Global ETD Search

91	Influence modeling and malicious users identification in interactive networks. / CUHK electronic theses & dissertations collection January 2012 (has links) 由於在線社交網絡的龐大用戶群和口碑效應的病毒式傳播特點，使用少量用戶吸引大量用戶的定向廣告策略在病毒營銷中是非常有效的。公司可以先提供免費商品給在線社交網絡上的小部份用戶，然後依靠這些用戶推薦此產品給他們的好友，從而達到提升產品整體銷售額的目的。在本文中，我們考慮如下在線社交網絡中廣告投放的問題:給定廣告投放資本，比如固定數目的免費產品，公司需要決定在線社交網絡中用戶會最終購買的概率。為了研究此問題，我們把在線社交網絡模擬成擁有或者沒有高聚合係數的無標度圖。我們使用多個影響機制來刻畫如此大規模網絡中的影響傳播，并且使用本地平均場技術來分析這些節點狀態會被影響機制所改變的網絡。我們運行了大量的仿真實驗來驗證我們的理論模型。這些模型能夠為設計在線社交網絡中的有效廣告投放策略提供認識和指導。 / 雖然口碑效應的病毒式傳播能有效地促進產品銷售，但是它同時也為惡意行為提供了機會:不誠實用戶會故意給他們的好友提供錯誤的推薦從而擾亂正常的市場份額分配。為了解決這個問題，我們提出了一個通用的檢測框架，并基於此檢測框架制定了一系列完全分佈式的檢測算法來識別在線社交網絡中的不誠實用戶。我們考慮了不誠實用戶採取基本策略和智能策略兩種情況。我們通過計算假陽性概率，假陰性概率和檢測不誠實用戶所需要的時間的分佈來度量檢測算法的性能。大量的仿真實驗不僅說明了不誠實推薦所造成的影響，也驗證了檢測算法的有效性。我們還應用前面提到的通用檢測框架來解決無線網格網絡(wireless mesh network)和點對點視頻直播網絡(peer-to-peer live streaming network)中的污染攻擊問題。在應用了網絡編碼的無線網格網絡中，污染攻擊是一個很嚴重的安全問題。惡意節點能夠輕易地發動污染攻擊，從而造成污染數據包的病毒式傳播進而消耗網絡資源。前面提到的通用檢測框架也能被用來解決此安全問題。明確地說，我們使用基於時間的校驗碼和批量驗證機制來決定污染數據包的存在與否，然後提出一系列完全分佈式的檢測算法。即使智能攻擊者存在時，此檢測算法仍然有效。這裡智能攻擊者指的是那些為了降低被檢測到的概率從而假裝合法節點傳輸有效數據包的節點。並且，為了解決攻擊者合作注入污染數據包的情形并加速檢測，我們還提出了一個增強的檢測算法。我們也給出了規範的分析來度量檢測算法的性能。最後，仿真實驗和系統原型驗證了我們的理論分析以及檢測算法的有效性。 / 污染攻擊還會對點對點視頻直播網絡基礎設施造成嚴重影響，比如說，它能夠減少網絡中的攻擊問題，我們仍然基於前面提到的通用檢測框架提出了分佈式的檢測算法來識別污染攻擊者。我們也提供了理論分析來度量檢測算法的性能從而證明了算法的有效性。 / Due to the large population in online social networks and the epidemic spreading of word-of-mouth effect, targeted advertisement which use a small fraction of buyers to attract a large population of buyers is very efficient in viral marketing, for example, companies can provide incentives (e.g., via free samples of a product) to a small group of users in an online social network, and these users can provide recommendations to their friends so as to increase the overall sales of the product. In particular, we consider the following advertisement problem in online social networks: given a fixed advertisement investment, e.g., a number of free samples, a company needs to determine the probability that users in the online social network will eventually purchase the product. To address this problem, we model online social networks as scale-free graphs with/without high clustering coefficient. We employ various influence mechanisms that govern the influence spreading in such large scale networks and use the local mean field technique to analyze them wherein states of nodes can be changed by various influence mechanisms. We carry out extensive simulations to validate our models which can provide insight on designing efficient advertising strategies in online social networks. / Although epidemic spreading of word-of-mouth effect can increase the sales of a product efficiently in viral marketing, it also opens doors for “malicious behaviors: dishonest users may intentionally give wrong recommendations to their friends so as to distort the normal sales distribution. To address this problem, we propose a general detection framework and develop a set of fully distributed detection algorithms to discover dishonest users in online social networks by applying the general detection framework. We consider both cases when dishonest users adopt (1) baseline strategy, and (2) intelligent strategy. We quantify the performance of the detection algorithms by deriving probability of false positive, probability of false negative and distribution function of time needed to detect dishonest users. Extensive simulations are carried out to illustrate the impact of dishonest recommendations and the effectiveness of the detection algorithms. / We also apply the general detection framework to address the problem of pollution attack in wireless mesh networks (WMNs) and peer-to-peer (P2P) streaming networks. Epidemic attack is a severe security problem in network-coding enabled wireless mesh networks, and malicious nodes can easily launch such form of attack to create an epidemic spreading of polluted packets and deplete network resources. The general detection framework can also be applied to address such security problem. Specifically, we employ the time-based checksum and batch verification to determine the existence of polluted packets, then propose a set of fully distributed detection algorithms. We also allow the presence of “smart attackers, i.e., they can pretend to be legitimate nodes to probabilistically transmit valid packets so as to reduce the chance of being detected. To address the case when attackers cooperatively inject polluted packets and speed up the detection, an enhanced detection algorithm is also developed. Furthermore, we provide formal analysis to quantify the performance of the detection algorithms. At last, simulations and system prototyping are also carried out to validate the theoretic analysis and show the effectiveness and efficiency of the detection algorithms. / To address the problem of pollution attack in P2P streaming networks, which is known to have a disastrous effect on existing P2P infrastructures, e.g., it can reduce the number of legitimate users by as much as 85%, we also propose distributed detection algorithms to identify pollution attackers by applying the general framework. Moreover, we provide theoretical analysis to quantify the performance of the detection algorithms so as to show their effectiveness and efficiency. / Detailed summary in vernacular field only. / Detailed summary in vernacular field only. / Detailed summary in vernacular field only. / Li, Yongkun. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2012. / Includes bibliographical references (leaves 148-157). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstract also in Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Influence Modeling in Online Social Networks --- p.7 / Chapter 2.1 --- Scale-free Graphs without High Clustering Coefficient --- p.8 / Chapter 2.1.1 --- Modeling Online Social Networks --- p.8 / Chapter 2.1.2 --- q-influence Model --- p.11 / Chapter 2.1.3 --- m-threshold Influence Model --- p.14 / Chapter 2.1.4 --- Majority Rule Influence Model --- p.16 / Chapter 2.2 --- Scale-free Graphs with High Clustering Coefficient --- p.19 / Chapter 2.3 --- Generalized Influence Models --- p.21 / Chapter 2.3.1 --- Deterministic Influence Model --- p.21 / Chapter 2.3.2 --- Probabilistic Influence Model --- p.25 / Chapter 2.4 --- Multi-state Model --- p.27 / Chapter 2.4.1 --- Example of 3-State Majority Rule --- p.32 / Chapter 3 --- Identifying Dishonest Recommenders in Online Social Networks --- p.35 / Chapter 3.1 --- General Detection Framework --- p.37 / Chapter 3.2 --- Modeling the Behaviors of Users --- p.41 / Chapter 3.2.1 --- Products and Recommendations --- p.41 / Chapter 3.2.2 --- Behaviors of Users --- p.43 / Chapter 3.3 --- Distributed Detection Algorithms --- p.45 / Chapter 3.3.1 --- Identifying Dishonest Recommenders when Baseline Strategy is Adopted --- p.46 / Chapter 3.3.2 --- Identifying Dishonest Recommenders when Intelligent Strategy is Adopted --- p.53 / Chapter 3.3.3 --- Complete Detection Algorithm --- p.57 / Chapter 3.4 --- Cooperative Algorithm to Speed up the Detection --- p.58 / Chapter 3.5 --- Algorithm Dealing with User Churn --- p.61 / Chapter 4 --- Identifying Pollution Attackers in Network Coding Enabled Wireless Mesh Networks --- p.64 / Chapter 4.1 --- Introduction on Wireless Mesh Networks and Pollution Attack --- p.64 / Chapter 4.2 --- Network Coding and Time-based Checksum Batch Verification --- p.66 / Chapter 4.3 --- Basic Detection Algorithms --- p.70 / Chapter 4.3.1 --- Core Idea of the Detection Algorithms --- p.71 / Chapter 4.3.2 --- Attackers with Imitation Probability δ = 0 --- p.74 / Chapter 4.3.3 --- Attackers with Imitation Probability δ > 0 --- p.78 / Chapter 4.3.4 --- Improvement on Probability of False Negative --- p.81 / Chapter 4.4 --- Enhanced Detection Algorithm --- p.82 / Chapter 4.4.1 --- Detection Algorithm --- p.82 / Chapter 4.4.2 --- Performance Analysis --- p.87 / Chapter 4.4.3 --- Detection Acceleration --- p.91 / Chapter 4.5 --- Alternative Detection Algorithms --- p.92 / Chapter 5 --- Identifying Pollution Attackers in Peer-to-Peer Live Streaming Systems --- p.95 / Chapter 5.1 --- Introduction on Peer-to-Peer Streaming Systems and the Problem of Pollution Attack --- p.95 / Chapter 5.2 --- Detection Algorithms --- p.97 / Chapter 5.2.1 --- Imitation Probability δ = 0 --- p.99 / Chapter 5.2.2 --- Imitation Probability δ > 0 --- p.102 / Chapter 5.2.3 --- Improvement on Probability of False Negative --- p.104 / Chapter 6 --- Performance Evaluation --- p.106 / Chapter 6.1 --- Influence Modeling in Online Social Networks --- p.107 / Chapter 6.1.1 --- Online Social Networks without High Clustering Coefficient --- p.107 / Chapter 6.1.2 --- Online Social Networks with High Clustering Coefficient --- p.113 / Chapter 6.1.3 --- Performance Evaluation of the Multi-state Model --- p.116 / Chapter 6.2 --- Performance Evaluation of the Detection Algorithms in Online Social Networks --- p.118 / Chapter 6.2.1 --- Synthesizing Dynamically Evolving Online Social Networks --- p.118 / Chapter 6.2.2 --- Impact of Wrong Recommendations --- p.120 / Chapter 6.2.3 --- Performance Evaluation of the Detection Algorithms --- p.121 / Chapter 6.3 --- Performance Evaluation of the Detection Algorithms in Wireless Mesh Networks --- p.126 / Chapter 6.3.1 --- Performance of the Basic Detection Algorithms --- p.126 / Chapter 6.3.2 --- Results from System Prototype --- p.131 / Chapter 6.3.3 --- Performance of the Enhanced Detection Algorithm --- p.132 / Chapter 6.4 --- Performance Evaluation of the Detection Algorithms in Peer-topeer Streaming Networks --- p.136 / Chapter 6.4.1 --- Performance of the Baseline Algorithm --- p.136 / Chapter 6.4.2 --- Performance of the Randomized Algorithm --- p.138 / Chapter 6.4.3 --- Derive Optimal Uploading Probability --- p.141 / Chapter 7 --- RelatedWork and Conclusion --- p.143 Malware (Computer software)
92	Designing and implementing a network authentication service for providing a secure communication channel Chance, Christopher P January 2010 (has links) Typescript (photocopy). / Digitized by Kansas Correctional Industries / Department: Computer Science. Computer networks--Security measures
93	Machine Learning-driven Intrusion Detection Techniques in Critical Infrastructures Monitored by Sensor Networks Otoum, Safa 23 April 2019 (has links) In most of critical infrastructures, Wireless Sensor Networks (WSNs) are deployed due to their low-cost, flexibility and efficiency as well as their wide usage in several infrastructures. Regardless of these advantages, WSNs introduce various security vulnerabilities such as different types of attacks and intruders due to the open nature of sensor nodes and unreliable wireless links. Therefore, the implementation of an efficient Intrusion Detection System (IDS) that achieves an acceptable security level is a stimulating issue that gained vital importance. In this thesis, we investigate the problem of security provisioning in WSNs based critical monitoring infrastructures. We propose a trust based hierarchical model for malicious nodes detection specially for Black-hole attacks. We also present various Machine Learning (ML)-driven IDSs schemes for wirelessly connected sensors that track critical infrastructures. In this thesis, we present an in-depth analysis of the use of machine learning, deep learning, adaptive machine learning, and reinforcement learning solutions to recognize intrusive behaviours in the monitored network. We evaluate the proposed schemes by using KDD'99 as real attacks data-sets in our simulations. To this end, we present the performance metrics for four different IDSs schemes namely the Clustered Hierarchical Hybrid IDS (CHH-IDS), Adaptively Supervised and Clustered Hybrid IDS (ASCH-IDS), Restricted Boltzmann Machine-based Clustered IDS (RBC-IDS) and Q-learning based IDS (QL-IDS) to detect malicious behaviours in a sensor network. Through simulations, we analyzed all presented schemes in terms of Accuracy Rates (ARs), Detection Rates (DRs), False Negative Rates (FNRs), Precision-recall ratios, F_1 scores and, the area under curves (ROC curves) which are the key performance parameters for all IDSs. To this end, we show that QL-IDS performs with ~ 100% detection and accuracy rates. Wireless Sensor Networks (WSNs) Networks security Deep Learning Machine Learning Reinforcement Learning Intrusion Detection System
94	Defending against low-rate TCP attack: dynamic detection and protection. January 2005 (has links) Sun Haibin. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references (leaves 89-96). / Abstracts in English and Chinese. / Abstract --- p.i / Chinese Abstract --- p.iii / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Background Study and Related Work --- p.5 / Chapter 2.1 --- Victim Exhaustion DoS/DDoS Attacks --- p.6 / Chapter 2.1.1 --- Direct DoS/DDoS Attacks --- p.7 / Chapter 2.1.2 --- Reflector DoS/DDoS Attacks --- p.8 / Chapter 2.1.3 --- Spoofed Packet Filtering --- p.9 / Chapter 2.1.4 --- IP Traceback --- p.13 / Chapter 2.1.5 --- Location Hiding --- p.20 / Chapter 2.2 --- QoS Based DoS Attacks --- p.22 / Chapter 2.2.1 --- Introduction to the QoS Based DoS Attacks --- p.22 / Chapter 2.2.2 --- Countermeasures to the QoS Based DoS Attacks --- p.22 / Chapter 2.3 --- Worm based DoS Attacks --- p.24 / Chapter 2.3.1 --- Introduction to the Worm based DoS Attacks --- p.24 / Chapter 2.3.2 --- Countermeasures to the Worm Based DoS Attacks --- p.24 / Chapter 2.4 --- Low-rate TCP Attack and RoQ Attacks --- p.26 / Chapter 2.4.1 --- General Introduction of Low-rate Attack --- p.26 / Chapter 2.4.2 --- Introduction of RoQ Attack --- p.27 / Chapter 3 --- Formal Description of Low-rate TCP Attacks --- p.28 / Chapter 3.1 --- Mathematical Model of Low-rate TCP Attacks --- p.28 / Chapter 3 2 --- Other forms of Low-rate TCP Attacks --- p.31 / Chapter 4 --- Distributed Detection Mechanism --- p.34 / Chapter 4.1 --- General Consideration of Distributed Detection . --- p.34 / Chapter 4.2 --- Design of Low-rate Attack Detection Algorithm . --- p.36 / Chapter 4.3 --- Statistical Sampling of Incoming Traffic --- p.37 / Chapter 4.4 --- Noise Filtering --- p.38 / Chapter 4.5 --- Feature Extraction --- p.39 / Chapter 4.6 --- Pattern Matching via the Dynamic Time Warping (DTW) Method --- p.41 / Chapter 4.7 --- Robustness and Accuracy of DTW --- p.45 / Chapter 4.7.1 --- DTW values for low-rate attack: --- p.46 / Chapter 4.7.2 --- DTW values for legitimate traffic (Gaussian): --- p.47 / Chapter 4.7.3 --- DTW values for legitimate traffic (Self-similar): --- p.48 / Chapter 5 --- Low-Rate Attack Defense Mechanism --- p.52 / Chapter 5.1 --- Design of Defense Mechanism --- p.52 / Chapter 5.2 --- Analysis of Deficit Round Robin Algorithm --- p.54 / Chapter 6 --- Fluid Model of TCP Flows --- p.56 / Chapter 6.1 --- Fluid Math. Model of TCP under DRR --- p.56 / Chapter 6.1.1 --- Model of TCP on a Droptail Router --- p.56 / Chapter 6.1.2 --- Model of TCP on a DRR Router --- p.60 / Chapter 6.2 --- Simulation of TCP Fluid Model --- p.62 / Chapter 6.2.1 --- Simulation of Attack with Single TCP Flow --- p.62 / Chapter 6.2.2 --- Simulation of Attack with Multiple TCP flows --- p.64 / Chapter 7 --- Experiments --- p.69 / Chapter 7.1 --- Experiment 1 (Single TCP flow vs. single source attack) --- p.69 / Chapter 7.2 --- Experiment 2 (Multiple TCP flows vs. single source attack) --- p.72 / Chapter 7.3 --- Experiment 3 (Multiple TCP flows vs. synchro- nized distributed low-rate attack) --- p.74 / Chapter 7.4 --- Experiment 4 (Network model of low-rate attack vs. Multiple TCP flows) --- p.77 / Chapter 8 --- Conclusion --- p.83 / Chapter A --- Lemmas and Theorem Derivation --- p.85 / Bibliography --- p.89 Computer networks--Security measures Computer security
95	On tracing attackers of distributed denial-of-service attack through distributed approaches. / CUHK electronic theses & dissertations collection January 2007 (has links) For the macroscopic traceback problem, we propose an algorithm, which leverages the well-known Chandy-Lamport's distributed snapshot algorithm, so that a set of border routers of the ISPs can correctly gather statistics in a coordinated fashion. The victim site can then deduce the local traffic intensities of all the participating routers. Given the collected statistics, we provide a method for the victim site to locate the attackers who sent out dominating flows of packets. Our finding shows that the proposed methodology can pinpoint the location of the attackers in a short period of time. / In the second part of the thesis, we study a well-known technique against the microscopic traceback problem. The probabilistic packet marking (PPM for short) algorithm by Savage et al. has attracted the most attention in contributing the idea of IP traceback. The most interesting point of this IP traceback approach is that it allows routers to encode certain information on the attack packets based on a pre-determined probability. Upon receiving a sufficient number of marked packets, the victim (or a data collection node) can construct the set of paths the attack packets traversed (or the attack graph), and hence the victim can obtain the locations of the attackers. In this thesis, we present a discrete-time Markov chain model that calculates the precise number of marked packets required to construct the attack graph. / The denial-of-service attack has been a pressing problem in recent years. Denial-of-service defense research has blossomed into one of the main streams in network security. Various techniques such as the pushback message, the ICMP traceback, and the packet filtering techniques are the remarkable results from this active field of research. / The focus of this thesis is to study and devise efficient and practical algorithms to tackle the flood-based distributed denial-of-service attacks (flood-based DDoS attack for short), and we aim to trace every location of the attacker. In this thesis, we propose a revolutionary, divide-and-conquer trace-back methodology. Tracing back the attackers on a global scale is always a difficult and tedious task. Alternatively, we suggest that one should first identify Internet service providers (ISPs) that contribute to the flood-based DDoS attack by using a macroscopic traceback approach . After the concerned ISPs have been found, one can narrow the traceback problem down, and then the attackers can be located by using a microscopic traceback approach. / Though the PPM algorithm is a desirable algorithm that tackles the microscopic traceback problem, the PPM algorithm is not perfect as its termination condition is not well-defined in the literature. More importantly, without a proper termination condition, the traceback results could be wrong. In this thesis, we provide a precise termination condition for the PPM algorithm. Based on the precise termination condition, we devise a new algorithm named the rectified probabilistic packet marking algorithm (RPPM algorithm for short). The most significant merit of the RPPM algorithm is that when the algorithm terminates, it guarantees that the constructed attack graph is correct with a specified level of confidence. Our finding shows that the RPPM algorithm can guarantee the correctness of the constructed attack graph under different probabilities that the routers mark the attack packets and different structures of the network graphs. The RPPM algorithm provides an autonomous way for the original PPM algorithm to determine its termination, and it is a promising means to enhance the reliability of the PPM algorithm. / Wong Tsz Yeung. / "September 2007." / Adviser: Man Hon Wong. / Source: Dissertation Abstracts International, Volume: 69-08, Section: B, page: 4867. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2007. / Includes bibliographical references (p. 176-185). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307. Computer networks--Access control Computer networks--Security measures Computer security
96	FADE: secure overlay cloud storage with access control and file assured deletion. / Secure overlay cloud storage with access control and file assured deletion January 2011 (has links) Tang, Yang. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2011. / Includes bibliographical references (p. 60-65). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Policy-based File Assured Deletion --- p.7 / Chapter 2.1 --- Background --- p.7 / Chapter 2.2 --- Policy-based Deletion --- p.9 / Chapter 3 --- Basic Design of FADE --- p.13 / Chapter 3.1 --- Entities --- p.13 / Chapter 3.2 --- Deployment --- p.15 / Chapter 3.3 --- "Security Goals, Threat Models, and Assumptions" --- p.16 / Chapter 3.4 --- The Basics - File Upload/Download --- p.18 / Chapter 3.5 --- Policy Revocation for File Assured Deletion --- p.23 / Chapter 3.6 --- Multiple Policies --- p.23 / Chapter 3.7 --- Policy Renewal --- p.25 / Chapter 4 --- Extensions of FADE --- p.27 / Chapter 4.1 --- Access Control with ABE --- p.27 / Chapter 4.2 --- Multiple Key Managers --- p.31 / Chapter 5 --- Implementation --- p.35 / Chapter 5.1 --- Representation of Metadata --- p.36 / Chapter 5.2 --- Client --- p.37 / Chapter 5.3 --- Key Managers --- p.38 / Chapter 6 --- Evaluation --- p.40 / Chapter 6.1 --- Experimental Results on Time Performance of FADE --- p.41 / Chapter 6.1.1 --- Evaluation of Basic Design --- p.42 / Chapter 6.1.2 --- Evaluation of Extensions --- p.46 / Chapter 6.2 --- Space Utilization of FADE --- p.49 / Chapter 6.3 --- Cost Model --- p.51 / Chapter 6.4 --- Lessons Learned --- p.53 / Chapter 7 --- Related Work --- p.54 / Chapter 8 --- Conclusions --- p.58 / Bibliography --- p.60 Cloud computing--Security measures File organization (Computer science) Computer networks--Security measures
97	Asymmetric reversible parametric sequences approach to design a multi-key secure multimedia proxy: theory, design and implementation. January 2003 (has links) Yeung Siu Fung. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2003. / Includes bibliographical references (leaves 52-53). / Abstracts in English and Chinese. / Abstract --- p.ii / Acknowledgement --- p.v / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Multi-Key Encryption Theory --- p.7 / Chapter 2.1 --- Reversible Parametric Sequence --- p.7 / Chapter 2.2 --- Implementation of ARPSf --- p.11 / Chapter 3 --- Multimedia Proxy: Architectures and Protocols --- p.16 / Chapter 3.1 --- Operations to Request and Cache Data from the Server --- p.16 / Chapter 3.2 --- Operations to Request Cached Data from the Multimedia Proxy --- p.18 / Chapter 3.3 --- Encryption Configuration Parameters (ECP) --- p.19 / Chapter 4 --- Extension to multi-level proxy --- p.24 / Chapter 5 --- Secure Multimedia Library (SML) --- p.27 / Chapter 5.1 --- Proxy Pre-fetches and Caches Data --- p.27 / Chapter 5.2 --- Client Requests Cached Data From the Proxy --- p.29 / Chapter 6 --- Implementation Results --- p.31 / Chapter 7 --- Related Work --- p.40 / Chapter 8 --- Conclusion --- p.42 / Chapter A --- Function Prototypes of Secure Multimedia Library (SML) --- p.44 / Chapter A.1 --- CONNECTION AND AUTHENTICATION --- p.44 / Chapter A.1.1 --- Create SML Session --- p.44 / Chapter A.1.2 --- Public Key Manipulation --- p.44 / Chapter A.1.3 --- Authentication --- p.45 / Chapter A.1.4 --- Connect and Accept --- p.46 / Chapter A.1.5 --- Close Connection --- p.47 / Chapter A.2 --- SECURE DATA TRANSMISSION --- p.47 / Chapter A.2.1 --- Asymmetric Reversible Parametric Sequence and En- cryption Configuration Parameters --- p.47 / Chapter A.2.2 --- Bulk Data Encryption and Decryption --- p.48 / Chapter A.2.3 --- Entire Data Encryption and Decryption --- p.49 / Chapter A.3 --- Secure Proxy Architecture --- p.49 / Chapter A.3.1 --- Proxy-Server Connection --- p.49 / Chapter A.3.2 --- ARPS and ECP --- p.49 / Chapter A.3.3 --- Initial Sever Encryption --- p.50 / Chapter A.3.4 --- Proxy Re-Encryption --- p.51 / Chapter A.3.5 --- Client Decryption --- p.51 / Bibliography --- p.52 Data encryption (Computer science) Computer networks--Security measures Web servers--Security measures Multimedia systems
98	Server's anonymity attack and protection of P2P-Vod systems. / Server's anonymity attack and protection of peer-to-peer video on demand systems January 2010 (has links) Lu, Mengwei. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2010. / Includes bibliographical references (p. 52-54). / Abstracts in English and Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Introduction of P2P-VoD Systems --- p.5 / Chapter 2.1 --- Major Components of the System --- p.5 / Chapter 2.2 --- Peer Join and Content Discovery --- p.6 / Chapter 2.3 --- Segment Sizes and Replication Strategy --- p.7 / Chapter 2.4 --- Piece Selection --- p.8 / Chapter 2.5 --- Transmission Strategy --- p.9 / Chapter 3 --- Detection Methodology --- p.10 / Chapter 3.1 --- Capturing Technique --- p.11 / Chapter 3.2 --- Analytical Framework --- p.15 / Chapter 3.3 --- Results of our Detection Methodology --- p.24 / Chapter 4 --- Protective Architecture --- p.25 / Chapter 4.1 --- Architecture Overview --- p.25 / Chapter 4.2 --- Content Servers --- p.27 / Chapter 4.3 --- Shield Nodes --- p.28 / Chapter 4.4 --- Tracker --- p.29 / Chapter 4.5 --- A Randomized Assignment Algorithm --- p.30 / Chapter 4.6 --- Seeding Algorithm --- p.31 / Chapter 4.7 --- Connection Management Algorithm --- p.33 / Chapter 4.8 --- Advantages of the Shield Nodes Architecture --- p.33 / Chapter 4.9 --- Markov Model for Shield Nodes Architecture Against Single Track Anonymity Attack --- p.35 / Chapter 5 --- Experiment Result --- p.40 / Chapter 5.1 --- Shield Node architecture against anonymity attack --- p.40 / Chapter 5.1.1 --- Performance Analysis for Single Track Anonymity Attack --- p.41 / Chapter 5.1.2 --- Experiment Result on PlanetLab for Single Track Anonymity Attack --- p.42 / Chapter 5.1.3 --- Parallel Anonymity Attack --- p.44 / Chapter 5.2 --- Shield Nodes architecture-against DoS attack --- p.45 / Chapter 6 --- Related Work --- p.48 / Chapter 7 --- Future Work --- p.49 / Chapter 8 --- Conclusion --- p.50 Computer networks--Security measures Computer security Video Dial Tone
99	Novel Cryptographic Primitives and Protocols for Censorship Resistance Dyer, Kevin Patrick 24 July 2015 (has links) Internet users rely on the availability of websites and digital services to engage in political discussions, report on newsworthy events in real-time, watch videos, etc. However, sometimes those who control networks, such as governments, censor certain websites, block specific applications or throttle encrypted traffic. Understandably, when users are faced with egregious censorship, where certain websites or applications are banned, they seek reliable and efficient means to circumvent such blocks. This tension is evident in countries such as a Iran and China, where the Internet censorship infrastructure is pervasive and continues to increase in scope and effectiveness. An arms race is unfolding with two competing threads of research: (1) network operators' ability to classify traffic and subsequently enforce policies and (2) network users' ability to control how network operators classify their traffic. Our goal is to understand and progress the state-of-the-art for both sides. First, we present novel traffic analysis attacks against encrypted communications. We show that state-of-the-art cryptographic protocols leak private information about users' communications, such as the websites they visit, applications they use, or languages used for communications. Then, we investigate means to mitigate these privacy-compromising attacks. Towards this, we present a toolkit of cryptographic primitives and protocols that simultaneously (1) achieve traditional notions of cryptographic security, and (2) enable users to conceal information about their communications, such as the protocols used or websites visited. We demonstrate the utility of these primitives and protocols in a variety of real-world settings. As a primary use case, we show that these new primitives and protocols protect network communications and bypass policies of state-of-the-art hardware-based and software-based network monitoring devices. Computer networks -- Security measures Internet -- Censorship -- Prevention Computer Sciences Information Security
100	Ant tree miner amyntas for intrusion detection Botes, Frans Hendrik January 2018 (has links) Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2018. / With the constant evolution of information systems, companies have to acclimatise to the vast increase of data flowing through their networks. Business processes rely heavily on information technology and operate within a framework of little to no space for interruptions. Cyber attacks aimed at interrupting business operations, false intrusion detections and leaked information burden companies with large monetary and reputational costs. Intrusion detection systems analyse network traffic to identify suspicious patterns that intent to compromise the system. Classifiers (algorithms) are used to classify the data within different categories e.g. malicious or normal network traffic. Recent surveys within intrusion detection highlight the need for improved detection techniques and warrant further experimentation for improvement. This experimental research project focuses on implementing swarm intelligence techniques within the intrusion detection domain. The Ant Tree Miner algorithm induces decision trees by using ant colony optimisation techniques. The Ant Tree Miner poses high accuracy with efficient results. However, limited research has been performed on this classifier in other domains such as intrusion detection. The research provides the intrusion detection domain with a new algorithm that improves upon results of decision trees and ant colony optimisation techniques when applied to the domain. The research has led to valuable insights into the Ant Tree Miner classifier within a previously unknown domain and created an intrusion detection benchmark for future researchers. Ant Tree Miner Computer networks -- Security measures Computer algorithms

Search results