Global ETD Search

21	Classification of Keys in MQQ-SIG Jacobsen, Håkon January 2012 (has links) The security of almost all public-key cryptography is based on some computationally hard problem. Most prominent are the problems of factoring integers into primes and computing discrete logarithms in finite groups. However, in the last two decades, several new public-key schemes have emerged that base their security on completely different problems. One such promising proposal is to base the security of public-key cryptography schemes on the difficulty of solving large systems of multivariate quadratic polynomial equations. A major challenge in designing these public-key systems is to embed an efficient trapdoor into the set of equations. Recently, a novel approach towards this problem was suggested by Gligoroski et al. cite{Gligoroski:2008:MQT}, using the concept of quasigroup string transformations. In this thesis we describe a methodology for identifying strong and weak keys in the newly introduced multivariate public-key signature scheme MQQ-SIG, which is based on this idea. We have conducted a large number of experiments based on Gröbner basis attacks, in order to classify the various parameters that determine the keys in MQQ-SIG. Our findings show that there are big differences in the importance of these parameters. The methodology consists of a classification of different parameters in the scheme, together with an introduction of concrete criteria on which keys to avoid and which to use. Additionally, we identified an unnecessary requirement in the original specification that required the quasigroups to fulfill a certain condition. Removing this restriction can potentially speed up the key generation process by a large factor. Having all this, we propose a new enhanced key generation algorithm for MQQ-SIG that will generate stronger keys and be more efficient than the original key generation method. ntnudaim:7226 MTKOM kommunikasjonsteknologi Informasjonssikkerhet
22	En analyse knyttet til bruk av cookies. / A study related to the use of cookies. Hørthe, Stine January 2012 (has links) Cookies er små informasjonskapsler som Internettaktører legger igjen på en slutt-brukers datamaskin ved surfing på nettsider. Bruken av cookies på nettsider har fåttøkt oppmerksomhet de siste årene. I tillegg til å muliggjøre flere nyttige funksjonerfor en tjenestetilbyder, som for eksempel brukerrettet reklame og informasjonsinn-henting, har det den siste tiden blitt rettet en del kritiske spørsmål rundt bruken avcookies samt spørsmål knyttet til personvern og juridiske aspekt. Denne oppgavenanalyserer og gir en oversikt over bruk av cookies på norske og internasjonale nett-sider. Den undersøker hvor mange og hvilke typer cookies som benyttes og ser påsammenhengen mellom antall cookies, antall cookie-leverandører, og størrelsen pånettsider. Videre blir det sett på de økonomiske og juridiske aspektene knyttet tilcookies, samt cookies fremtidige utsikter.Resultatene viser at cookies er svært utbredt både på norske og internasjonalenettsider. Det er ingenting som tyder på en sammenheng mellom antall cookiesog nettsidens størrelse. Basert på klassifisering av kategorier innenfor både nettsiderog aktører, viser oppgaven at cookies er svært utbredt på nettsider innenfor katego-riene nettavis og magasiner, samt at nettaviser og reklameaktører er sterkt knyttettil hverandre. Resultatene knyttet til fremtidsutsiktene til cookies viser at fremti-den er noe usikker, grunnet nye teknologier som HTML5 og forbrukernes ukjenteinnstilling til cookies, samt fare for strengere lover og tiltak tilknyttet cookies framyndighetens side. ntnudaim:7804 MTKOM kommunikasjonsteknologi Teleøkonomi
23	Senatus - Implementation and Performance Evaluation Askeland, Christian Emil, Salvesen, Anders Emil, Østvold, Arne Fjæren January 2012 (has links) Traffic anomaly detection in backbone networks has received increased at-tention from the research community over the last years. A variety of tech-niques and implementations has been proposed in this area, some which hasbecome commercial products. However, studies have revealed that theseproducts are hardly used, mainly because of high false-positive rates andthe fact that manual inspection of alarms is a time consuming task for thenetwork administrator.Senatus is a recently proposed technique for combined anomaly detectionand root-cause analysis, originally proposed by Atef Abdelkefi. In this the-sis, we provide a complete high-performance implementation of Senatus,including a web Dashboard with overview of anomalies and the possibil-ity for manual fine-tuning of parameters. Furthermore, we have verifiedSenatus performance by comparing Senatus with a implementation of awell-known histogram-based anomaly detection technique.Our results show that Senatus performs very well for detection scans, andthat it matches the histogram-based anomaly detector for Denial of Service-attacks. ntnudaim:7145 MTKOM kommunikasjonsteknologi Informasjonssikkerhet
24	Incentives in Location-Aware Peer-to-Peer Networks : A Game-Theoretical View Follegg, Audun January 2012 (has links) Recently the world wide popularity and utilization of Peer-to-peer (P2P) appli- cations, such as BitTorrent, have experienced a tremendous growth. In addition, studies show that its related traffic accounts for a significant portion of the overall Internet traffic volume. Moreover, the inherently distributed design of P2P net- works in combination with arbitrary peer selection have been shown to introduce traffic control problems for Internet Service Providers (ISPs) as well as causing sig- nificant increases in costly inter-ISP traffic. In order to solve the P2P challenges, a variety of location-aware P2P mechanisms have been published and implemented with varying degrees of success. Although the technical aspects of these mechanisms have been studied quite thoroughly, their adaption and success can arguably only be determined by the entities in power, namely ISPs and its P2P traffic generating customers.In this thesis a game-theoretic approach is pursued in order to capture the economical interactions of both ISPs and its users when presented with a decision of adapting location-aware P2P mechanisms. Specifically, a game-theoretic model is developed, encompassing the variety of ISP and consumer aspects from traffic do- main related costs and P2P performance to Internet access pricing. The model perspective is limited to the decision making between one ISP and its users and it is studied in two steps. First an analytical equilibrium analysis is performed in order to develop general expressions regarding incentivizing actions between the ISP and its users. Finally a numerical analysis is performed, using relevant data found in literature and estimates, in order to identify which strategies that could provide incentives for both ISPs and its users to adapt location-aware P2P mechanisms. ntnudaim:7150 MTKOM kommunikasjonsteknologi Teleøkonomi
25	Economic analysis of QoS differentiation in OPS networks Leistad, Fredrik Grøndahl January 2012 (has links) Quality of Service (QoS) differentiation is the differentiated traffic-handling toachieve multiple service classes of varying quality. In addition to providing serviceguarantees necessary for delay-sensitive, real-time applications, service differentiation can provide increased income for network providers due to price differentiation opportunities. Moreover, with advances in technology, previous QoS schemes based on buffered networks cannot be used in newer, bufferless, optical networks.Current and future technologies were studied to facilitate economic analysis ofQoS differentiation in Optical Packet Switched networks. Empirical data fromrelated studies have been adopted to quantify a relationship between objectivemeasurements of network quality and a users willingness to pay for that quality.Models that represent network scenarios with and without service differentiationwere discussed to address the viability of implementation. The model developedsuggests pricing for customer classes based on network parameters before and after implementation, cost of deployment, customer willingness to pay, and businessrequirements such as Return on Investment. It was determined that under certaincircumstances, a network provider may improve revenue via service differentiation. ntnudaim:7902 MTKOM kommunikasjonsteknologi Teleøkonomi
26	Cheating in Online Games : A Case Study of Bots and Bot-Detection in Browser-Based Multiplayer Games Wendel, Erik January 2012 (has links) The video and computer gaming industry has seen a significant rise in popularity over the last decades and is now the worlds biggest digital entertainment industry [market-gamingvsmovies]. Where games meant Space Invaders and Doom in the old days, gaming is now everything from ultra-realistic shooter games to farm management simulators integrated in the Facebook platform, to games on our smartphones and tablets. This popularity has brought with it the attention of hackers and exploiters, and game cheats flourish in the shady parts of the internet. This thesis has two parts. The first part presents a background study, an oveorview of today's situation in regard to cheating and anti-cheating in online games. The second part is a case study about bots and bot detection in Browser-Based Multiplayer Games (BBMG).In the background study, the main finding is that there are over twenty websites selling cheats or cheat subscriptions, and that the type of cheats available for a game is heavily dependent on the game genre. Most or all first-person shooters (FPS) have available aimbots and wallhacks, and all major massively multiplayer online games (MMO) are exposed to bot programs. The cheats are being sold either alone or through monthly subscriptions, allowing free use of all cheats for all supported games by that vendor. There have been many anti-cheat actors over the past decade, but three known services being continually developed. The two biggest are Valve Anti-Cheat, used by most games managed through Valve's online gaming platform Steam, and PunkBuster, which protects amongst others the Battlefield series. The last big anti-cheat software is the proprietary Warden, used only in Blizzard's own games like the Diablo. Warcraft and Starcraft games. Many cheats are still able to bypass the security mechanisms provided by these, and it is a continuos arms race between cheat developers and anti-cheat developers, just like in the virus and anti-virus industry.In the case study, two bots were written for a non-disclosed BBMG and their performance was tested quantitatively by playing several game accounts in parallel. It showed that bot use yields large performance gains both in the early game stages and for advanced players. As a result of the case study research on bots in online games, a Bot-Detection System (BDS) is created and presented in the last chapter. The goal of the BDS is to detect the use of bots in BBMG by identifying a set of attributes and comparing these to average human behavior. A score system ranging from 0 to 100 is introduced, where the average human behavior is defined as 0, while increasing non-human behavior is given a score >0, with max 100. The BDS is then employed on the two bots and returns scores of 64 and 52, while the six human play testers receive scores of 1 or 0. ntnudaim:7578 MTKOM kommunikasjonsteknologi Informasjonssikkerhet
27	Business Cases for realization and deployment of ITS, with focus on Cooperative Services Valåmo, Line Bomnes January 2012 (has links) There is an increasingly interest for implementation of Intelligent Transportation Systems around the world, and in some countries it is already successfully deployed and up and running. The reason for the desire for an ITS network is known user and environmental benefits, which in broad terms include safer road usage, efficiency and being environmental friendly.ITS is defined as a set of many advanced applications which aim at providing innovative services relating to different modes of traffic and transport management. In Norway, a technical solution for adapting ITS is already established after years with research and development, but there is a main factor holding back implementation; the question of who is financially responsible and whether it will benefit, or not, the organization that takes the responsibility.This thesis discusses the questions listed above through a cost benefit analysis and business models based on case studies formed by suggested ITS services. In order to generate business models it was necessary with an overview of interrelationships and responsibilities between various roles and stakeholders. Together with roles and stakeholders, user benefits and needs were posted and used in the case study and cost benefit analysis.Further, after addressing necessary terms and conditions, three case studies are suggested, formed by a special ITS service and the geographical area of Trondheim. These case studies include a model and a cost and revenue analysis used as subject to the cost and benefit analysis in the following chapter. In the cost benefit analysis the three different alternatives are compared against each other to find the most beneficial solution. The result from the cost and benefit analysis is in the end used as groundwork for the proposed business model, with elements for a ITS solution's value proposition, infrastructure, customers and finances. ntnudaim:7540 MTKOM kommunikasjonsteknologi Teleøkonomi
28	Design av løsning for automatisk måleravlesning av strøm (AMS) / Design of a Solution for Smart Metering Steinsland, Tor-Erik January 2011 (has links) Smart metering should be fully deployed before January 1st 2017 in Norway. The smart meters should be able to report consumption on a hourly basis, meaning that the amount of meter data will increase drastically. This raises some challenges with regards to sharing of meter data. The meter data has to be shared with the power producer, and the regulator has also stated that meter data also should be made available to third parties at the consumers wish. Meter data is important financial data and is also considered as sensitive data, and should be shared in a secure and reliable manner.This thesis gives an introduction to the smart metering technology, as well as the power industry in Norway. Further on, it presents some of the ICT solutions used in the industry today, as well as some proposed future solutions. Based on the proposed solutions and comments received from the industry actors, a test system with minimum centralization of business processes using Web Services technology has been developed. A solution based on the existing system, Nubix, is proposed. The system works as a forwarding hub, meaning that it forwards request from power producers and third parties to the grid owners. By using this solution the development costs can be kept low, and the system can easily be extended if more centralization of meter data and business processes is needed. ntnudaim:6818 MTKOM kommunikasjonsteknologi Teleøkonomi
29	Design av løsning for automatisk måleravlesning av strøm (AMS) basert på Wi-Fi / Design of Solution for Automatic Meter Reading Based on Wi-Fi Helland, Per-Kristian, Thorrud, Åshild Kaldahl January 2011 (has links) Avanserte måle- og styringssystemer (AMS) er et begrep brukt om systemene som skal være med på å fornye strømnettet. Automtisk måleravlesing av strøm er en av oppgavene systemene skal utføre, og dette skal gi muligheter for nye tjenester, mer effektiv drift, nøyaktig fakturering med mer. Planen var å lage en løsning for automatisk strømavlesing som bruker Wi-Fi som kommunikasjonsmedium for å vise at dette er praktisk gjennomførbart. Vi har laget en løsning som henter, lagrer og viser informasjon om strømforbruk fra en strømmåler levert av Kamstrup. Kommunikasjonen skjer over internett med bruk av TCP/IP og benytter standarden DLMS/COSEM som applikasjonsprotokoll for uthenting av informasjon. Vi har utviklet en løsning for et datainnsamlingssystem som kan håndtere mange strømmålere, samt en webløsning som prosesserer og viser relevant informasjon til en tenkt kunde. Oppgaven inneholder en grundig gjennomgang av DLMS/COSEM generelt, hvordan kommunikasjonen fungerer, sikkerhetsmekanismene som finnes og eksempler på meldingsutvekslinger. Dessuten har vi vurdert fordeler og ulemper ved ulike alternativer for kommunikasjonsmedier til bruk i AMS. ntnudaim:6158 MTKOM kommunikasjonsteknologi Teleøkonomi
30	Vurdering av informasjonssikkerheten ved innføring av AMS innen kraftdistribusjon / Securityanalysis of implementing AMI in the Norwegian powergrid Strøm, Petter Andreas January 2012 (has links) Etter krav fra Norges vassdrags- og energidirektorat (NVE) er alle norske nettselskaper innen kraftbransjen pålagt å installere Avanserte Måle- og Styringssystemer (AMS) for alle sine målepunkter innen 1.januar 2017. AMS er en integrering av IKT i kraftforsyningen som muliggjør toveis kommunikasjon for å effektivisere avregning, bytte av kraftleverandør samt danne fundament for det framtidige dynamisk smart strømnett.I et hvert distribuert kommunikasjonssystem må informasjonssikkerheten håndteres etter vurdert risiko et slikt system innfører. Etter vurderinger av NVEs funksjonskrav ble følgende områder for informasjonssikkerhet i AMS definert; sikring av fysisk utstyr, sikkerhet i hardware, sikkerhet i software, sikring av kommunikasjonsteknologi, organisatorisk informasjonssikkerhet. Fundamentalt for distribuerte systemer er sikker datakommunikasjon og det eksisterer mange typer angrep mot AMS om kommunikasjonsnettverket ikke er tilstrekkelig sikret. Vurderingene av konsekvenser ved suksessfulle angrep viser at avhengighet mellom funksjoner, spesielt styringssignaler og konfigurasjonskommandoer, generelt fører til økt kompleksitet og gir større konsekvenser enn angrep mot målerverdier. Ved enkelte tilfeller av suksessfulle angrep mot styringssignaler i AMS-nettverket, vurderes konsekvensene til å være samfunnmessige da det kan resultere i kaskadeeffekter og ustabilitet for hele kraftnettet.I denne oppgaven blir det presentert en sikkerhetsarkitektur for kommunikasjon mellom sluttbruker og nettselskap som kan tilstrekkelig nivå av sikkerhet relativt til konsekvensene av angrep. Arkitekturen er basert på forsvar i dybden og implementerer to lag med sikre ende-til-ende forbindelser basert på DLMS/COSEM og IP/IPsec. ntnudaim:6884 MTKOM kommunikasjonsteknologi Informasjonssikkerhet

Search results