Global ETD Search

101	Investigation of a router-based approach to defense against Distributed Denial-of-Service (DDoS) attack Chan, Yik-Kwan, Eric., 陳奕鈞. January 2004 (has links) published_or_final_version / abstract / toc / Computer Science and Information Systems / Master / Master of Philosophy Internet - Security measures. Computer networks - Security measures.
102	Verification of security protocols based on multicast communication Martina, Jean Everson January 2011 (has links) No description available. 004
103	Security protocols for mobile ad hoc networks Davis, Carlton R. January 2006 (has links) Mobile ad hoc networks (MANETs) are generating much interest both in academia and the telecommunication industries. The principal attractions of MANETs are related to the ease with which they can be deployed due to their infrastructure-less and decentralized nature. For example, unlike other wireless networks, MANETs do not require centralized infrastructures such as base stations, and they are arguably more robust due to their avoidance of single point of failures. Interestingly, the attributes that make MANETs attractive as a network paradigm are the same phenomena that compound the challenge of designing adequate security schemes for these innovative networks. / One of the challenging security problems is the issue of certificate revocation in MANETs where there are no on-line access to trusted authorities. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable. / Another challenging MANET security problem is the issue of secure routing in the presence of selfish or adversarial entities which selectively drop packets they agreed to forward; and in so doing these selfish or adversarial entities can disrupt the network traffic and cause various communication problems. / In this thesis, we present two security protocols we developed for addressing the above-mentioned MANET security needs. The first protocol is a decentralized certificate revocation scheme which allows the nodes within a MANET to have full control over the process of certificate revocation. The scheme is fully contained and it does not rely on any input from centralized or external entities such as trusted CAs. The second protocol is a secure MANET routing scheme we named Robust Source Routing (RSR). In addition to providing data origin authentication services and integrity checks, RSR is able to mitigate against intelligent, colluding malicious agents which selectively drop or modify packets they are required to forward.
104	Personal information security : legislation, awareness and attitude. Parbanath, Steven. 01 October 2013 (has links) Ecommerce refers to the buying and selling of products and services electronically via the Internet and other computer networks (Electronic Commerce 2011). The critical components of ecommerce are a well designed website and a merchant account for payment by the customer (Ecommerce critical components 2008). Merchants that sell their products and services via the Internet have a competitive edge over those that do not. It is therefore becoming common practice for both small and large business to transact electronically. With the vast opportunities, new risks and vulnerabilities are introduced. Consumers are reluctant to transact electronically because of the fear of unauthorized access and interception of confidential information (Online Banking Concerns 2011). Other fears include the changing of data with malicious intent, denial of use, hacking, deliberate disclosure of confidential information and e-mail associated risks (Safeena, Abdulla & Date 2010). The use of technology such as encryption and decryption has not adequately addressed these problems because fraudsters have found new and sophisticated methods of attaining consumer information illegally. Phishing is one such method. Phishing results in identity theft and financial fraud when the fraudster tricks the online users into giving their confidential information like passwords, identity numbers, credit card number and personal information such as birthdates and maiden names. The fraudster will then use the information to impersonate the victim to transfer funds from the victim‟s account or use the victim‟s information to make purchases (Srivastava 2007). Since 2002, many laws passed in South Africa have attempted to allay fears so that consumers can conduct business electronically with confidence. The following legislation aims to protect consumers: - The Electronic Communications and Transactions Act (Republic of South Africa 2002). - The Consumer Protection Act (Republic of South Africa 2008). - The Protection of Personal Information Bill which is expected to be passed in 2011 (Republic of South Africa 2009). This research aims to examine the extent to which these legislation can address the security concerns of consumers. The researcher is also interested in ascertaining how knowledgeable consumers are on these legislation and what their attitudes are towards their personal information security. / Thesis (M.Com.)-University of KwaZulu-Natal, Westville, 2011. Data protection. Computer security. Computer networks--Security measures. Theses--Management studies.
105	Architectural support for autonomic protection against stealth by rootkit exploits Vasisht, Vikas R. 19 November 2008 (has links) Operating system security has become a growing concern these days. As the complexity of software layers increases, the vulnerabilities that can be exploited by adversaries increases. Rootkits are gaining much attention these days in cyber-security. Rootkits are installed by an adversary after he/she gains elevated access to the computer system. Rootkits are used to maintain a consistent undetectable presence in the computer system and help as a toolkit to hide all the malware activities from the system administrator and anti-malware tools. Current defense mechanism used to prevent such activities is to strengthen the OS kernel and fix the known vulnerabilities. Software tools are developed at the OS or virtual machine monitor (VMM) levels to monitor the integrity of the kernel and try to catch any suspicious activity after infection. Recognizing the failure of software techniques and attempting to solve the endless war between the anti-rootkit and rootkit camps, in this thesis, we propose an autonomic architecture called SHARK, or Secure Hardware support Against RootKits. This new hardware architecture provides system-level security against the stealth activities of rootkits without trusting the entire software stack. It enhances the relationship of the OS and hardware and rules out the possibility of any hidden activity even when the OS is completely compromised. SHARK proposes a novel hardware manager that provides secure association with every software context making use of hardware resources. It helps system administrators to obtain feedback directly from the hardware to reveal all running processes. This direct feedback makes it impossible for rootkits to conceal running software contexts from the system administrator. We emulated the proposed architecture SHARK by using Bochs hardware simulator and a modified Linux kernel version 2.6.16.33 for the proposed architectural extension. In our emulated environment, we installed several real rootkits to compromise the kernel and concealed malware processes. SHARK is shown to be very effective in defending against a variety of rootkits employing different software schemes. Also, we performed performance analysis using SIMICS simulations and the results show a negligible overhead, making the proposed solution very practical. Kernel security Rootkits Hardware Computer security Computer architecture Self-stabilization (Computer science) Computer networks--Security measures
106	Acquisition and diffusion of technology innovation Ransbotham, Samuel B., III 31 March 2008 (has links) In the first essay, I examine value created through external acquisition of nascent technology innovation. External acquisition of new technology is a growing trend in the innovation process, particularly in high technology industries, as firms complement internal efforts with aggressive acquisition programs. Yet, despite its importance, there is little empirical research on the timing of acquisition decisions in high technology environments. I examine the impact of target age on value created for the buyer. Applying an event study methodology to technology acquisitions in the telecommunications industry from 1995 to 2001, empirical evidence supports acquiring early in the face of uncertainty. The equity markets reward the acquisition of younger companies. In sharp contrast to the first essay, the second essay examines the diffusion of negative innovations. While destruction can be creative, certainly not all destruction is creative. Some is just destruction. I examine two fundamentally different paths to information security compromise an opportunistic path and a deliberate path. Through a grounded approach using interviews, observations, and secondary data, I advance a model of the information security compromise process. Using one year of alert data from intrusion detection devices, empirical analysis provides evidence that these paths follow two distinct, but interrelated diffusion patterns. Although distinct, I find empirical evidence that these paths both converge and escalate. Beyond the specific findings in the Internet security context, the study leads to a richer understanding of the diffusion of negative technological innovation. In the third essay, I build on the second essay by examining the effectiveness of reward-based mechanisms in restricting the diffusion of negative innovations. Concerns have been raised that reward-based private infomediaries introduce information leakage which decreases social welfare. Using two years of alert data, I find evidence of their effectiveness despite any leakage which may be occurring. While reward-based disclosures are just as likely to be exploited as non-reward-baed disclosures, exploits from reward-based disclosures are less likely to occur in the first week after disclosure. Further the overall volume of alerts is reduced. This research helps determine the effectiveness of reward mechanisms and provides guidance for security policy makers. Security Innovation Technological innovations Diffusion of innovations Malware (Computer software) Commercial crimes Computer networks Security measures
107	Framework for botnet emulation and analysis Lee, Christopher Patrick 12 March 2009 (has links) Criminals use the anonymity and pervasiveness of the Internet to commit fraud, extortion, and theft. Botnets are used as the primary tool for this criminal activity. Botnets allow criminals to accumulate and covertly control multiple Internet-connected computers. They use this network of controlled computers to flood networks with traffic from multiple sources, send spam, spread infection, spy on users, commit click fraud, run adware, and host phishing sites. This presents serious privacy risks and financial burdens to businesses and individuals. Furthermore, all indicators show that the problem is worsening because the research and development cycle of the criminal industry is faster than that of security research. To enable researchers to measure botnet connection models and counter-measures, a flexible, rapidly augmentable framework for creating test botnets is provided. This botnet framework, written in the Ruby language, enables researchers to run a botnet on a closed network and to rapidly implement new communication, spreading, control, and attack mechanisms for study. This is a significant improvement over augmenting C++ code-bases for the most popular botnets, Agobot and SDBot. Rubot allows researchers to implement new threats and their corresponding defenses before the criminal industry can. The Rubot experiment framework includes models for some of the latest trends in botnet operation such as peer-to-peer based control, fast-flux DNS, and periodic updates. Our approach implements the key network features from existing botnets and provides the required infrastructure to run the botnet in a closed environment. Simulation Simulators Emulation Spam DDoS Information security Botnets Network security Computer networks Security measures Computer crimes
108	Knowledge based anomaly detection Prayote, Akara, Computer Science & Engineering, Faculty of Engineering, UNSW January 2007 (has links) Traffic anomaly detection is a standard task for network administrators, who with experience can generally differentiate anomalous traffic from normal traffic. Many approaches have been proposed to automate this task. Most of them attempt to develop a sufficiently sophisticated model to represent the full range of normal traffic behaviour. There are significant disadvantages to this approach. Firstly, a large amount of training data for all acceptable traffic patterns is required to train the model. For example, it can be perfectly obvious to an administrator how traffic changes on public holidays, but very difficult, if not impossible, for a general model to learn to cover such irregular or ad-hoc situations. In contrast, in the proposed method, a number of models are gradually created to cover a variety of seen patterns, while in use. Each model covers a specific region in the problem space. Any novel or ad-hoc patterns can be covered easily. The underlying technique is a knowledge acquisition approach named Ripple Down Rules. In essence we use Ripple Down Rules to partition a domain, and add new partitions as new situations are identified. Within each supposedly homogeneous partition we use fairly simple statistical techniques to identify anomalous data. The special feature of these statistics is that they are reasonably robust with small amounts of data. This critical situation occurs whenever a new partition is added. We have developed a two knowledge base approach. One knowledge base partitions the domain. Within each domain statistics are accumulated on a number of different parameters. The resultant data are passed to a knowledge base which decides whether enough parameters are anomalous to raise an alarm. We evaluated the approach on real network data. The results compare favourably with other techniques, but with the advantage that the RDR approach allows new patterns of use to be rapidly added to the model. We also used the approach to extend previous work on prudent expert systems - expert systems that warn when a case is outside its range of experience. Of particular significance we were able to reduce the false positive to about 5%. Computer networks -- Security measures. Computer networks -- Access control. Computer security. Data protection.
109	Architectural support for autonomic protection against stealth by rootkit exploits Vasisht, Vikas R.. January 2008 (has links) Thesis (M. S.)--Electrical and Computer Engineering, Georgia Institute of Technology, 2009. / Committee Chair: Lee, Hsien-Hsin; Committee Member: Blough, Douglas; Committee Member: Copeland, John. Part of the SMARTech Electronic Thesis and Dissertation Collection.
110	Automatic identification and removal of low quality online information Webb, Steve. January 2008 (has links) Thesis (Ph.D)--Computing, Georgia Institute of Technology, 2009. / Committee Chair: Pu, Calton; Committee Member: Ahamad, Mustaque; Committee Member: Feamster, Nick; Committee Member: Liu, Ling; Committee Member: Wu, Shyhtsun Felix. Part of the SMARTech Electronic Thesis and Dissertation Collection.

Search results