Novel framework to support information security audit in virtual environment

Nagarle Shivashankarappa, A.

January 2013

Over the years, the focus of information security has evolved from technical issue to business issue. Heightened competition from globalization compounded by emerging technologies such as cloud computing has given rise to new threats and vulnerabilities which are not only complex but unpredictable. However, there are enormous opportunities which can bring value to business and enhance stakeholders’ wealth. Enterprises in Oman are compelled to embark e-Oman strategy which invariably increases the complexity due to integration of heterogeneous systems and outsourcing with external business partners. This implies that there is a need for a comprehensive model that integrates people, processes and technology and provides enterprise information security focusing on organizational transparency and enhancing business value. It was evident through interviews with security practitioners that existing security models and frameworks are inadequate to meet the dynamic nature of threats and challenges inherent in virtualization technology which is a catalyst to cloud computing. Hence the intent of this research is to evaluate enterprise information security in Oman and explore the potential of building a balanced model that aligns governance, risk management and compliance with emphasis to auditing in virtual environment. An integrated enterprise governance, risk and compliance model was developed where enterprise risk management acts as a platform, both mitigating risk on one hand and as a framework for defining cost controls and quantifying revenue opportunities on the other. Further, security standards and frameworks were evaluated and some limitations were identified. A framework for implementing IT governance focusing on critical success factors was developed after analysing and mapping the four domains of COBIT with various best practices. Server virtualization using bare metal architecture was practically tested which provides fault-tolerance and automated load balancing with enhanced security. Taxonomy of risks inherent in virtual environments was identified and an audit process flow was devised that provides insight to auditors to assess the adequacy of controls in a virtual environment. A novel framework for a successful audit in virtual environment is the contribution of this research that has changed some of the security assumptions and audit controls in virtual environment.

005.8

Assessing program code through static structural similarity

Naude, Kevin Alexander

January 2007

Learning to write software requires much practice and frequent assessment. Consequently, the use of computers to assist in the assessment of computer programs has been important in supporting large classes at universities. The main approaches to the problem are dynamic analysis (testing student programs for expected output) and static analysis (direct analysis of the program code). The former is very sensitive to all kinds of errors in student programs, while the latter has traditionally only been used to assess quality, and not correctness. This research focusses on the application of static analysis, particularly structural similarity, to marking student programs. Existing traditional measures of similarity are limiting in that they are usually only effective on tree structures. In this regard they do not easily support dependencies in program code. Contemporary measures of structural similarity, such as similarity flooding, usually rely on an internal normalisation of scores. The effect is that the scores only have relative meaning, and cannot be interpreted in isolation, ie. they are not meaningful for assessment. The SimRank measure is shown to have the same problem, but not because of normalisation. The problem with the SimRank measure arises from the fact that its scores depend on all possible mappings between the children of vertices being compared. The main contribution of this research is a novel graph similarity measure, the Weighted Assignment Similarity measure. It is related to SimRank, but derives propagation scores from only the locally optimal mapping between child vertices. The resulting similarity scores may be regarded as the percentage of mutual coverage between graphs. The measure is proven to converge for all directed acyclic graphs, and an efficient implementation is outlined for this case. Attributes on graph vertices and edges are often used to capture domain specific information which is not structural in nature. It has been suggested that these should influence the similarity propagation, but no clear method for doing this has been reported. The second important contribution of this research is a general method for incorporating these local attribute similarities into the larger similarity propagation method. An example of attributes in program graphs are identifier names. The choice of identifiers in programs is arbitrary as they are purely symbolic. A problem facing any comparison between programs is that they are unlikely to use the same set of identifiers. This problem indicates that a mapping between the identifier sets is required. The third contribution of this research is a method for applying the structural similarity measure in a two step process to find an optimal identifier mapping. This approach is both novel and valuable as it cleverly reuses the similarity measure as an existing resource. In general, programming assignments allow a large variety of solutions. Assessing student programs through structural similarity is only feasible if the diversity in the solution space can be addressed. This study narrows program diversity through a set of semantic preserving program transformations that convert programs into a normal form. The application of the Weighted Assignment Similarity measure to marking student programs is investigated, and strong correlations are found with the human marker. It is shown that the most accurate assessment requires that programs not only be compared with a set of good solutions, but rather a mixed set of programs of varying levels of correctness. This research represents the first documented successful application of structural similarity to the marking of student programs.

Computer networks -- Security measures

Internet -- Security measures

Effective monitoring of slow suspicious activites on computer networks

Kalutarage, H. K.

January 2013

Slow and suspicious activities on modern computer networks are increasingly hard to detect. An attacker may take days, weeks or months to complete an attack life cycle. A particular challenge is to monitor for stealthy attempts deliberately designed to stay beneath detection thresholds. This doctoral research presents a theoretical framework for effective monitoring of such activities. The main contribution of this work is a scalable monitoring scheme proposed in a Bayesian framework, which allows for detection of multiple attackers by setting a threshold using the Grubbs’ test. Second contribution is a tracing algorithm for such attacks. Network paths from a victim to its immediate visible hops are mapped and profiled in a Bayesian framework and the highest scored path is prioritised for monitoring. Third contribution explores an approach to minimise data collection by employing traffic sampling. The traffic is sampled using the stratification sampling technique with optimum allocation method. Using a 10% sampling rate was sufficient to detect simulated attackers, and some network parameters affected on sampling error. Final contribution is a target-centric monitoring scheme to detect nodes under attack. Target-centric approach is quicker to detect stealthy attacks and has potential to detect collusion as it completely independent from source information. Experiments are carried out in a simulated environment using the network simulator NS3. Anomalous traffic is generated along with normal traffic within and between networks using a Poisson arrival model. Our work addresses a key problem of network security monitoring: a scalable monitoring scheme for slow and suspicious activities. State size, in terms of a node score, is a small number of nodes in the network and hence storage is feasible for very large networks.

005.8

IP traceback marking scheme based DDoS defense.

January 2005

Ping Yan. / Thesis submitted in: December 2004. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references (leaves 93-100). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / Chapter 1 --- INTRODUCTION --- p.1 / Chapter 1.1 --- The Problem --- p.1 / Chapter 1.2 --- Research Motivations and Objectives --- p.3 / Chapter 1.3 --- The Rationale --- p.8 / Chapter 1.4 --- Thesis Organization --- p.9 / Chapter 2 --- BACKGROUND STUDY --- p.10 / Chapter 2.1 --- Distributed Denial of Service Attacks --- p.10 / Chapter 2.1.1 --- Taxonomy of DoS and DDoS Attacks --- p.13 / Chapter 2.2 --- IP Traceback --- p.17 / Chapter 2.2.1 --- Assumptions --- p.18 / Chapter 2.2.2 --- Problem Model and Performance Metrics --- p.20 / Chapter 2.3 --- IP Traceback Proposals --- p.24 / Chapter 2.3.1 --- Probabilistic Packet Marking (PPM) --- p.24 / Chapter 2.3.2 --- ICMP Traceback Messaging --- p.26 / Chapter 2.3.3 --- Logging --- p.27 / Chapter 2.3.4 --- Tracing Hop-by-hop --- p.29 / Chapter 2.3.5 --- Controlled Flooding --- p.30 / Chapter 2.4 --- DDoS Attack Countermeasures --- p.30 / Chapter 2.4.1 --- Ingress/Egress Filtering --- p.33 / Chapter 2.4.2 --- Route-based Distributed Packet Filtering (DPF) --- p.34 / Chapter 2.4.3 --- IP Traceback Based Intelligent Packet Filtering --- p.35 / Chapter 2.4.4 --- Source-end DDoS Attack Recognition and Defense --- p.36 / Chapter 2.4.5 --- Classification of DDoS Defense Methods --- p.38 / Chapter 3 --- ADAPTIVE PACKET MARKING SCHEME --- p.41 / Chapter 3.1 --- Scheme Overview --- p.41 / Chapter 3.2 --- Adaptive Packet Marking Scheme --- p.44 / Chapter 3.2.1 --- Design Motivation --- p.44 / Chapter 3.2.2 --- Marking Algorithm Basics --- p.46 / Chapter 3.2.3 --- Domain id Marking --- p.49 / Chapter 3.2.4 --- Router id Marking --- p.51 / Chapter 3.2.5 --- Attack Graph Reconstruction --- p.53 / Chapter 3.2.6 --- IP Header Overloading --- p.56 / Chapter 3.3 --- Experiments on the Packet Marking Scheme --- p.59 / Chapter 3.3.1 --- Simulation Set-up --- p.59 / Chapter 3.3.2 --- Experimental Results and Analysis --- p.61 / Chapter 4 --- DDoS DEFENSE SCHEMES --- p.67 / Chapter 4.1 --- Scheme I: Packet Filtering at Victim-end --- p.68 / Chapter 4.1.1 --- Packet Marking Scheme Modification --- p.68 / Chapter 4.1.2 --- Packet Filtering Algorithm --- p.69 / Chapter 4.1.3 --- Determining the Filtering Probabilities --- p.70 / Chapter 4.1.4 --- Suppressing Packets Filtering with did Markings from Nearby Routers --- p.73 / Chapter 4.2 --- Scheme II: Rate Limiting at the Sources --- p.73 / Chapter 4.2.1 --- Algorithm of the Rate-limiting Scheme --- p.74 / Chapter 4.3 --- Performance Measurements for Scheme I & Scheme II . --- p.77 / Chapter 5 --- CONCLUSION --- p.87 / Chapter 5.1 --- Contributions --- p.87 / Chapter 5.2 --- Discussion and Future Work --- p.91 / Bibliography --- p.100

Computer networks--Security measures

Internet--Security measures

Computer security

Cyber Power and the International System

Lonergan, Shawn William

January 2017

This dissertation is comprised of three separate papers that address how cyber power contributes to national power and the implications for international security posed by cyber operations. The first paper, “Cyber Power and International Stability: Assessing Deterrence and Escalation in Cyberspace,” posits that there are unique attributes that define the cyber domain and that have direct implications on deterrence and escalation dynamics between state actors. The second paper, “Arms Control and Confidence Building Measures for the Cyber Domain,” explores at various mechanisms that states have traditionally used to foster stability and prevent inadvertent conflict and assesses their applicability to controlling cyber operations. Finally, “The Logic of Coercion in Cyberspace” delves into the role of cyber operations as both inadvertent and deliberate signals and assesses their utility as a coercive instrument of statecraft.

Political science

Security, International

Cyberspace--Political aspects

Internet--Security measures

Parent's use of strategies to monitor children's activities online

Maserumule, Ngwanadira Tebogo

January 2017

Thesis (M.Com. (Information Systems))--University of the Witwatersrand, Faculty of Commerce, Law and Management, School of Economic and Business Sciences, 2017 / Although studies have been conducted on the effectiveness of different types of filtering software, limited knowledge is available on parents’ use of strategies to monitor their children’s activities online. Thus, identifying understanding parents’ use of strategies to monitor children’s activities online and the extent in which parents use content filtering software will contribute to the body of knowledge. The purpose of this study is to understand parent’s use of strategies to monitor children’s activities online and the extent in which they use content filtering software in Gauteng Province, South Africa. The study adopted a Social Cognitive Theory to develop a conceptual framework and identify existing theoretical concepts. The conceptual framework adapted Bandura’s (2001) framework to inform data analysis. Data were collected through semi-structured interviews and qualitative, thematic content analysis was used for data analyses. The results of the study indicated that parents do use various strategies to monitor children’s activities online and further apply knowledge, experience, and social support as a rationale for using those strategies. The study further revealed that there is a gap between parents, technology industry and government regarding the use of content filtering software. Thus, the study recommends parents, industry and government work together to protecting children online through various strategies and address the concerns regarding the use of content filtering software. Parents’ need to understand the importance of content filtering software and discuss this with their children to be able to protect them online without restricting access to relevant information. Keywords: Harmful content, blocking, strategies, filtering, online content, software, use, non-use, strategies / GR2018

Computers--Access control

Internet and children

Internet--Security measures

Internet--Censorship

Data privacy : the non-interactive setting

Narayanan, Arvind, 1981-

16 October 2012

The Internet has enabled the collection, aggregation and analysis of personal data on a massive scale. It has also enabled the sharing of collected data in various ways: wholesale outsourcing of data warehousing, partnering with advertisers for targeted advertising, data publishing for exploratory research, etc. This has led to complex privacy questions related to the leakage of sensitive user data and mass harvesting of information by unscrupulous parties. These questions have information-theoretic, sociological and legal aspects and are often poorly understood. There are two fundamental paradigms for how the data is released: in the interactive setting, the data collector holds the data while third parties interact with the data collector to compute some function on the database. In the non-interactive setting, the database is somehow \sanitized" and then published. In this thesis, we conduct a thorough theoretical and empirical investigation of privacy issues involved in non-interactive data release. Both settings have been well analyzed in the academic literature, but simplicity of the non-interactive paradigm has resulted in its being used almost exclusively in actual data releases. We analyze several common applications including electronic directories, collaborative ltering and recommender systems, and social networks. Our investigation has two main foci. First, we present frameworks for privacy and anonymity in these dierent settings within which one might dene exactly when a privacy breach has occurred. Second, we use these frameworks to experimentally analyze actual large datasets and quantify privacy issues. The picture that has emerged from this research is a bleak one for noninteractivity. While a surprising level of privacy control is possible in a limited number of applications, the general sense is that protecting privacy in the non-interactive setting is not as easy as intuitively assumed in the absence of rigorous privacy denitions. While some applications can be salvaged either by moving to an interactive setting or by other means, in others a rethinking of the tradeos between utility and privacy that are currently taken for granted appears to be necessary. / text

Internet--Security measures

Data protection

Electronic data interchange

Computer security

Delegation of rights using PKI-based components

Cheung, Lai-sze., 張麗詩.

January 2004

published_or_final_version / abstract / toc / Computer Science / Master / Master of Philosophy

Public key cryptography.

Internet - Security measures.

Computer security.

Privacy and the internet : differences in perspectives

Janz, Linda, University of Lethbridge. Faculty of Arts and Science

January 1997

This study examined results of a World Wide Web survey that used the framework of domain theory of moral development to examine attitudes of Internet users assuming perspectives of victims, aggressors and bystanders toward privacy issues. The effect of a monetary incentive was tested on two perspectives; effects of three moderating variables, employment status, newsgroup/mailing list membership and culture, were also tested. In the process of examing interactions, an evaluation determined if changes in attitudes indicated movement along a morality continuum. Results show that victims are more concerned than aggressors, and bystanders take a moralizing stance regardless of domain. Results of the monetary incentive test suggest that privacy is for sale. Employed respondents are more concerned than non-employed respondents; membership has little effect. Effects of culture do not support the hypotheses. Implications are that moral judgements are a function of perspective and domain, allowing flexibility along a morality continuum due to situational deviations. / xii, 112 leaves ; 28 cm.

Internet -- Security measures

Internet

Privacy, Right of

Dissertations, Academic

Securing the 'Internet of Things' : decentralised security for wireless networks of embedded systems

King-Lacroix, Justin

January 2016

The phrase 'Internet of Things' refers to the pervasive instrumentation of physical objects with sensors and actuators, and the connection of those sensors and actuators to the Internet. These sensors and actuators are generally based on similar hardware as, and have similar capabilities to, wireless sensor network nodes. However, they operate in a completely different network environment: wireless sensor network nodes all generally belong to a single entity, whereas Internet of Things endpoints can belong to different, even competing, ones. This difference has profound implications for the design of security mechanisms in these environments. Wireless sensor network security is generally focused on defence against attack by external parties. On the Internet of Things, such an insider/outsider distinction is impossible; every entity is both an endpoint for legitimate communications, and a possible source of attack. We argue that that under such conditions, the centralised models that underpin current networking standards and protocols for embedded systems are simply not appropriate, because they require such an insider/outsider distinction. This thesis serves as an exposition in the design of decentralised security mechanisms, applied both to applications, which must perform access control, and networks, which must guarantee communications security. It contains three main contributions. The first is a threat model for Internet of Things networks. The second is BottleCap, a capability-based access control module, and an exemplar of decentralised security architecture at the application layer. The third is StarfishNet, a network-layer protocol for Internet of Things wireless networks, and a similar exemplar of decentralised security architecture at the network layer. Both are evaluated with microbenchmarks on prototype implementations; StarfishNet's association protocol is additionally validated using formal verification in the protocol verification tool Tamarin.