121 |
Better Safe than Sorry: The Relationship Between Locus of Control, Perception of Risk, and Cyber MisbehaviorsJohnson, Kim 22 March 2018 (has links)
Information security is of vital importance to organizations. Breaches in security very often stem from behaviors of the system operator. Cyber misbehaviors on the part of employees can have devastating repercussions on the well-being of an organization. Up to now, research has mainly focused on how to protect information systems from outside attack, and only recently have researchers turned to the part the operator plays in keeping the systems safe. The present study investigated some individual differences that may play a role in people’s cyber behavior. The purpose of the study was to determine if locus of control was related to an individual’s perception of cyber risk and likelihood of engaging in cyber misbehaviors. Internal locus of control was found to be associated with higher perception of cyber risk, and higher cyber risk perception was found to lead to fewer cyber misbehaviors. The trait sensation seeking was also explored but no firm conclusions could be drawn from those results. Gaining an understanding of some of the differences between individuals that make some more likely to commit cyber misbehaviors-- as well as the dynamics behind these relationships—should be greatly beneficial in helping develop deterrents to cyber misbehavior and keeping information systems safer.
|
122 |
A proposed security protocol for data gathering mobile agentsAl-Jaljouli, Raja, Computer Science & Engineering, Faculty of Engineering, UNSW January 2006 (has links)
We address the security issue of the data which mobile agents gather as they are traversing the Internet. Our goal is to devise a security protocol that truly secures the data which mobile agents gather. Several cryptographic protocols were presented in the literature asserting the security of gathered data. Formal verification of the protocols reveals unforeseen security flaws, such as truncation or alteration of the collected data, breaching the privacy of the gathered data, sending others data under the private key of a malicious host, and replacing the collected data with data of similar agents. So the existing protocols are not truly secure. We present an accurate security protocol which aims to assert strong integrity, authenticity, and confidentiality of the gathered data. The proposed protocol is derived from the Multi-hops protocol. The protocol suffers from security flaws, e.g. an adversary might truncate/ replace collected data, or sign others data with its own private key without being detected. The proposed protocol refines the Multi-hops protocol by implementing the following security techniques: utilization of co-operating agents, scrambling the gathered offers, requesting a visited host to clear its memory from any data acquired as a result of executing the agent before the host dispatches the agent to the succeeding host in the agent???s itinerary, and carrying out verifications on the identity of the genuine initiator at the early execution of the agent at visited hosts, in addition to the verifications upon the agent???s return to the initiator. The proposed protocol also implements the common security techniques such as public key encryption, digital signature, etc. The implemented security techniques would rectify the security flaws revealed in the existing protocols. We use STA, an infinite-state exploration tool, to verify the security properties of a reasonably small instance of the proposed protocol in key configurations. The analysis using STA reports no attack. Moreover, we carefully reason the correctness of the security protocol for a general model and show that the protocol would be capable of preventing or at least detecting the attacks revealed in the existing protocols.
|
123 |
Multiple Escrow Agents in VoIPAzfar, Abdullah January 2010 (has links)
Using a Key escrow agent in conjunction with Voice over IP (VoIP) communication ensures that law enforcements agencies (LEAs) can retrieve the session key used to encrypt data between two users in a VoIP session. However, the use of a single escrow agent has some drawbacks. A fraudulent request by an evil employee from the LEA can lead to improper disclosure of a session key. After the escrow agent reveals the key this evil person could fabricate data according to his/her needs and encrypt it again (using the correct session key). In this situation the persons involved in the communication session can be accused of crimes that he or she or they never committed. The problems with a single escrow agent becomes even more critical as a failure of the escrow agent can delay or even make it impossible to reveal the session key, thus the escrow agent might not be able to comply with a lawful court order or comply with their escrow agreement in the case of data being released according to this agreement (for example for disaster recovery).This thesis project focused on improving the accessibility and reliability of escrow agents, while providing good security. One such method is based on dividing the session key into m chunks and escrowing the chunks with m escrow agents. Using threshold cryptography the key can be regenerated by gathering any n-out-of-m chunks. The value of m and n may differ according to the role of the user. For a highly sophisticated session, the user might define a higher value for m and n for improved, availability, reliability, and security. For a less confidential or less important session (call), the value of m and n might be smaller. The thesis examines the increased availability and increased reliability made possible by using multiple escrow agents.
|
124 |
State-of-the-art Study and Design of a Small Footprint Version of the COOS Plugin FrameworkKhan, Kashif Nizam January 2010 (has links)
GSM and UMTS technologies have already gained a huge market penetrationresulting in millions of customers. Machine-to-Machine (M2M) Communicationis promising to be the next big technology that is going to hit themass market with numerous essential services. Telemetry systems, whichwere thought once as the domain of big industrial companies, are now beingavailable to larger and wider customers because of the advances in M2Mcommunication. Thanks to mobile technologies, millions of small handhelddevices are now available in the mass market which can be used to communicatereal time information to the customers. Telenor Objects (a smallbusiness unit of Telenor Group) has defined a new Connected Object Operatingsystem (COOS) which aims to provide a common platform for thedevices to communicate real time data and to provide value added servicesto the customers. COOS is a modular and flexible platform, and includes aplugin framework offered to device and service developers for easy connectingservices and devices to the platform. The current version of COOS pluginframework is based on Java Standard Edition and OSGI, with some supportfor development on J2ME. This thesis research work aims to provide a briefoverview of the Connected Object concept and the COOS platform architecture.The main goal of this thesis is to design a small footprint version ofthe COOS plugin framework for Windows-based handheld devices. It willalso provide a state-of- the art study on mobile device programming focusingon Windows-based services. This thesis research can serve as a startingdocument to provide a full functioning plugin framework for Windows-baseddevices and services.
|
125 |
Model Driven Development of Web Application with SPACE Method and Tool-suitRehana, Jinat January 2010 (has links)
Enterprise level software development using traditional software engineeringapproaches with third-generation programming languages is becoming morechallenging and cumbersome task with the increased complexity of products,shortened development cycles and heightened expectations of quality. MDD(Model Driven Development) has been counting as an exciting and magicaldevelopment approach in the software industry from several years. The ideabehind MDD is the separation of business logic of a system from its implementationdetails expressing problem domain using models. This separation andmodeling of problem domain simplify the process of system design as well asincrease the longevity of products as new technologies can be adopted easily.With appropriate tool support, MDD shortens the software development lifecycle drastically by automating a significant portion of development steps.MDA (Model Driven Architecture) is a framework launched by OMG (ObjectManagement Group) to support MDD. SPACE is an engineering methodfor rapid creation of services, developed at NTNU (Norwegian University ofScience and Technology) which follows MDA framework. Arctis and Ramsesare tool suits, also developed at NTNU to support SPACE method. Severalsolutions have been developed on Arctis tool suit covering several domainslike mobile services, embedded systems, home automation, trust managementand web services.This thesis presents a case study on the web application domain with Arctis,where the underlying technologies are AJAX (asynchronous JavaScriptand XML), GWT (Google Web Toolkit) framework and Java Servlet. Inorder to do that, this thesis contributes building up some reusable buildingblocks with Arctis tool suit. This thesis also describes a use case scenario touse those building blocks. This thesis work tries to implement the specifiedsystem and evaluates the resulting work.
|
126 |
Malware Detection Through Call GraphsKinable, Joris January 2010 (has links)
Each day, anti-virus companies receive large quantities of potentially harmful executables. Many of the malicious samples among these executables are variations of earlier encountered malware, created by their authors to evade pattern-based detection. Consequently, robust detection approaches are required, capable of recognizing similar samples automatically.In this thesis, malware detection through call graphs is studied. In a call graph, the functions of a binary executable are represented as vertices, and the calls between those functions as edges. By representing malware samples as call graphs, it is possible to derive and detect structural similarities between multiple samples. The latter can be used to implement generic malware detection schemes, which can proactively detect existing versions of the malware, as well as future releases with similar characteristics.To compare call graphs mutually, we compute pairwise graph similarity scores via graphmatchings which minimize an objective function known as the Graph Edit Distance. Finding exact graph matchings is intractable for large call graph instances. Hence we investigate several efficient approximation algorithms. Next, to facilitate the discovery of similar malware samples, we employ several clustering algorithms, including variations on k-medoids clustering and DBSCAN clustering algorithms. Clustering experiments are conducted on a collection of real malware samples, and the results are evaluated against manual classifications provided by virus analysts from F-Secure Corporation. Experiments show that it is indeed possible to accurately detect malware families using the DBSCAN clustering algorithm. Based on our results, we anticipate that in the future it is possible to use call graphs to analyse the emergence of new malware families, and ultimately to automate implementinggeneric protection schemes for malware families.
|
127 |
Security Analysis of Future Internet ArchitecturesBallester Lafuente, Carlos January 2010 (has links)
During the last decades, Internet has evolved from host-centric toinformation-centric in the sense that it is information and data what matters,regardless of where it is located. Meanwhile, Internet's architecturestill remains the same as it was in its origins and still focuses on host-tohostcommunication, putting too much emphasis on the "where" ratherthan putting it on the "what".Original Internet's architecture also introduces several security aws suchas DoS and DDoS, spoong and spam, and other non-security relatedproblems such as availability or location dependence related issues. Inorder to address these issues, several new architectures and protocols havebeen proposed. Some of them aim at redesigning totally the architecture ofInternet from scratch, while others aim at improving it without redesigningit totally.The aim of this Master Thesis is to analyze these new protocols and architecturesfrom a security point of view in order to determine whether thesecurity claims made are true or not. The security analysis is made basedon RFCs, technical papers and project deliverables. The results obtainedhave uncovered some security issues in several of the new protocols andarchitectures and have provided some insight into further improving them.
|
128 |
Energy Efficiency of Streaming over Mobile Ad-hoc NetworksPattabiraman, Prashanth January 2010 (has links)
Hand held mobile devices are widely used today primarily due to their rich functionality and the ease of portability. However, the battery life of these devices is very limited and deploying resource hungry applications such as streaming on these mobile devices is a challenging task. It is extremely important to maximize the efficient use of the contained resources on these devices especially when they participate in a mobile ad hoc network. The optimization can occur in any layer of the OSI stack, however, this thesis work focuses only on the routing protocols used in the network layer. In this thesis work we have been able to evaluate the Energy Efficiency of the four most widely used MANET routing protocols (AODV, OLSR, DSDV and DSR) in terms of their energy consumption and performance. The initial phase of the work was carried out using the Network Simulator 2(NS2) tool and later the observations were done on a real world MANET testbed. The influence of several external factors on the performance and energy consumption are also taken into consideration while performing the simulations and experiments. The results obtained from our observations provide both qualitative and quantitative analysis of the routing protocols. Furthermore, it also highlights how the behaviour of the protocols are sometimes highly unpredictable, yielding results that we may not expect.
|
129 |
Secure data aggregation for wireless sensor networkTran-Thi-Thuy, Trang January 2010 (has links)
Like conventional networks, security is also a big concern in wireless sensor networks. However, security in this type of networks faces not only typical but also new challenges. Constrained devices, changing topology or susceptibility to unprecedented security threats such as node capture and node compromise has refrained developers from applying conventional security solutions into wireless sensor networks. Hence, developing security solutions for wireless sensor networks not only requires well security analysis but also offers a low power and processing consuming.In this thesis, we implemented security solution targeting IRIS sensor motes. In our implementation, a public key-based key exchange is used to establish shared secret keys between sensor nodes. These secret keys are used to provide authenticity, integrity and freshness for transmission data. Our implementation ensures the flexibility in integrating our solution with available TinyOS operating system. Additionally, the thesis work also focuses on evaluating the performance in wireless sensor networks both in memory and energy consuming.
|
130 |
Employing Ethernet Multiple Spanning Tree Protocol in an OpMiGua networkVeisllari, Raimena January 2010 (has links)
Hybrid optical packet/circuit switched networking architectures are increasingly becoming an interesting research field. They integrate and combine the high resource utilization of statistically multiplexed packet switched networks with the low processing requirements and guaranteed quality of service provided by circuit switched networks. The aim of this thesis is to integrate the OpMiGua hybrid optical network with Ethernet. Specifically, the work is focused on the compatibility of the Ethernets loop-free topology protocols with the redundant multiple traffic service paths of OpMiGua. We analyse the problems and limitations imposed on the network architecture and propose our topology solution called the SM chain-connectivity. The analysis and the proposed schemes are verified based on results obtained from simulations. Furthermore, we design an integrated logical OpMiGua node that relies on an Ethernet switch instead of the Optical Packet Switch for the Statistically Multiplexed traffic. To date, to our knowledge there are no studies analysing the compatibility of Ethernet and its protection mechanisms in a hybrid optical network. This is the first work addressing the use of Ethernet in OpMiGua.
|
Page generated in 0.028 seconds