Global ETD Search

61	A model for the evaluation of control with reference to a simple path context model in a UNIX environment 08 September 2015 (has links) M.Com. / Information and the IT systems that support it are important business assets. Their availability, integrity and confidentiality are essential to maintain an organisations competitive edge, cash flow, profitability, company image and compliance with legal requirements. Organisations world-wide are now facing increased security threats from a wide range of sources. Information systems may be the target of a range of serious threats including computer-based fraud, espionage, sabotage, vandalism and other sources of failure or disaster ... Computer security - Evaluation UNIX (Computer file) Auditing - Access control Computer networks - Security measures
62	The evaluation and analysis of the control facilities in a network environment with specific reference to Novell 4 08 September 2015 (has links) M.Com. / The auditor has the objective to express an opinion on the financial statements on which he is reporting. It is important for the auditor to know that the data which he is auditing has not been changed without the necessary authority or been lost and that the data meets the three Information Security Objectives (IS0s) ... Computer networks - Security measures Database security Electronic data processing - Auditing
63	Best practice strategy framework for developing countries to secure cyberspace 12 November 2015 (has links) M.Com. (Informatics) / Cyber issues are global phenomena in a world of inter-related systems, and as such, the discussion on cybersecurity frameworks, policies and strategies inevitably requires reference to, and benchmarking with regional, continental and global trends and solutions. This, in the context of the effects of globalisation on developing countries, with specific reference to areas such as Africa as a developing continent with regard to the protection of its cyberspace. More drastic measures, such as the utilization of cyber warfare techniques and pre-emptive cyber strike-teams in addition to traditional cybersecurity mechanisms as an essential part of a national security effort to protect cyberspace has become more prevalent within the developed worlds. Likewise, developing nations need to gear themselves in a structured, coordinated and responsible way in order to do their part to secure their own environments. Cyberspace is a dynamic global environment with cyber related issues being a global concern. Although countries generally regulate their own cyber environment through policy; cross-border cyber issues are difficult to resolve and the lack of international cyber laws impede cybersecurity efforts. Cybercrime and the management of cross-border cyber incidents are becoming a growing national security concern as the lack of effective controls leave critical infrastructure and the cyber-connected environment vulnerable to attack. Some developing countries are on track with the maturity of their cybersecurity initiatives, but appropriate cybersecurity frameworks for many developing countries require careful consideration, especially due to the lack of resources, infrastructure and local technology development capabilities. Computer networks - Security measures Data encryption (Computer science) Cyberspace - Security measures Cyberterrorism - Prevention Information warfare - Prevention
64	Real-time risk analysis : a modern perspective on network security with a prototype 16 August 2012 (has links) M.Sc. / The present study was undertaken in a bid within the realm of the existing Internet working environment to meet the need for a more secure network-security process in terms of which possible risks to be incurred by Internet users could be identified and controlled by means of the appropriate countermeasures in real time. On launching the study, however, no such formal risk-analysis model has yet been developed specifically to effect risk analysis in real time. This, then, gave rise to the development of a prototype specifically aimed at the identification of risks that could pose a threat to Internet users' private data — the so-called "Real-time Risk Analysis" (RtRA) prototype. In so doing, the principal aim of the study, namely to implement the RtRA prototype, was realised. Following, an overview of the research method employed to realise the objectives of the study. Firstly, background information on and the preamble to the issues and problems to be addressed were provided, as well as a well-founded motivation for the study. The latter included theoretical studies on current network security and Transmission Control Protocol/Internet Protocol (TCP/IP). Secondly, the study of existing TCP/IP packet-intercepting tools available on the Internet brought deeper insight into how TCP/IP packets are to be intercepted and handled. In the third instance, the most recent development in network security — firewalls — came under discussion. The latter technology represents a "super-developed" TCP/IP packet-intercepting tool that implements the best known security measures. In addition, the entire study was based on firewall technology and the model that was developed related directly to firewalls. Fourthly, a prototype, consisting of three main modules, was implemented in a bid to prove that RtRA is indeed tenable and practicable. In so doing, the second module of the prototype, namely the real-time risk-identification and countermeasure-execution module, was given special emphasis. The modus operandi of the said prototype was then illustrated by means of a case study undertaken in a simulated Internet working environment. The study culminated in a summation of the results of and the conclusions reached on the strength of the research. Further problem areas, which could become the focal points of future research projects, were also touched upon. Internet - Security measures. Computer networks - Security measures. Risk assessment - Data processing.
65	Design and analysis of key establishment protocols Unknown Date (has links) Consider a scenario where a server S shares a symmetric key kU with each user U. Building on a 2-party solution of Bohli et al., we describe an authenticated 3-party key establishment which remains secure if a computational Bilinear Diffie Hellman problem is hard or the server is uncorrupted. If the BDH assumption holds during a protocol execution, but is invalidated later, entity authentication and integrity of the protocol are still guaranteed. Key establishment protocols based on hardness assumptions, such as discrete logarithm problem (DLP) and integer factorization problem (IFP) are vulnerable to quantum computer attacks, whereas the protocols based on other hardness assumptions, such as conjugacy search problem and decomposition search problem can resist such attacks. The existing protocols based on the hardness assumptions which can resist quantum computer attacks are only passively secure. Compilers are used to convert a passively secure protocol to an actively secure protoc ol. Compilers involve some tools such as, signature scheme and a collision-resistant hash function. If there are only passively secure protocols but not a signature scheme based on same assumption then the application of existing compilers requires the use of such tools based on different assumptions. But the introduction of new tools, based on different assumptions, makes the new actively secure protocol rely on more than one hardness assumptions. We offer an approach to derive an actively secure two-party protocol from a passively secure two-party protocol without introducing further hardness assumptions. This serves as a useful formal tool to transform any basic algebric method of public key cryptography to the real world applicaticable cryptographic scheme. In a recent preprint, Vivek et al. propose a compiler to transform a passively secure 3-party key establishment to a passively secure group key establishment. To achieve active security, they apply this compiler to Joux's / protoc ol and apply a construction by Katz and Yung, resulting in a 3-round group key establishment. In this reserach, we show how Joux's protocol can be extended to an actively secure group key establishment with two rounds. The resulting solution is in the standard model, builds on a bilinear Diffie-Hellman assumption and offers forward security as well as strong entity authentication. If strong entity authentication is not required, then one half of the participants does not have to send any message in the second round, which may be of interest for scenarios where communication efficiency is a main concern. / by Kashi Neupane. / Thesis (Ph.D.)--Florida Atlantic University, 2012. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2012. Mode of access: World Wide Web. Computer networks--Security measures Computer network protocols Data encryption (Computer science)
66	Adaptive power control in 802.11 networks Unknown Date (has links) IEEE 802.11 networks successfully satisfy high data demands and are cheaper compared to cellular networks. Modern mobile computers and phones are equipped with 802.11 and are VoIP capable. Current network designs do not dynamically accommodate changes in the usage. We propose a dynamic power control algorithm that provides greater capacity within a limited geographic region. Most other power algorithms necessitate changes in 802.11 requiring hardware changes. Proposed algorithm only requires firmware updates to enable dynamic control of APs transmit power. We use earlier studies to determine the limit of the number of users to optimize power. By lowering transmit power of APs with large number of users, we can effectively decrease the cell size. The resulting gap is then covered by dynamically activating additional APs. This also provides greater flexibility and reduces the network planning costs. / by Serkan Dural. / Thesis (M.S.C.S.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web. IEEE 802.11 (Standard) Computer networks--Security measures Computer network protocols
67	An approach to protecting online personal information in Macau government Sou, Sok Fong January 2018 (has links) University of Macau / Faculty of Science and Technology. / Department of Computer and Information Science Privacy, Right of -- Macau Data protection -- Macau Internet -- Security measures Computer networks -- Security measures
68	Data mining heuristic-¬based malware detection for android applications Unknown Date (has links) The Google Android mobile phone platform is one of the dominant smartphone operating systems on the market. The open source Android platform allows developers to take full advantage of the mobile operation system, but also raises significant issues related to malicious applications (Apps). The popularity of Android platform draws attention of many developers which also attracts the attention of cybercriminals to develop different kinds of malware to be inserted into the Google Android Market or other third party markets as safe applications. In this thesis, we propose to combine permission, API (Application Program Interface) calls and function calls to build a Heuristic-Based framework for the detection of malicious Android Apps. In our design, the permission is extracted from each App’s profile information and the APIs are extracted from the packed App file by using packages and classes to represent API calls. By using permissions, API calls and function calls as features to characterize each of Apps, we can develop a classifier by data mining techniques to identify whether an App is potentially malicious or not. An inherent advantage of our method is that it does not need to involve any dynamic tracking of the system calls but only uses simple static analysis to find system functions from each App. In addition, Our Method can be generalized to all mobile applications due to the fact that APIs and function calls are always present for mobile Apps. Experiments on real-world Apps with more than 1200 malwares and 1200 benign samples validate the algorithm performance. Research paper published based on the work reported in this thesis: Naser Peiravian, Xingquan Zhu, Machine Learning for Android Malware Detection Using Permission and API Calls, in Proc. of the 25th IEEE International Conference on Tools with Artificial Intelligence (ICTAI) – Washington D.C, November 4-6, 2013. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2013. Computer networks -- Security measures Data encryption (Computer science) Data structures (Computer science) Internet -- Security measures
69	A utility-based routing scheme in multi-hop wireless networks Unknown Date (has links) Multi-hop wireless networks are infrastructure-less networks consisting of mobile or stationary wireless devices, which include multi-hop wireless mesh networks and multi-hop wireless sensor networks. These networks are characterized by limited bandwidth and energy resources, unreliable communication, and a lack of central control. These characteristics lead to the research challenges of multi-hop wireless networks. Building up routing schemes with good balance among the routing QoS (such as reliability, cost, and delay) is a paramount concern to achieve high performance wireless networks. These QoS metrics are internally correlated. Most existing works did not fully utilize this correlation. We design a metric to balance the trade-off between reliability and cost, and build up a framework of utility-based routing model in multi-hop wireless networks. This dissertation focuses on the variations with applications of utility-based routing models, designing new concepts, and developing new algorithms for them. A review of existing routing algorithms and the basic utility-based routing model for multi-hop wireless networks has been provided at the beginning. An efficient algorithm, called MaxUtility, has been proposed for the basic utility-based routing model. MaxUtility is an optimal algorithm that can find the best routing path with the maximum expected utility. / Various utility-based routing models are extended to further enhance the routing reliability while reducing the routing overhead. Besides computing the optimal path for a given benefit value and a given source-destination pair, the utility-based routing can be further extended to compute all optimal paths for all possible benefit values and/or all source-destination pairs. Our utility-based routing can also adapt to different applications and various environments. In the self-organized environment, where network users are selfish, we design a truthful routing, where selfish users have to tell the truth in order to maximize their utilities. We apply our utility-based routing scheme to the data-gathering wireless sensor networks, where a routing scheme is required to transmit data sensed by multiple sensor nodes to a common sink node. / by Mingming Lu. / Vita. / University Library's copy lacks signatures of Supervisory Committee. / Thesis (Ph.D.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, FL : 2008 Mode of access: World Wide Web. Computer network protocols Computer algorithms Computer networks--Security measures
70	Misuse Patterns for the SSL/TLS Protocol Unknown Date (has links) The SSL/TLS is the main protocol used to provide secure data connection between a client and a server. The main concern of using this protocol is to avoid the secure connection from being breached. Computer systems and their applications are becoming more complex and keeping these secure connections between all the connected components is a challenge. To avoid any new security flaws and protocol connections weaknesses, the SSL/TLS protocol is always releasing newer versions after discovering security bugs and vulnerabilities in any of its previous version. We have described some of the common security flaws in the SSL/TLS protocol by identifying them in the literature and then by analyzing the activities from each of their use cases to find any possible threats. These threats are realized in the form of misuse cases to understand how an attack happens from the point of the attacker. This approach implies the development of some security patterns which will be added as a reference for designing secure systems using the SSL/TLS protocol. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2017. / FAU Electronic Theses and Dissertations Collection Computer networks--Security measures. Computer network protocols. Computer software--Development. Computer architecture.

Search results