NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 28
  • 3
  • Tagged with
  • 31
  • 31
  • 17
  • 17
  • 14
  • 14
  • 14
  • 14
  • 14
  • 14
  • 14
  • 14
  • 14
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 10 of 31 (0.047 seconds)

Spelling suggestions: "subject:"informasjonssikkerhet"" "subject:"informasjonssikkerheten""

1

Security Issues with Content Management Systems (CMSs) on the Cloud

Østdahl, Thomas January 2011 (has links)
Although cloud computing is the major hype nowadays, it is actually a relatively “old” concept which can be dated back to the 1950s. Then, AT&T was developing a centralized infrastructure and storage space, where their customers could connect to using advanced telephones. Cloud computing works in a similar fashion, where customers subscribe to centralized service models. The models are separated in three main categories; Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS). The cloud is a multi-tenant environment, i.e., several customers are able to use the same service simultaneously. More- over, the cloud is highly scalable, which means that resources can be allocated on demand. Cloud computing follows a pay-per-use payment model. Customers could reduce their operational and maintenance costs significantly, because they subscribe to a Cloud Service Provider (CSP) which is responsible for these tasks. Moreover, an organization is no longer dependent on costly upfront investments.Most of the industry-leading technology organizations (e.g., Amazon, Apple, Google, Microsoft) have their own cloud services. Thus, the barrier to adopt the cloud for customers has lowered. Organizations have hasted to move their services to the cloud, without questioning the cloud’s maturity. Even though cloud security has been a priority from the beginning, numerous attacks have been reported. The CSP’s data-centers provide both physical and infrastructure security. However, traditional security threats to IT systems, is still applicable to cloud applications. Furthermore, new cloud-specific security risks emerge. Confidentiality, integrity and availability of data are always of importance, however, becomes challenging in the cloud due to its dynamic environment. Ensuring integrity of data, with- out knowing the whole data set, is one of several challenges. Moreover, due to the increasing incidents of Denial-of-Service (DoS) attacks, availability of data has become problematic. Although the cloud is able to scale well with such attacks, disruptions of services still occur. The scalability of clouds could also potentially be a threat, if malicious users are able to create bot-nets of multiple clouds.The Internet is a hostile environment, likewise is the cloud. However, this does not stop people from rapidly adopting it. Organizations have hasted to offer their services on the cloud, to benefit from its advantages. Content Management Sys- tems (CMSs) are examples of such services. They are widely popular, and used to create professional websites without requiring technical skills. CMSs provides a user-friendly platform to manage the contents (e.g., text, pictures, music), then customize it with templates and extensions. Open source CMSs benefit from their communities of developers, which contribute to keep their systems up to date and safe, with the current technologies. Since many CMS have non-technical users, they tend to be attractive targets for adversaries. Especially, third-party exten- sions have been considered a major threat. The “core” of the systems are often secure. However, web application vulnerabilities apply to these systems.Joomla! is a widely popular open source CMS, due to its simplicity and remark- able community. The latest version (Joomla! 1.6) has made it suitable for both new unexperienced users, as well as professional users. Joomla! can be used as a PaaS, to benefit from the cloud’s advantages. Anyhow, Joomla! is an attractive target, due to its non-technical audience. It is considered secure by default. How- ever, with simple open source tools, it is possible to obtain valuable information about the system, e.g., server spesifications, OS, CMS version. Moreover, the se- curity of the back-end have potential for improvements. Since many customers use weak passwords, and the back-end is always located in the same folder, adversaries could brute-force their way through. Many CMSs have static files and resources, which finger-printers utilize to determine the system specifications. Furthermore, poorly coded extensions are gateways for attackers. If an exploit is found in a com- ponent, adversaries could automate attacks against websites with this vulnerable component installed. Hence, it is critical for users to always keep up to date.The emerging future would introduce numerous new ways of cloud usage. Many companies invest in enormous data-centers, which is the size of small villages. More and more services would move to the cloud, and software licenses would start to be excess. The threats to the cloud are not significantly increased in numbers, compared to traditional IT systems. However, the multi-tenancy could be exploited by malicious users. Moreover, distributed attacks originating from several clouds, could force CSPs to evolve cloud security.
ntnudaim:6111
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
2

Detecting MAC Spoofing Attacks in 802.11 Networks through Fingerprinting on the MAC Layer

Idland, Christer January 2011 (has links)
In order to provide hassle-free connection options many wireless local area network (WLAN) providers choose to have their networks completely open. In other words there is no password required in order to connect. Such open configurations do not provide any security features on the wireless medium, but are often implemented with other solutions as captive portals. A captive portal forces a Hypertext Transfer Protocol (HTTP) client to see a certain webpage, usually for authentication purposes. All other packets are blocked. Once authenticated, the client's medium access control (MAC) address is whitelisted and he will have access to the Internet.The MAC spoofing attack is easy to perform in open networks, see Appendix A. This attack can have severe consequences as the attacker masquerades as a legitimate client, potentially getting the victim caught for crime done by the attacker. The preferred way to handle these attacks has been through detection, as it can be done on the server side without complicating anything for the user. Effective and reliable detection techniques for plain and QoS enabled 802.11 networks exists [1,5]. However, no good solution exists to detect attacks when the legitimate client is no longer connected. The two main scenarios are the session hijacking attack, where the attacker forces the victim offline, and the wait-for-availability attack where the attacker waits until the legitimate client leaves the network.An algorithm based on MAC layer fingerprinting was developed to detect the class of attacks where attacker and victim are not connected simultaneously. A fingerprint is based on the behavior of a station (STA), and each STA's behavior varies due to implementation differences of the 802.11 protocol. Experiments in a real network was performed with 11 different STAs in order to determine the fingerprints. The results show that on average 2.82 of the 8 fingerprinting properties were different when comparing two fingerprints.The fingerprinting algorithm developed is capable of passively creating a fingerprint of wireless STAs without specialized equipment in realistic network conditions. Fingerprints from different STAs are unique with high probability, even when there are little data available. In addition, the technique used is accurate, fast, and requires no pre-computed databases. The algorithm used in combination with the IDS developed by Idland [1] is now able to detect all of the five different MAC spoofing attacks described in Section 2.6.2.
ntnudaim:6260
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
3

Simulation of a Secure Ad Hoc Network Routing Protocol

Bowitz, Anne Gabrielle January 2011 (has links)
Secure wireless ad hoc networks possess many properties that are highly valuable in e.g. emergency situations and military applications. By using X.509 certificates, the ad hoc routing protocol B.A.T.M.A.N. has been modified in order to support identification and authentication of mobile nodes trying to access a restricted ad hoc network.The new protocol design needs to be evaluated by performing tests under various conditions and environments. However, this might be a challenging and expensive task to do in a real-world system, thus it is recommended to simulate the routing protocol using a network simulator.ns-3 is an open source discrete-event network simulator for Internet systems. The goal of this thesis is to extend ns-3 to support simulation of both the original and modified B.A.T.M.A.N. protocol such that protocol design, interactions, and large-scale performance issues can be investigated and compared.
ntnudaim:6177
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
4

Implementing a Secure Ad Hoc Network

Graarud, Espen Grannes January 2011 (has links)
In emergency situations such as natural disasters the emergency personell shouldbe able to establish communication fast and reliably. Depending on the nature ofthe disaster one cannot rely on existing communication infrastructure, or accessto centralized administration. Additionally the established communication needsauthentication in order to handle access control so only trusted parties canpartake. A suitable medium for such communication is wireless ad hoc networks,but their flat structure make authentication a very challenging task.In this thesis a system design for an ad hoc routing protocol combined withaccess control is proposed, and implemented extending a popular routing protocolcalled BATMAN. The proposed authentication scheme relies on special public keycertificates called proxy certificates, and combined with a neighbor trustmechanism both authentication and access control are managed in a secure manner.Tests using mobile nodes running this implementation shows that the performanceof the proposed design is comparable to the original routing protocol (BATMAN)used, and that the authentication process is manageable even for mobile ad hocnetworks.
ntnudaim:6340
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
5

National Authentication Systems

Sandnes, Are Haugen January 2012 (has links)
Information security has to adapt to an ever-changing environment. Recently there has been a significant increase in the use of smartphones and other mobile devices to access services on the Internet that originally is designed for desktop computers.This thesis examines authentication systems on the Internet aimed at large user groups in light of the evolving threats due to increased use of mobile devices. It examines these authentication systems from the perspective of the end user and investigates problems arising with increased use of mobile devices.This work shows that much can be done in all stages to improve the security of web authentication. Users can protect their devices better and use stronger passwords, service providers can do simple steps to configure their web servers better, and developers of operating systems on mobile devices can reduce the amount of data an application can access on the device. In particular this thesis highlights how the way people are using their smartphones, and how authentication systems work, makes it easy for attackers to exploit the users.
ntnudaim:6932
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
6

Using Case-based Reasoning for Privacy Decisions

Børseth, Daniel Jørgen January 2012 (has links)
SINTEF ICT has developed a prototype Privacy Enhancing Technology calledPrivacy Advisor that uses Case-based Reasoning to give advice to users on ifthey should accept or reject the privacy policies of a service provider in a given context.The purpose of this PET is to learn the privacy preferences of a user and giveadvice according to the previous decisions the user has made. The goal of this thesis is to propose, implement and test new CBR logic forPrivacy Advisor so that the advice given to the user is more trustworthy. Thesegoals have been reached by studying the various technologies and methodologiesPrivacy Advisor is based on, as well as the current implementation of PrivacyAdvisor itself. The results of the thesis are three algorithms that improve uponthe existing CBR logic in Privacy Advisor to a certain degree, as well as afuzzy control system that uses fuzzy logic to determine the similarity between elements in a privacypolicy.The results from the thesis have shown that even though the approach of usingfuzzy logic for similarity calculations is reasonable, several design flaws inthe implementation of Privacy Advisor limits the amount of testing possible,and the degree the CBR logic can be improved. The results from testing the newimplementations did not reveal any definite proof that the new implementation isany better.
ntnudaim:7605
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
7

User Interface Design for Privacy Enhancing Technology

Ripmann, Nina January 2012 (has links)
A significant amount of information is available of us online due to the increased use of the Internet and online services. It appears to be a tendency among users to not read privacy policies when creating user accounts online because policies are known to be long and complicated documents that are hard to understand. Users also feel like they don't really have a choice than to accept the policy if they want to use the service. This have created privacy concerns and a need for better privacy control for users, since the users usually don't know what they have agreed to when accepting policies.SINTEF ICT have developed a privacy enhancing technology (PET), named Privacy Advisor, whose purpose is to help users think about privacy and information sharing online. This is done by Privacy Advisor interpreting webpages privacy policies for the users and giving advices on whether the webpages should be trusted or not. The users are then given the opportunity to provide feedback to Privacy Advisor and the system will use this to adapt to the users privacy preferences. A graphical user interface (GUI) for Privacy Advisor were developed using prototyping with iterative improvement of the design, based on feedback from SINTEF ICT and potential users. Feedback from users was collected by performing usability testing with observation, followed by a questionnaire. Usability testing was also conducted to determine the designs usability and find breakdowns in the design. The feedback showed that there were some breakdowns in the system. These were presentation of text that was confusing for some users, where they did not understand the meaning of the text, or buttons that was not intuitive enough. These breakdowns were fixed for the final version of the design suggestion. The users also navigated well in the prototype and managed to complete all the given tasks. The system also received positive feedback concerning further use and the need for a program like Privacy Advisor, and because of these elements, the usability were determined as good when the final improvements and fixing of breakdowns were completed. A final design for Privacy Advisor, implemented as a Google Chrome extension was then presented to SINTEF ICT.
ntnudaim:7365
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
8

URL Crawling & classification system

Vaagland, Emil Lindgjerdet January 2012 (has links)
Today, malware is often found on legitimate web sites that have been hacked. The aim of this thesis was to create a system to crawl potential malicious web sites and rate them as malicious or not. Through research into current malware trends and mechanisms to detect malware on the web, we analyzed and discussed the problem space, before we began design the system architecture. After we had implemented our suggested architecture, we ran the system through tests. These test shed some light on the challenges we had discussed. We found that our hybrid honey-client approach was of benefit to detect malicious sites, as some malicious sites were only found when both honey-clients cooperated. In addition, we got insight into how a LIHC can be useful as a queue pre-processor tool for a HIHC. On top of that, we learned the consequence of operating a system like this without a well built proxy server network: false-negatives.
ntnudaim:7708
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
9

Utilizing Distributed Multimedia Plays for Networked Virtual Shopping

Trollvik, Beate Eide January 2012 (has links)
This thesis studies the market of e-commerce and a futuristic solution to shopping by utilizing the Distributed Multimedia Plays network architecture and its Collaboration Space, which provides users with a near natural virtual reality.Several scenarios have been defined for a future virtual store exploiting the possibilities of DMP. One scenario was chosen for further development resulting in a proposed solution. A business model was developed for the solution using the Osterwalder business model ontology. A financial analysis was conducted to evaluate the potential for the solution and its business model. Through studies on e-commerce and DMP it is certain that there exist potential for a service such as a virtual store utilizing the technology of DMP and ideas of Real-time Internet. However, some changes to the solution and its pricing strategy may be necessary to ensure a more profitable solution.
ntnudaim:7665
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
10

Authentication: From Passwords to Biometrics : An implementation of a speaker recognition system on Android

Heimark, Erlend January 2012 (has links)
We implement a biometric authentication system on the Android platform, which is based on text-dependent speaker recognition. The Android version used in the application is Android 4.0. The application makes use of the Modular Audio Recognition Framework, from which many of the algorithms are adapted in the processes of preprocessing and feature extraction. In addition, we employ the Dynamic Time Warping (DTW) algorithm for the comparison of different voice features. A training procedure is implemented, using the DTW algorithm to align features. Furthermore, we introduce personal thresholds, based on which the performance for each individual user can be further optimized.We have carried out several tests in order to evaluate the performance of the developed system. The tests are performed on 16 persons, with in total 240 voice samples, of which 15 samples are from each person. As a result, for authentication, one of the optimal trade-offs of the False Acceptance Rate (FAR) and False Rejection Rate (FRR) achieved by the system is shown to be 13% and 12%, respectively. For identification, the system could identify the user correctly with a rate of 81%. Our results show that one can actually improve the system performance in terms of FAR and FRR significantly, through using the training procedure and the personal thresholds.
ntnudaim:7417
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet

Page generated in 0.0734 seconds