Honeynet design and implementation

Artore, Diane.

January 2007

Thesis (M.S.)--Computing, Georgia Institute of Technology, 2008. / Committee Chair: Wenke Lee; Committee Member: Jonathon Giffin; Committee Member: Mustaque Ahamad.

Physical-layer security

Bloch, Matthieu

January 2008

Thesis (Ph.D.)--Electrical and Computer Engineering, Georgia Institute of Technology, 2008. / Committee Chair: McLaughlin, Steven; Committee Member: Barros, Joao; Committee Member: Bellissard, Jean; Committee Member: Fekri, Faramarz; Committee Member: Lanterman, Aaron

Threats to information systems and effective countermeasures

Jones, Andrew

January 2004

This thesis supports the hypothesis that the measurement of the potency of threat agents to information systems is a crucial element in the accurate calculation of the risks to which systems are subject and the subsequent management of those risks. It describes a series of papers that were published as the result of research that has been carried out into a range of information security issues. The research evolved over the period from 1995 from the underlying drive to identify means of proving improved protection for government and military information systems. Once the initial research was completed, further work was undertaken to resolve issues identified in completed research and also to address newly identified security issues. This document describes the relationship between the papers that were produced from the individual areas of research and address a range of related topics. This document examines the sources of threats to information systems and methods that can be employed to improve the process of managing and treating the risk that they create. It also addresses issues relating to areas of information security that have not been clearly understood and a provides a number of countermeasures that can be implemented to protect information systems in government, the commercial sector and in private use and a framework for the forensic investigation of incidents. As a result of this research, a clearer understanding has been gained of methods that can be implemented to improve the security of information systems at all levels and a threat methodology has been developed that is now taught in a number of countries and which has now been adopted by the UK Government for further development to meet their specific needs. The contribution to knowledge has been the development of advice on the security of information systems, a taxonomy for the investigation of incidents and a method for the measurement of threat.

005.8

Guidelines for cybersecurity education campaigns

Reid, Rayne

January 2017

In our technology- and information-infused world, cyberspace is an integral part of modern-day society. As the number of active cyberspace users increases, so too does the chances of a cyber threat finding a vulnerable target increase. All cyber users who are exposed to cyber risks need to be educated about cyber security. Human beings play a key role in the implementation and governing of an entire cybersecurity and cybersafety solution. The effectiveness of any cybersecurity and cybersafety solutions in a societal or individual context is dependent on the human beings involved in the process. If these human beings are either unaware or not knowledgeable about their roles in the security solution they become the weak link in these cybersecurity solutions. It is essential that all users be educated to combat any threats. Children are a particularly vulnerable subgroup within society. They are digital natives and make use of ICT, and online services with increasing frequency, but this does not mean they are knowledgeable about or behaving securely in their cyber activities. Children will be exposed to cyberspace throughout their lifetimes. Therefore, cybersecurity and cybersafety should be taught to children as a life-skill. There is a lack of well-known, comprehensive cybersecurity and cybersafety educational campaigns which target school children. Most existing information security and cybersecurity education campaigns limit their scope. Literature reports mainly on education campaigns focused on primary businesses, government agencies and tertiary education institutions. Additionally, most guidance for the design and implementation of security and safety campaigns: are for an organisational context, only target organisational users, and mostly provide high-level design recommendations. This thesis addressed the lack of guidance for designing and implementing cybersecurity and cybersafety educational campaigns suited to school learners as a target audience. The thesis aimed to offer guidance for designing and implementing education campaigns that educate school learners about cybersecurity and cybersafety. This was done through the implementation of an action research process over a five-year period. The action research process involved cybersecurity and cybersafety educational interventions at multiple schools. A total of 18 actionable guidelines were derived from this research to guide the design and implementation of cybersecurity and cybersafety education campaigns which aim to educate school children.

Computer security

Computer networks -- Security measures

Towards a user centric model for identity and access management within the online environment

Deas, Matthew Burns

January 2008

Today, one is expected to remember multiple user names and passwords for different domains when one wants to access on the Internet. Identity management seeks to solve this problem through creating a digital identity that is exchangeable across organisational boundaries. Through the setup of collaboration agreements between multiple domains, users can easily switch across domains without being required to sign in again. However, use of this technology comes with risks of user identity and personal information being compromised. Criminals make use of spoofed websites and social engineering techniques to gain illegal access to user information. Due to this, the need for users to be protected from online threats has increased. Two processes are required to protect the user login information at the time of sign-on. Firstly, user’s information must be protected at the time of sign-on, and secondly, a simple method for the identification of the website is required by the user. This treatise looks at the process for identifying and verifying user information, and how the user can verify the system at sign-in. Three models for identity management are analysed, namely the Microsoft .NET Passport, Liberty Alliance Federated Identity for Single Sign-on and the Mozilla TrustBar for system authentication.

Computers -- Access control

Computer networks -- Security measures

Assessing program code through static structural similarity

Naude, Kevin Alexander

January 2007

Learning to write software requires much practice and frequent assessment. Consequently, the use of computers to assist in the assessment of computer programs has been important in supporting large classes at universities. The main approaches to the problem are dynamic analysis (testing student programs for expected output) and static analysis (direct analysis of the program code). The former is very sensitive to all kinds of errors in student programs, while the latter has traditionally only been used to assess quality, and not correctness. This research focusses on the application of static analysis, particularly structural similarity, to marking student programs. Existing traditional measures of similarity are limiting in that they are usually only effective on tree structures. In this regard they do not easily support dependencies in program code. Contemporary measures of structural similarity, such as similarity flooding, usually rely on an internal normalisation of scores. The effect is that the scores only have relative meaning, and cannot be interpreted in isolation, ie. they are not meaningful for assessment. The SimRank measure is shown to have the same problem, but not because of normalisation. The problem with the SimRank measure arises from the fact that its scores depend on all possible mappings between the children of vertices being compared. The main contribution of this research is a novel graph similarity measure, the Weighted Assignment Similarity measure. It is related to SimRank, but derives propagation scores from only the locally optimal mapping between child vertices. The resulting similarity scores may be regarded as the percentage of mutual coverage between graphs. The measure is proven to converge for all directed acyclic graphs, and an efficient implementation is outlined for this case. Attributes on graph vertices and edges are often used to capture domain specific information which is not structural in nature. It has been suggested that these should influence the similarity propagation, but no clear method for doing this has been reported. The second important contribution of this research is a general method for incorporating these local attribute similarities into the larger similarity propagation method. An example of attributes in program graphs are identifier names. The choice of identifiers in programs is arbitrary as they are purely symbolic. A problem facing any comparison between programs is that they are unlikely to use the same set of identifiers. This problem indicates that a mapping between the identifier sets is required. The third contribution of this research is a method for applying the structural similarity measure in a two step process to find an optimal identifier mapping. This approach is both novel and valuable as it cleverly reuses the similarity measure as an existing resource. In general, programming assignments allow a large variety of solutions. Assessing student programs through structural similarity is only feasible if the diversity in the solution space can be addressed. This study narrows program diversity through a set of semantic preserving program transformations that convert programs into a normal form. The application of the Weighted Assignment Similarity measure to marking student programs is investigated, and strong correlations are found with the human marker. It is shown that the most accurate assessment requires that programs not only be compared with a set of good solutions, but rather a mixed set of programs of varying levels of correctness. This research represents the first documented successful application of structural similarity to the marking of student programs.

Computer networks -- Security measures

Internet -- Security measures

Authorisation as audit risk in an information technology environment

Kruger, Willem Jacobus

05 February 2014

M.Comm. / Please refer to full text to view abstract

Auditing - Access control.

Computer networks - Security measures

'n Bestuurs- en metodologiese benadering tot gebeurlikheidsbeplanning vir die gerekenariseerde stelsels van 'n organisasie

Nel, Yvette

28 July 2014

M.Com. (Informatics) / The-utilization of information technology is essential for an organization, not only to handle daily business activities but also to facilitate management decisions. The greater the dependence of the organization upon information technology, the greater the risk the organization is exposed to in case of an information systems interruption. Computer disasters, such as fires, floods, storms, sabotage and human error, constitute a security threat which could prejudice the survival of an organization. Disaster recovery planning is a realistic and imperative activity for each organization whether large or small. In the light of the potential economic and legal implications o fa disaster, it is no longer acceptable not to be prepared for such an occurrence today.A well designed and tested disaster recovery plan, as part of the total information security strategy of the organization, is therefore not only essential in the terms of the recovery of business functions, but for the SURVIVAL of the organization. In viewpoint above, it can be expected that disaster counterrevolutionary be standard practice for all organizations. However that is not the case. The literature study undertook, as well as exposure in practice, indicate clearly that disaster recovery planning enjoys low priority in most organizations. The majority existentialists are superficial, unstructured and insufficient and will not be successful when real disaster strikes.:The most important single cause for the failure of an organization ~ disaster recovery plan, will be that too much emphasis is being placed on the technical aspects rather than on the management or organizational aspects. The solutions an integrated approach of strategies and the multiple technologies which are available today. These strategies and technologies should be combined to meet the specific needs of the individual organization. The purpose of this dissertation was firstly to identify the most critical problems related to disaster recovery planning and secondly to provide a methodology for the development and implementation of a disaster recovery plan which addresses these problems. This methodology constitutes an enhancement on an existing information security methodology in order to establish a total information security strategy for a large organization with disaster recovery as an essential aspect of this strategy. The final disaster recovery planning methodology as proposed in this dissertation, was developed as a result of an extensive literature study undertook as well as involvement during the development of a disaster recovery system by the company which initiated this study.

Computer networks - Security measures

Information technology

Information security in a distributed banking environment, with specific reference to security protocols.

Van Buuren, Suzi

22 August 2012

M.Comm. / The principal aim of the present dissertation is to determine the nature of an electronicbanking environment, to determine the threats within such an environment and the security functionality needed to ward off these threats. Security solutions for each area at risk will be provided in short. The main focus of the dissertation will fall on the security protocols that can be used as solutions to protect a banking system. In the dissertation, indication will also be given of what the security protocols, in their turn, depend on to provide protection to a banking system. There are several security protocols that can be used to secure a banking system. The problem, however, is to determine which protocol will provide the best security for a bank in a specific application. This dissertation is also aimed at providing a general security framework that banks could use to evaluate various security protocols which could be implemented to secure a banking system. Such framework should indicate which security protocols will provide a bank in a certain banking environment with the best protection against security threats. It should also indicate which protocols could be used in combination with others to provide the best security.

Banks and banking - Security measures

Internet - Security measures

Computer networks - Security measures

Design and evaluation of key redistribution mechanisms in wireless sensor networks

Law, Chun-fai, Terry., 羅俊輝.

January 2007

published_or_final_version / abstract / Electrical and Electronic Engineering / Master / Master of Philosophy

Sensor networks.

Wireless communication systems.

Computer networks - Security measures.