 with a university degree, obtaining 86 responses. Interviews with five security professionals followed a standardized format, aiding in a comparative analysis with the survey data. The questions addressed several cyber threats, including phishing, ransomware, insecure passwords, malware, traffic sniffing, and denial of service. Notably, many respondents lacked a clear understanding of the significance of insecure passwords and traffic sniffing. By using quantitative methods and integrating survey results with expert opinions and literature findings, this study deepens the understanding of cyber threats. The results spotlight misconceptions and knowledge gaps about cyber threats, underscoring the need for better cybersecurity awareness and education. / Detta projekt undersöker cyberhot och deras påverkan på individer och organisationer. Avhandlingen fokuserar på en grundlig litteraturgranskning och använder enkäter för primär datainsamling. Den kvantitativa metoden valdes för att samla numeriska data om dessa hot. Metodiken klassificerar digitala hot och analyserar enkätresultat om dessa hot. Den samlar också in data om den upplevda svårigheten av dessa hot och jämför allmänna uppfattningar med expertåsikter och statistiska data från litteratur. Enkäter riktade sig till individer i åldern 20-45 med en universitetsexamen, och gav 86 svar. Intervjuer med fem säkerhetsprofessionella följde ett standardiserat format, vilket underlättade en jämförande analys med enkätdata. Frågorna behandlade flera cyberhot, inklusive phishing, ransomware, osäkra lösenord, skadlig programvara, trafikavlyssning och denial of service. Framför allt saknade många svarande en tydlig förståelse för betydelsen av osäkra lösenord och trafikavlyssning. Genom att använda kvantitativa metoder och integrera enkätresultat med expertutlåtanden och litteraturfynd fördjupar denna studie förståelsen för cyberhot. Resultaten belyser missuppfattningar och kunskapsluckor om cyberhot, vilket understryker behovet av bättre medvetenhet och utbildning inom cybersäkerhet. Cyber Security Cyber Attacks Phishing Attacks Ransomware Insecure Passwords Malware DDos Attacks Insecure IoT devices Cybersäkerhet Cyberattacker Nätfiskeattacker Ransomware Osäkra lösenord Malware DDos-attacker Osäkra IoT-enheter Computer and Information Sciences Data- och informationsvetenskap
197	Αναγνώριση επιθέσεων web σε web-servers Στυλιανού, Γεώργιος 09 July 2013 (has links) Οι επιθέσεις στο Διαδίκτυο και ειδικά οι επιθέσεις άρνησης εξυπηρέτησης (Denial of Service, DoS) αποτελούν ένα πολύ σοβαρό πρόβλημα για την ομαλή λειτουργία του Διαδικτύου. Αυτό το είδος επιθέσεων στοχεύει στην διατάραξη της καλής λειτουργίας ενός συστήματος, καταναλώνοντας τους πόρους του ή προκαλώντας υπερφόρτωση στο δίκτυο, καθιστώντας το ανίκανο να παρέχει στους πελάτες του τις υπηρεσίες για τις οποίες προορίζεται. Η αντιμετώπιση των επιθέσεων αυτών έχει απασχολήσει πολλούς ερευνητές τα τελευταία χρόνια και έχουν προταθεί πολλές διαφορετικές μέθοδοι πρόληψης, ανίχνευσης, και απόκρισης. Στα πλαίσια της παρούσας διπλωματικής επιχειρείται αρχικά ο ορισμός και η ταξινόμηση των επιθέσεων DoS και DDoS, με ιδιαίτερη αναφορά στις επιθέσεις DoS στον Παγκόσμιο Ιστό. Στη συνέχεια αναλύονται διάφοροι τρόποι αναγνώρισης επιθέσεων, με κύριους άξονες την αναγνώριση υπογραφής και την ανίχνευση ανωμαλιών. Γίνεται εμβάθυνση στο πεδίο της ανίχνευσης ανωμαλιών και πραγματοποιείται η μελέτη ενός συστήματος που ανιχνεύει ανωμαλίες σε δεδομένα κίνησης δικτύου που περιέχουν επιθέσεις. / Attacks in the Internet, and especially Denial of Service attacks, are a very serious threat to the normal function of the Internet. This kind of attack aims to the disruption of the normal function of a system, by consuming its resources or overloading the network, making it incapable to provide services, that is designed for, to the clients. In recent years many researchers have tried to propose solutions to prevent, detect and respond effectively to attacks. In this thesis, first a definition, and then a classification of DoS and DDoS attacks is proposed, with distinctive reference to attacks in the World Wide Web. Several ways of attack detection are analyzed, with signature detection and anomaly detection being the most significant. Afterwards, the field of anomaly detection is thoroughly analyzed, and a system that detects anomalies to a dataset of network traffic that contains attacks, is examined. Αναγνώριση επιθέσεων Ανίχνευση ανωμαλιών 005.8 Internet attacks Attack detection Anomaly detection Security anomalies
198	A simulation study of an application layer DDoS detection mechanism Mekhitarian, Araxi, Rabiee, Amir January 2016 (has links) Over the last couple of years the rise of application layer Distributed Denial of Service (DDoS) attacks has significantly increased. Because of this, many issues have been raised on how organizations and companies can protect themselves from intrusions and damages against their systems and services. The consequences from these attacks are many, ranging from revenue losses for companies to stolen personal data. As the technologies are evolving, application layer DDoS attacks are becoming more effective and there is not a concrete solution that entirely protects against them. This thesis focuses on the available defense mechanisms and presents a general overview of different types of application layer DDoS attacks and how they are constructed. Moreover this report provides a simulation based on one of the defense mechanisms mentioned, named CALD. The simulation tested two different application layer DDoS attacks and showed that CALD can detect and differentiate between the two attacks. This report can be used as a general information source for application layer DDoS attacks, how to detect them and how to defend against them. Furthermore the simulation can be used as a basis on how well a relatively small-scaled implementation of CALD can detect DDoS attacks on the application layer. / Under de senaste åren har ökningen av Distributed Denial of Service (DDoS) attacker på applikationslagret ökat markant. På grund av detta har många frågor uppkommit om hur organisationer och företag kan skydda sig mot intrång och skador mot sina system och tjänster. Konsekvenserna av dessa attacker är många, allt från intäktsförluster för företag till stulen personlig data. Eftersom tekniken utvecklas, har DDoS attacker på applikationslagret blivit mer effektiva och det finns inte en konkret lösning för att hindra dem. Denna rapport fokuserar på de tillgängliga försvarsmekanismer och presenterar en allmän översikt över olika typer av DDoS-attacker på applikationslagret och hur de är uppbyggda. Dessutom bidrar den här rapporten med en redovisning av en simulering baserad på en av de försvarsmekanismer som nämns i rapporten, CALD. Simuleringen testade två olika attacker på applikationslagret och visar att CALD kan upptäcka och skilja mellan de två attackerna. Denna rapport kan användas som en allmän informationskälla för DDoSattacker på applikationslagret och hur man försvarar sig mot och upptäcker dessa. Vidare kan simuleringen användas som utgångspunkt på hur väl en relativt småskalig implementering av CALD kan upptäcka DDoS-attacker på applikationslagret. Distributed Denial of Service attacks DDoS application layer detection defense Distributed Denial of Service attacks DDoS application layer detection defense Communication Systems Kommunikationssystem
199	An aggregative approach for scalable detection of DoS attacks Hamidi, Alireza 22 August 2008 (has links) If not the most, one of the serious threats to data networks, particularly pervasive commercial networks such as Voice-over-IP (VoIP) providers is Denial-of-Service (DoS) attack. Currently, majority of solutions for these attacks focus on observing detailed server state changes due to any or some of the incoming messages. This approach however requires significant amount of server’s memory and processing time. This results in detectors not being able to scale up to the network edge points that receive millions of connections (requests) per second. To solve this problem, it is desirable to design stateless detection mechanisms. One approach is to aggregate transactions into groups. This research focuses on stateless scalable DoS intrusion detection mechanisms to obviate keeping detailed state for connections while maintaining acceptable efficiency. To this end, we adopt a two-layer aggregation scheme termed Advanced Partial Completion Filters (APCF), an intrusion detection model that defends against DoS attacks without tracking state information of each individual connection. Analytical as well as simulation analysis is performed on the proposed APCF. A simulation test bed has been implemented in OMNET++ and through simulations it is observed that APCF gained notable detection rates in terms of false positive and true positive detections, as opposed to its predecessor PCF. Although further study is needed to relate APCF adjustments to a certain network situation, this research shows invaluable gain to mitigate intrusion detection from not so scalable state-full mechanisms to aggregate scalable approach. Voice over IP Intrusion detection systems Denial of Service Attacks Scalability Partial completion attacks
200	A model of United Methodists responding to grief and tragedy five Manhattan pastors respond to the terrorist attack on September 11, 2001 / Hahs, Jame. January 2006 (has links) Thesis (D. Min.)--Covenant Theological Seminary, 2006. / Includes abstract. Includes bibliographical references (leaves 223-227).

Search results