Global ETD Search

301	GSM-Security: A Survey and Evaluation of the Current Situation / GSM-säkerhet: En Översikt och evaluering av nuvarande situation Yousef, Paul January 2004 (has links) The Global System for Mobile Communications (GSM) is the most widely used cellular technology in the world. Approximately 800 million people around the world are using GSM for different purposes, but mostly for voice communication and SMS. For GSM, like many other widely used systems, security is crucial. The security involves mechanisms used to protect the different shareholders, like subscribers and service providers. The aspects of security that this report covers are mainly anonymity, authentication and confidentiality. The important aspects of the system that need protection are described, along with the implementation of mechanisms used for the protection. It appears that many of the very valuable aspects of GSM can be attacked. The anonymity of a GSM user is compromised resulting in the attacker being able to observe the time, rate, length, sources or destinations of e g calls. Even tracking a subscriber’s movements becomes possible. However, a passive attack is not sufficient to perform these attacks. The attacker needs to mount an active attack using equipment offering base station functionality. Authentication is a crucial aspect of a wireless communication system due to the nature of the medium used, i e the radio link that is available to every one and not only the legitimate entities. Even the authentication mechanisms are attacked. It is possible to clone a subscription either by having physical access to the smart card or over the air interface. Cloning a subscription over the air requires base station functionality. The most obvious threat against communication systems is eavesdropping on conversations. The privacy of GSM conversations is protected using some version of the A5 algorithm. There are several impressive cryptanalytical attacks against these algorithms, that break the encryption and make it possible to eavesdrop in real-time. Most of these algorithms require, however, extensive computation power and unrealistic quantities of known plaintext, which make it difficult to use them in practice. Difficulties using cryptanalytical attacks to break the confidentiality of GSM calls does not mean that conversations are well protected. Loopholes in the protocols used in GSM make it possible for an outsider, with access to sufficient equipment, to eavesdrop on conversations in real-time. In the presence of these threats and vulnerabilities it is justified to wonder whether GSM provides sufficient security for users with very valuable information to communicate. These users may be military organisations, senior management personnel in large companies etc. GSM’s current security model does note provide sufficient protection for these entities. An additional layer of security should be added to the current security model. Datorteknik GSM security attacks cryptanalysis protocols flaws resources Datorteknik Computer Engineering Datorteknik
302	The Current State of DDoS Defense Nilsson, Sebastian January 2014 (has links) A DDoS attack is an attempt to bring down a machine connected to the Internet. This is done by having multiple computers repeatedly sending requests to tie up a server making it unable to answer legitimate requests. DDoS attacks are currently one of the biggest security threats on the internet according to security experts. We used a qualitative interview with experts in IT security to gather data to our research. We found that most companies are lacking both in knowledge and in their protection against DDoS attacks. The best way to minimize this threat would be to build a system with redundancy, do a risk analysis and revise security policies. Most of the technologies reviewed were found ineffective because of the massive amount of data amplification attacks can generate. Ingress filtering showed promising results in preventing DDoS attacks by blocking packages with spoofed IP addresses thus preventing amplification attacks. Information Security Distributed denial of service attacks Botnet Computer Sciences Datavetenskap (datalogi)
303	Reversing Malware : A detection intelligence with in-depth security analysis Theerthagiri, Dinesh January 2009 (has links) More money nowadays moves online and it is very understandable that criminals want to make more money online aswell, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internalrisks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risMore money nowadays moves online and it is very understandable that criminals want to make more money online as well, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internal risks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risk in online crime. The first level of change involved was email-based phishing, but later circumstances changed again. Authentication methods and security of online bank has been improved over the period. This will drastically reduce effects of phishing based on emails and fraudulent website. The next level of online bank fraud is called banking Trojans. These Trojans infect the online customers of banks. These Trojans monitors customer’s activities and uses their authenticated session to steal customers’ money. A lot of money is made by these kinds of attacks. Comparatively few perpetrators have been caught, and the problem is getting worse day by day. To have a better understanding of this problem, I have selected a recent malware sample named as SilentBanker. It had the capability of attacking more than 400 banks. This thesis presents the problem in general and includes my results in studying the behaviour of the SilentBanker Trojan. Trojan SilentBanker Malware Attacks Online Banking Computer and Information Sciences Data- och informationsvetenskap
304	Elliptic curve cryptography algorithms resistant against power analysis attacks on resource constrained devices / Algorithmes cryptographiques à base de courbes elliptiques résistant aux attaques par analyse de consommation Houssain, Hilal 21 December 2012 (has links) Les systèmes de cryptographie à base de courbe elliptique (ECC) ont été adoptés comme des systèmes standardisés de cryptographie à clé publique (PKC) par l'IEEE, ANSI, NIST, SEC et WTLS. En comparaison avec la PKC traditionnelle, comme RSA et ElGamal, l'ECC offre le même niveau de sécurité avec des clés de plus petites tailles. Cela signifie des calculs plus rapides et une consommation d'énergie plus faible ainsi que des économies de mémoire et de bande passante. Par conséquent, ECC est devenue une technologie indispensable, plus populaire et considérée comme particulièrement adaptée à l’implémentation sur les dispositifs à ressources restreintes tels que les réseaux de capteurs sans fil (WSN). Le problème majeur avec les noeuds de capteurs chez les WSN, dès qu'il s'agit d’opérations cryptographiques, est les limitations de leurs ressources en termes de puissance, d'espace et de temps de réponse, ce qui limite la capacité du capteur à gérer les calculs supplémentaires nécessaires aux opérations cryptographiques. En outre, les mises en oeuvre actuelles de l’ECC sur WSN sont particulièrement vulnérables aux attaques par canaux auxiliaires (SCA), en particulier aux attaques par analyse de consommation (PAA), en raison de l'absence de la sécurité physique par blindage, leur déploiement dans les régions éloignées et le fait qu’elles soient laissées sans surveillance. Ainsi, les concepteurs de crypto-processeurs ECC sur WSN s'efforcent d'introduire des algorithmes et des architectures qui ne sont pas seulement résistants PAA, mais également efficaces sans aucun supplément en termes de temps, puissance et espace. Cette thèse présente plusieurs contributions dans le domaine des cryptoprocesseurs ECC conscientisés aux PAA, pour les dispositifs à ressources limitées comme le WSN. Premièrement, nous proposons deux architectures robustes et efficaces pour les ECC conscientisées au PAA. Ces architectures sont basées sur des algorithmes innovants qui assurent le fonctionnement de base des ECC et qui prévoient une sécurisation de l’ECC contre les PAA simples (SPA) sur les dispositifs à ressources limitées tels que les WSN. Deuxièmement, nous proposons deux architectures additionnelles qui prévoient une sécurisation des ECC contre les PAA différentiels (DPA). Troisièmement, un total de huit architectures qui incluent, en plus des quatre architectures citées ci-dessus pour SPA et DPA, deux autres architectures dérivées de l’architecture DPA conscientisée, ainsi que deux architectures PAA conscientisées. Les huit architectures proposées sont synthétisées en utilisant la technologie des réseaux de portes programmables in situ (FPGA). Quatrièmement, les huit architectures sont analysées et évaluées, et leurs performances comparées. En plus, une comparaison plus avancée effectuée sur le niveau de la complexité du coût (temps, puissance, et espace), fournit un cadre pour les concepteurs d'architecture pour sélectionner la conception la plus appropriée. Nos résultats montrent un avantage significatif de nos architectures proposées par rapport à la complexité du coût, en comparaison à d'autres solutions proposées récemment dans le domaine de la recherche. / Elliptic Curve Cryptosystems (ECC) have been adopted as a standardized Public Key Cryptosystems (PKC) by IEEE, ANSI, NIST, SEC and WTLS. In comparison to traditional PKC like RSA and ElGamal, ECC offer equivalent security with smaller key sizes, in less computation time, with lower power consumption, as well as memory and bandwidth savings. Therefore, ECC have become a vital technology, more popular and considered to be particularly suitable for implementation on resource constrained devices such as the Wireless Sensor Networks (WSN). Major problem with the sensor nodes in WSN as soon as it comes to cryptographic operations is their extreme constrained resources in terms of power, space, and time delay, which limit the sensor capability to handle the additional computations required by cryptographic operations. Moreover, the current ECC implementations in WSN are particularly vulnerable to Side Channel Analysis (SCA) attacks; in particularly to the Power Analysis Attacks (PAA), due to the lack of secure physical shielding, their deployment in remote regions and it is left unattended. Thus designers of ECC cryptoprocessors on WSN strive to introduce algorithms and architectures that are not only PAA resistant, but also efficient with no any extra cost in terms of power, time delay, and area. The contributions of this thesis to the domain of PAA aware elliptic curve cryptoprocessor for resource constrained devices are numerous. Firstly, we propose two robust and high efficient PAA aware elliptic curve cryptoprocessors architectures based on innovative algorithms for ECC core operation and envisioned at securing the elliptic curve cryptoprocessors against Simple Power Analysis (SPA) attacks on resource constrained devices such as the WSN. Secondly, we propose two additional architectures that are envisioned at securing the elliptic curve cryptoprocessors against Differential Power Analysis (DPA) attacks. Thirdly, a total of eight architectures which includes, in addition to the two SPA aware with the other two DPA awareproposed architectures, two more architectures derived from our DPA aware proposed once, along with two other similar PAA aware architectures. The eight proposed architectures are synthesized using Field Programmable Gate Array (FPGA) technology. Fourthly, the eight proposed architectures are analyzed and evaluated by comparing their performance results. In addition, a more advanced comparison, which is done on the cost complexity level (Area, Delay, and Power), provides a framework for the architecture designers to select the appropriate design. Our results show a significant advantage of our proposed architectures for cost complexity in comparison to the other latest proposed in the research field. Attaques par canaux auxiliaires Attaques par analyse de consommation Multiplication scalaire Wireless Sensor Networks Elliptic Curve Cryptography Side Channel Attacks Power Analysis Attacks Simple Power Analysis Attacks Differential Power Analysis Attacks Scalar Multiplication
305	Evaluation of Current Practical Attacks Against RFID Technology Kashfi, Hamid January 2014 (has links) Radio Frequency Identification (RFID) is a technology that has been around for three decades now. It is being used in various scenarios in technologically modern societies around the world and becoming a crucial part of our daily life. But we often forget how the inner technology is designed to work, or even if it is as trustable and secure as we think. While the RFID technology and protocols involved with it has been designed with an acceptable level of security in mind, not all implementations and use cases are as secure as consumers believe. A majority of implementations and products that are deployed suffer from known and critical security issues. This thesis work starts with an introduction to RFID standards and how the technology works. Followed by that a taxonomy of known attacks and threats affecting RFID is presented, which avoids going through too much of technical details but provides references for farther research and study for every part and attack. Then RFID security threats are reviewed from risk management point of view, linking introduced attacks to the security principle they affect. We also review (lack thereof) security standards and guidelines that can help mitigating introduced threats. Finally to demonstrate how practical and serious these threats are, three real-world case studies are presented, in which we break security of widely used RFID implementations. At the end we also review and highlight domains in RFID security that can be researched farther, and what materials we are currently missing, that can be used to raise awareness and increase security of RFID technology for consumers. The goal of this thesis report is to familiarize readers with all of the publicly documented and known security issues of RFID technology, so that they can get a sense about the security state of their systems. Without getting involved with too much technical details about every attack vector, or going throw tens of different books and papers, readers can use this report as a comprehensive reference to educate themselves about all known attacks against RFID, published to the date of writing this report. RFID Security RFID Attacks RFID Security Security Evaluation Computer Security Computer Sciences Datavetenskap (datalogi)
306	On the security of TLS and IPsec : Mitigation through physical constraints / Om säkerheten hos TLS och IPsec : Lindring genom fysiska begränsningar Reimers, Erik January 2015 (has links) TLS and IPsec are two protocols that provide secure communication on the Internet. They provide similar services but operate on different levels. This report compiles some of thecurrent known vulnerabilities that exist in those two protocols. It also describes attacks that exploit those vulnerabilities. Based on the vulnerabilities this paper gives guidelines onhow to avoid them when implementing TLS and IPsec. This paper also demonstrates a proof-of-concept that shows how IPsec can be configured to avoid some of the vulnerabilities. Theproof-of-concept also shows how IPsec can be used to setup a secure connection between two peers, using Near Field Communication, on an ad hoc network. TLS Transport Layer Security IPsec vulnerabilities attacks Computer Sciences Datavetenskap (datalogi)
307	Security of micro-controllers : From smart cards to mobile devices / Sécurité des microcontroleurs embarqués : Des cartes à puce aux appareils mobiles Razafindralambo, Tiana 24 November 2016 (has links) Afin de pouvoir profiter de services sécurisés, efficaces et rapides (ex: paiement mobile, agenda, télécommunications, vidéos, jeux, etc.), de nos jours nos téléphones embarquent trois différents microcontrôleurs. Du plus sécurisé vers le plus générique nous avons, la carte SIM qui n’est autre qu’une carte à puce sécurisé chargée de garder de manière sûr au sein de sa mémoire des données sensibles. Ensuite, nous avons le processeur à bande de base qui est le seul à pouvoir discuter avec la carte SIM, et s’occupe de se charger des fonctions radio du téléphone (ex: le réseau GSM/3G/4G/LTE). Et enfin, nous avons le processeur applicatif, qui se charge d’exécuter tous les autres programmes sur le téléphone. Ce qui rend ces microcontrôleurs plus particuliers, c’est le fait qu’ils sont chacun contrôlés par un système d’exploitation totalement indépendant. Néanmoins, chacun peut avoir son influence, direct ou indirect sur l’autre/les autres. La sécurité de ces trois plateformes dépendent non seulement de leur implémentations matérielles, mais aussi de l’implémentation logicielle de leur système d’exploitation. Cette thèse s’intéresse à la sécurité logicielle, et en partie, matérielle de ces trois plateformes, afin de comprendre dans quelle mesure, une carte à puce telle que la carte SIM, est-elle résistante aux attaques logicielles dans le contexte d’un environnement multi-applicatif offert par les appareils mobiles. Nous nous intéressons aussi, à la sécurité du processeur applicatif face à une famille particulière d’attaque qui exploite le mécanisme de mémoire cache. Nous partons alors de l’étude et de l’application en pratique des attaques logiques sur carte à puce. Après avoir étudié les différents moyens qui permettent d’atteindre la carte SIM dans un mobile et ainsi d’étudier la surface d’attaque, nous poursuivons vers une étude par rétro-conception de l’implémentation de l’interface logicielle qui communique directement avec la SIM au niveau du processeur de bande de base. Ceci afin de comprendre le fonctionnement de cette partie très peu documentée. Finalement, nous étudions les effets du mécanisme de cache sur l’exécution d’un programme dans un téléphone mobile. Enfin, nous avons commencé à étudier l’attaque de Bernstein, qui consiste à exploiter les variations de temps induits par différents mécanismes de cache, en mesurant le temps global de l’exécution d’une implémentation particulière de l’algorithme cryptographique AES (Advanced Encryption Standard). Plus particulièrement, par une mise en pratique, nous essayons de déterminer ce qui exacerbe ou non la réalisation de sa technique dans le contexte d’un téléphone mobile réel. / Nowadays, in order to provide secure, reliable and performant services (e.g: mobile payments, agenda, telecommunication, videos, games, etc.), smartphones embed three different micro-controllers. From the most secure to the most general purpose one, we have the SIM card which is a secure smart card that has to prevent anyone by any means to exfiltrate sensitive assets from its internal memories. Furthermore, we also have the baseband processor, which is the only one that directly talks with the SIM card. It essentially manages all the "phone" parts (e.g: GSM/3G/4G/LTE networks) inside a mobile device. Finally, we have the application processor which runs all the general user applications. What is interesting to note for those three micro-controllers is that they are controlled by different and independent operating systems. However, one may affect the behavior of the other(s). The security of these three platforms depend on their hardware and software implementations. This thesis is concerned with the security of these three microcontrollers that are managed by independent OSs within mobile devices. We particularly focused on understanding to what extent a smart card such as SIM cards can be resistant to software attacks in the context of a multi-application environment provided by mobile devices. We were also interested in a specific family of, so-called cache attacks, namely time-driven one, as this kind of technique essentially exploits the hardware implementation of the different cache memories and the mechanisms that enable to manage them. We decided to first study and experimentally perform so-called logical attacks on smart cards. In a second step, in order to understand the attack surface, we have studied the different means to reach the SIM card from both the baseband processor and the application processor. Then, by means of reverse engineering, we tried to understand how was implemented the SIM interface from the baseband side. Finally, we have studied the cache effects on the execution speed of a program on real mobile devices, and we experimentally studied Bernstein’s time-driven cache attack in order to understand what possible events/mechanisms exacerbate (or not) the achievement of the latter on an actual mobile device. Sécurité Micro-controlleurs Embarqué Mobiles Attaques Défenses Security Microcontrollers Embedded Mobiles Attacks Defenses 621.384 56
308	UM DETECTOR DE ANOMALIAS DE TRÁFEGO DE REDE BASEADO EM WAVELETS / WAVELET-BASED ANOMALY DETECTION IN NETWORK TRAFFIC Perlin, Tiago 07 October 2010 (has links) Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Attacks on computer networks compromises the security of the system and degrade the performance of the network causing problems to users and organizations. Networkbased Intrusion Detection Systems are used to detect attacks or malicious activity by analyzing the network traffic. The anomaly-based detection approach is used for intrusion detection. It is assumed that the presence of traffic anomalies, deviations from standard behavior, is indicative of an attack or malfunction. A major difficulty of an anomaly-based Intrusion Detection System is the construction of the profile due to the complexity of network traffic. Methods derived from Signal Analysis, among which, the Wavelet Transform, have recently demonstrated applicability in detecting anomalies in network. This work proposes a new wavelet-based mechanism to detect network intrusions, through the analysis of descriptors of traffic. The mechanism proposed is based on Discrete Wavelet Transform of signal formed from the traffic descriptors, the calculation of thresholds and direct analysis of wavelet coefficients for detection of anomalies. We assume that an attack generates an anomaly (change) in the traffic pattern, visible in the wavelet coefficients. The detection mechanism is generic, to work with different descriptors, and has low computational complexity, which enhances the real-time analysis. In the experiments, the mechanism demonstrated good detection rate of attacks with few false positives and low processing time. / Ataques em redes de computadores comprometem a segurança do sistema e degradam o desempenho da rede causando prejuízos aos usuários e às organizações. Sistemas Detectores de Intrusões de Rede são usados para a detecção de ataques ou outras atividades maliciosas por meio da análise do tráfego. A detecção de anomalias é uma abordagem de análise usada na detecção de intrusão onde se assume que a presença de anomalias no tráfego, desvios em relação a um comportamento padrão, é indicativo de um ataque ou defeito. Uma das principais dificuldades dos Sistemas de Detecção de Intrusão de Rede baseados em anomalias está na construção do perfil devido à complexidade do tráfego de rede. Métodos derivados da Análise de Sinais, dentre os quais, a Transformada Wavelet, têm recentemente demonstrado aplicabilidade na detecção de anomalias de rede. Neste trabalho propõe-se um novo mecanismo baseado em wavelets para a detecção de intrusões de rede, por meio da análise dos descritores do tráfego. O mecanismo de análise proposto é baseado na Transformada Wavelet Discreta de Daubechies do sinal formado a partir dos descritores do tráfego, o cálculo de thresholds e análise direta dos coeficientes wavelet para a indicação de anomalias. Assume-se que um ataque gera uma anomalia (alteração) no padrão de tráfego, perceptível nos coeficientes wavelet. O mecanismo de detecção é genérico, para trabalhar com diferentes descritores, e apresenta baixa complexidade computacional, o que potencializa a análise em tempo real. Nos experimentos, o mecanismo demonstrou boa taxa de detecção de ataques, com poucos falsos positivos e baixo custo de processamento. Segurança Ataques Wavelets Security Attacks Wavelets
309	The meaning of Time magazine's sign representation of visuals of 9/11: a Baudrillardian perspective Koonin, Marla 19 June 2008 (has links) The fundamental essence covered the central role of representation of meaning within signs of photographic images captured of the September 11, 2001 terrorist attacks on the United States of America, in Time magazine’s September 11, 2001 special edition. This was done in order to determine how sign representation appeared in relation to philosophical sociologist Jean Baudrillard’s concepts of simulacra, simulation, hyperreality and massification. These concepts were assessed in relation to dominant theme categories and sub themes contained in the photographic images of this publication by means of a qualitative thematic content analysis. The motivation for the selection of this event was based on its magnitude and worldwide consequences. Furthermore, the images were selected in the specified mass media medium of Time magazine based on Baudrillard’s inference that consumption within a society is based on the controlling codes of society and one of these codes is the mass media. Hence the mass media have control over the value which a sign will have in a specific society thus giving it meaning, and on its inception AOL/Time Warner was the largest media conglomerate ever formed. Therefore what messages they deem as significant to be disseminated will become a controlling code of what signs have which meaning on a global scale. Moreover, Baudrillard believes that the mass media create a dominant belief system, which creates mass ideas and one of the ways in which massification occurs is through the use of images. As such, visuals play a powerful role in the representation of major world events. Particularly photographs because they are a reflection and thus form part of the registration process of what is being witnessed, where in this case it was the terrorist attacks of September 11, 2001. Hence visual images of world events are displayed globally by the mass media, which in turn propagate their own mediation of events and in this particular case terrorism fuelled the massified information that was dispersed. This information is circulated on a global scale via the mass media based on what will generate the most capital by creating what is consumable. What has occurred in the mass media arena is that ownership structures have changed and today there is a major increase in media conglomerates with media power being in fewer and fewer hands. This leads to information flow that is skewed by a specified ideology, which in the case of Time magazine would be a western ideology. In line with the established motivation as well as the dominance of visual supplements in much of the coverage of September 11, 2001, the overriding research problem was to determine how meaning was represented in the signs, from a Baudrillardian perspective, in the dominant themes in selected visuals in Time magazine’s September 11, 2001 special edition. Based on the research, a key underlying finding revealed the idea that in mass mediated cultures everything is a sign and representation of the real and therefore the real loses meaning and is replaced by a hyperreal and thus image and form devour the real and audiences are seduced by the values of signs. / Andrea Crystal Photographic images Realism in the press
310	Digital Video Watermarking Robust to Geometric Attacks and Compressions Liu, Yan January 2011 (has links) This thesis focuses on video watermarking robust against geometric attacks and video compressions. In addition to the requirements for an image watermarking algorithm, a digital video watermarking algorithm has to be robust against advanced video compressions, frame loss, frame swapping, aspect ratio change, frame rate change, intra- and inter-frame filtering, etc. Video compression, especially, the most efficient compression standard, H.264, and geometric attacks, such as rotation and cropping, frame aspect ratio change, and translation, are considered the most challenging attacks for video watermarking algorithms. In this thesis, we first review typical watermarking algorithms robust against geometric attacks and video compressions, and point out their advantages and disadvantages. Then, we propose our robust video watermarking algorithms against Rotation, Scaling and Translation (RST) attacks and MPEG-2 compression based on the logpolar mapping and the phase-only filtering method. Rotation or scaling transformation in the spatial domain results in vertical or horizontal shift in the log-polar mapping (LPM) of the magnitude of the Fourier spectrum of the target frame. Translation has no effect in this domain. This method is very robust to RST attacks and MPEG-2 compression. We also demonstrate that this method can be used as a RST parameters detector to work with other watermarking algorithms to improve their robustness to RST attacks. Furthermore, we propose a new video watermarking algorithm based on the 1D DFT (one-dimensional Discrete Fourier Transform) and 1D projection. This algorithm enhances the robustness to video compression and is able to resist the most advanced video compression, H.264. The 1D DFT for a video sequence along the temporal domain generates an ideal domain, in which the spatial information is still kept and the temporal information is obtained. With detailed analysis and calculation, we choose the frames with highest temporal frequencies to embed the fence-shaped watermark pattern in the Radon transform domain of the selected frames. The performance of the proposed algorithm is evaluated by video compression standards MPEG-2 and H.264; geometric attacks such as rotation, translation, and aspect-ratio changes; and other video processing. The most important advantages of this video watermarking algorithm are its simplicity, practicality and robustness. Digital video watermarking Geometric attacks Video compressions Log-polar mapping Structural similarity H.264

Search results