Global ETD Search

11	Physical Security Assessment of a Regional University Computer Network Timbs, Nathan H 01 December 2013 (has links) (PDF) Assessing a network's physical security is an essential step in securing its data. This document describes the design, implementation, and validation of PSATool, a prototype application for assessing the physical security of a network's intermediate distribution frames, or IDFs (a.k.a. "wiring closets"). PSATool was created to address a lack of tools for IDF assessment. It implements a checklist-based protocol for assessing compliance with 52 security requirements compiled from federal and international standards. This checklist can be extended according to organizational needs. PSATool was validated by using it to assess physical security at 135 IDFs at East Tennessee State University. PSATool exposed 95 threats, hazards, and vulnerabilities in 82 IDFs. A control was recommended for each threat, hazard, and vulnerability discovered. The administrators of ETSU's network concluded that PSATool's results agreed with their informal sense of these IDFs' physical security, while providing documented support for improvements to IDF security. Physical Security Assessment Information Assurance Security Requirements Computer Sciences
12	A quantitative measure of the security risk level of enterprise networks Munir, Rashid, Pagna Disso, Jules F., Awan, Irfan U., Mufti, Muhammad R. January 2013 (has links) No / Along with the tremendous expansion of information technology and networking, the number of malicious attacks which cause disruption to business processes has concurrently increased. Despite such attacks, the aim for network administrators is to enable these systems to continue delivering the services they are intended for. Currently, many research efforts are directed towards securing network further whereas, little attention has been given to the quantification of network security which involves assessing the vulnerability of these systems to attacks. In this paper, a method is devised to quantify the security level of IT networks. This is achieved by electronically scanning the network using the vulnerability scanning tool (Nexpose) to identify the vulnerability level at each node classified according to the common vulnerability scoring system standards (critical, severe and moderate). Probabilistic approach is then applied to calculate an overall security risk level of sub networks and entire network. It is hoped that these metrics will be valuable for any network administrator to acquire an absolute risk assessment value of the network. The suggested methodology has been applied to a computer network of an existing UK organization with 16 nodes and a switch.
13	Containers and Breakaway Security : Evaluating Vulnerabilities and Safeguarding Strategies Grisin, Nikita, Ross, Hayden January 2024 (has links) This bachelor thesis investigates how well popular container runtimes, hosted on CSCloud, can resist common attacks by observing their configurations. Experiments were conducted on Docker, Podman, containerd, Kata, and gVisor runtimes, subjecting them to a set of escape techniques such as privilege escalation through PID namespace, host filesystem mounting, and kernel modules. Initial findings revealed variations in vulnerability across runtimes, with some being unable to fully isolate containers. Further research showed that proper configuration can significantly enhance container security, successfully preventing most attacks. Additionally, an automated assessment script was developed to allow easier management of Docker and Podman containers. This study provides important information for container users who want to reduce the risk of unauthorised access to their systems or breaches of privileged containers. It also offers guidance to developers on how to make isolation mechanisms stronger. containers virtualisation vulnerabilities security assessment Computer Sciences Datavetenskap (datalogi)
14	Load Sensitivity Studies and Contingency Analysis in Power Systems January 2016 (has links) abstract: The past decades have seen a significant shift in the expectations and requirements re-lated to power system analysis tools. Investigations into major power grid disturbances have suggested the need for more comprehensive assessment methods. Accordingly, sig-nificant research in recent years has focused on the development of better power system models and efficient techniques for analyzing power system operability. The work done in this report focusses on two such topics 1. Analysis of load model parameter uncertainty and sensitivity based pa-rameter estimation for power system studies 2. A systematic approach to n-1-1 analysis for power system security as-sessment To assess the effect of load model parameter uncertainty, a trajectory sensitivity based approach is proposed in this work. Trajectory sensitivity analysis provides a sys-tematic approach to study the impact of parameter uncertainty on power system re-sponse to disturbances. Furthermore, the non-smooth nature of the composite load model presents some additional challenges to sensitivity analysis in a realistic power system. Accordingly, the impact of the non-smooth nature of load models on the sensitivity analysis is addressed in this work. The study was performed using the Western Electrici-ty Coordinating Council (WECC) system model. To address the issue of load model pa-rameter estimation, a sensitivity based load model parameter estimation technique is presented in this work. A detailed discussion on utilizing sensitivities to improve the ac-curacy and efficiency of the parameter estimation process is also presented in this work. Cascading outages can have a catastrophic impact on power systems. As such, the NERC transmission planning (TPL) standards requires utilities to plan for n¬-1-1 out-ages. However, such analyses can be computationally burdensome for any realistic pow-er system owing to the staggering number of possible n-1-1 contingencies. To address this problem, the report proposes a systematic approach to analyze n-1-1 contingencies in a computationally tractable manner for power system security assessment. The pro-posed approach addresses both static and dynamic security assessment. The proposed methods have been tested on the WECC system. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2016 Electrical engineering Contingency analysis Dynamic security assessment Load Modeling Parameter estimation Static security assessment Trajectory sensitivity analyisis
15	Improvement and Scenario-Based Evaluation of the eXtended Method for Assessment of System Security Sundmark, Thomas January 2008 (has links) <p>This master’s thesis consists of a scenario-based evaluation of an IT-security assessment method known as the eXtendedMethod for Assessment of System Security (XMASS), as well as an assessment of a real-world network using the softwareimplementation of this method known as the Security AssessmeNT Application (SANTA).This thesis also describes a number of improvements made to the software implementation, some which could also be addedto the method itself. These were performed during the preparation of the assessment but had no effect on the outcome.The evaluation showed that the method and implementation contained a number of flaws in the way the filtering effect ofthe traffic mediators of a network, such as network-based firewalls, was implemented. When it comes to the assessment ofthe real-world network it was seen that the network, given the supplied information regarding the software and hardwaresetup of its entities, appeared to be sufficiently secure to handle the transmission of data at the lowest classification level(Restricted). However, as with almost all security assessments, this does not mean that the network is guaranteed to besecure enough; it just indicates that, given the information specified, the network has the potential of being sufficientlysecure.The main conclusion of this thesis is that the way XMASS and SANTA calculates the effect of filtering traffic mediatorsshould be looked into and improved to increase the usability of the tool. The method can however still be used in its currentstate, but requires the individual(s) performing the assessment to be aware of the drawbacks of the current implementationand thus compensate for these when producing the input for the assessment method.</p> Combined Endeavor Scenario-Based Evaluation IT Security Assessment Tool IT Security Assessment IT Security Information technology Informationsteknik Other information technology Övrig informationsteknik
16	Improvement and Scenario-Based Evaluation of the eXtended Method for Assessment of System Security Sundmark, Thomas January 2008 (has links) This master’s thesis consists of a scenario-based evaluation of an IT-security assessment method known as the eXtendedMethod for Assessment of System Security (XMASS), as well as an assessment of a real-world network using the softwareimplementation of this method known as the Security AssessmeNT Application (SANTA).This thesis also describes a number of improvements made to the software implementation, some which could also be addedto the method itself. These were performed during the preparation of the assessment but had no effect on the outcome.The evaluation showed that the method and implementation contained a number of flaws in the way the filtering effect ofthe traffic mediators of a network, such as network-based firewalls, was implemented. When it comes to the assessment ofthe real-world network it was seen that the network, given the supplied information regarding the software and hardwaresetup of its entities, appeared to be sufficiently secure to handle the transmission of data at the lowest classification level(Restricted). However, as with almost all security assessments, this does not mean that the network is guaranteed to besecure enough; it just indicates that, given the information specified, the network has the potential of being sufficientlysecure.The main conclusion of this thesis is that the way XMASS and SANTA calculates the effect of filtering traffic mediatorsshould be looked into and improved to increase the usability of the tool. The method can however still be used in its currentstate, but requires the individual(s) performing the assessment to be aware of the drawbacks of the current implementationand thus compensate for these when producing the input for the assessment method. Combined Endeavor Scenario-Based Evaluation IT Security Assessment Tool IT Security Assessment IT Security Computer and Information Sciences Data- och informationsvetenskap Other Computer and Information Science Annan data- och informationsvetenskap
17	Do Community Food Security Assessments Contribute to a Reduction in Food Insecurity at the County Level? Buschman, John D. 26 March 2018 (has links) Food insecurity (FI) is a significant risk factor in malnutrition which can lead to obesity and type 2 diabetes. The association of FI to undernutrition can additionally lead to impaired cognitive development in children. Nearly $100 billion is spent annually on federal nutrition programs yet FI still affects 1 in 8 American households pointing to the urgent need for the further refinement of our national/regional anti-hunger models. One notable and underutilized tool is the community food security assessment (CFA) which seeks to eliminate FI at the local level by improving food access throughout the community. A major limitation in knowledge about CFAs is the dearth of empirical studies of their effectiveness. The principal aim of this dissertation research was to statistically examine secondary data on U.S. counties where CFAs have been conducted and to determine whether they helped reduce individual FI over a two-year, post-test period. Repeated measures of ANOVA across the longitudinal time frame for n=66 counties revealed the main effect of FI was not statistically significant. A majority (56.9%) of 37 counties experienced a decrease in FI over the period. Linear regression found that unemployment was a significant influence in communities that experienced decreases in individual FI at the county level during the pre-test/post-test interval (β = .387 [.067], p<.01). This dissertation found that CFAs can be more effective in areas of higher unemployment as well as geographically where FI is initially higher, however further research is clearly needed in more communities over a longer time period. Also, the study suggests that proper development and structure of state and local-level food policy councils (FPCs) may lead CFAs to find better structure, funding and best practices to become more effective. Overlays prepared with ArcGIS mapping demonstrate that, in general, CFAs are not being performed in areas of highest FI when measured at the county level. The most important take-away from the visual mapping is the dearth of studies performed in the southeastern and southwestern regions of the country where county-level FI is higher, on average, than the rest of the country. These regions coincide with much of the Southern Black Belt and areas where Hispanic or Latino populations are most prevalent suggesting that communities in these regions may be able to benefit from the intervention. Food Insecurity Community Food Security Assessment CFA Food Policy Council FPC Food Studies Social Work
18	Assessment of Enterprise Information Security : How to make it Credible and Efficient Johansson, Erik January 2005 (has links) Information is an important business asset in today’s enterprises. Hence enterprise information security is an important system quality that must be carefully managed. Although enterprise information security is acknowledged as one of the most central areas for enterprise IT management, the topic still lacks adequate support for decision making on top-management level. This composite thesis consists of four articles which presents the Enterprise Information Security Assessment Method (EISAM), a comprehensive method for assessing the current state of the enterprise information security. The method is useful in helping guide top-management’s decision-making because of the following reasons: 1) it is easy to understand, 2) it is prescriptive, 3) it is credible, and 4) it is efficient. The assessment result is easy to understand because it presents a quantitative estimate. The result can be presented as an aggregated single value, abstracting the details of the assessment. The result is easy to grasp and enables comparisons both within the organization and in terms of industry in general. The method is prescriptive since it delivers concrete and traceable measurements. This helps guide top-level management in their decisions regarding enterprise-wide information security by highlighting the areas where improvements efforts are essential. It is credible for two reasons. Firstly, the method presents an explicit and transparent definition of enterprise information security. Secondly, the method in itself includes an indication of assessment uncertainty, expressed in terms of confidence levels. The method is efficient because it focuses on important enterprise information security aspects, and because it takes into account how difficult it is to find security related evidence. Being resource sparse it enables assessments to take place regularly, which gives valuable knowledge for long-term decision-making. The usefulness of the presented method, along with its development, has been verified through empirical studies at a leading electric power company in Europe and through statistical surveys carried out among information security experts in Sweden. The success from this research should encourage further researcher in using these analysis techniques to guide decisions on other enterprise architecture attributes. / QC 20101028 Enterprise Information Security Enterprise Architecture Security Assessment Information Technology Management Information technology Informationsteknik
19	Novel algorithms for rotor angle security assessment in power systems Wadduwage, Darshana Prasad 10 December 2015 (has links) This thesis proposes two novel algorithms to analyze whether the power system loses synchronism subsequent to credible contingencies. The two algorithms are based on the concept of Lyapunov exponents (LEs) and the Prony analysis respectively. The concept of LEs is a theoretically sound technique to study the system stability of nonlinear dynamic systems. The LEs measure the exponential rates of divergence or convergence of trajectories in the state space. Considering the higher computational burden associated with the convergence of the true LEs, a modified algorithm is proposed to study the transient stability of the post-fault power system. It is shown that the finite-time LEs calculated by the modified algorithm accurately predicts the said stability. If the power system is transient stable, the rotor angle trajectories of the post-fault system exponentially decay with time. The damping ratios of the dominant oscillatory modes present in these power swings provide the indication on the oscillatory stability. The improved Prony algorithm presented in the thesis can be used to identify the oscillatory stability of the power system subsequent to a contingency. It is shown that that these new algorithms can be used in two applications in power systems, online dynamic security assessment and online oscillations monitoring. The proposed algorithm for rotor angle security assessment first uses the LEs-based algorithm to identify the transient stability. The stable cases are then processed by the improved Prony algorithm. The proposed online oscillations monitoring algorithm uses an event-detection logic and a parallel filter bank before applying the improved Prony algorithm on the measured response to extract the dominant oscillatory modes and to determine their frequencies and damping ratios. The suitability of the two algorithms for the aforementioned applications is investigated using different case studies. It is shown that the computational burdens of the two algorithms are acceptable for the online applications. Furthermore, the oscillations monitoring algorithm, extracts only the dominant modes present in the input signal, extracts both low-frequency inter-area modes and sub-synchronous modes, and performs well under noisy conditions. These features make it more appropriate for wide-area monitoring of power system oscillations using synchronized measurements. / February 2016 Power system security assessment Power system rotor angle stability Phasor measurement unit
20	Žiniatinklio turinio valdymo sistemų saugumo tyrimas / Web content management systems security research Radzevičius, Vitalius 05 November 2013 (has links) Internete galima rasti nemažai svetainių, kurios yra sukurtos naudojantis viena iš daugelio šiuo metu prieinamų žiniatinklio turinio valdymo sistemų (TVS). TVS paprastai nereikalauja išsamių techninių žinių, jos ir kuriamos su idėja, kad bet kuris naudotojas galėtų nesunkiai sukurti ir paskelbti savo interneto svetainę. Deja, eiliniai TVS naudotojai dažnai turi nedaug žinių informacijos saugumo srityje. Turinio valdymo sistemų pagrindu sukurtoms svetainėms, kaip ir nuo pagrindų suprogramuotiems tinklalapiams, kyla panašios bendrosios su saugumu susiję grėsmės. Tačiau be bendrųjų grėsmių dar egzistuoja ir specifinės, kurias įprastinės saugumo tikrinimo-vertinimo priemonės sunkiai aptinka. Šios problemos dažnai būna konfigūracijos lygmenyje, todėl iš esmės kiekvienai turinio valdymo sistemai ir jos versijai reikia individualiai pritaikyto saugumo vertinimo taisyklių rinkinio. Šiame darbe buvo sudarytas specifinių TVS saugumo kriterijų sąrašas, pateiktas šių kriterijų atitikimą vertinančios programos modelis, suprogramuoti du kriterijų vertinimo algoritmai, įvertinantys dviejų populiarių žiniatinklio TVS (Drupal bei Joomla) reikalavimų atitikimą, bei atliktas eksperimentinis tyrimas su minėtomis žiniatinklio turinio valdymo sistemomis. Tyrimas atliktas su ką tik įdiegtomis turinio valdymo sistemomis ir pakartotas po sistemų parametrų konfigūravimo. Taip pat įvertintos dvi internetu prieinamos ir lankomos Drupal TVS pagrindu sukurtos svetainės. / There are quite a few websites online that use one of many currently available web content management systems (CMS). CMS usually do not require in-depth technological knowledge. In fact, they are designed with an idea that any user can create and publish their website. Unfortunately, ordinary CMS users often lack knowledge in security area. CMS-based websites, same as those that are created from scratch, experience similar common security threats. In addition to common security threats, there are some CMS-specific ones that are hardly discovered by standard security assessment programs, generally called web vulnerability scanners. Security problems often lie in configuration level and, in order to discover them, CMS-specific security checking rules are required. In this paper, CMS-specific security requirements list was compiled and model of the programs that checks if CMS complies with requirements was provided. Then two algorithms were programmed that helped assess how Joomla and Drupal web content management systems comply with security requirements. Experimental study was carried out with two aforementioned content management systems. The study was carried out with the freshly installed content management systems, and then repeated after system configuration parameters adjustment. Finally, two Drupal CMS-based and online-accessible websites were assessed. Informatics Engineering Žiniatinklio TVS Saugumo reikalavimai Saugumo tikrinimo programa Web CMS Security requirements Security assessment program

Search results