NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 172
  • 19
  • 18
  • 11
  • 8
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 285
  • 285
  • 285
  • 279
  • 82
  • 72
  • 59
  • 52
  • 42
  • 40
  • 40
  • 40
  • 38
  • 35
  • 33
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 131 to 140 of 285 (0.055 seconds)

Spelling suggestions: "subject:"eomputer networks asecurity"" "subject:"eomputer networks 2security""

131

Utilizing rootkits to address the vulnerabilities exploited by malware

Corregedor, Manuel Rodrigues 20 August 2012 (has links)
M.Sc. / Anyone who uses a computer for work or recreational purposes has come across one or all of the following problems directly or indirectly (knowingly or not): viruses, worms, trojans, rootkits and botnets. This is especially the case if the computer is connected to the Internet. Looking at the statistics in [1] we can see that although malware detection techniques are detecting and preventing malware, they do not guarantee a 100% detection and or prevention of malware. Furthermore the statistics in [2] show that malware infection rates are increasing around the world at an alarming rate. The statistics also show that there are a high number of new malware samples being discovered every month and that 31% of malware attacks resulted in data loss [3], with 10% of companies reporting the loss of sensitive business data [4][5]. The reason for not being able to achieve a 100% detection and / or prevention of malware is because malware authors make use of sophisticated techniques such as code obfuscation in order to prevent malware from being detected. This has resulted in the emergence of malware known as polymorphic and metamorphic malware. The aforementioned malware poses serious challenges for anti-malware software specifically signature based techniques. However a more serious threat that needs to be addressed is that of rootkits. Rootkits can execute at the same privilege level as the Operating System (OS) itself. At this level the rootkit can manipulate the OS such that it can distribute other malware, hide existing malware, steal information, hide itself, disable anti-malware software etc all without the knowledge of the user. It is clear from the statistics that anti-malware products are not working because infection rates continue to rise and companies and end users continue to fall victims of these attacks. Therefore this dissertation will address the problem that current anti-malware techniques are not working. The main objective of this dissertation is to create a framework called ATE (Anti-malware Technique Evaluator) that can be used to critically evaluate current commercial anti-malware products. The framework will achieve this by identifying the current vulnerabilities that exist in commercial anti-malware products and the operating system. The prior will be achieved by making use of two rootkits, the Evader rootkit and the Sabotager rootkit, which were specifically developed to support the anti-malware product evaluation. Finally an anti-malware architecture we called External Malware Scanner (EMS), will be proposed to address the identified vulnerabilities.
Malware (Computer software)
Rootkits (Computer software)
Computer networks - Security measures
Computer security
Computer crimes - Prevention
132

Mosaic : model for secure anonymous Internet communication

Geldenhuys, Jan Harm Steenkamp. 12 September 2012 (has links)
D.Litt. et Phil. / It is said that computer security is like getting into bed with an elephant. You know you have a problem, but you can't get your arms around it! Looking at security from a distributed point of view makes this elephant seem much bigger! The growth of the Internet (see chapter 2) is also not very comforting to computer security specialists. Companies want to start utilising the Internet for their business transactions, while the man on the street wants to use it for what they deem necessary or convenient. It is becoming more and more common placed to buy items from virtual storefronts by making use of the Internet. [17,20,23] Literature, as well as the World Wide Web has supplied us with information [34] regarding the "war" between the IT Security Professional and the hacker community. It is quite surprising to see the large number of hacker sites on the Internet [15,16,21] that publish information regarding hacked sites, as well as tools and techniques that can assist almost anyone in accomplishing some of these sometimes, daring feats. If this information is studied and if we keep in mind that some of the more serious hacking attempts are being kept secret for reasons like loss of business or credibility, it might be deduced that the hacker community is always a step or two ahead of Security Professionals. It is the purpose of this thesis to present a model that will ensure secure, anonymous communication across the Internet This model is not aimed at replacing current technologies. It merely attempts to provide an alternative method for safe communication across public networks, like the Internet. The model will make use of a number of existing technologies in conjunction with one another to achieve its goal of secure, anonymous communication. The technologies that will be used and how will be discussed briefly in this chapter.
Internet - Security measures.
Computer networks - Security measures.
Intelligent agents (Computer software).
Mosaic (Computer file)
133

Critical information infrastructure protection for developing countries

Ellefsen, Ian David 16 August 2012 (has links)
D.Phil.(Computer Science) / In this thesis we will investigate the development of Critical Information Infrastructure Protection (CIIP) structures in the developing world. Developing regions are experiencing fast-paced development of information infrastructures, and improvements in related technologies such as Internet connectivity and wireless technologies. The use of these new technologies and the number of new users that are introduced to the Internet can allow cyber threats to flourish. In many cases, Computer Security Incident Response Teams (CSIRTs) can be used to provide CIIP. However, the development of traditional CSIRT-like structures can be problematic in developing regions where technological challenges, legal frameworks, and limited capacity can reduce its overall effectiveness. In this thesis we will introduce the Community-oriented Security, Advisory and Warning (C-SAW) Team. This model is designed to address the challenges to CIIP faced by developing regions by defining a structure that is loosely-coupled and flexible in nature. Furthermore, the aspect of community-orientation is used to allow a C-SAW Team to operate within a designated community of members. This thesis is divided into three primary parts. In Part 1 we will discuss the background research undertaken during this study. The background chapters will lay the foundation for the later chapters in this thesis. In Part 2 we will introduce the C-SAW Team model and elaborate on the construction, relationships, positioning, services, and framework in which it can be deployed. Finally, in Part 3 we present our conclusions to this thesis.
Computer crimes prevention
Computer security
Computer networks - Access control
Computer networks - Security measures
134

Securing host and application information in the TCP/IP protocol suite

Boshoff, Paul Marthinus 14 August 2012 (has links)
M.Sc. / Using the Internet for communication purposes constitutes a high risk, considering the security of such information. The protocol suite used on the Internet is the TCP/IP protocol suite, which consists of the Transmission Control Protocol (TCP) and the Internet Protocol (IP). In a bid to create a basis to support the newly conceptualised ideas, various areas of networking are briefly discussed in this dissertation. The first in this series of areas is that of the OSI layers. This model forms the basis of all networking concepts. The model describes seven layers, of which each performs a certain networking function. The TCP/IP protocol suite fits into this model. Network security and encryption methods are applied and followed to secure information on the Internet. These methods have been used over a long period of time and will also be used to support the newly conceptualised ideas. The main focus of this dissertation falls on the securing of certain parts of the information contained in the headers of both the Transmission Control Protocol (TCP) and the Internet Protocol (IP) in a bid to minimise the amount of data that may be inferred about the communicating parties from these headers. In addition, where multiple routes exist between hosts, the possibility of the deliberate distribution of a single message across these routes is examined. Such distribution will further complicate the task of a hacker attempting to gather information from TCP and IP headers. In addition, such distribution will minimise the possibility that a hacker may assemble a complete message from its constituent parts and that he/she may infer information about the message that cannot be inferred from the isolated parts. The length of a message sent between hosts is one simple example of such information.
TCP/IP (Computer network protocol)
Computer networks
Computer networks -- Security measures
Data encryption (Computer science)
135

WISP: a wireless information security portal

Diakite, Soumaila Dit Moule 10 March 2010 (has links)
M.Sc. / Wireless networking is a fairly new technology that is important in information technology (IT). Hotels, Airports, Coffee shops, and homes are all installing wireless networks at a record pace, making wireless networks the best choice for consumers. This popularity of wireless networks is because of the affordability of wireless networks devices, and the easy installation [11]. In spite of the popularity of the wireless networks, one factor that has prevented them from being even more widespread can be summed up in a single word: security. It comes as no surprise that these two – wireless and security – converge to create one of the most important topics in the IT industry today [11]. Wireless networks by nature bring about new challenges unique to its environment. One example of these new challenges is: “Signal overflow beyond physical walls”, and with these kinds of new challenges unique to wireless networks, we have new security risks. Hence wireless networks lend themselves to a host of attack possibilities and risks. That is because wireless networks provide a convenient network access point for an attacker, potentially beyond the physical security controls of the organization [7]. Therefore it is challenging for managers to introduce wireless networks and properly manage the security of wireless networks, Security problems of wireless networks are the main reason for wireless networks not being rolled out optimally [1]. In this dissertation, we aim to present to both specialist and non–specialists in the IT industry the information needed to protect a wireless network. We will first identify and discuss the different security requirements of wireless networks. After that we shall examine the technology that helps make wireless networks secure, and describe the type of attacks against wireless networks and defense techniques to secure wireless networks. The research will concentrate on wireless LANs (Local Area Networks), and leading wireless LAN protocols and standards. The result of the research will be used to create WISP (A Wireless Information Security Portal). WISP will be a tool to support the management of a secure wireless network, and help assure the confidentiality, integrity, and availability of the information systems in a wireless network environment.
Wireless LANs security measures
Computer networks security measures
136

GPF : a framework for general packet classification on GPU co-processors / GPU Packet Filter : framework for general packet classification on Graphics Processing Unit co-processors

Nottingham, Alastair January 2012 (has links)
This thesis explores the design and experimental implementation of GPF, a novel protocol-independent, multi-match packet classification framework. This framework is targeted and optimised for flexible, efficient execution on NVIDIA GPU platforms through the CUDA API, but should not be difficult to port to other platforms, such as OpenCL, in the future. GPF was conceived and developed in order to accelerate classification of large packet capture files, such as those collected by Network Telescopes. It uses a multiphase SIMD classification process which exploits both the parallelism of packet sets and the redundancy in filter programs, in order to classify packet captures against multiple filters at extremely high rates. The resultant framework - comprised of classification, compilation and buffering components - efficiently leverages GPU resources to classify arbitrary protocols, and return multiple filter results for each packet. The classification functions described were verified and evaluated by testing an experimental prototype implementation against several filter programs, of varying complexity, on devices from three GPU platform generations. In addition to the significant speedup achieved in processing results, analysis indicates that the prototype classification functions perform predictably, and scale linearly with respect to both packet count and filter complexity. Furthermore, classification throughput (packets/s) remained essentially constant regardless of the underlying packet data, and thus the effective data rate when classifying a particular filter was heavily influenced by the average size of packets in the processed capture. For example: in the trivial case of classifying all IPv4 packets ranging in size from 70 bytes to 1KB, the observed data rate achieved by the GPU classification kernels ranged from 60Gbps to 900Gbps on a GTX 275, and from 220Gbps to 3.3Tbps on a GTX 480. In the less trivial case of identifying all ARP, TCP, UDP and ICMP packets for both IPv4 and IPv6 protocols, the effective data rates ranged from 15Gbps to 220Gbps (GTX 275), and from 50Gbps to 740Gbps (GTX 480), for 70B and 1KB packets respectively. / LaTeX with hyperref package
Graphics processing units
Coprocessors
Computer network protocols
Computer networks -- Security measures
NVIDIA Corporation
137

An analysis of the risk exposure of adopting IPV6 in enterprise networks

Berko, Istvan Sandor January 2015 (has links)
The IPv6 increased address pool presents changes in resource impact to the Enterprise that, if not adequately addressed, can change risks that are locally significant in IPv4 to risks that can impact the Enterprise in its entirety. The expected conclusion is that the IPv6 environment will impose significant changes in the Enterprise environment - which may negatively impact organisational security if the IPv6 nuances are not adequately addressed. This thesis reviews the risks related to the operation of enterprise networks with the introduction of IPv6. The global trends are discussed to provide insight and background to the IPv6 research space. Analysing the current state of readiness in enterprise networks, quantifies the value of developing this thesis. The base controls that should be deployed in enterprise networks to prevent the abuse of IPv6 through tunnelling and the protection of the enterprise access layer are discussed. A series of case studies are presented which identify and analyse the impact of certain changes in the IPv6 protocol on the enterprise networks. The case studies also identify mitigation techniques to reduce risk.
Computer networks
Computer networks -- Security measures
Computer network protocols
138

Towards a framework for the integration of information security into undergraduate computing curricula

Gomana, Lindokuhle Gcina, Thomson, Kerry-Lynn January 2017 (has links)
Information is an important and valuable asset, in both our everyday lives and in various organisations. Information is subject to numerous threats, these can originate internally or externally to the organisation and could be accidental, intentional or caused by natural disasters. As an important organisational asset, information should be appropriately protected from threats and threat agents regardless of their origin. Organisational employees are, however, often cited as the “weakest link” in the attempt to protect organisational information systems and related information assets. Additionally to this, employees are one of the biggest and closest threat-agents to an organisation’s information systems and its security. Upon graduating, computing (Computer Science, Information Systems and Information Technology) graduates typically become organisational employees. Within organisations, computing graduates often take on roles and responsibilities that involve designing, developing, implementing, upgrading and maintaining the information systems that store, process and transmit organisational information assets. It is, therefore, important that these computing graduates possess the necessary information security skills, knowledge and understanding that could enable them to perform their roles and responsibilities in a secure manner. These information security skills, knowledge and understanding can be acquired through information security education obtained through a qualification that is offered at a higher education institution. At many higher education institutions where information security is taught, it is taught as a single, isolated module at the fourth year level of study. The problem with this is that some computing students do not advance to this level and many of those that do, do not elect information security as a module. This means that these students may graduate and be employed by organisations lacking the necessary information security skills, knowledge and understanding to perform their roles and responsibilities securely. Consequently, this could increase the number of employees who are the “weakest link” in securing organisational information systems and related information assets. The ACM, as a key role player that provides educational guidelines for the development of computing curricula, recommends that information security should be pervasively integrated into computing curricula. However, these guidelines and recommendations do not provide sufficient guidance on “how” computing educators can pervasively integrate information security into their modules. Therefore, the problem identified by this research is that “currently, no generally used framework exists to aid the pervasive integration of information security into undergraduate computing curricula”. The primary research objective of this study, therefore, is to develop a framework to aid the pervasive integration of information security into undergraduate computing curricula. In order to meet this objective, secondary objectives were met, namely: To develop an understanding of the importance of information security; to determine the importance of information security education as it relates to undergraduate computing curricula; and to determine computing educators’ perspectives on information security education in a South African context. Various research methods were used to achieve this study’s research objectives. These research methods included a literature review which was used to define and provide an in-depth discussion relating to the domain in which this study is contained, namely: information security and information security education. Furthermore, a survey which took the form of semi-structured interviews supported by a questionnaire, was used to elicit computing educators’ perspectives on information security education in a South African context. Argumentation was used to argue towards the proposed framework to aid the pervasive integration of information security into undergraduate computing curricula. In addition, modelling techniques were used to model the proposed framework and scenarios were used to demonstrate how a computing department could implement the proposed framework. Finally, elite interviews supported by a questionnaire were conducted to validate the proposed framework. It is envisaged that the proposed framework could assist computing departments and undergraduate computing educators in the integration of information security into their curricula. Furthermore, the pervasive integration of information security into undergraduate computing curricula could ensure that computing graduates exit higher education institutions possessing the necessary information security skills, knowledge and understanding to enable them to perform their roles and responsibilities securely. It is hoped that this could enable computing graduates to become a stronger link in securing organisational information systems and related assets.
Computer security -- Study and teaching
Educational technology
Computer networks -- Security measures
139

Guidelines to address the human factor in the South African National Research and Education Network beneficiary institutions

Mjikeliso, Yolanda January 2014 (has links)
Even if all the technical security solutions appropriate for an organisation’s network are implemented, for example, firewalls, antivirus programs and encryption, if the human factor is neglected then these technical security solutions will serve no purpose. The greatest challenge to network security is probably not the technological solutions that organisations invest in, but the human factor (non-technical solutions), which most organisations neglect. The human factor is often ignored even though humans are the most important resources of organisations and perform all the physical tasks, configure and manage equipment, enter data, manage people and operate the systems and networks. The same people that manage and operate networks and systems have vulnerabilities. They are not perfect and there will always be an element of mistake-making or error. In other words, humans make mistakes that could result in security vulnerabilities, and the exploitation of these vulnerabilities could in turn result in network security breaches. Human vulnerabilities are driven by many factors including insufficient security education, training and awareness, a lack of security policies and procedures in the organisation, a limited attention span and negligence. Network security may thus be compromised by this human vulnerability. In the context of this dissertation, both physical and technological controls should be implemented to ensure the security of the SANReN network. However, if the human factors are not adequately addressed, the network would become vulnerable to risks posed by the human factor which could threaten the security of the network. Accordingly, the primary research objective of this study is to formulate guidelines that address the information security related human factors in the rolling out and continued management of the SANReN network. An analysis of existing policies and procedures governing the SANReN network was conducted and it was determined that there are currently no guidelines addressing the human factor in the SANReN beneficiary institutions. Therefore, the aim of this study is to provide the guidelines for addressing the human factor threats in the SANReN beneficiary institutions.
Information networks -- South Africa
140

Critical success factors of information security projects

Tshabalala, Obediant January 2016 (has links)
The research shows the critical success factors when implementing information security projects. Many Information security projects in the past have not been successful because these factors were not identified and emphasised effectively. By identifying these factors the research basically presents a model by which information security projects can be executed with guaranteed success. The factors identified during the study cover the following streams: top management commitment as a factor of success; accountability as a factor of success; responsibility as a factor of success; awareness as a factor of success and an information security policy as a factor of success. For the empirical study, a physical questionnaire was administrated to a pool of experts in project management and information security. The study consisted of 60 participants who were verified to have minimum requirements core for questionnaire completion. The questionnaire requested for biological information of the participants and their perceived relations (based on their experience) between project success versus accountability, information security project success versus responsibilities, information security project success versus training & awareness, information security project success versus top management commitment and information security project success versus information security policy. The participants’ responses were structured according to a Likert-type scale. Participants had to indicate the extent to which they agreed with each of the statements in the questionnaire. The responses obtained from the survey were presented and analysed. The researcher observed in this study that information security projects are so specific that critical success factors need to be emphasised from project inception. With the identified critical success factors, the researcher recommends that a project methodology be structured to include these factors so that there is a standard in running information security projects successfully. The researcher also identified that amongst the critical success factors identified, there are some that need to be emphasised more than the others due to their level of importance in such projects.
Management information systems

Page generated in 0.0615 seconds