Global ETD Search

311	Visualising network security attacks with multiple 3D visualisation and false alert classification Musa, Shahrulniza January 2008 (has links) Increasing numbers of alerts produced by network intrusion detection systems (NIDS) have burdened the job of security analysts especially in identifying and responding to them. The tasks of exploring and analysing large quantities of communication network security data are also difficult. This thesis studied the application of visualisation in combination with alerts classifier to make the exploring and understanding of network security alerts data faster and easier. The prototype software, NSAViz, has been developed to visualise and to provide an intuitive presentation of the network security alerts data using interactive 3D visuals with an integration of a false alert classifier. The needs analysis of this prototype was based on the suggested needs of network security analyst's tasks as seen in the literatures. The prototype software incorporates various projections of the alert data in 3D displays. The overview was plotted in a 3D plot named as "time series 3D AlertGraph" which was an extension of the 2D histographs into 3D. The 3D AlertGraph was effectively summarised the alerts data and gave the overview of the network security status. Filtering, drill-down and playback of the alerts at variable speed were incorporated to strengthen the analysis. Real-time visual observation was also included. To identify true alerts from all alerts represents the main task of the network security analyst. This prototype software was integrated with a false alert classifier using a classification tree based on C4.5 classification algorithm to classify the alerts into true and false. Users can add new samples and edit the existing classifier training sample. The classifier performance was measured using k-fold cross-validation technique. The results showed the classifier was able to remove noise in the visualisation, thus making the pattern of the true alerts to emerge. It also highlighted the true alerts in the visualisation. Finally, a user evaluation was conducted to find the usability problems in the tool and to measure its effectiveness. The feed backs showed the tools had successfully helped the task of the security analyst and increased the security awareness in their supervised network. From this research, the task of exploring and analysing a large amount of network security data becomes easier and the true attacks can be identified using the prototype visualisation tools. Visualisation techniques and false alert classification are helpful in exploring and analysing network security data. 005.8
312	An investigation into financial fraud in online banking and card payment systems in the UK and China Sun, Yan January 2011 (has links) This doctoral thesis represents an investigation into financial fraud in online banking and card payment systems in the UK and China, involving network security, online financial transactions, internet fraud, card payment systems and individuals' perception of and behaviours towards electronic environments. In contrast to previous studies, the research questions were tackled by survey questionnaires both in the UK and China, with a particular interest in fraud and attempted fraud. The main findings from the UK respondents were that those with higher IT skill and younger respondents are more likely to be defrauded on the internet. Certain types of online activities are associated with higher risks of fraud, these being internet banking; online shopping and media downloading. Furthermore, four predictors (internet banking, online education services, downloading media and length of debit card usage) provided significant effects in the logistic regression model to explain fraud occurrence in the UK. Based on the data collected in China, younger respondents were more likely to have higher general IT skill and higher educational qualifications. However, online shopping was the only online activity which was significantly correlated to fraud occurrence. Finally, two predictors (frequency of usage of online shopping and number of debit cards) were selected in the logistic regression model to explain fraud occurrence in China. 364.163
313	A CyberCIEGE scenario illustrating multilevel secrecy issues in an air operations center environment Meyer, Marc K. 06 1900 (has links) Approved for public release; distribution is unlimited / CyberCIEGE provides an addition to traditional Information Assurance (IA) education in the form of an interactive, entertaining, commercial-grade PC-based computer game. Educational objectives are contained in scenarios that serve to teach particular IA concepts. The details of a scenario are contained in a Scenario Definition File (SDF), which is written in the CyberCIEGE Scenario Definition Language. This language is rich enough to express a range of information security policies and operational data access requirements, resulting in a nearly limitless pool of possible scenarios. This thesis developed a playable scenario illustrating confidentiality protection concepts in an open storage environment modeled after an Air Operations Center. Educational goals include physical protection of high value assets and use of strong authentication policies to protect moderate value assets. The major work of this thesis was designing an SDF to reflect a military information security policy and work flow environment contained in the educational goals. The confirmation of the proper operation of selected aspects of the CyberCIEGE game engine, and the assurance that the SDF confronts the player with the security trade-offs occurred through the application of a testing methodology. The creation of detailed solutions and incorrect gameplay examples constitute this testing process. / Captain, United States Air Force Computer games Programming Computer users United States Computer networks Security measures Computer security CyberCIEGE Information assurance IA Scenario definition file SDF Network security training
314	CyberCIEGE scenario illustrating secrecy issues through mandatory and discretionary access control policies in a multi-level security network LaMore, Robert L. 06 1900 (has links) Approved for public release, distribution is unlimited / User training in computer and network security is crucial to the survival of modern networks, yet the methods employed to train users often seem ineffective. One possible reason is that users are not fully engaged during these training sessions and thus they tend to forget the lessons being taught. The CyberCIEGE game introduces a new method of training in computer and network security. The player engages in a simulation-based network security game, that reflects real-world security principles. Each time the CyberCIEGE game runs, it loads a Scenario Definition File (SDF) written to teach specific security concepts. This thesis developed such a scenario definition file for the CyberCIEGE game. The educational purpose of the scenario is to illustrate secrecy issues in the context of mandatory and discretionary access control in a multilevel networked environment. The primary work of this thesis was to construct the scenario definition file such that playing the resulting game would achieve this educational purpose. This thesis also resulted in the construction of scenario definition files to test the CyberCIEGE game engine for expected results. These tests resulted in several recommendations for improvement in the game engine. / First Lieutenant, United States Air Force Computer networks Security measures Computer security Computer users United States Computer games Programming Information assurance CyberCIEGE Scenario definition file Network security training
315	Quantitative risk assessment under multi-context environments Zhang, Su January 1900 (has links) Doctor of Philosophy / Department of Computing and Information Sciences / Xinming Ou / If you cannot measure it, you cannot improve it. Quantifying security with metrics is important not only because we want to have a scoring system to track our efforts in hardening cyber environments, but also because current labor resources cannot administrate the exponentially enlarged network without a feasible risk prioritization methodology. Unlike height, weight or temperature, risk from vulnerabilities is sophisticated to assess and the assessment is heavily context-dependent. Existing vulnerability assessment methodologies (e.g. CVSS scoring system, etc) mainly focus on the evaluation over intrinsic risk of individual vulnerabilities without taking their contexts into consideration. Vulnerability assessment over network usually output one aggregated metric indicating the security level of each host. However, none of these work captures the severity change of each individual vulnerabilities under different contexts. I have captured a number of such contexts for vulnerability assessment. For example, the correlation of vulnerabilities belonging to the same application should be considered while aggregating their risk scores. At system level, a vulnerability detected on a highly depended library code should be assigned with a higher risk metric than a vulnerability on a rarely used client side application, even when the two have the same intrinsic risk. Similarly at cloud environment, vulnerabilities with higher prevalences deserve more attention. Besides, zero-day vulnerabilities are largely utilized by attackers therefore should not be ignored while assessing the risks. Historical vulnerability information at application level can be used to predict underground risks. To assess vulnerability with a higher accuracy, feasibility, scalability and efficiency, I developed a systematic vulnerability assessment approach under each of these contexts. Vulnerability assessment Quantitative risk assessment Cloud computing security Zero-day vulnerability assessment Software dependency risk assessment Network security (attack graph) Computer Science (0984)
316	Systematic Evaluations Of Security Mechanism Deployments Sze Yiu Chau (7038539) 13 August 2019 (has links) <div>In a potentially hostile networked environment, a large diversity of security mechanisms with varying degree of sophistication are being deployed to protect valuable computer systems and digital assets. </div><div><br></div><div>While many competing implementations of similar security mechanisms are available in the current software development landscape, the robustness and reliability of such implementations are often overlooked, resulting in exploitable flaws in system deployments. In this dissertation, we systematically evaluate implementations of security mechanisms that are deployed in the wild. First, we examine how content distribution applications on the Android platform control access to their multimedia contents. With respect to a well-defined hierarchy of adversarial capabilities and attack surfaces, we find that many content distribution applications, including that of some world-renowned publications and streaming services, are vulnerable to content extraction due to the use of unjustified assumptions in their security mechanism designs and implementations. Second, we investigate the validation logic of X.509 certificate chains as implemented in various open-source TLS libraries. X.509 certificates are widely used in TLS as a means to achieve authentication. A validation logic that is overly restrictive could lead to the loss of legitimate services, while an overly permissive implementation could open door to impersonation attacks. Instead of manual analysis and unguided fuzzing, we propose a principled approach that leverages symbolic execution to achieve better coverage and uncover logical flaws that are buried deep in the code. We find that many TLS libraries deviate from the specification. Finally, we study the verification of RSA signatures, as specified in the PKCS#1 v1.5 standard, which is widely used in many security-critical network protocols. We propose an approach to automatically generate meaningful concolic test cases for this particular problem, and design and implement a provenance tracking mechanism to assist root-cause analysis in general. Our investigation revealed that several crypto and IPSec implementations are susceptible to new variants of the Bleichenbacher low-exponent signature forgery.</div> Software Engineering Computer Software Computer System Security Network security symbolic execution Digital signature Public Key Infrastructure Cryptographic protocols Digital rights management Content distribution
317	Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks. Oliveira, Bruno Trevizan de 03 August 2012 (has links) Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task. Código de autenticação de mensagem Criptografia simétrica End-to-end security Message authentication code Network security Redes de sensores sem fio Segurança de redes Segurança fim-a-fim Symmetric cryptography Wireless sensor networks
318	Segurança para o sistema brasileiro de televisão digital: contribuições à proteção de direitos autorais e à autenticação de aplicativos. / Security on brazilian digital television system: contributions to the digital rights protection and to applications authentication. Costa, Laisa Caroline de Paula 22 May 2009 (has links) O sistema de televisão é considerado o principal meio de comunicação e entretenimento no Brasil. Com o início das transmissões do sistema de televisão digital brasileiro no final de 2007, os principais impactos da digitalização do sistema de TV são: a alta definição de imagens e som, a mobilidade e a portabilidade. Com o tempo, outras funcionalidades serão incorporadas: a multiprogramação (mais de um programa no mesmo canal) e a interatividade. E é a partir da TV interativa que passa a ser possível o oferecimento de serviços para a população. Este trabalho tem como objetivo sistematizar as questões relacionadas com segurança no âmbito da televisão digital terrestre, além de propor e avaliar contribuições para uma arquitetura de segurança considerando o cenário expandido da televisão digital brasileira; especialmente no que tange a proteção de direitos autorais em TV aberta e a autenticação de aplicativos e serviços para TV interativa. A pesquisa realizada considera a realidade brasileira, suas necessidades específicas e as tecnologias disponíveis mais adequadas a elas, viabilizando o uso de serviços com alto valor agregado. Para atingir estes objetivos, foi realizado um amplo levantamento de tecnologias e sistemas existentes relacionados com o tema de segurança em TV digital. Com base neste levantamento, o trabalho apresenta uma sistematização da segurança para a televisão digital terrestre e aberta no Brasil na qual são identificados casos de uso e requisitos. É proposto o SPDA-BR, um sistema de proteção de direitos autorais adequado ao parque de televisores nacional e com menor impacto no custo de receptores; é proposto também o AUTV, um mecanismo de autenticação de aplicativos flexível (que possa ser utilizada para atualização de software, instalação de drivers, aplicativos interativos), compatível com padrões abertos e com a ICP Brasil. Esta dissertação forneceu subsídios para a escrita da norma de segurança para o Sistema Brasileiro de Televisão Digital, gerou publicações de artigos científicos e técnicos, e a comprovação de viabilidade, tanto do SPDA-BR como do AUTV, através de simulações e prova de conceito, respectivamente. / In Brazil, the television system is considered an important source of communication and entertainment. The Brazilian digital transmissions started on December 2007 and first offered functionalities were the high definition, mobility and portability. In a later moment other functionalities will be added: multiprogramming (more than one service per channel) and interactivity. With the interactivity it is possible to offer digital services to the public. This work goals are to present a systematic DTV security issues overview, to propose and analyze DTV security issues contributions; specifically to the digital rights protection, considering free to air DTV, and the services and applications to interactive TV. This research considers the Brazillian requirements and identifies the most suitable technologies to these requirements, allowing high value services integration to the television system. In order to achieve these goals, it was done a wide state of the art research and the DTV security use cases identification and its requirements specification. The SPDA-BR and AUTV were proposed. The SPDA-BR is a digital rights protection system suitable to the Brazilian scenario with the minimum cost impact. The AUTV is a flexible authentication mechanism (that can be applied to software update, driver installation and interactive DTV applications), compatible to the open standards and to the Brazilian Public Key Cryptographic Infrastructure. This text contributed to the DTV Brazilian system, generated scientific and technical publications, and specified as well as proved the feasibility of both SPDA-BR and AUTV, through simulation and proof of concept, respectively. Criptologia Criptology Digital television Interactive television Network security Segurança de redes Segurança de software Software security Televisão (engenharia elétrica) Televisão digital Televisão interativa Television (electrical engineering)
319	Segurança para o sistema brasileiro de televisão digital: contribuições à proteção de direitos autorais e à autenticação de aplicativos. / Security on brazilian digital television system: contributions to the digital rights protection and to applications authentication. Laisa Caroline de Paula Costa 22 May 2009 (has links) O sistema de televisão é considerado o principal meio de comunicação e entretenimento no Brasil. Com o início das transmissões do sistema de televisão digital brasileiro no final de 2007, os principais impactos da digitalização do sistema de TV são: a alta definição de imagens e som, a mobilidade e a portabilidade. Com o tempo, outras funcionalidades serão incorporadas: a multiprogramação (mais de um programa no mesmo canal) e a interatividade. E é a partir da TV interativa que passa a ser possível o oferecimento de serviços para a população. Este trabalho tem como objetivo sistematizar as questões relacionadas com segurança no âmbito da televisão digital terrestre, além de propor e avaliar contribuições para uma arquitetura de segurança considerando o cenário expandido da televisão digital brasileira; especialmente no que tange a proteção de direitos autorais em TV aberta e a autenticação de aplicativos e serviços para TV interativa. A pesquisa realizada considera a realidade brasileira, suas necessidades específicas e as tecnologias disponíveis mais adequadas a elas, viabilizando o uso de serviços com alto valor agregado. Para atingir estes objetivos, foi realizado um amplo levantamento de tecnologias e sistemas existentes relacionados com o tema de segurança em TV digital. Com base neste levantamento, o trabalho apresenta uma sistematização da segurança para a televisão digital terrestre e aberta no Brasil na qual são identificados casos de uso e requisitos. É proposto o SPDA-BR, um sistema de proteção de direitos autorais adequado ao parque de televisores nacional e com menor impacto no custo de receptores; é proposto também o AUTV, um mecanismo de autenticação de aplicativos flexível (que possa ser utilizada para atualização de software, instalação de drivers, aplicativos interativos), compatível com padrões abertos e com a ICP Brasil. Esta dissertação forneceu subsídios para a escrita da norma de segurança para o Sistema Brasileiro de Televisão Digital, gerou publicações de artigos científicos e técnicos, e a comprovação de viabilidade, tanto do SPDA-BR como do AUTV, através de simulações e prova de conceito, respectivamente. / In Brazil, the television system is considered an important source of communication and entertainment. The Brazilian digital transmissions started on December 2007 and first offered functionalities were the high definition, mobility and portability. In a later moment other functionalities will be added: multiprogramming (more than one service per channel) and interactivity. With the interactivity it is possible to offer digital services to the public. This work goals are to present a systematic DTV security issues overview, to propose and analyze DTV security issues contributions; specifically to the digital rights protection, considering free to air DTV, and the services and applications to interactive TV. This research considers the Brazillian requirements and identifies the most suitable technologies to these requirements, allowing high value services integration to the television system. In order to achieve these goals, it was done a wide state of the art research and the DTV security use cases identification and its requirements specification. The SPDA-BR and AUTV were proposed. The SPDA-BR is a digital rights protection system suitable to the Brazilian scenario with the minimum cost impact. The AUTV is a flexible authentication mechanism (that can be applied to software update, driver installation and interactive DTV applications), compatible to the open standards and to the Brazilian Public Key Cryptographic Infrastructure. This text contributed to the DTV Brazilian system, generated scientific and technical publications, and specified as well as proved the feasibility of both SPDA-BR and AUTV, through simulation and proof of concept, respectively. Criptologia Segurança de redes Segurança de software Televisão (engenharia elétrica) Televisão digital Televisão interativa Criptology Digital television Interactive television Network security Software security Television (electrical engineering)
320	Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks. Bruno Trevizan de Oliveira 03 August 2012 (has links) Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task. Código de autenticação de mensagem Criptografia simétrica Redes de sensores sem fio Segurança de redes Segurança fim-a-fim End-to-end security Message authentication code Network security Symmetric cryptography Wireless sensor networks

Search results