Global ETD Search

81	Simulation of New Security Elements in an Ad Hoc Network Ashraful Karim, Syed Md. January 2009 (has links) <p>The candidate will configure a simulation of an ad hoc network for first responders in a crisis scenario using the NS2 simulation platform. The task will involve adjustment and experimentation with simulation parameters. Finally, new security protocol elements developed in the OASIS project at SINTEF ICT will be introduced through modification of the protocol definitions for NS2 written in C++. The work will be performed at SINTEF ICT.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
82	Web Applications Security : A security model for client-side web applications Prabhakara, Deepak January 2009 (has links) <p>The Web has evolved to support sophisticated web applications. These web applications are exposed to a number of attacks and vulnerabilities. The existing security model is unable to cope with these increasing attacks and there is a need for a new security model that not only provides the required security but also supports recent advances like AJAX and mashups. The attacks on client-side Web Applications can be attributed to four main reasons – 1) lack of a security context for Web Browsers to take decisions on the legitimacy of requests, 2) inadequate JavaScript security, 3) lack of a Network Access Control and 4) lack of security in Cross-Domain Web Applications. This work explores these four reasons and proposes a new security model that attempts to improve overall security for Web Applications. The proposed security model allows developers of Web Applications to define fine-grained security policies and Web Browsers enforce these rules; analogous to a configurable firewall for each Web Application. The Browser has disallows all unauthorized requests, thus preventing most common attacks like Cross-Site Script Injections, Cross-Frame Scripting and Cross-Site Tracing. In addition the security model defines a framework for secure Cross-Domain Communication, thus allowing secure mashups of Web Services. The security model is backward compatible, does not affect the current usability of the Web Applications and has cross-platform applicability. The proposed security model was proven to protect against most common attacks, by a proof-of-concept implementation that was tested against a comprehensive list of known attacks.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
83	Cryptanalysis of IEEE 802.11i TKIP Halvorsen, Finn Michael, Haugen, Olav January 2009 (has links) <p>The Temporal Key Integrity Protocol (TKIP) was created to fix the weaknesses of Wired Equivalent Privacy (WEP). Up until November 2008, TKIP was believed to be a secure alternative to WEP, although some weak points were known. In November 2008, the German researchers Martin Beck and Erik Tews released a paper titled Practical Attacks Against WEP and WPA. This paper introduced the first practical cryptographic attack on TKIP. This thesis continues the work of Beck and Tews, and presents an improved attack as an advancement of their original attack. The thesis starts by giving a comprehensive study of the current state of wireless network and security protocols. Next, a detailed description of Beck and Tews' attack will be given. The main contribution in this thesis is an improvement of Beck and Tews' attack on TKIP. This improved attack is able to obtain more than ten times the amount of keystream than the original attack, by exploiting the fact that the Dynamic Host Configuration Protocol (DHCP) contains large amounts of known plaintext. Additionally, the authors prove how it is possible to modify the original attack on TKIP to be able to perform an Address Resolution Protocol (ARP) poisoning attack and a cryptographic Denial-of-Service (DoS) attack. In addition to these theoretical results, the contributions made by the authors were implemented as extensions to the source code provided by Beck and Tews. Experimental verification of the attacks was also performed; this included the original attack by Beck and Tews, as well as our own contributions.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
84	Securing Near Field Communication Kortvedt, Henning Siitonen January 2009 (has links) <p>Near Field Communication (NFC) specifies a standard for a wireless communication protocol enabling data transfer by keeping two devices close together, about 10 cm maximum. NFC is designed for integration with mobile phones, which can communicate with other NFC phones (peer-to-peer) or read information on tags and cards (reader). An NFC device can also be put in card emulation mode, to offer compatibility with other contactless smart card standards. This enables NFC devices to replace traditional contactless plastic cards used in public transport ticketing, access control, ATMs and other similar applications. At the beginning of my work, there seemed to be no available security protocol for NFC. I therefore formed a hypothesis stating that NFC communication can be eavesdropped, with intention to present methods to secure the channel if needed. It should however turn out that ECMA has been working with a security protocol called NFC-SEC-01, which specifies a key agreement and secure channel protocol for NFC in peer-to-peer mode. My work does mainly focus on reader mode and card emulation mode, as I expect these to be the most interesting from a commercial point of view. This Masters thesis proves that it is possible to eavesdrop on NFC communication, and gives a thorough description of how this can be done using simple equipment and methods. The performed experiments show that the communication protocol does not offer any security in itself, and that transferred data can be picked up at a distance of approximately 20-30cm using an improvised antenna without any signal amplification or filtering circuitry. Using a proper radio receiver, this distance should increase significantly. As NFC in active communication mode has a far greater eavesdropping range than the passive mode, the latter should be preferred in typical banking and payment applications. A layered security model is presented to counterfeit the possible attacks against applications using NFC technology. This solution is meant to be an idea for a public NFC security framework. A publicly available security library would ease implementation of the desired security level when developing applications, and hopefully attract more applications to start using this technology instead of traditional plastic cards. This may save both cost and the environment, as plastic cards will be replaced by software implemented tokens. By introducing a common security protocol, cryptographic co processors can be implemented while manufacturing the devices. This will be more effective than implementing special software encryption for each application. The cryptographic mechanisms presented in my solution shall however work efficiently also for software implementations, which opens for a smooth transition period with coexisting applications using traditional contact based and contactless smart cards.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
85	NPT Online Broadband Test Tool Hansen, Lars-Petter Gunhildsberg, Østhus, Ivar Conradi January 2009 (has links) <p>Many broadband subscribers suspect that they do not receive the data rate they are paying for. In order to verify that the broadband connection is compliant with the product purchased, subscribers can go on-line and choose between a myriad of available on-line broadband test tools with variable degree of precision. Today there exist no standardized methods to perform broadband evaluation for private subscribers. We review and benchmark a selection of the available broadband test tools to reveal their strengths and weaknesses. Different tools have different approaches in their evaluation of network performance. Our studies show that most of the tools achieve acceptable accuracy for common Internet access data rates in Norway today. But when the data rate is increasing, the results from the different tools start to deviate. This is apparent for the upload rates in particular. The test methodology and the implementation technology are crucial for high bandwidth measurements. The Norwegian Post and Telecommunications Authority will develop and release an on-line tool for evaluation of the end-users' Internet connections. We present the planned service and elaborate its possibilities and limitations. Network neutrality is a concept that is quite ambiguous, and there exist many different interpretations. Based on the principles of network neutrality, developed by the Norwegian Post and Telecommunications Authority, we evaluate if the planned service is able to reveal breaches of network neutrality. We conclude that this is not possible with the planned service, mainly because of the limitations in the planned architecture combined with the complexity of network neutrality. A broadband test tool should evaluate the quality of a broadband connection in context of its usage. We suggest a user profile scheme based on relevant services for different groups of users. Different services have requirements to different network characteristics, and this consequently determine what characteristics should be evaluated for each profile. Lastly, we make use of our gained knowledge and recommend possible extensions and future applications for broadband evaluation.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
86	Hybrid Peer-to-Peer Solution for MMORPGs Aasen, Frode Voll, Johannessen, Tom-Christian Bjørlo January 2009 (has links) <p>This thesis provides an introduction to the MMORPG genre, and the challenges of engineering a networking system supporting these games, as well as the state of the art titles that exist on the market today. Further it describes the design and development of a peer-to-peer networking system to support MMORPG games, and basic testing of this system. It focuses on a broad theoretical approach to provide a solid background to understand the options available and choices made in the design of the system. The thesis presents a hybrid peer-to-peer concept that aims to reduce costs of operating an MMORPG, allowing smaller game developers to compete against major titles. It includes the main features that should be enabled in a distributed MMORPG architecture. The concept is designed to be flexible in terms of further development, allowing new features to be added with ease and providing game designers with multiple options. A proof-of-concept demo is implemented in Java, displaying the features through a simple interface, and tests showed that the concept has potential to challenge the client-server solutions that are dominating the market today.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
87	Gait Mimicking : Attack Resistance Testing of Gait Authentication Systems Mjaaland, Bendik Bjørklid January 2009 (has links) <p>Biometric technology is rapidly evolving in today's society. A large part of the technology has its roots hundreds, or even thousands of years back in time, while other parts are new and futuristic. Research suggest that individuals can be identified by the way they walk, and this kind of biometrics, gait biometrics, is a rather new and definitely intriguing field. However, the technology is far from mature; the performance is not generally competitive to other biometrics, and it has not been thoroughly tested security-wise. This thesis aims to test the security strength of gait biometrics. It will focus on imitation, or mimicking of gait. The bottom line question is whether it is possible to learn to walk like someone else. If this turns out to be easy, it will have a severe effect on the potential of gait as an authentication mechanism in the future. The report is logically twofold. In one part, the reader is brought up to speed on the field of gait biometrics, and a software tool for gait authentication is developed and presented. Second, an experiment is conducted, involving extensive training of test subjects, and using sources of feedback like video and statistical analysis. The data is analyzed by regression, and the goal is to determine whether or not the participants are increasing their mimicking skills, or simply put: if they are learning. The first part of the experiment involves 50 participants that are successfully enrolled using the developed software. The results compete with state of the art gait technology, with an EER of 6.2%. The rest of the experiment is related to mimicking, and the thesis discovers that six out of seven participants seem to have a natural boundary to their performance, a "plateau", forcing them back whenever they attempt to improve further. The location of this plateau predetermines the outcome of an attack; for success it has to lie below the acceptance threshold corresponding to the EER. Exactly one such boundary is identified for almost all participants, but some data also indicate that more than one plateau can exist simultaneously. The final result however, is that a very limited amount of learning is present, not nearly enough to pose a threat to gait biometrics. Gait mimicking is a hard task, and our physiology works against us when we try to adopt specific gait characteristics.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
88	Disk Encryption : Scrutinizing IEEE Standard 1619XTS-AES Alam, Adnan Vaseem January 2009 (has links) <p>Disk encryption has changed during the last decade from being a mechanism only used by corporate executives and government agencies for their top secret information, to become trivially feasible for everyone to utilize. One of the forces that have been driving this development is the steady flow of new cryptographic primitives such as tweakable narrow- and wide-block ciphers specifically designed for disk encryption implementations. One such tweakable narrow-block cipher is XTS-AES, which is standardized in IEEE Std 1619 and very recently accepted by NIST as an approved mode of operation for AES under FIPS-140. In the first part of this thesis, we study principles and investigate methods used in disk encryption. We present the different implementation types of disk encryption (hardware-based versus software-based, wide-block versus narrow-block, authenticated versus transparent), commonly discussed modes of operations (LRW, XEX, MCB, CMC, EME, XCB), and briefly review some open-source software implementations of disk encryption (TrueCrypt, FreeOTFE, dm-crypt). In the second part of this thesis we provide a thorough examination of XTS-AES, describing both its security and real-world performance. To our knowledge, this is the first scientific work to provide an elaborate description of XTS-AES while also assessing its real-world performance. Our work show that introducing XTS-AES-256 full system disk encryption using TrueCrypt 6.1a on Windows yield a decrease in write and read speed of up to -35% (average for Windows XP, Windows Vista, and Windows 7 Beta). Further, our results also show that disk operations that uses approximately 2% of the CPU resources when no disk encryption is present, takes up to 50% of the CPU resources when full system disk encryption is deployed.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
89	Realizing Secure Multiparty Computations Vegge, Håvard January 2009 (has links) <p>In this thesis the Virtual Ideal Functionality Framework (VIFF) has been used for implementing practical applications based on multiparty computation (MPC). The work started with a theoretical study of secret sharing and multiparty computation. VIFF, its functionality and mode of operation were also thoroughly investigated. In addition, an overview of electronic voting, challenges and typical security requirements have been briefly examined. The background study led to the development of two applications. The first was a small GUI program in which participants on some scientific paper can vote for their choice of 1th, 2th, 3th, etc. author. The second was a secure web voting application accessible from the world wide web.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk
90	Automated Calibration of Multi-Projector Arrays Nordbryhn, Ola January 2009 (has links) <p>Setting up large multi-projector arrays today usually come at a cost; manual calibration of each projector requires time. The orientation of the image from each projector must be correctly aligned in six axes to make the final projected output fit the screen. Not all aspects of calibrating projectors are possible to correct, consumer hardware usually only covers two or three of the axes, the remainder are often corrected using clever projector placement. Also, the degree of which it is possible to adjust is also limited, decreasing placement flexibility. As the collaboration surfaces in Hems lab requires a large number of projectors to work seamlessly together, good calibration techniques are required in order to keep setup and maintenance time low, while giving highly accurate calibration results. Abstract By creating a software demonstrator that automates much of the calibration and enables quick and easy setup, I have made possible rapid prototyping, testing and demonstration of multi-projector arrays, both with single and stereoscopic views. As I will prove, this software shows a flexible approach that may be of use, not only to the Caruso lab and future Hems lab, but may also be used in other settings where projector technology up to this date still has not been widely used, by overcoming the calibration and image warping hurdles and limitations. Abstract The software is developed with basis in the OpenCV computer vision library, and implemented in Python. Tests show that calibration time for a single projector may be cut down to a matter of seconds, regardless of the placement of the projector in relation to the screen, whereas traditional calibration often still not reach the same level of accuracy even if taking tens of minutes or require repositioning of the projector to compensate for the lack of adjustment possibilities.</p> ntnudaim SIE7 kommunikasjonsteknologi Telematikk

Search results