Global ETD Search

101	Real-time risk analysis : a modern perspective on network security with a prototype 16 August 2012 (has links) M.Sc. / The present study was undertaken in a bid within the realm of the existing Internet working environment to meet the need for a more secure network-security process in terms of which possible risks to be incurred by Internet users could be identified and controlled by means of the appropriate countermeasures in real time. On launching the study, however, no such formal risk-analysis model has yet been developed specifically to effect risk analysis in real time. This, then, gave rise to the development of a prototype specifically aimed at the identification of risks that could pose a threat to Internet users' private data — the so-called "Real-time Risk Analysis" (RtRA) prototype. In so doing, the principal aim of the study, namely to implement the RtRA prototype, was realised. Following, an overview of the research method employed to realise the objectives of the study. Firstly, background information on and the preamble to the issues and problems to be addressed were provided, as well as a well-founded motivation for the study. The latter included theoretical studies on current network security and Transmission Control Protocol/Internet Protocol (TCP/IP). Secondly, the study of existing TCP/IP packet-intercepting tools available on the Internet brought deeper insight into how TCP/IP packets are to be intercepted and handled. In the third instance, the most recent development in network security — firewalls — came under discussion. The latter technology represents a "super-developed" TCP/IP packet-intercepting tool that implements the best known security measures. In addition, the entire study was based on firewall technology and the model that was developed related directly to firewalls. Fourthly, a prototype, consisting of three main modules, was implemented in a bid to prove that RtRA is indeed tenable and practicable. In so doing, the second module of the prototype, namely the real-time risk-identification and countermeasure-execution module, was given special emphasis. The modus operandi of the said prototype was then illustrated by means of a case study undertaken in a simulated Internet working environment. The study culminated in a summation of the results of and the conclusions reached on the strength of the research. Further problem areas, which could become the focal points of future research projects, were also touched upon. Internet - Security measures. Computer networks - Security measures. Risk assessment - Data processing.
102	Data security aspects of a debit card system Botha, Jacobus Theron 17 August 2016 (has links) A project report submitted to the Faculty of Engineering, University of the Witwatersrand, Johannesburg in partial fulfilment of the requirements for the degree of Master of Science in Engineering. Johannesburg 1990 / A debit-card is a form of payment, The card is pre-charged with a value, monetary or otherwise, before distribution to the user, and is therefore a pre-payment card . It is then 'used up, its value being decremented until it is valueless. At this point, it is either discarded or re-charged by the administration authority, It is distinct from a credit card, which provides a post-payment facility. The aim of this project is to investigate the security aspects of a debit-card reader system for use as an unattended fee-collecting subsystem in such applications as public telephones, parking meters and vending machines. Card technology and attributes of debit card systems are discussed, an overview of cryptology is given, and an implementation of a magnetic card system is described. Debit cards--Security measures system--Security measures Data protection Computer security Magnacard data processing
103	An approach to protecting online personal information in Macau government Sou, Sok Fong January 2018 (has links) University of Macau / Faculty of Science and Technology. / Department of Computer and Information Science Privacy, Right of -- Macau Data protection -- Macau Internet -- Security measures Computer networks -- Security measures
104	Microservices-based approach for Healthcare Cybersecurity Unknown Date (has links) Healthcare organizations, realizing the potential of the Internet of Things (IoT) technology, are rapidly adopting the technology to bring signi cant improvements in the quality and e ectiveness of the service. However, these smart and interconnected devices can act as a potential \back door" into a hospital's IT network, giving attack- ers access to sensitive information. As a result, cyber-attacks on medical IoT devices have been increasing since the last few years. It is a growing concern for all the stakeholders involved, as the impact of such attacks is not just monetary or privacy loss, but the lives of many patients are also at risk. Considering the various kinds of IoT devices one may nd connected to a hospital's network, traditional host-centric security solutions (e.g. antivirus, software patches) are at odds with realistic IoT infrastructure (e.g. constrained hardware, lack of proper built-in security measures). There is a need for security solutions which consider the challenges of IoT devices like heterogeneity of technology and protocols used, limited resources in terms of battery and computation power, etc. Accordingly, the goals of this thesis have been: (1) to provide an in-depth understanding of vulnerabilities of medical IoT devices; (2) to in- troduce a novel approach which uses a microservices-based framework as an adaptive and agile security solution to address the issue. The thesis focuses on OS Fingerprint- ing attacks because of its signi cance for attackers to understand a target's network. In this thesis, we developed three microservices, each one designed to serve a speci c functionality. Each of these microservices has a small footprint with RAM usage of approximately 50 MB. We also suggest how microservices can be used in a real-life scenario as a software-based security solution to secure a hospital's network consisting of di erent IoT devices. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2018. / FAU Electronic Theses and Dissertations Collection Cybersecurity Healthcare Internet of things--Security measures
105	Data mining heuristic-¬based malware detection for android applications Unknown Date (has links) The Google Android mobile phone platform is one of the dominant smartphone operating systems on the market. The open source Android platform allows developers to take full advantage of the mobile operation system, but also raises significant issues related to malicious applications (Apps). The popularity of Android platform draws attention of many developers which also attracts the attention of cybercriminals to develop different kinds of malware to be inserted into the Google Android Market or other third party markets as safe applications. In this thesis, we propose to combine permission, API (Application Program Interface) calls and function calls to build a Heuristic-Based framework for the detection of malicious Android Apps. In our design, the permission is extracted from each App’s profile information and the APIs are extracted from the packed App file by using packages and classes to represent API calls. By using permissions, API calls and function calls as features to characterize each of Apps, we can develop a classifier by data mining techniques to identify whether an App is potentially malicious or not. An inherent advantage of our method is that it does not need to involve any dynamic tracking of the system calls but only uses simple static analysis to find system functions from each App. In addition, Our Method can be generalized to all mobile applications due to the fact that APIs and function calls are always present for mobile Apps. Experiments on real-world Apps with more than 1200 malwares and 1200 benign samples validate the algorithm performance. Research paper published based on the work reported in this thesis: Naser Peiravian, Xingquan Zhu, Machine Learning for Android Malware Detection Using Permission and API Calls, in Proc. of the 25th IEEE International Conference on Tools with Artificial Intelligence (ICTAI) – Washington D.C, November 4-6, 2013. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2013. Computer networks -- Security measures Data encryption (Computer science) Data structures (Computer science) Internet -- Security measures
106	A utility-based routing scheme in multi-hop wireless networks Unknown Date (has links) Multi-hop wireless networks are infrastructure-less networks consisting of mobile or stationary wireless devices, which include multi-hop wireless mesh networks and multi-hop wireless sensor networks. These networks are characterized by limited bandwidth and energy resources, unreliable communication, and a lack of central control. These characteristics lead to the research challenges of multi-hop wireless networks. Building up routing schemes with good balance among the routing QoS (such as reliability, cost, and delay) is a paramount concern to achieve high performance wireless networks. These QoS metrics are internally correlated. Most existing works did not fully utilize this correlation. We design a metric to balance the trade-off between reliability and cost, and build up a framework of utility-based routing model in multi-hop wireless networks. This dissertation focuses on the variations with applications of utility-based routing models, designing new concepts, and developing new algorithms for them. A review of existing routing algorithms and the basic utility-based routing model for multi-hop wireless networks has been provided at the beginning. An efficient algorithm, called MaxUtility, has been proposed for the basic utility-based routing model. MaxUtility is an optimal algorithm that can find the best routing path with the maximum expected utility. / Various utility-based routing models are extended to further enhance the routing reliability while reducing the routing overhead. Besides computing the optimal path for a given benefit value and a given source-destination pair, the utility-based routing can be further extended to compute all optimal paths for all possible benefit values and/or all source-destination pairs. Our utility-based routing can also adapt to different applications and various environments. In the self-organized environment, where network users are selfish, we design a truthful routing, where selfish users have to tell the truth in order to maximize their utilities. We apply our utility-based routing scheme to the data-gathering wireless sensor networks, where a routing scheme is required to transmit data sensed by multiple sensor nodes to a common sink node. / by Mingming Lu. / Vita. / University Library's copy lacks signatures of Supervisory Committee. / Thesis (Ph.D.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, FL : 2008 Mode of access: World Wide Web. Computer network protocols Computer algorithms Computer networks--Security measures
107	Hitch-hiking attacks in online social networks and their defense via malicious URL classification. / CUHK electronic theses & dissertations collection January 2012 (has links) 近年來，網絡的犯罪數量一直在迅速增加。現在，惡意軟件作者編寫惡意程序竊取用戶的個人信息，或提供基於垃圾郵件的營銷服務為利潤的地方。為了更有效地傳播惡意軟件，黑客已經開始瞄準流行的在線社交網絡服務（SNS）的 SNS用戶和服務的互動性之間固有的信任關係。一種常見的攻擊方法是惡意軟件自動登錄使用偷來的 SNS用戶憑據，然後提供接觸/被盜的用戶帳戶的朋友名單，他們通過在一些短消息嵌入惡意 URL（鏈接）。受害人然後認為是他們的朋友提供的鏈接，按一下被感染。然而，這種方法是有效的，惡意軟件來模仿人類類似的行為，它可以超越任何一個/兩個班輪對話。在這篇論文中，我們首先介紹一個新類型的攻擊，提供惡意網址 SNS用戶之間的合法對話。為了證明其概念，我們設計和實施名為 Hitchbot惡意軟件[1]，其中包括多個攻擊源，為實現我們所提出的攻擊。特別是，當一個 SNS用戶發送一個鏈接/ URL到他/她的朋友，Hitchbot悄悄地取代類似，但惡意攔截在幾個可能的點之一，互動式輸入/輸出鏈接系統。由於惡意鏈接在一些適當的對話上下文之間的合法用戶交付，這使得它更難以對受害者（以及吊具）來實現攻擊，從而可以大幅增加轉換率。這方法也使 Hitchbot的繞過大多數現有的防禦計劃，主要是靠對用戶的行為或流量異常檢測。 Hitchbot是基於客戶端模塊的形式可以順利上常見的社交網絡服務，包括雅虎和微軟的郵件客戶端和其他基於 Web瀏覽器，如 Facebook和 MySpace的社交網絡服務的加息。為量化 Hitchbot的效力，我們已經研究，交換和處理對 URL操作時用戶的行為。最後，我們研究通過自動在線分類 /識別惡意網址的可行性。尤其是不同類型的屬性/惡意 URL分類功能的有效性進行量化，從不同的惡意網址數據庫中獲得數據的基礎上，我們也考慮實時的準確性，嚴格的延遲要求影響和權衡需求的惡意網址分類。 / The number of cyber crimes has continued to increase rapidly in the recent years. It is now commonplace for malware authors to write malicious programs for prot by stealing user personal information or providing spam-based marketing services. In order to spread malware more effectively, hackers have started to target popular online social networking services (SNS) due to the inherent trust-relationship between the SNS users and the interactive nature of the services. A common attacking approach is for a malware to automatically login using stolen SNS user cre¬dentials and then deliver malicious URLs (links) to the people on the contact/friend-list of the stolen user account by embedding them in some short messages. The victim then gets infected by clicking on the links thought to be delivered by their friends. However, for this approach to be effective, the malware has to mimic human-like behavior which can be quite challenging for anything beyond one/two-liner conversations. In this thesis, we first introduce a new type of attacks called the social hitch-hiking attacks which use a stealthier way to deliver malicious URLs by hitch-hiking on legitimate conversations among SNS users. As a proof-of-concept, we have designed and implemented a malware named Hitchbot [1] which incorporates multiple attack vectors for the realization of our proposed social hitch-hiking attacks. In particular, when a SNS user sends a link/URL to his/her friends, Hitchbot quietly replaces it with a similar-looking, but malicious one by intercepting the link at one of the several pos¬sible points along the interactive-input/output chain of the system. Since the malicious link is delivered within some proper conversation context between the legitimate users, this makes it much more difficult for the victim (which is also the spreader) to realize the attack and thus can increase the conversion rate substantially. The hitch-hiking approach also enables Hitchbot to bypass most existing defense schemes which mainly rely on user-behavior or traffic anomaly detection. Hitchbot is in form of a client-based module which can hitch-hike on common social networking services including the Yahoo and Microsoft Messaging clients and other web-browser-based social-networking services such as Facebook and Myspace. To quantify the effectiveness of Hitchbot, we have studied the behavior of users in exchanging, handling and operating on URLs. Lastly, we study the feasibility of defending hitching-hiking attacks via automated online classification/identification of malicious URLs. In particular, the effectiveness of different types of attributes/features used in malicious URL classification are quantified based on a data obtained from various malicious URL databases. We also consider the implications and trade-offis of stringent latency requirement on the accuracy of real-time, on-demand malicious URL classifications. / Detailed summary in vernacular field only. / Lam, Ka Chun. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2012. / Includes bibliographical references (leaves 43-48). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts also in Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Background --- p.1 / Chapter 1.2 --- Organization --- p.4 / Chapter 2 --- Related Work --- p.6 / Chapter 2.1 --- Exploiting Social Networking Services --- p.6 / Chapter 2.1.1 --- Malware Spreading Channels in SNS --- p.7 / Chapter 2.1.2 --- Common Exploits on SNS platforms --- p.10 / Chapter 2.2 --- Recent defense mechanisms of Malware --- p.12 / Chapter 3 --- A New Class of Attacks via Social Hitch-hiking --- p.14 / Chapter 3.1 --- The Social Hitch-hiking Attack --- p.14 / Chapter 3.1.1 --- The Interactive User Input/Output Chain --- p.16 / Chapter 3.1.2 --- Four Attack Vectors --- p.17 / Chapter 4 --- Attack Evaluation and Measurement --- p.26 / Chapter 4.1 --- Comparison of Attack Vectors --- p.26 / Chapter 4.2 --- Attack Measurement --- p.27 / Chapter 4.3 --- Defense against Hitch-hiking Attacks --- p.29 / Chapter 5 --- Defense via Malicious URL Classification --- p.31 / Chapter 5.1 --- Methodology --- p.31 / Chapter 5.2 --- Attributes --- p.33 / Chapter 5.2.1 --- Lexical attributes --- p.34 / Chapter 5.2.2 --- Webpage content attributes --- p.34 / Chapter 5.2.3 --- Network attributes --- p.34 / Chapter 5.2.4 --- Host-based attributes --- p.35 / Chapter 5.2.5 --- Link popularity attributes --- p.36 / Chapter 5.3 --- Performance Evaluation and Discussions --- p.36 / Chapter 6 --- Conclusion and Future work --- p.41 Computer networks--Security measures Computer security Malware (Computer software)--Prevention
108	Communication Security in Wireless Sensor Networks Ren, Kui 06 April 2007 (has links) A wireless sensor network (WSN) usually consists of a large number of small, low-cost devices that have limited energy supply, computation, memory, and communication capacities. Recently, WSNs have drawn a lot of attention due to their broad applications in both military and civilian domains. Communication security is essential to the success of WSN applications, especially for those mission-critical applications working in unattended and even hostile environments. However, providing satisfactory security protection in WSNs has ever been a challenging task due to various network & resource constraints and malicious attacks. This motivates the research on communication security for WSNs. This dissertation studies communication security in WSNs with respect to three important aspects. The first study addresses broadcast/multicast security in WSNs. We propose a multi-user broadcast authentication technique, which overcomes the security vulnerability of existing solutions. The proposed scheme guarantees immediate broadcast authentication by employing public key cryptography, and achieves the efficiency through integrating various techniques from different domains. We also address multicast encryption to solve data confidentiality concern for secure multicast. We propose an efficient multicast key management scheme supporting a wide range of multicast semantics, which utilizes the fact that sensors are both routers and end-receivers. The second study addresses data report security in WSNs. We propose a location-aware end-to-end security framework for WSNs, in which secret keys are bound to geographic locations so that the impact of sensor compromise are limited only to their vicinity. The proposed scheme effectively defeats not only bogus data injection attacks but also various DoS attacks. In this study, we also address event boundary detection as a specific case of secure data aggregation in WSNs. We propose a secure and fault-tolerant event boundary detection scheme, which securely detects the boundaries of large spatial events in a localized statistic manner. The third study addresses random key pre-distribution in WSNs. We propose a keyed-hash-chain-based key pool generation technique, which leads to a more efficient key pre-distribution scheme with better security resilience in the case of sensor compromise. Defense Attack Wireless Sensor Networks Communication Security Wireless communication systems Security measures Computer networks Security measures
109	Security of distributed data systems Finch, Steven D. January 2010 (has links) Typescript (photocopy). / Digitized by Kansas Correctional Industries Computers-- Access control.
110	Designing and implementing a network authentication service for providing a secure communication channel Chance, Christopher P January 2010 (has links) Typescript (photocopy). / Digitized by Kansas Correctional Industries / Department: Computer Science. Computer networks--Security measures

Search results