Global ETD Search

231	Mobile IPv4 Secure Access to Home Networks Tang, Jin 29 June 2006 (has links) With the fast development of wireless networks and devices, Mobile IP is expected to be used widely so that mobile users can access the Internet anywhere, anytime without interruption. However, some problems, such as firewall traversal and use of private IP addresses, restrict use of Mobile IP. The objective of this thesis is to design original schemes that can enable a mobile node at abroad to access its home network as well as the Internet securely and that can help Mobile IP to be used widely and commercially. Our solutions are secure, efficient, and scalable. They can be implemented and maintained easily. In this thesis, we mainly consider Mobile IPv4, instead of Mobile IPv6. Three research topics are discussed. In each topic, the challenges are investigated and the new solutions are presented. The first research topic solves the firewall traversal problems in Mobile IP. A mobile node cannot access its firewall-protected home network if it fails the authentication by the firewall. We propose that an IPsec tunnel be established between the firewall and the foreign agent for firewall traversal and that an IPsec transport security association be shared by the mobile node and a correspondent node for end-to-end security. The second topic researches further on firewall traversal problems and investigates the way of establishing security associations among network entities. A new security model and a new key distribution method are developed. With the help of the security model and keys, the firewall and the relevant network entities set up IPsec security associations to achieve firewall traversal. A mobile node from a private home network cannot communicate with other hosts with its private home address when it is visiting a public foreign network. A novel and useful solution is presented in the third research topic. We suggest that the mobile node use its Network Access Identifier (NAI) as its identification and obtain a public home address from its home agent. In addition, a new tunnel between the mobile node and its home agent is proposed. Private addresses AAA IPsec Firewall Network security Mobile IP Wireless Internet Computer networks Security measures Firewalls (Computer security) Mobile agents (Computer software)
232	RADAR: compiler and architecture supported intrusion prevention, detection, analysis and recovery Zhang, Tao 25 August 2006 (has links) In this dissertation, we propose RADAR - compileR and micro-Architecture supported intrusion prevention, Detection, Analysis and Recovery. RADAR is an infrastructure to help prevent, detect and even recover from attacks to critical software. Our approach emphasizes collaborations between compiler and micro-architecture to avoid the problems of purely software or hardware based approaches. With hardware support for cryptographic operations, our infrastructure can achieve strong process isolation to prevent attacks from other processes and to prevent certain types of hardware attacks. Moreover, we show that an unprotected system address bus leaks critical control flow information of the protected software but has never been carefully addressed previously. To enhance intrusion prevention capability of our infrastructure further, we present a scheme with both innovative hardware modification and extensive compiler support to eliminate most of the information leakage on system address bus. However, no security system is able to prevent all attacks. In general, we have to assume that certain attacks will get through our intrusion prevention mechanisms. To protect software from those attacks, we build a second line of defense consisted of intrusion detection and intrusion recovery mechanisms. Our intrusion detection mechanisms are based on anomaly detection. In this dissertation, we propose three anomaly detection schemes. We demonstrate the effectiveness of our anomaly detection schemes thus the great potential of what compiler and micro-architecture can do for software security. The ability to recover from an attack is very important for systems providing critical services. Thus, intrusion recoverability is an important goal of our infrastructure. We focus on recovery of memory state in this dissertation, since most attacks break into a system by memory tampering. We propose two schemes for intrusion analysis. The execution logging based scheme incurs little performance overhead but has higher demand for storage and memory bandwidth. The external input points tagging based scheme is much more space and memory bandwidth efficient, but leads to significant performance degradation. After intrusion analysis is done and tampered memory state is identified, tampered memory state can be easily recovered through memory updates logging or memory state checkpointing. Software protection Compiler support Microarchitecture support Information leakage prevention Anomaly detection Intrusion recovery Computer networks Security measures Computer architecture Computer network protocols
233	Flexible access control for campus and enterprise networks Nayak, Ankur Kumar 07 April 2010 (has links) We consider the problem of designing enterprise network security systems which are easy to manage, robust and ﬂexible. This problem is challenging. Today, most approaches rely on host security, middleboxes, and complex interactions between many protocols. To solve this problem, we explore how new programmable networking paradigms can facilitate ﬁne-grained network control. We present Resonance, a system for securing enterprise networks , where the network elements themselves en- force dynamic access control policies through state changes based on both ﬂow-level information and real-time alerts. Resonance uses programmable switches to manipulate traffic at lower layers; these switches take actions (e.g., dropping or redirecting traffic) to enforce high-level security policies based on input from both higher-level security boxes and distributed monitoring and inference systems. Using our approach, administrators can create security applications by first identifying a state machine to represent different policy changes and then, translating these states into actual network policies. Earlier approaches in this direction (e.g., Ethane, Sane) have remained low-level requiring policies to be written in languages which are too detailed and are difficult for regular users and administrators to comprehend. As a result, significant effort is needed to package policies, events and network devices into a high-level application. Resonance abstracts out all the details through its state-machine based policy specification framework and presents security functions which are close to the end system and hence, more tractable. To demonstrate how well Resonance can be applied to existing systems, we consider two use cases. First relates to "Network Admission Control" problem. Georgia Tech dormitories currently use a system called START (Scanning Technology for Automated Registration, Repair, and Response Tasks) to authenticate and secure new hosts entering the network [23]. START uses a VLAN-based approach to isolate new hosts from authenticated hosts, along with a series of network device interactions. VLANs are notoriously difficult to use, requiring much hand-holding and manual configuration. Our interactions with the dorm network administrators have revealed that this existing system is not only difficult to manage and scale but also inﬂexible, allowing only coarse-grained access control. We implemented START by expressing its functions in the Resonance framework. The current system is deployed across three buildings in Georgia Tech with both wired as well as wireless connectivities. We present an evaluation of our system's scalability and performance. We consider dynamic rate limiting as the second use case for Resonance. We show how a network policy that relies on rate limiting and traffic shaping can easily be implemented using only a few state transitions. We plan to expand our deployment to more users and buildings and support more complex policies as an extension to our ongoing work. Main contributions of this thesis include design and implementation of a ﬂexible access control model, evaluation studies of our system's scalability and performance, and a campus-wide testbed setup with a working version of Resonance running. Our preliminary evaluations suggest that Resonance is scalable and can be potentially deployed in production networks. Our work can provide a good platform for more advanced and powerful security techniques for enterprise networks. Access control Security Enterprise networks Programmable networks Computer networks Security measures Computer networks Management Computer networks Local area networks (Computer networks)
234	Certificate revocation list distribution in vehicular ad hoc networks Nowatkowski, Michael E. 05 April 2010 (has links) The objective of this research is to investigate improved methods for distributing certificate revocation lists (CRLs) in vehicular ad hoc networks (VANETs). VANETs are a subset of mobile ad hoc networks composed of network-equipped vehicles and infrastructure points, which will allow vehicles to communicate with other vehicles and with roadside infrastructure points. While sharing some of the same limitations of mobile ad hoc networks, such as lack of infrastructure and limited communications range, VANETs have several dissimilarities that make them a much different research area. The main differences include the size of the network, the speed of the vehicles, and the network security concerns. Confidentiality, authenticity, integrity, and availability are some of the standard goals of network security. While confidentiality and authenticity at times seem in opposition to each other, VANET researchers have developed many methods for enhancing confidentiality while at the same time providing authenticity. The method agreed upon for confidentiality and authenticity by most researchers and the IEEE 1609 working group is a public key infrastructure (PKI) system. An important part of any PKI system is the revocation of certificates. The revocation process, as well as the distribution of revocation information, is an open research problem for VANETs. This research develops new methods of CRL distribution and compares them to existing methods proposed by other researchers. The new methods show improved performance in various vehicle traffic densities. Network security Vehicular ad hoc network Simulation IEEE 1609 Certificate revocation list ns-3 Computer networks Security measures
235	A secure communication framework for wireless sensor networks Uluagac, Arif Selcuk 14 June 2010 (has links) Today, wireless sensor networks (WSNs) are no longer a nascent technology and future networks, especially Cyber-Physical Systems (CPS) will integrate more sensor-based systems into a variety of application scenarios. Typical application areas include medical, environmental, military, and commercial enterprises. Providing security to this diverse set of sensor-based applications is necessary for the healthy operations of the overall system because untrusted entities may target the proper functioning of applications and disturb the critical decision-making processes by injecting false information into the network. One way to address this issue is to employ en-route-filtering-based solutions utilizing keys generated by either static or dynamic key management schemes in the WSN literature. However, current schemes are complicated for resource-constrained sensors as they utilize many keys and more importantly as they transmit many keying messages in the network, which increases the energy consumption of WSNs that are already severely limited in the technical capabilities and resources (i.e., power, computational capacities, and memory) available to them. Nonetheless, further improvements without too much overhead are still possible by sharing a dynamically created cryptic credential. Building upon this idea, the purpose of this thesis is to introduce an efficient and secure communication framework for WSNs. Specifically, three protocols are suggested as contributions using virtual energies and local times onboard the sensors as dynamic cryptic credentials: (1) Virtual Energy-Based Encryption and Keying (VEBEK); (2) TIme-Based DynamiC Keying and En-Route Filtering (TICK); (3) Secure Source-Based Loose Time Synchronization (SOBAS) for WSNs. Virtual energy-based dynamic keying Time-based dynamic keying Security Wireless sensor networks security Wireless sensor networks Wireless communication systems Sensor networks
236	Cooperative communication in wireless networks: algorithms, protocols and systems Lakshmanan, Sriram 28 July 2011 (has links) Current wireless network solutions are based on a link abstraction where a single co-channel transmitter transmits in any time duration. This model severely limits the performance that can be obtained from the network. Being inherently an extension of a wired network model, this model is also incapable of handling the unique challenges that arise in a wireless medium. The prevailing theme of this research is to explore wireless link abstractions that incorporate the broadcast and space-time varying nature of the wireless channel. Recently, a new paradigm for wireless networks which uses the idea of 'cooperative transmissions' (CT) has garnered significant attention. Unlike current approaches where a single transmitter transmits at a time in any channel, with CT, multiple transmitters transmit concurrently after appropriately encoding their transmissions. While the physical layer mechanisms for CT have been well studied, the higher layer applicability of CT has been relatively unexplored. In this work, we show that when wireless links use CT, several network performance metrics such as aggregate throughput, security and spatial reuse can be improved significantly compared to the current state of the art. In this context, our first contribution is Aegis, a framework for securing wireless networks against eavesdropping which uses CT with intelligent scheduling and coding in Wireless Local Area networks. The second contribution is Symbiotic Coding, an approach to encode information such that successful reception is possible even upon collisions. The third contribution is Proteus, a routing protocol that improves aggregate throughput in multi-hop networks by leveraging CT to adapt the rate and range of links in a flow. Finally, we also explore the practical aspects of realizing CT using real systems. Wireless LANs Routing Cooperative communication Smart antennas Wireless networks Security Computer network protocols Wireless communication systems Computer network architectures Computer networks Security measures
237	Economic issues in distributed computing Huang, Yun, 1973- 28 August 2008 (has links) On the Internet, one of the essential characteristics of electronic commerce is the integration of large-scale computer networks and business practices. Commercial servers are connected through open and complex communication technologies, and online consumers access the services with virtually unpredictable behavior. Both of them as well as the e-Commerce infrastructure are vulnerable to cyber attacks. Among the various network security problems, the Distributed Denial-of-Service (DDoS) attack is a unique example to illustrate the risk of commercial network applications. Using a massive junk traffic, literally anyone on the Internet can launch a DDoS attack to flood and shutdown an eCommerce website. Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate the organizations. Chapter 1 discusses two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching, and then analyzes the broken incentive chain in each of these technological solutions. As a remedy, I propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks. Chapter 2 addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. I propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms built on usage-based fees. Cost-effectiveness is also addressed through an illustrative implementation scheme using Policy Based Networking (PBN). By investigating both technological and economic difficulties in defense of DDoS attacks which have plagued the wired Internet, our aim here is to foster further development of wireless Internet infrastructure as a more secure and efficient platform for mobile commerce. To avoid centralized resources and performance bottlenecks, online peer-to-peer communities and online social network have become increasingly popular. In particular, the recent boost of online peer-to-peer communities has led to exponential growth in sharing of user-contributed content which has brought profound changes to business and economic practices. Understanding the dynamics and sustainability of such peer-to-peer communities has important implications for business managers. In Chapter 3, I explore the structure of online sharing communities from a dynamic process perspective. I build an evolutionary game model to capture the dynamics of online peer-to-peer communities. Using online music sharing data collected from one of the IRC Channels for over five years, I empirically investigate the model which underlies the dynamics of the music sharing community. Our empirical results show strong support for the evolutionary process of the community. I find that the two major parties in the community, namely sharers and downloaders, are influencing each other in their dynamics of evolvement in the community. These dynamics reveal the mechanism through which peer-to-peer communities sustain and thrive in a constant changing environment. / text Electronic commerce--Security measures Computer networks--Security measures Online social networks
238	An investigation of high school learners using MXIT, and their attitudes towards mobile security. Bhoola, Nisha. 10 October 2013 (has links) This research encompassed an investigation of high school learners using MXiT, and their attitudes towards mobile security guidelines. The research was conducted across thirteen schools in the Pinetown, ILembe and Umlazi districts of KwaZulu-Natal. The literature review has shown that the majority of security guidelines and their successful use depend on education and awareness of what these security measures are. Secure use of mobile social networking sites such as MXiT are best regulated by parental awareness and monitoring of children‟s online habits. This needs parents to be abreast of technology, its uses and benefits, the associated dangers, as well as how to encourage and monitor usage. The research was conducted by administering questionnaires to grades 8 to 11 inclusive in the three districts of KwaZulu-Natal. Out of the 1300 questionnaires handed out to learners, a total of 856 completed questionnaires (66%) were received and analysed. It was found from the study that 89,5% of under age users that participated in this research are using MXiT. Users are also not fully aware of the security features when using MXiT. It has also been found that African respondents as compared with non- African respondents are less aware of the possible dangers in using MXiT, less aware that criminals can use fake IDs and pretend to be someone they are not, and less aware that people can get addicted to MXiT. Learners are aware of the dangers that can be associated with MXiT; however they are prepared to talk to strangers and meet new people online, thus exposing themselves to these dangers. In conclusion, there is scope to improve the security measures for MXiT users, and there is a need to improve the levels of education around using these security features. / Thesis (M.Com.)-University of KwaZulu-Natal, Westville, 2011.
239	Correlation-based Botnet Detection in Enterprise Networks Gu, Guofei 07 July 2008 (has links) Most of the attacks and fraudulent activities on the Internet are carried out by malware. In particular, botnets, as state-of-the-art malware, are now considered as the largest threat to Internet security. In this thesis, we focus on addressing the botnet detection problem in an enterprise-like network environment. We present a comprehensive correlation-based framework for multi-perspective botnet detection consisting of detection technologies demonstrated in four complementary systems: BotHunter, BotSniffer, BotMiner, and BotProbe. The common thread of these systems is correlation analysis, i.e., vertical correlation (dialog correlation), horizontal correlation, and cause-effect correlation. All these Bot* systems have been evaluated in live networks and/or real-world network traces. The evaluation results show that they can accurately detect real-world botnets for their desired detection purposes with a very low false positive rate. We find that correlation analysis techniques are of particular value for detecting advanced malware such as botnets. Dialog correlation can be effective as long as malware infections need multiple stages. Horizontal correlation can be effective as long as malware tends to be distributed and coordinated. In addition, active techniques can greatly complement passive approaches, if carefully used. We believe our experience and lessons are of great benefit to future malware detection. Malware detection Network security Anomaly detection Intrusion detection Local area networks (Computer networks) Computer networks Security measures Computer crimes Correlation (Statistics)
240	Automatic identification and removal of low quality online information Webb, Steve 17 November 2008 (has links) The advent of the Internet has generated a proliferation of online information-rich environments, which provide information consumers with an unprecedented amount of freely available information. However, the openness of these environments has also made them vulnerable to a new class of attacks called Denial of Information (DoI) attacks. Attackers launch these attacks by deliberately inserting low quality information into information-rich environments to promote that information or to deny access to high quality information. These attacks directly threaten the usefulness and dependability of online information-rich environments, and as a result, an important research question is how to automatically identify and remove this low quality information from these environments. The first contribution of this thesis research is a set of techniques for automatically recognizing and countering various forms of DoI attacks in email systems. We develop a new DoI attack based on camouflaged messages, and we show that spam producers and information consumers are entrenched in a spam arms race. To break free of this arms race, we propose two solutions. One solution involves refining the statistical learning process by associating disproportionate weights to spam and legitimate features, and the other solution leverages the existence of non-textual email features (e.g., URLs) to make the classification process more resilient against attacks. The second contribution of this thesis is a framework for collecting, analyzing, and classifying examples of DoI attacks in the World Wide Web. We propose a fully automatic Web spam collection technique and use it to create the Webb Spam Corpus -- a first-of-its-kind, large-scale, and publicly available Web spam data set. Then, we perform the first large-scale characterization of Web spam using content and HTTP session analysis. Next, we present a lightweight, predictive approach to Web spam classification that relies exclusively on HTTP session information. The final contribution of this thesis research is a collection of techniques that detect and help prevent DoI attacks within social environments. First, we provide detailed descriptions for each of these attacks. Then, we propose a novel technique for capturing examples of social spam, and we use our collected data to perform the first characterization of social spammers and their behaviors. Denial of information Email spam Web spam Social spam Applied machine learning Information security Spam filtering (Electronic mail) World Wide Web Online social networks Computer networks Security measures

Search results