The research of using Bayesian inferential network in digital forensicanalysis

Kwan, Yuk-kwan., 關煜群.

January 2011

published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Computer crimes - Investigation.

Computer security.

Leakage resilient cryptographic scheme and GPU-based pairing operation

Xiong, Hao, 熊昊

January 2013

Cryptographic schemes are designed to protect the privacy of the users. Numerous schemes have been proposed for different purposes. One important type of schemes is called the secret sharing scheme. In a secret sharing scheme, a secret value can be shard among authorized parties. Another important type of schemes is identity based encryption and its variant: certificateless encryption. Traditionally, both of them assume the absolute privacy of secret shares or secret keys. However, this assumption may not hold in the real world. Side-channel attack, such as time analysis and memory attack will enable the attackers to get partial information about them. Therefore, we propose the leakage resilient cryptographic schemes to guarantee the privacy under various key-exposure attack. Generally speaking, there are three leakage models: the bounded leakage model, continual leakage model and auxiliary input model. We will focus on the first two models in this thesis. This thesis addresses two leakage resilient cryptographic schemes. The first one is called Continual Leakage-Resilient Dynamic Secret Sharing. In this scheme, the attacker can continuously leak on the private value owned by the user with the constrain that the length of the leaked information should be less than ℓ bits between updates. The dealer is able to dynamically choose a set of n users and a threshold of t users (which is called authorized set) to reconstruct secret with the same broadcast message. The user can also dynamic join and leave the scheme. The privacy of the secret value can be guaranteed even up to t-1 users are corrupted and the information of all other users are leaked. The second one is called Leakage-Resilient Certificateless Public-Key Encryption. Certificateless encryption is proposed to solve the key escrow problem in PKG. Instead of relying on the PKG to generate the full secret key in the traditional model, we generate partial secret key on PKG. We then combine it with our selected secret value to generate the final secret key. This will solve the key escrow problem since the PKG has no knowledge about the secret value chosen. Our scheme is the first leakage-resilient version of certificateless encryption. In our security model, both the master key held by the PKG and the secret key (including the secret value) held by the user can be leaked by the attacker. We first construct the scheme in bounded leakage model and then extend it to continual leakage model. Finally, all of these schemes require lots of composite order bilinear pairing operations. We will describe how to improve the efficient of it on graphics hardware in chapter 4. We run the parings in parallel on GPU to accelerate them. The implement scheme and efficient are presented in this thesis. / published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Computer security

Public key cryptography

Theory and applications of data hiding in still images

Alturki, Faisal

05 1900

No description available.

Computer security

Data protection

Watermarks

Detecting Visually Similar Web Pages: Application to Phishing Detection

Teh-Chung, Chen

Unknown Date

No description available.

Phishing

Computer security

Webpage similarity

Reinforcing the weakest link in cyber security: securing systems and software against attacks targeting unwary users

Lu, Long

20 September 2013

Unwary computer users are often blamed as the weakest link on the security chain, for unknowingly facilitating incoming cyber attacks and jeopardizing the efforts to secure systems and networks. However, in my opinion, average users should not bear the blame because of their lack of expertise to predict the security consequence of every action they perform, such as browsing a webpage, downloading software to their computers, or installing an application to their mobile devices. My thesis work aims to secure software and systems by reducing or eliminating the chances where users’ mere action can unintentionally enable external exploits and attacks. In achieving this goal, I follow two complementary paths: (i) building runtime monitors to identify and interrupt the attack-triggering user actions; (ii) designing offline detectors for the software vulnerabilities that allow for such actions. To maximize the impact, I focus on securing software that either serve the largest number of users (e.g. web browsers) or experience the fastest user growth (e.g. smartphone apps), despite the platform distinctions. I have addressed the two dominant attacks through which most malicious software (a.k.a. malware) infections happen on the web: drive-by download and rogue websites. BLADE, an OS kernel extension, infers user intent through OS-level events and prevents the execution of download files that cannot be attributed to any user intent. Operating as a browser extension and identifying malicious post-search redirections, SURF protects search engine users from falling into the trap of poisoned search results that lead to fraudulent websites. In the infancy of security problems on mobile devices, I built Dalysis, the first comprehensive static program analysis framework for vetting Android apps in bytecode form. Based on Dalysis, CHEX detects the component hijacking vulnerability in large volumes of apps. My thesis as a whole explores, realizes, and evaluates a new perspective of securing software and system, which limits or avoids the unwanted security consequences caused by unwary users. It shows that, with the proposed approaches, software can be reasonably well protected against attacks targeting its unwary users. The knowledge and insights gained throughout the course of developing the thesis have advanced the community’s awareness of the threats and the increasing importance of considering unwary users when designing and securing systems. Each work included in this thesis has yielded at least one practical threat mitigation system. Evaluated by the large-scale real-world experiments, these systems have demonstrated the effectiveness at thwarting the security threats faced by most unwary users today. The threats addressed by this thesis have span multiple computing platforms, such as desktop operating systems, the Web, and smartphone devices, which highlight the broad impact of the thesis.

Security

Computer security

Computer users

A soft computing approach to anomaly detection with real-time applicability

Garcia, Raymond Christopher

05 1900

No description available.

Computer security

Computer network protocols

A high-speed integrated circuit with applications to RSA cryptography

Onions, Paul David

January 1995

The rapid growth in the use of computers and networks in government, commercial and private communications systems has led to an increasing need for these systems to be secure against unauthorised access and eavesdropping. To this end, modern computer security systems employ public-key ciphers, of which probably the most well known is the RSA ciphersystem, to provide both secrecy and authentication facilities. The basic RSA cryptographic operation is a modular exponentiation where the modulus and exponent are integers typically greater than 500 bits long. Therefore, to obtain reasonable encryption rates using the RSA cipher requires that it be implemented in hardware. This thesis presents the design of a high-performance VLSI device, called the WHiSpER chip, that can perform the modular exponentiations required by the RSA cryptosystem for moduli and exponents up to 506 bits long. The design has an expected throughput in excess of 64kbit/s making it attractive for use both as a general RSA processor within the security function provider of a security system, and for direct use on moderate-speed public communication networks such as ISDN. The thesis investigates the low-level techniques used for implementing high-speed arithmetic hardware in general, and reviews the methods used by designers of existing modular multiplication/exponentiation circuits with respect to circuit speed and efficiency. A new modular multiplication algorithm, MMDDAMMM, based on Montgomery arithmetic, together with an efficient multiplier architecture, are proposed that remove the speed bottleneck of previous designs. Finally, the implementation of the new algorithm and architecture within the WHiSpER chip is detailed, along with a discussion of the application of the chip to ciphering and key generation.

621.382

A framework for supporting anonymity in text-based online conversations /

Lee, Andrew Wei Tien.

January 2001

Thesis (MSc(CompSc) -- Bond University, 2001. / "A thesis submitted to Bond University in fulfillment of the requirements for the degree of Masters of Science in Computer Science"-- t.p. Bibliography: leaves 124-125. Also available via the World Wide Web.

Power relationships in information systems security policy formulation and implementation

Lapke, Michael Stephen,

January 1900

Thesis (Ph.D.)--Virginia Commonwealth University, 2008. / Title from title-page of electronic thesis. Prepared for: Dept. of Information Systems. Bibliography: leaves 159-169.

Detecting hidden computer processes by deliberate resource exhaustion

Jones, James H.

January 2008

Thesis (Ph.D.)--George Mason University, 2008. / Vita: p. 259. Thesis director: Kathryn B. Laskey. Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computational Sciences and Informatics. Title from PDF t.p. (viewed Mar. 17, 2009). Includes bibliographical references (p. 255-258). Also issued in print.