Spelling suggestions: "subject:"computer networks, security measures"" "subject:"coomputer networks, security measures""
241 |
Computer seizure as technique in forensic investigationNdara, Vuyani 19 March 2014 (has links)
The problem encountered by the researcher was that the South African Police Service Cyber-Crimes Unit is experiencing problems in seizing computer evidence. The following problems were identified by the researcher in practice: evidence is destroyed or lost because of mishandling by investigators; computer evidence is often not obtained or recognised, due to a lack of knowledge and skills on the part of investigators to properly seize computer evidence; difficulties to establish authenticity and initiate a chain of custody for the seized evidence; current training that is offered is unable to cover critical steps in the performance of seizing computer evidence; computer seizure as a technique requires specialised knowledge and continuous training, because the information technology industry is an ever-changing area.
An empirical research design, followed by a qualitative research approach, allowed the researcher to also obtain information from practice. A thorough literature study, complemented by interviews, was done to collect the required data for the research. Members of the South African Police Cyber-crime Unit and prosecutors dealing with cyber-crime cases were interviewed to obtain their input into, and experiences on, the topic.
The aim of the study was to explore the role of computers in the forensic investigation process, and to determine how computers can be seized without compromising evidence. The study therefore also aimed at creating an understanding and awareness about the slippery nature of computer evidence, and how it can find its way to the court of law without being compromised. The research has revealed that computer crime is different from common law or traditional crimes. It is complicated, and therefore only skilled and qualified forensic experts should be used to seize computer evidence, to ensure that the evidence is not compromised. Training of cyber-crime technicians has to be priority, in order to be successful in seizing computers. / Department of Criminology / M.Tech. (Forensic Investigation)
|
242 |
Addressing the incremental risks associated with adopting a Bring Your Own Device program by using the COBIT 5 framework to identify keycontrolsWeber, Lyle 04 1900 (has links)
Thesis (MComm)--Stellenbosch University, 2014. / ENGLISH ABSTRACT: Bring Your Own Device (BYOD) is a technological trend which individuals of all ages are embracing. BYOD involves an employee of an organisation using their own mobile devices to access their organisations network. Several incremental risks will arise as a result of adoption of a BYOD program by an organisation. The research aims to assist organisations to identify what incremental risks they could potentially encounter if they adopt a BYOD program and how they can use a framework like COBIT 5 in order to reduce the incremental risks to an acceptable level. By means of an extensive literature review the study revealed 50 incremental risks which arise as a result of the adoption of a BYOD program. COBIT 5 was identified as the most appropriate framework which could be used to map the incremental risks against. Possible safeguards were identified from the mapping process which would reduce the incremental risks to an acceptable level. It was identified that 13 of the 37 COBIT 5 processes were applicable for the study.
|
243 |
Information security risk management in small-scale organisations : a case study of secondary schools’ computerised information systemsMoyo, Moses 11 December 2014 (has links)
Threats to computerised information systems are always on the rise and compel organisations to invest a lot of money and time amongst other technical controls in an attempt to protect their critical information from inherent security risks. The computerisation of information systems in secondary schools has effectively exposed these organisations to a host of complex information security challenges that they have to deal with in addition to their core business of teaching and learning. Secondary schools handle large volumes of sensitive information pertaining to educators, learners, creditors and financial records that they are obliged to secure. Computerised information systems are vulnerable to both internal and external threats but ease of access sometimes manifest in security breaches, thereby undermining information security. Unfortunately, school managers and users of computerised information systems are ignorant of the risks to their information systems assets and the consequences of the compromises that might occur thereof. One way of educating school managers and users about the risks to their computerised information systems is through a risk management programme in which they actively participate. However, secondary schools do not have the full capacity to perform information security risk management exercises due to the unavailability of risk management experts and scarce financial resources to fund such programmes.
This qualitative case study was conducted in two secondary schools that use computerised information systems to support everyday administrative operations. The main objective of this research study was to assist secondary schools that used computerised information systems to develop a set of guidelines they would use to effectively manage information security risks in their computerised information systems. This study educated school managers and computerised information systems users on how to conduct simple risk management exercises. The Operationally Critical Threats, Assets and Vulnerability Evaluation for small-scale organisations risk management method was used to evaluate the computerised information systems in the two schools and attain the goals of the research study. Data for this study were generated through participatory observation, physical inspections and interview techniques. Data were presented, analysed and interpreted qualitatively.
This study found that learners‟ continuous assessment marks, financial information, educators‟ personal information, custom application software, server-computers and telecommunication equipment used for networking were the critical assets. The main threats to these critical assets were authorised and unauthorised systems users, malware, system crashes, access paths and incompatibilities in software. The risks posed by these threats were normally led to the unavailability of critical information systems assets, compromise of data integrity and confidentiality. This also led to the loss of productivity and finance, and damage to school reputation. The only form of protection mechanism enforced by secondary schools was physical security. To mitigate the pending risks, the study educated school managers and users in selecting, devising and implementing simple protection and mitigation strategies commensurate with their information systems, financial capabilities and their level of skills. This study also recommended that secondary schools remove all critical computers from open-flow school networks, encrypt all critical information, password-protect all computers holding critical information and train all users of information systems of personal security.
The study will be instrumental in educating school managers and computerised information systems users in information security awareness and risk management in general. / Science Engineering and Technology / M. Sc. (Information Systems)
|
244 |
A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP)Tekle, Solomon Mekonnen 07 1900 (has links)
The insider threat problem is extremely challenging to address, as it is committed by insiders who are
trusted and authorized to access the information resources of the organization. The problem is further
complicated by the multifaceted nature of insiders, as human beings have various motivations and
fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders.
Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This
research presents a novel insider threat prevention and prediction model, combining several approaches,
techniques and tools from the fields of computer science and criminology. The model is a Privacy-
Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is
predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements
present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive),
opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious
employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals
tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards
maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the
elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud
Diamond similar to crimes committed within the physical landscape.
The model intends to act within context, which implies that when the model offers predictions about threats,
it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information
about insiders for the purposes of prediction, there is a need to collect current information, as the motives
and behaviours of humans are transient. Context-aware systems are used in the model to collect current
information about insiders related to motive and ability as well as to determine whether insiders exploit any
opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any
rationalizations the insider may have via neutralization mitigation, thus preventing the insider from
committing a future crime. However, the model collects private information and involves entrapment that
will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel
they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this
thesis argues that an insider prediction model must be privacy-preserving in order to prevent further
cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from
being tempted to commit a crime in future.
The model involves four major components: context awareness, opportunity facilitation, neutralization
mitigation and privacy preservation. The model implements a context analyser to collect information related
to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan.
The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes
and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs
keystroke and linguistic features based on typing patterns to collect information about any change in an
insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime.
Research demonstrates that most of the insiders who have committed a crime have experienced a negative
emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers
without their consent or denial of a wage increase. However, there may also be personal problems such as a
divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who
may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the
change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those
individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model
also assesses the capability of insiders to commit a planned attack based on their usage of computer
applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and
skill as well as assessing the number of systems errors and warnings generated while using the applications.
The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a
motivated and capable insider will exploit any opportunity in the organization involving a criminal act.
Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an
implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of
nullifying the rationalizations that the insider may have had for committing the crime. All information about
insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders.
The model also intends to identify any new behaviour that may result during the course of implementation.
This research contributes to existing scientific knowledge in the insider threat domain and can be used as a
point of departure for future researchers in the area. Organizations could use the model as a framework to
design and develop a comprehensive security solution for insider threat problems. The model concept can
also be integrated into existing information security systems that address the insider threat problem / Information Science / D. Phil. (Information Systems)
|
245 |
Physical-layer security: practical aspects of channel coding and cryptographyHarrison, Willie K. 21 June 2012 (has links)
In this work, a multilayer security solution for digital communication systems is provided by considering the joint effects of physical-layer security channel codes with application-layer cryptography. We address two problems: first, the cryptanalysis of error-prone ciphertext; second, the design of a practical physical-layer security coding scheme. To our knowledge, the cryptographic attack model of the noisy-ciphertext attack is a novel concept. The more traditional assumption that the attacker has the ciphertext is generally assumed when performing cryptanalysis. However, with the ever-increasing amount of viable research in physical-layer security, it now becomes essential to perform the analysis when ciphertext is unreliable. We do so for the simple substitution cipher using an information-theoretic framework, and for stream ciphers by characterizing the success or failure of fast-correlation attacks when the ciphertext contains errors. We then present a practical coding scheme that can be used in conjunction with cryptography to ensure positive error rates in an eavesdropper's observed ciphertext, while guaranteeing error-free communications for legitimate receivers. Our codes are called stopping set codes, and provide a blanket of security that covers nearly all possible system configurations and channel parameters. The codes require a public authenticated feedback channel. The solutions to these two problems indicate the inherent strengthening of security that can be obtained by confusing an attacker about the ciphertext, and then give a practical method for providing the confusion. The aggregate result is a multilayer security solution for transmitting secret data that showcases security enhancements over standalone cryptography.
|
246 |
Digital encoding for secure data communicationsRondón, Eduardo Emilio Coquis. January 1976 (has links)
Thesis (Engineer's) --Naval Postgraduate School, 1976. / "September 1976." "AD A035848." Includes bibliographical references (leaves 122-123) Available via the Internet.
|
247 |
The design and implementation of a security and containment platform for peer-to-peer media distribution / Die ontwerp en implimentasie van ’n sekure en begeslote platvorm vir portuurnetwerk mediaverspreidingStorey, Quiran 12 1900 (has links)
Thesis (MScEng)--Stellenbosch University, 2013. / ENGLISH ABSTRACT: The way in which people consume video is changing with the adoption of
new technologies such as tablet computers and smart televisions. These new
technologies, along with the Internet, are moving video distribution away from
satellite and terrestrial broadcast to distribution over the Internet. Services
online now offer the same content that originally was only available on satellite
broadcast television. However, these services are only viable in countries with
high speed, inexpensive Internet bandwidth. The need therefore exists for
alternative services to deliver content in countries where bandwidth is still
expensive and slow. These include many of the developing nations of Africa.
In this thesis we design and develop a video distribution platform that
relies on peer-to-peer networking to deliver high quality video content. We use
an existing video streaming peer-to-peer protocol as the primary distribution
mechanism, but allow users to share video over other protocols and services.
These can include BitTorrent, DC++ and users sharing hard drives with one
another. In order to protect the video content, we design and implement a
security scheme that prevents users from pirating video content, while allowing easy distribution of video data. The core of the security scheme requires a low
bandwidth Internet connection to a server that streams keys to unlock the
video content. The project also includes the development of a custom video
player application to integrate with the security scheme.
The platform is not limited to, but is aimed at high speed local area networks
where bandwidth is free. In order for the platform to support feasible
business models, we provision additional services, such as video cataloging
and search, video usage monitoring and platform administration. The thesis
includes a literature study on techniques and solutions to secure video entertainment,
specifically in a peer-to-peer environment. / AFRIKAANSE OPSOMMING: Die wyse waarvolgens mense video verbruik is aan die verander met die ingebruikneming
van nuwe tegnologie soos tabletrekenaars en slim televisiestelle.
Hierdie nuwe tegnologie tesame met die Internet maak dat die verspreiding
van video al hoe minder plaasvind deur middel van satellietuitsendings en al
hoe meer versprei word deur die Internet. Aanlyn-Internetdienste bied deesdae
dieselfde inhoud aan as wat voorheen slegs deur beeldsending versprei is.
Hierdie dienste is egter slegs lewensvatbaar in lande met hoëspoed- en goedkoop
Internetbandwydte. Daar is dus ’n behoefte aan alternatiewe tot hierdie
dienste in lande waar bandwydte steeds duur en stadig is. Baie lande in Afrika
kan in hierdie kategorie ingesluit word.
In hierdie tesis word ’n videoverspreidingsplatform ontwerp en ontwikkel,
wat van portuurnetwerke gebruik maak om hoëkwaliteit-beeldmateriaal te versprei.
Die stelsel gebruik ’n bestaande portuurnetwerk-datavloeiprotokol as
die premêre verspreidingsmeganisme, maar laat gebruikers ook toe om videoinhoud
direk met ander gebruikers en dienste te deel. BitTorrent, DC++ en
gebruikers wat hardeskywe met mekaar deel word hierby ingesluit. Ten einde die videoinhoud te beskerm ontwerp en implimenteer ons ’n sekuriteitstelsel
wat verhoed dat gebruikers die videoinhoud onregmatig kan toe-eien, maar
wat terselfdertyd die verspreiding van die data vergemaklik. Hierdie sluit die
ontwikkeling van ’n pasgemaakte videospeler in. Die kern van die sekuriteitstelsel
benodig ’n lae-bandwydte-Internetverbinding na ’n bediener wat sleutels
uitsaai om die videoinhoud te ontsluit.
Alhoewel nie daartoe beperk nie, is die platform gemik op hoëspoed-plaaslikegebiedsnetwerke
met gratis bandwydte. Om die platvorm aan ’n haalbare
sakemodel te laat voldoen het ons vir addisionele dienste soos videokatalogisering
met soekfunksies, videoverbruikersmonitering en platvormadministrasie
voorsiening gemaak. Die tesis sluit ’n literatuurstudie oor tegnieke en oplossings
vir die beskerming van video data, spesifiek in die portuurnetwerke
omgeving, in.
|
248 |
The status of information security in South AfricaWarricker, Anina M. 03 1900 (has links)
Thesis (MPhil)--Stellenbosch University, 2005. / ENGLISH ABSTRACT: The business and social environments are increasingly reliant on the information
network, and the quality and integrity of the information to effectively conduct
transactions, and "survive" in the new economy. These information networks facilitate
communication and transactions between customers, suppliers, partners, and
employees. Emerging technologies further encourage the extension of network
boundaries beyond the branch office, to private homes, airports, and even the comer
coffee shop, e.g. wireless internet access. Although technology advances contribute to
significant increases in productivity, convenience, and competitive advantage, it also
increases the risk of attacks on the integrity and confidentiality of any information
interaction. One of the key questions is how to achieve the right level of information
network security and implement effective protection systems, without impacting
productivity by excessively restricting the flow of information.
The issue of information security is not a localised problem, but a problem on global
scale, and South African businesses are no less at risk than any other geographically
located business. The risk of information security is even greater if aspects like
globalisation are taken into account, and the growing inter-connectedness of the global
business environment. The central question is: How does the South African business
environment view information security, their perceived success in implementing
information security measures, and their view of future trends in information security.
Ingenue- Consulting is a global business focusing on technology consulting services,
across a wide range of industries and technologies. Information security has been
identified by Ingenue Consulting to be a global problem, and primary research into this
business issue have been undertaken in different locations globally, e.g. Australia and South African executive level survey of what the perception and importance are of
information security, of business leaders across public and private industries.
Ingenue Consulting has an in-house research facility, and tasked them with conducting
a survey in South Africa. The survey results can then be compared with global trends,
and applied in the business environment, to highlight the impact of information security
risks, and to help businesses to change and improve their information security
processes and technologies. The research department started out doing an extensive
literature study to identify global and local trends in information security, and to assist in
the compilation of the survey questionnaire. A sample group of "blue chip" businesses
across all industries was targeted at executive level to conduct a research survey - fifty
interviews were conducted. The raw data was collated and analysed to formulate an
opinion of the information security practices and perceptions of the business
environment in South Africa.
The survey confirmed that the South African market risks in terms of information
security are very similar to global trends. Some of the key trends are: Information
security agreements are normally signed at the onset of employment, but rarely
updated or highlighted to ensure continued support and implementation. This is almost
contradictory to the fact that information security are taken seriously by the executive
level, and often discussed at board level. The mobility of information with the
emergence of wireless networks is a key issue for most businesses - as information
security is at its most vulnerable.
Most of the respondents rated themselves ahead of the curve and their competitors -
overestimation of competencies, could lead to larger future risks. The sensitive nature
of information security industry makes benchmarking against local or global players
difficult due to the sensitive nature -limited willingness to participate in a consultative
forum. Companies that outsouree IT tend to "wash their hands off' security issues as the responsibility of the outsourcing vendor. Most local businesses haven't got a worldly
view - they do not have an active process to find out what their peers are doing locally
or globally, they rely mostly on vendor and consulting advice, or media coverage. / AFRIKAANSE OPSOMMING: Die besigheids en sosiale omgewings is toenemend afhanklik van die inligtings
netwerke, en die kwaliteit en integriteit van inligting om transaksies effektief uit te voer,
en om te "oorleef" in die nuwe ekonomie. Inligtings netwerke fasiliteer kommunikasie
en transaksies tussen kliente, verskaffers, vennote, en werknemers. Nuwe tegnologiee
verder veskuif netwerk grense, wyer as die tak-kantoor, na private huise, lughawens, of
die koffie kafee - deur middel van draadlose internet toegang. Alhoewel tegnologie
ontwikkelings bydra tot verbeterde produktiwiteit, en gemak van gebruik - dra dit ook by
tot groter gevaar van aanvalle op die integriteit en konfidensialiteit van enige inligtings
transaksie. Een van die sleutel vrae is hoe om die regte vlak van inligting netwerk
sekuriteit te bereik, en om die regte beskermings metodes te implementeer - sonder
om die produtiwiteit te inhibeer.
Die inligting sekuritets vraagstuk is nie bloot 'n lokale vraagstuk nie, maar van globale
skaal, en Suid-Afrikaanse besighede is nie minder in gevaar as enige ander besigheid
in 'n ander lande nie, veral nie as aspekte soos globaliseering in ag geneem word nie.
Die sentrale vraag is: Hoe sien die Suid-Afrikaanse besigheids wereld inligtings
sekuriteit, en die waargenome sukses met die implementering van inligtings sekuriteit
prosesse, en ook hoe hul die toekoms sien van inligtings sekuriteit.
Ingenue* Consulting is 'n wereldwye besigheid, gefokus op tegnologie konsultasie
dienste, oor 'n wye reeks industriee en tegnologiee. Inligting sekuriteit is deur Ingenue
Consulting ge-identifiseer as 'n globale probleem, en primere navorsing in die area is al
onderneem in verskillende geografiee, soos Australie en die Verenigde Koninkryk. Die
Suid-Afrikaanse tak van Ingenue het vroeg in 2004 besluit om 'n lokale studie te doen
oor top bestuur se persepsies van inligting sekuriteits risikos, in beide die publieke en
privaat besigheids wereld. Die interne navorsings afdeling van Ingenue Consulting in Suid-Afrika is gevra om die
nodige studie te ondeneem, om dit dan met globale studies te vergelyk, en te kan
bepaal waar gapings mag wees, en hoe om die gapings aan te spreek. Die navorsings
afdeling het begin deur 'n ekstensiewe literatuur studie te doen, as hulp tot die
samestelling van die vrae-lys. 'n Teiken groep van top Suid-Afrikaanse besighede,
verteenwoordigend van alle industriee is genader om 'n onderhoud toe te staan om die
vrae-lys te voltooi - vyftig onderhoude was voltooi. Die rou data is gekollekteer en
geanaliseer, om 'n opinie te formuleer oor die inligtings sekuriteit persepsies en
praktyke van die besigheids omgewing in Suid-Afrika.
Die navorsing het bevestig dat die Suid-Afrikaanse mark baie dieselfde is as ander
geografiese markte - in terme van inligting sekuriteit. Van die sleutel konklusies is:
Inligting sekuriteit ooreenkomste word meestal geteken met die aanvangs van diens,
maar bitter selde dan weer opgevolg of hernu - dit is byna kontradikterend dat top
bestuur ook baie besorg is oor inligting sekuriteit, en dat dit dikwels by raads
vergaderings bespreek word. Die mobiliteit van inligting is 'n groeiende bekommernis,
omrede inligting dan nog meer op risiko is.
Meeste respondente sien hulself as beter of meer gevorderd as hul kompeteerders - 'n
oor-estimasie van sukses in inligtings sekuriteit kan lei tot groter probleme in die
toekoms. Die sensitiewe natuur van inligting sekuriteit maak ope vergelyking van
gedetaileerde prosesse moeilik - en meeste besighede is nie bereid om deel te neem
aan algemene gesprekke nie. Terwyl besighede wat hul tegnologie afdeling deur 'n
derde party bestuur, neem geen verantwoordelikheid vir hul inligtings sekuriteit nie. 'n
Groter bekommernis is dat besighede in Suid-Afrika nie 'n aktiewe proses het om op
hoogte bly van wat die beste opsies is in inligtings sekuriteit nie, of wat hul
teenstanders doen nie - maar vertrou op die advies van verkoops en konsultasie
maatskappye, of media berigte.
|
249 |
Applying mobile agents in an immune-system-based intrusion detection systemZielinski, Marek Piotr 30 November 2004 (has links)
Nearly all present-day commercial intrusion detection systems are based on a hierarchical architecture. In such an architecture, the root node is responsible for detecting intrusions and for issuing responses. However, an intrusion detection system (IDS) based on a hierarchical architecture has many single points of failure. For example, by disabling the root node, the intrusion-detection function of the IDS will also be disabled.
To solve this problem, an IDS inspired by the human immune system is proposed. The proposed IDS has no single component that is responsible for detecting intrusions. Instead, the intrusion-detection function is divided and placed within mobile agents. Mobile agents act similarly to white blood cells of the human immune system and travel from host to host in the network to detect intrusions. The IDS is fault-tolerant because it can continue to detect intrusions even when most of its components have been disabled. / Computer Science (School of Computing) / M. Sc. (Computer Science)
|
250 |
Selection of mobile agent systems based on mobility, communication and security aspectsLall, Manoj 30 June 2005 (has links)
The availability of numerous mobile agent systems with its own strengths and weaknesses poses a problem when deciding on a particular mobile agent system. In this dissertation, factors based on mobility, communication and security of the mobile agent systems are presented and used as a means to address this problem. To facilitate in the process of selection, a grouping scheme of the agent system was proposed. Based on this grouping scheme, mobile agent systems with common properties are grouped together and analyzed against the above-mentioned factors. In addition, an application was developed using the Aglet Software Development Toolkit to demonstrate certain features of agent mobility, communication and security. / Theoretical Computing / M. Sc. (Computer Science)
|
Page generated in 0.2356 seconds