Global ETD Search

591	Méthodologie de conception de composants intégrés protégés contre les attaques par corrélation / A design methodology for integrated components protected from correlation attacks Laabidi, Selma 19 January 2010 (has links) Les circuits cryptographiques, parce qu'ils contiennent des informations confidentielles, font l'objet de manipulations frauduleuses, appelées communément attaques, de la part de personnes mal intentionnées. Plusieurs attaques ont été répertoriées et analysées. Parmi elles, les attaques DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behavior Analysis) et les attaques en probing forment la classe des attaques par corrélation et sont considérés comme les plus redoutables car elles permettent de retrouver, à moindre coût, les clefs de chiffrement des algorithmes cryptographiques. Les concepteurs de circuits sécurisés ont été donc amené à ajouter des parades, appelées contre-mesures, afin de protéger les circuits de ces attaques. Ces contremesures doivent impacter au minimum les performances et le coût du circuit. Dans cette thèse, nous nous intéressons dans un premier temps aux attaques par corrélation, le principe de ces attaques est décrit ainsi que les principales contre-mesures pour y parer. Un formalisme décrivant de manière unique ces attaques est aussi proposé. Dans un deuxième temps, nous étudions les outils d'évaluation sécuritaires qui permettent d'estimer la résistance des circuits intégrés face aux attaques par corrélation. Après un état de l'art sur les outils existants, nous décrivons notre outil basé sur une recherche de corrélations entre le modèle du concepteur et le modèle qui peut être prédit par un attaquant. L'analyse de corrélations permet de déterminer les bits les plus sensibles pour mener à bien une attaque. Cet outil est intégré dans le flot de conception permettant ainsi d'évaluer la résistance des algorithmes cryptographiques au niveau RTL (Register Transfer Level) et portes. / The cryptographic circuits, because they contain confidential information, are subject to fraudulent manipulations called attacks from malicious people. Several attacks have been identified and analyzed. Among them DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behaviour Analysis) and probing attacks form the class of correlation attacks and are considered as the most dangerous because they allow to retrieve, at lower cost, secret keys of cryptographic algorithms. Designers of secure circuits have thus added counter-measures to protect their circuits from these attacks. Counter-measures overhead got to have a minimum of impact on circuit’s cost and performances. In this thesis, we first focus on correlation attacks; the principle of these attacks is described as well as the main counter-measures to address them. A formalism describing these attacks is also proposed. Second, we study the safe evaluation tools to estimate the resistance of integrated circuits towards correlation attacks. After a state of the art on the existing tools, we describe our tool based on a search of correlations between the designer's model and the model which can be predicted by an attacker. The analysis of the correlations determines the most sensitive bits to complete an attack. This tool is integrated into the design flow to asses the strength of cryptographic algorithms at RTL (Register Transfer Level) and gate levels. An application of our flow on several models of the algorithm AES (Advanced Encryption Standard) with and without counter-measures is proposed. The obtained results have demonstrated the effectiveness of our technique.Les circuits cryptographiques, parce qu'ils contiennent des informations confidentielles, font l'objet de manipulations frauduleuses, appelées communément attaques, de la part de personnes mal intentionnées. Plusieurs attaques ont été répertoriées et analysées. Parmi elles, les attaques DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behavior Analysis) et les attaques en probing forment la classe des attaques par corrélation et sont considérés comme les plus redoutables car elles permettent de retrouver, à moindre coût, les clefs de chiffrement des algorithmes cryptographiques. Les concepteurs de circuits sécurisés ont été donc amené à ajouter des parades, appelées contre-mesures, afin de protéger les circuits de ces attaques. Ces contremesures doivent impacter au minimum les performances et le coût du circuit. Dans cette thèse, nous nous intéressons dans un premier temps aux attaques par corrélation, le principe de ces attaques est décrit ainsi que les principales contre-mesures pour y parer. Un formalisme décrivant de manière unique ces attaques est aussi proposé. Dans un deuxième temps, nous étudions les outils d'évaluation sécuritaires qui permettent d'estimer la résistance des circuits intégrés face aux attaques par corrélation. Après un état de l'art sur les outils existants, nous décrivons notre outil basé sur une recherche de corrélations entre le modèle du concepteur et le modèle qui peut être prédit par un attaquant. L'analyse de corrélations permet de déterminer les bits les plus sensibles pour mener à bien une attaque. Cet outil est intégré dans le flot de conception permettant ainsi d'évaluer la résistance des algorithmes cryptographiques au niveau RTL (Register Transfer Level) et portes. algorithmes cryptographiques attaques DPA (Differential Power Analysis) sécurité corrélation flot de conception cryptographic algorithms attacks DPA (Differential Power Analysis) security correlation design flow
592	Risk Assessment of Aviation Security and Evaluation of Aviation Security Policies Yalcinkaya, Ramazan 08 1900 (has links) Comprising many airplanes, airports, aircrew, and employees, aviation industry is a large sector that is very vulnerable to attacks, whether it is from terrorists or criminals. Aviation history is fraught with examples of airport bombings, hijackings, and sabotage terrorist attacks. The most destructive of which is the tragedy of September 11, 2001, the cornerstone of today's aviation security policies. This study uses risk assessment tools to determine the dimensions of danger and threats against the aviation industry and addresses how vulnerable the aviation sector is. After vulnerabilities and threats are examined, possible impacts of attacks against the aviation security are discussed. This study also explores the pre and post September 11 policies that governments and policy makers develop to reduce risks in aviation sector. In addition, it discusses weaknesses and strengths of these policies which surfaced during the implementations. Finally, this study proposes some recommendations based on vulnerabilities and threats of aviation security. aviation security risk assessment aviation security policies air terrorism 9/11 attacks
593	Anxiety sensitivity and cross-cultural differences: An examination of the factor structure of the anxiety sensitvity [sic] index Thomas, KaMala Syretta 01 January 2001 (has links) No description available. Anxiety sensitivity Fear Panic attacks Multicultural Psychology
594	From 9/11 to Iraq: Analysis and critique of the rhetoric of the Bush Administration leading to the war in Iraq Covington, LaKesha Nicole 01 January 2005 (has links) The project investigated the events that led the United States from September 11, 2001 to the current war in Iraq. The specific time frame examined was the period beginning on September 11, 2001 and ending with the first pre-emptive attacks in Iraq on March 19, 2003. Iraq War 2003-2011 War and emergency powers War on Terrorism 2001-2009 September 11 Terrorist Attacks 2001 War and emergency powers. Rhetoric
595	Efficient and Robust Deep Learning through Approximate Computing Sanchari Sen (9178400) 28 July 2020 (has links) <p>Deep Neural Networks (DNNs) have greatly advanced the state-of-the-art in a wide range of machine learning tasks involving image, video, speech and text analytics, and are deployed in numerous widely-used products and services. Improvements in the capabilities of hardware platforms such as Graphics Processing Units (GPUs) and specialized accelerators have been instrumental in enabling these advances as they have allowed more complex and accurate networks to be trained and deployed. However, the enormous computational and memory demands of DNNs continue to increase with growing data size and network complexity, posing a continuing challenge to computing system designers. For instance, state-of-the-art image recognition DNNs require hundreds of millions of parameters and hundreds of billions of multiply-accumulate operations while state-of-the-art language models require hundreds of billions of parameters and several trillion operations to process a single input instance. Another major obstacle in the adoption of DNNs, despite their impressive accuracies on a range of datasets, has been their lack of robustness. Specifically, recent efforts have demonstrated that small, carefully-introduced input perturbations can force a DNN to behave in unexpected and erroneous ways, which can have to severe consequences in several safety-critical DNN applications like healthcare and autonomous vehicles. In this dissertation, we explore approximate computing as an avenue to improve the speed and energy efficiency of DNNs, as well as their robustness to input perturbations.</p> <p> </p> <p>Approximate computing involves executing selected computations of an application in an approximate manner, while generating favorable trade-offs between computational efficiency and output quality. The intrinsic error resilience of machine learning applications makes them excellent candidates for approximate computing, allowing us to achieve execution time and energy reductions with minimal effect on the quality of outputs. This dissertation performs a comprehensive analysis of different approximate computing techniques for improving the execution efficiency of DNNs. Complementary to generic approximation techniques like quantization, it identifies approximation opportunities based on the specific characteristics of three popular classes of networks - Feed-forward Neural Networks (FFNNs), Recurrent Neural Networks (RNNs) and Spiking Neural Networks (SNNs), which vary considerably in their network structure and computational patterns.</p> <p> </p> <p>First, in the context of feed-forward neural networks, we identify sparsity, or the presence of zero values in the data structures (activations, weights, gradients and errors), to be a major source of redundancy and therefore, an easy target for approximations. We develop lightweight micro-architectural and instruction set extensions to a general-purpose processor core that enable it to dynamically detect zero values when they are loaded and skip future instructions that are rendered redundant by them. Next, we explore LSTMs (the most widely used class of RNNs), which map sequences from an input space to an output space. We propose hardware-agnostic approximations that dynamically skip redundant symbols in the input sequence and discard redundant elements in the state vector to achieve execution time benefits. Following that, we consider SNNs, which are an emerging class of neural networks that represent and process information in the form of sequences of binary spikes. Observing that spike-triggered updates along synaptic connections are the dominant operation in SNNs, we propose hardware and software techniques to identify connections that can be minimally impact the output quality and deactivate them dynamically, skipping any associated updates.</p> <p> </p> <p>The dissertation also delves into the efficacy of combining multiple approximate computing techniques to improve the execution efficiency of DNNs. In particular, we focus on the combination of quantization, which reduces the precision of DNN data-structures, and pruning, which introduces sparsity in them. We observe that the ability of pruning to reduce the memory demands of quantized DNNs decreases with precision as the overhead of storing non-zero locations alongside the values starts to dominate in different sparse encoding schemes. We analyze this overhead and the overall compression of three different sparse formats across a range of sparsity and precision values and propose a hybrid compression scheme that identifies that optimal sparse format for a pruned low-precision DNN.</p> <p> </p> <p>Along with improved execution efficiency of DNNs, the dissertation explores an additional advantage of approximate computing in the form of improved robustness. We propose ensembles of quantized DNN models with different numerical precisions as a new approach to increase robustness against adversarial attacks. It is based on the observation that quantized neural networks often demonstrate much higher robustness to adversarial attacks than full precision networks, but at the cost of a substantial loss in accuracy on the original (unperturbed) inputs. We overcome this limitation to achieve the best of both worlds, i.e., the higher unperturbed accuracies of the full precision models combined with the higher robustness of the low precision models, by composing them in an ensemble.</p> <p> </p> <p><br></p><p>In summary, this dissertation establishes approximate computing as a promising direction to improve the performance, energy efficiency and robustness of neural networks.</p> Computer Engineering Computer Vision Computer System Architecture Deep learning Approximate computing Adversarial attacks Deep neural networks Spiking neural networks Recurrent neural networks Ensembles
596	Improving the Cyber defence of an organisation based on IP Geolocation and security appliances / Förbättra en organisations cyberförsvar baserad på IP Geolocation och säkerhetssystem Opasinov, Aleksandar, Eftekhari, Sina January 2020 (has links) As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors. / Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter. Cybersecurity Cisco ASA Firewall IP Geolocation Malware Cyber Attacks IPS IT-säkerhet Cisco ASA Brandvägg IP Geolocation Malware Cyberattacker IPS Information Systems
597	Generátor kybernetických útoků / Cyberattack Generator Gregr, Filip January 2017 (has links) This thesis is focused on developing a tool that is capable of generating cyber attacks. In the opening there are introduced some attacks using the ISO/OSI application layer protocols. Specifically, these are attacks known as Slowloris, RUDY, Slow Read, HTTP flood, and dictionary attack on the SSH. These attacks are implemented into an existing DoSgen Linux tool that already contains several famous network attacks. The main part of the thesis is devoted to the description of the tool and to the implementation of its own extension. The created tool is practically tested in an experimental enviroment against the Apache web server. Part of the thesis is the documentation for the improved DoSgen tool.
598	Útok na WiFi síť s využitím ESP32/8266 / WiFi Attacks Using ESP32/8266 Stehlík, Richard January 2021 (has links) The goal of this thesis is an exploration of the possibilities of Espressif's ESP32 chips in combination with Espressif IoT Development Framework with intention of implementing well-known Wi-Fi attacks on this platform. In this work, multiple implementation proposals were done for deauthentication attack in two variants followed by WPA/WPA2 handshake capture, attack on PMKID, creation of rogue MitM access point, or brute-force attack on WPS PIN, and more. A universal penetration tool ESP32 Wi-Fi Penetration Tool was proposed and implemented, including deauthentication attacks with WPA/WPA2 handshake capture. This tool provides an easy way to configure and run malicious Wi-Fi attacks without any domain knowledge required from the user. The outcome of this work opens new attack vectors for the attacker, thanks to cheap, ultra-low powered, and lightweight ESP32 chips.
599	Evaluating Robustness of a CNN Architecture introduced to the Adversarial Attacks Ishak, Shaik, Jyothsna Chowdary, Anantaneni January 2021 (has links) Abstract: Background: From Previous research, state-of-the-art deep neural networks have accomplished impressive results on many images classification tasks. However, adversarial attacks can easily fool these deep neural networks by adding little noise to the input images. This vulnerability causes a significant concern in deploying deep neural network-based systems in real-world security-sensitive situations. Therefore, research in attacking and the architectures with adversarial examples has drawn considerable attention. Here, we use the technique for image classification called Convolutional Neural Networks (CNN), which is known for determining favorable results in image classification. Objectives: This thesis reviews all types of adversarial attacks and CNN architectures in the present scientific literature. Experiment to build a CNN architecture to classify the handwritten digits in the MNIST dataset. And they are experimenting with adversarial attacks on the images to evaluate the accuracy fluctuations in categorizing images. This study also includes an experiment using the defensive distillation technique to improve the architecture's performance under adversarial attacks. Methods: This thesis includes two methods; the systematic literature review method involved finding the best performing CNN architectures and best performing adversarial attack techniques. The experimentation method consists in building a CNN model based on modified LeNet architecture with two convolutional layers, one max-pooling layer, and two dropouts. The model is trained and tested with the MNIST dataset. Then applying adversarial attacks FGSM, IFGSM, MIFGSM on the input images to evaluate the model's performance. Later this model will be modified a little by defensive distillation technique and then tested towards adversarial attacks to evaluate the architecture's performance. Results: An experiment is conducted to evaluate the robustness of the CNN architecture in classifying the handwritten digits. The graphs show the accuracy before and after implementing adversarial attacks on the test dataset. The defensive distillation mechanism is applied to avoid adversarial attacks and achieve robust architecture. Conclusions: The results showed that FGSM, I-FGSM, MI-FGSM attacks reduce the test accuracy from 95% to around 35%. These three attacks to the proposed network successfully reduced ~70% of the test accuracy in all three cases for maximum epsilon 0.3. By the defensive distillation mechanism, the test accuracy reduces from 90% to 88% for max epsilon 0.3. The proposed defensive distillation process is successful in defending the adversarial attacks. Convolutional Neural Network (CNN) Image classification Adversarial attacks Defensive Distillation. Computer Sciences Datavetenskap (datalogi) Other Computer and Information Science Annan data- och informationsvetenskap
600	Podpora výuky biometrických přístupových systémů / Support for education of biometric access systems Navrátil, Petr January 2008 (has links) This thesis describes general function of biometric access systems and summarizes problems of their practical use. It also shows security risks of these systems. It defines basic terms, which are used in this area, describes kinds of errors and their representation. One part of this thesis deals with biometric method of fingerprints recognition. It explains fingerprints’ atomic basics, basic principles and processing of digital fingerprint image. Next part describes concrete biometric access system V-Station by Bioscrypt Inc. Besides basic description it focuses on technology of biometric sensor and algorithm, essential parts of biometric system. The thesis continues with security analysis of this concrete system. In this part I target on weak points of the system and I design possible attack on the system. In the last part of my thesis I designed laboratory exercise, which is supposed to be realized by student. It is composed it by several tasks to let students understand working with the system and attached software. At the same time, they have opportunity to think about system by themselves a make their own opinion about possibilities of the system. There are many pictures in this thesis to make term clear and to better understanding of problems of biometric security systems.

Search results