Remote application support in a multilevel environment

Cooper, Robert C.

03 1900

Approved for public release, distribution is unlimited / The use of specialized single-level networks in current military operations is inadequate to meet the need to share information envisioned by the Global Information Grid (GIG). Multilevel security (MLS) is a key Information Assurance enabler for the GIG vision. The Monterey Security Architecture (MYSEA), a distributed MLS network, eliminates the need to use separate equipment to connect to many networks at different classification levels. It allows users to view data at different sensitivities simultaneously. MYSEA also allows commercial software and hardware to be used at clients. To address the threat of residual data on the client after a user session change in security state, the MYSEA clients are required to be "stateless", i.e., there is no non-volatile writable memory. Hence the MYSEA server must provide the clients with the ability to execute server-resident client-side applications to access data at different security levels over the MLS Local Area Network (LAN). The MYSEA server currently does not support such capability. This thesis addresses this limitation. A new trusted process family is introduced to provide a pseudo-socket interface for the single level remote application to access the MLS LAN interface. Detailed design specifications were created to facilitate implementation of the remote application support. / Lieutenant, United States Navy

Computer security

Local area networks (Computer networks)

Security measures

Multilevel Security (MLS)

Information Assurance (IA)

Monterey security architecture (MYSEA)

Client-side remote application

Trusted remote session management

Design and analysis of a model reconfigurable cyber-exercise laboratory (RCEL) for information assurance education

Guild, R. James

03 1900

Approved for public release, distribution is unlimited / This thesis addresses the need to create a flexible laboratory environment for teaching network security. For educators to fully realize the benefit of such a facility, proto-type exercise scenarios are also needed. The paper is based on a model laboratory created at the Naval Postgraduate School. The initial configuration of the NPS lab is described. The work then develops a list of learning objectives achievable in the RCEL. Six proto-type cyber-exercise scenarios are presented to supplement the RCEL description. The activities within each potential scenario are described. The learning objectives met during each scenario are shown. This work demonstrates how a variety of potential RCEL exercises can supplement traditional information assurance education delivery techniques. / Civilian, Federal Cyber Services Corps, Naval Postgraduate School

Computer networks

Security measures

Study and teaching

Computer security

Training

Physiology

Computer science

Computer science education

Information security

Cyber exercise

Computer security training

Information assurance training

Computer laboratory

Forensic Analysis of WhatsApp on Android Smartphones

Thakur, Neha S

06 August 2013

Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a popular social networking application. We will be forming an outline on how forensic investigators can extract useful information from WhatsApp and from similar applications installed on an Android platform. Our area of focus is extraction and analysis of application user data from non-volatile external storage and the volatile memory (RAM) of an Android device.

Information Assurance

Security

Computer Science

Android

Application Security

Volatile Memory Forensics

Computer Engineering

Computer Sciences

Databases and Information Systems

Other Computer Engineering

Other Computer Sciences

Software Engineering

Automated Testing for RBAC Policies

January 2014

abstract: Access control is necessary for information assurance in many of today's applications such as banking and electronic health record. Access control breaches are critical security problems that can result from unintended and improper implementation of security policies. Security testing can help identify security vulnerabilities early and avoid unexpected expensive cost in handling breaches for security architects and security engineers. The process of security testing which involves creating tests that effectively examine vulnerabilities is a challenging task. Role-Based Access Control (RBAC) has been widely adopted to support fine-grained access control. However, in practice, due to its complexity including role management, role hierarchy with hundreds of roles, and their associated privileges and users, systematically testing RBAC systems is crucial to ensure the security in various domains ranging from cyber-infrastructure to mission-critical applications. In this thesis, we introduce i) a security testing technique for RBAC systems considering the principle of maximum privileges, the structure of the role hierarchy, and a new security test coverage criterion; ii) a MTBDD (Multi-Terminal Binary Decision Diagram) based representation of RBAC security policy including RHMTBDD (Role Hierarchy MTBDD) to efficiently generate effective positive and negative security test cases; and iii) a security testing framework which takes an XACML-based RBAC security policy as an input, parses it into a RHMTBDD representation and then generates positive and negative test cases. We also demonstrate the efficacy of our approach through case studies. / Dissertation/Thesis / M.S. Computer Science 2014

Engineering

Computer science

Computer engineering

Information Assurance

Multi-terminal Binary Decision Diagram

Role-Based Access Control

Security

Security Testing

Software Testing

Distinguishing Leadership of Information Assurance Teams

Bankole, Bamidele Adetokunbo

01 January 2015

Information assurance (IA) projects are essential components of the information technology industry and often fail due to budget overruns, missed deadlines, and lack of performance by the project teams. The purpose of this phenomenological study was to explore the strategies necessary to improve IA project team performance. Lewin's situational leadership theory was used as the conceptual framework for this study. Interviews were conducted with 20 IA professionals located in the Washington, DC Metropolitan area. The data were transcribed, coded, and clustered for the identification of common patterns based on the Moustakas' modified van Kaam analysis. The major themes that emerged from the interview data included the importance of: communication and teamwork, technical knowledge, training, hiring of skilled resources, and balanced project teams. An organization-wide internal training program emerged as an overarching best practice to improve the leadership strategies within the IA sector. The study results may help improve project success and grow the IA industry by creating more jobs.

communication

information assurance

information security

leadership

subject matter expert

teamwork

Databases and Information Systems

Quantifying Trust and Reputation for Defense against Adversaries in Multi-Channel Dynamic Spectrum Access Networks

Bhattacharjee, Shameek

01 January 2015

Dynamic spectrum access enabled by cognitive radio networks are envisioned to drive the next generation wireless networks that can increase spectrum utility by opportunistically accessing unused spectrum. Due to the policy constraint that there could be no interference to the primary (licensed) users, secondary cognitive radios have to continuously sense for primary transmissions. Typically, sensing reports from multiple cognitive radios are fused as stand-alone observations are prone to errors due to wireless channel characteristics. Such dependence on cooperative spectrum sensing is vulnerable to attacks such as Secondary Spectrum Data Falsification (SSDF) attacks when multiple malicious or selfish radios falsify the spectrum reports. Hence, there is a need to quantify the trustworthiness of radios that share spectrum sensing reports and devise malicious node identification and robust fusion schemes that would lead to correct inference about spectrum usage. In this work, we propose an anomaly monitoring technique that can effectively capture anomalies in the spectrum sensing reports shared by individual cognitive radios during cooperative spectrum sensing in a multi-channel distributed network. Such anomalies are used as evidence to compute the trustworthiness of a radio by its neighbours. The proposed anomaly monitoring technique works for any density of malicious nodes and for any physical environment. We propose an optimistic trust heuristic for a system with a normal risk attitude and show that it can be approximated as a beta distribution. For a more conservative system, we propose a multinomial Dirichlet distribution based conservative trust framework, where Josang*s Belief model is used to resolve any uncertainty in information that might arise during anomaly monitoring. Using a machine learning approach, we identify malicious nodes with a high degree of certainty regardless of their aggressiveness and variations introduced by the pathloss environment. We also propose extensions to the anomaly monitoring technique that facilitate learning about strategies employed by malicious nodes and also utilize the misleading information they provide. We also devise strategies to defend against a collaborative SSDF attack that is launched by a coalition of selfish nodes. Since, defense against such collaborative attacks is difficult with popularly used voting based inference models or node centric isolation techniques, we propose a channel centric Bayesian inference approach that indicates how much the collective decision on a channels occupancy inference can be trusted. Based on the measured observations over time, we estimate the parameters of the hypothesis of anomalous and non-anomalous events using a multinomial Bayesian based inference. We quantitatively define the trustworthiness of a channel inference as the difference between the posterior beliefs associated with anomalous and non-anomalous events. The posterior beliefs are updated based on a weighted average of the prior information on the belief itself and the recently observed data. Subsequently, we propose robust fusion models which utilize the trusts of the nodes to improve the accuracy of the cooperative spectrum sensing decisions. In particular, we propose three fusion models: (i) optimistic trust based fusion, (ii) conservative trust based fusion, and (iii) inversion based fusion. The former two approaches exclude untrustworthy sensing reports for fusion, while the last approach utilizes misleading information. All schemes are analyzed under various attack strategies. We propose an asymmetric weighted moving average based trust management scheme that quickly identifies on-off SSDF attacks and prevents quick trust redemption when such nodes revert back to temporal honest behavior. We also provide insights on what attack strategies are more effective from the adversaries* perspective. Through extensive simulation experiments we show that the trust models are effective in identifying malicious nodes with a high degree of certainty under variety of network and radio conditions. We show high true negative detection rates even when multiple malicious nodes launch collaborative attacks which is an improvement over existing voting based exclusion and entropy divergence techniques. We also show that we are able to improve the accuracy of fusion decisions compared to other popular fusion techniques. Trust based fusion schemes show worst case decision error rates of 5% while inversion based fusion show 4% as opposed majority voting schemes that have 18% error rate. We also show that the proposed channel centric Bayesian inference based trust model is able to distinguish between attacked and non-attacked channels for both static and dynamic collaborative attacks. We are also able to show that attacked channels have significantly lower trust values than channels that are not– a metric that can be used by nodes to rank the quality of inference on channels.

Engineering

Social engineering and the ISO/IEC 17799:2005 security standard: a study on effectiveness

Frangopoulos, Evangelos D.

31 March 2007

As Information Security (IS) standards do not always effectively cater for Social Engineering (SE) attacks, the expected results of an Information Security Management System (ISMS), based on such standards, can be seriously undermined by uncontrolled SE vulnerabilities. ISO/IEC 17799:2005 is the subject of the current analysis as it is the type of standard not restricted to technical controls, while encompassing proposals from other standards and generally-accepted sets of recommendations in the field. Following an analysis of key characteristics of SE and based on the study of Psychological and Social aspects of SE and IS, a detailed examination of ISO/IEC 17799:2005 is presented and an assessment of the efficiency of its controls with respect to SE is provided. Furthermore, enhancements to existing controls and inclusion of new controls aimed at strengthening the defense against Social Engineering are suggested. Measurement and quantification issues of IS with respect to SE are also dealt with. A novel way of assessing the level of Information Assurance in a system is proposed and sets the basis for future work on this subject. / Information Systems / M. Sc. (Information Systems)

Information assurance

Influence

Persuasion

Actor-network theory

Objective reality

Subjective reality

ISO 27002

ISO 27001

ISO 17799

Security policy

Information security

Social engineering

005.8

Social engineering

Data protection

Computer security

Social engineering and the ISO/IEC 17799:2005 security standard: a study on effectiveness

Frangopoulos, Evangelos D.

31 March 2007

As Information Security (IS) standards do not always effectively cater for Social Engineering (SE) attacks, the expected results of an Information Security Management System (ISMS), based on such standards, can be seriously undermined by uncontrolled SE vulnerabilities. ISO/IEC 17799:2005 is the subject of the current analysis as it is the type of standard not restricted to technical controls, while encompassing proposals from other standards and generally-accepted sets of recommendations in the field. Following an analysis of key characteristics of SE and based on the study of Psychological and Social aspects of SE and IS, a detailed examination of ISO/IEC 17799:2005 is presented and an assessment of the efficiency of its controls with respect to SE is provided. Furthermore, enhancements to existing controls and inclusion of new controls aimed at strengthening the defense against Social Engineering are suggested. Measurement and quantification issues of IS with respect to SE are also dealt with. A novel way of assessing the level of Information Assurance in a system is proposed and sets the basis for future work on this subject. / Information Systems / M. Sc. (Information Systems)

Information assurance

Influence

Persuasion

Actor-network theory

Objective reality

Subjective reality

ISO 27002

ISO 27001

ISO 17799

Security policy

Information security

Social engineering

005.8

Social engineering

Data protection

Computer security