Spelling suggestions: "subject:"most 2security"" "subject:"most bsecurity""
1 |
DeviceGuard: External Device-Assisted System And Data SecurityDeng, Yipan 31 May 2011 (has links)
This thesis addresses the threat that personal computer faced from malware when the personal computer is connected to the Internet. Traditional host-based security approaches, such as anti-virus scanning protect the host from virus, worms, Trojans and other malwares. One of the issues of the host-based security approaches is that when the operating system is compromised by the malware, the antivirus software also becomes vulnerable.
In this thesis, we present a novel approach through using an external device to enhance the host security by offloading the security solution from the host to the external device. We describe the design of the DeviceGuard framework that separate the security solution from the host and offload it to the external device, a Trusted Device. The architecture of the DeviceGuard consists of two components, the DeviceGuard application on the Trusted Device and a DeviceGuard daemon on the host.
Our prototype based on Android Development Phone (ADP) shows the feasibilities and efficiency of our approach to provide security features including system file and user data integrity monitoring, secure signing and secure decryption. We use Bluetooth as the communication protocol between the host and the Trusted Device. Our experiment results indicates a practical Bluetooth throughput at about 2M Bytes per second is sufficient for short range communication between the host and the Trusted Device; Message digest with SHA-512, digital signing with 1024 bits signature and secure decryption with AES 256 bits on the Trusted device takes only the scale of 10? and 10? ms for 1K bytes and 1M bytes respectively which are also shows the feasibility and efficiency of the DeviceGuard solution. We also investigated the use of embedded system as the Trusted Device. Our solution takes advantage of the proliferation of devices, such as Smartphone, for stronger system and data security. / Master of Science
|
2 |
Detecting known host security flaws over a network connectionAndersson, Martin January 2007 (has links)
<p>To test if a host contains any known security flaws over a network connection a Vulnerability Assessment (VA) could be made. This thesis describes different techniques used by VA tools over a network connection to detect known security flaws. To decrease the risk of flaws not being detected, several VA tools could be used.</p><p>There is no common way of merging information from different VA tools. Therefore the Vulnerability Assessment Information Handler (VAIH) has been developed. The VAIH system consists of three parts. First, a intermediate language format defined in XML. Second, modules that converts the output of VA tools to the intermediate language format. Third, a program for reading and displaying the intermediate language format.</p><p>The VAIH system makes it possible to merge the results from vulnerability assessment tools into one file that can be displayed and edited through a GUI.</p>
|
3 |
Detecting known host security flaws over a network connectionAndersson, Martin January 2007 (has links)
To test if a host contains any known security flaws over a network connection a Vulnerability Assessment (VA) could be made. This thesis describes different techniques used by VA tools over a network connection to detect known security flaws. To decrease the risk of flaws not being detected, several VA tools could be used. There is no common way of merging information from different VA tools. Therefore the Vulnerability Assessment Information Handler (VAIH) has been developed. The VAIH system consists of three parts. First, a intermediate language format defined in XML. Second, modules that converts the output of VA tools to the intermediate language format. Third, a program for reading and displaying the intermediate language format. The VAIH system makes it possible to merge the results from vulnerability assessment tools into one file that can be displayed and edited through a GUI.
|
Page generated in 0.0569 seconds