Spelling suggestions: "subject:"computer networks 2security measures"" "subject:"computer networks bsecurity measures""
121 |
Information security using intelligent software agentsVan der Merwe, Jacobus 20 August 2012 (has links)
Ph.D. / Many organisations are starting to make large parts of their information resources publicly accessible. For example, many organisations publish information using the Internet. Some organisations allow non-employees to connect to their systems and retrieve information - many banks allow customers to retrieve account statements via the Internet. There is a trend towards more open information systems and more distributed processing such as client/server processing. The above are just some of the trends in computer information processing that creates new and complex problems in providing information systems that are both secure and manageable. To add to the complexity of the information security problem, organisations use the Internet to conduct some of their business and use many different applications, each with its own unique access control mechanisms. Central management of information security in a heterogeneous and distributed environments, such as the Internet has become a nightmare. There is a need for an information security model that will allow organisations to make use of the new trends in information processing, but still have confidence that they have adequate security and that the management of their information security systems is fairly easy. In this thesis we propose a model that satisfies the above requirements. We call this model the Intelligent Security Agent Model (ISAM). The ISAM model is based on two technologies: intelligent software agents and distributed objects. The main component of the model is Intelligent Security Agents that act as security brokers for its users in a distributed environment. In chapter 2 of the thesis, we design an Intelligent Security Agent which provides various information security services in open client/server environments. The Intelligent Security Agent Model addresses certain problems/requirements, such as single sign-on, in information security. These problems and possible solutions are described in chapter 4 to chapter 10 of this thesis. An Intelligent Security Agent must be protected from unauthorised modification, theft, etc. Chapter 3 shows how an Intelligent Security Agent is secured by implementing it as a distributed object. We show that the combination of intelligent software agents and distributed objects creates an agent that was not possible before, and solves many information security problems.In short, this thesis documents the results of a study in computer information security. The result of the study is a new information security model in which intelligent software agents and distributed objects are combined to create a security agent which acts on behalf of a user in open environments such as client/server systems and the Internet. The agent provides a set of services to its user and handles all information security related requests on behalf of its user.
|
122 |
Veilige indentifikasietegnieke vir gebruikers van rekenaarstelselsRensleigh, Christopher William 07 October 2014 (has links)
M.Com. (Informatics) / Please refer to full text to view abstract
|
123 |
Internal control with specific reference to the intranetVan Jaarsveld, J.I. 10 February 2014 (has links)
M.Com. (Computer Auditing) / Intranets and related technology, can be used to solve many problems in the local computing environment. But the use of the Intranet and the related technology also raises several control concerns. Because of the increased use of Intranets within the business environment, the internal control related to the Intranet has become an issue that needs to be addressed by management and the auditor. Computerization in the accounting environment has made it virtually impossible to audit around the computer. It is therefore essential that the auditor, and more specifically the computer auditor, should assess the influence of the Intranet on the audit objectives. The objective of this short dissertation is to evaluate the influence of Intranet technology on the audit objectives (within the Intranet's different spheres of application) in terms of the risks posed for the auditor and management. It was also aimed at identifying the security risks in relationship with the audit objectives...
|
124 |
Network intrusion detection system using neural networks approach in networked biometrics systemMgabile, Tinny 09 April 2014 (has links)
M.Phil. (Electrical and Electronic Engineering) / Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS.
|
125 |
A framework towards effective control in information security governanceViljoen, Melanie January 2009 (has links)
The importance of information in business today has made the need to properly secure this asset evident. Information security has become a responsibility for all managers of an organization. To better support more efficient management of information security, timely information security management information should be made available to all managers. Smaller organizations face special challenges with regard to information security management and reporting due to limited resources (Ross, 2008). This dissertation discusses a Framework for Information Security Management Information (FISMI) that aims to improve the visibility and contribute to better management of information security throughout an organization by enabling the provision of summarized, comprehensive information security management information to all managers in an affordable manner.
|
126 |
Applying a framework for IT governance in South African higher education institutionsViljoen, Stephen January 2005 (has links)
Background: Higher Education (HE), through HE Institutions, plays a very important role in society. There is thus a need for this sector to be well managed, especially with regards to planning, organising, and controlling. Corporate Governance has received a lot of attention in recent times, especially to engender trust on the part of the stakeholders. There are many similarities, but also significant differences in the governance of HE institutions and public companies. Information Technology (IT) plays an extremely important role in the modern organisation, creating huge opportunities, but also increasing the risk to the organisation. Therefore, effective governance of IT in HE Institutions is of great importance.
|
127 |
Utilizing rootkits to address the vulnerabilities exploited by malwareCorregedor, Manuel Rodrigues 20 August 2012 (has links)
M.Sc. / Anyone who uses a computer for work or recreational purposes has come across one or all of the following problems directly or indirectly (knowingly or not): viruses, worms, trojans, rootkits and botnets. This is especially the case if the computer is connected to the Internet. Looking at the statistics in [1] we can see that although malware detection techniques are detecting and preventing malware, they do not guarantee a 100% detection and or prevention of malware. Furthermore the statistics in [2] show that malware infection rates are increasing around the world at an alarming rate. The statistics also show that there are a high number of new malware samples being discovered every month and that 31% of malware attacks resulted in data loss [3], with 10% of companies reporting the loss of sensitive business data [4][5]. The reason for not being able to achieve a 100% detection and / or prevention of malware is because malware authors make use of sophisticated techniques such as code obfuscation in order to prevent malware from being detected. This has resulted in the emergence of malware known as polymorphic and metamorphic malware. The aforementioned malware poses serious challenges for anti-malware software specifically signature based techniques. However a more serious threat that needs to be addressed is that of rootkits. Rootkits can execute at the same privilege level as the Operating System (OS) itself. At this level the rootkit can manipulate the OS such that it can distribute other malware, hide existing malware, steal information, hide itself, disable anti-malware software etc all without the knowledge of the user. It is clear from the statistics that anti-malware products are not working because infection rates continue to rise and companies and end users continue to fall victims of these attacks. Therefore this dissertation will address the problem that current anti-malware techniques are not working. The main objective of this dissertation is to create a framework called ATE (Anti-malware Technique Evaluator) that can be used to critically evaluate current commercial anti-malware products. The framework will achieve this by identifying the current vulnerabilities that exist in commercial anti-malware products and the operating system. The prior will be achieved by making use of two rootkits, the Evader rootkit and the Sabotager rootkit, which were specifically developed to support the anti-malware product evaluation. Finally an anti-malware architecture we called External Malware Scanner (EMS), will be proposed to address the identified vulnerabilities.
|
128 |
Mosaic : model for secure anonymous Internet communicationGeldenhuys, Jan Harm Steenkamp. 12 September 2012 (has links)
D.Litt. et Phil. / It is said that computer security is like getting into bed with an elephant. You know you have a problem, but you can't get your arms around it! Looking at security from a distributed point of view makes this elephant seem much bigger! The growth of the Internet (see chapter 2) is also not very comforting to computer security specialists. Companies want to start utilising the Internet for their business transactions, while the man on the street wants to use it for what they deem necessary or convenient. It is becoming more and more common placed to buy items from virtual storefronts by making use of the Internet. [17,20,23] Literature, as well as the World Wide Web has supplied us with information [34] regarding the "war" between the IT Security Professional and the hacker community. It is quite surprising to see the large number of hacker sites on the Internet [15,16,21] that publish information regarding hacked sites, as well as tools and techniques that can assist almost anyone in accomplishing some of these sometimes, daring feats. If this information is studied and if we keep in mind that some of the more serious hacking attempts are being kept secret for reasons like loss of business or credibility, it might be deduced that the hacker community is always a step or two ahead of Security Professionals. It is the purpose of this thesis to present a model that will ensure secure, anonymous communication across the Internet This model is not aimed at replacing current technologies. It merely attempts to provide an alternative method for safe communication across public networks, like the Internet. The model will make use of a number of existing technologies in conjunction with one another to achieve its goal of secure, anonymous communication. The technologies that will be used and how will be discussed briefly in this chapter.
|
129 |
Critical information infrastructure protection for developing countriesEllefsen, Ian David 16 August 2012 (has links)
D.Phil.(Computer Science) / In this thesis we will investigate the development of Critical Information Infrastructure Protection (CIIP) structures in the developing world. Developing regions are experiencing fast-paced development of information infrastructures, and improvements in related technologies such as Internet connectivity and wireless technologies. The use of these new technologies and the number of new users that are introduced to the Internet can allow cyber threats to flourish. In many cases, Computer Security Incident Response Teams (CSIRTs) can be used to provide CIIP. However, the development of traditional CSIRT-like structures can be problematic in developing regions where technological challenges, legal frameworks, and limited capacity can reduce its overall effectiveness. In this thesis we will introduce the Community-oriented Security, Advisory and Warning (C-SAW) Team. This model is designed to address the challenges to CIIP faced by developing regions by defining a structure that is loosely-coupled and flexible in nature. Furthermore, the aspect of community-orientation is used to allow a C-SAW Team to operate within a designated community of members. This thesis is divided into three primary parts. In Part 1 we will discuss the background research undertaken during this study. The background chapters will lay the foundation for the later chapters in this thesis. In Part 2 we will introduce the C-SAW Team model and elaborate on the construction, relationships, positioning, services, and framework in which it can be deployed. Finally, in Part 3 we present our conclusions to this thesis.
|
130 |
Securing host and application information in the TCP/IP protocol suiteBoshoff, Paul Marthinus 14 August 2012 (has links)
M.Sc. / Using the Internet for communication purposes constitutes a high risk, considering the security of such information. The protocol suite used on the Internet is the TCP/IP protocol suite, which consists of the Transmission Control Protocol (TCP) and the Internet Protocol (IP). In a bid to create a basis to support the newly conceptualised ideas, various areas of networking are briefly discussed in this dissertation. The first in this series of areas is that of the OSI layers. This model forms the basis of all networking concepts. The model describes seven layers, of which each performs a certain networking function. The TCP/IP protocol suite fits into this model. Network security and encryption methods are applied and followed to secure information on the Internet. These methods have been used over a long period of time and will also be used to support the newly conceptualised ideas. The main focus of this dissertation falls on the securing of certain parts of the information contained in the headers of both the Transmission Control Protocol (TCP) and the Internet Protocol (IP) in a bid to minimise the amount of data that may be inferred about the communicating parties from these headers. In addition, where multiple routes exist between hosts, the possibility of the deliberate distribution of a single message across these routes is examined. Such distribution will further complicate the task of a hacker attempting to gather information from TCP and IP headers. In addition, such distribution will minimise the possibility that a hacker may assemble a complete message from its constituent parts and that he/she may infer information about the message that cannot be inferred from the isolated parts. The length of a message sent between hosts is one simple example of such information.
|
Page generated in 0.1108 seconds