Global ETD Search

201	A model of United Methodists responding to grief and tragedy five Manhattan pastors respond to the terrorist attack on September 11, 2001 / Hahs, Jame. January 2006 (has links) Thesis (D. Min.)--Covenant Theological Seminary, 2006. / Includes abstract. Includes bibliographical references (leaves 223-227).
202	Outils d'aide à la recherche de vulnérabilités dans l'implantation d'applications embarquées sur carte à puce Andouard, Philippe 18 December 2009 (has links) Les travaux présentés dans cette thèse ont pour objectif de faciliter les évaluations sécuritaires des logiciels embarqués dans les cartes à puce. En premier lieu, nous avons mis au point un environnement logiciel dédié à l'analyse de la résistance d'implémentations d'algorithmes cryptographiques face à des attaques par analyse de la consommation de courant. Cet environnement doit être vu comme un outil pour rechercher des fuites d'information dans une implémentation en vue d'évaluer la faisabilité d'une attaque sur le produit réel. En second lieu, nous nous sommes intéressé à l'analyse de programmes écrits en langage d'assemblage AVR dans le but de vérifier s'ils sont vulnérables aux \textsl{timing attacks}. Nous avons donc développé un outil qui consiste à décrire des chemins du flot de contrôle d'un programme grâce à des expressions régulières qui seront par la suite interprétées par notre outil afin de donner leur temps exact d'exécution (en terme de cycles d'horloge). Enfin, nous avons étudié comment faciliter la compréhension de programmes écrits en langage C dans le but de vérifier si des politiques de sécurité sont correctement implémentées. D'une part, nous fournissons des assistants de navigation qui au travers d'informations concernant les variables et procédures rencontrées, facilitent la compréhension du programme. D'autre part, nous avons au point une manière de vérifier les politiques de sécurité sans modélisation préalable (e.g. avec un automate à états finis) au moyen de requêtes exprimées dans la logique CTL. / The work presented in this thesis aims at easing the evaluation process of smartcards embedded software. On one hand, we set up a software environment dedicated to analyze the implementation resistance of cryptographic to power analysis attacks. This environment must be seen as a tool that facilitates a real attack by giving a way to find information leakages in an implementation. On the other hand, we focused on analyzing program written in AVR assembly language in order to check whether they are vulnerable to timing attacks. To achieve this goal we have developed a tool that makes possible the description of a path in the control flow of the program thanks to regular expressions. Those regular expressions will be interpreted by our tool in order to give the exact execution timing (expressed in clock cycles). Finally, we studied how to ease the global comprehension of a program written in C language in order to check whether security policies are well implemented. First, we provide graphical navigation assisants that helps to understand the progam being analyzed by giving information on variables and procedures. Then, we provide a way to check the security policies through the use of requests expressed with the CTL logic. This approach does not need prior modelisation of the program. Carte à puce Sécurité Side channel attacks Langage d'assemblage AVR Langage C Smartcard Security Microcontrollers Side channel attacks AVR assembly language C language
203	State-of-the-art Intrusion Detection: Technology, Challenges, and Evaluation. Peddisetty, Naga Raju January 2005 (has links) Due to the invention of automated hacking tools, Hacking is not a black art anymore. Even script kiddies can launch attacks in few seconds. Therefore, there is a great emphasize on the Security to protect the resources from camouflage. Intrusion Detection System is also one weapon in the security arsenal. It is the process of monitoring and analyzing information sources in order to detect vicious traffic. With its unique capabilities like monitoring, analyzing, detecting and archiving, IDS assists the organizations to combat against threats, to have a snap-shot of the networks, and to conduct Forensic Analysis. Unfortunately there are myriad products inthe market. Selecting a right product at time is difficult. Due to the wide spread rumors and paranoia, in this work I have presented the state-of-the-art IDS technologies, assessed the products, and evaluated. I have also presented some of the novel challenges that IDS products are suffering. This work will be a great help for pursuing IDS technology and to deploy Intrusion Detection Systems in an organization. It also gives in-depth knowledge of the present IDS challenges. Informationsteknik IDS Challenges Evaluation State-of-the-art IDS Evasion attacks IDS features zero-day attacks Encrypted traffic. Informationsteknik Computer and Information Sciences Data- och informationsvetenskap
204	Klasifikátory proudových otisků / Classifiers of power patterns Zapletal, Ondřej January 2014 (has links) Over the last several years side-channel analysis has emerged as a major threat to securing sensitive information in cryptographic devices. Several side-channels have been discovered and used to break implementations of all major cryptographic algorithms (AES, DES, RSA). This thesis is focused on power analysis attacks. A variety of power analysis methods has been developed to perform these attacks. These methods include simple power analysis (SPA), differential power analysis (DPA), template attacks, etc. This work provides comprehensive survey of mentioned methods and also investigates the application of a machine learning techniques in power analysis. The considered learning techniques are neural networks and support vector machines. The final part of this thesis is dedicated to implemenation of the attack against protected software AES implementation which is used in the DPA Contest.
205	Metriky pro detekci útoků v síťovém provozu / Metrics for Intrusion Detection in Network Traffic Homoliak, Ivan January 2012 (has links) Publication aims to propose and apply new metrics for intrusion detection in network traffic according to analysis of existing metrics, analysis of network traffic and behavioral characteristics of known attacks. The main goal of the thesis is to propose and implement new collection of metrics which will be capable to detect zero day attacks.
206	Analyse de vulnérabilité des systèmes embarqués face aux attaques physiques / Vulnerability analysis of embedded systems against physical attacks Bukasa, Sébanjila Kevin 08 July 2019 (has links) Au cours de cette thèse, nous nous sommes concentrés sur la sécurité des appareils mobiles. Pour cela, nous avons exploré les attaques physiques par perturbation (injection de fautes) ainsi que par observation, toutes deux basées sur les émissions électromagnétiques. Nous avons sélectionné deux types de cibles représentant deux catégories d'appareils mobiles. D'une part les microcontrôleurs qui équipent les appareils de type IoT. Et d'autre part les System-on-Chip (SoC) que l'on retrouve sur les smartphones. Nous nous sommes concentrés sur les puces conçue par ARM. Au travers d'attaques physiques nous avons voulu montrer qu'il était possible d'affecter la microarchitecture sur laquelle repose tout le fonctionnement de ces systèmes. Toutes les protections pouvant être mises en place par la suite au niveau logiciel, sont basées sur la microarchitecture et deviennent donc inopérantes lorsque l'on s'attaque à celle-ci. Pour les appareils de type IoT, nous avons mis en évidence la possibilité d'obtenir des informations ou un contrôle total de l'appareil à l'aide d'une injection de faute. Les injections de fautes sont dans ce cas les déclencheurs d'attaques logicielles et permettent d'outrepasser des protections logicielles. Pour les appareils de type smartphone, nous avons dans un premier temps été capable d'extraire des informations contenue à l'intérieur d'un SoC, à l'aide d'une écoute électromagnétique et de la caractérisation du comportement de celui-ci. Dans un deuxième temps, nous avons pu montrer qu'en cas de faute des comportements aléatoire peuvent se produire, tout en caractérisant ces comportements. Démontrant ainsi que sur des systèmes plus complexes, il est tout de même possible d'avoir recours à des attaques physiques. Enfin nous avons proposé des pistes d'améliorations en lien avec nos différentes constatations au cours de ces travaux. / During this thesis, we focused on the security of mobile devices. To do this, we explored physical attacks by perturbation (fault injections) as well as by observation, both based on electromagnetic emissions. We selected two types of targets representing two categories of mobile devices. On the one hand, the microcontrollers that equip IoT devices. And on the other hand the System-on-Chip (SoC) that can be found on smartphones. We focused on the chips designed by ARM. Through physical attacks we wanted to show that it was possible to affect the microarchitecture on which the entire functioning of these systems is based. All the protections that can be implemented later at the software level are based on the microarchitecture and therefore become ineffective when it is attacked. For IoT devices, we have highlighted the possibility of obtaining information or total control of the device by means of a fault injection. In this case, fault injections are used as software attack triggers. They also allow software protection to be bypassed. For smartphone devices, we were initially able to extract information contained within a SoC, using electromagnetic listening and characterization of its behavior. In a second step, we were able to show that in the event of a fault, random behaviours can occur, we characterized and proposed explanations for these behaviours. Demonstrating and on systems more advanced than IoT, it is still possible to use physical attacks. Finally, we proposed possible improvements in relation to our various findings during this work. Systèmes embarqués Sécurité Attaques physiques Attaques par canaux auxiliaires Émissions électromagnétiques Injections de fautes Embedded systems Security Physical Attacks Fault Injections Side-Channel Attacks Electromagnetic emissions
207	A Study on Behaviors of Machine Learning-Powered Intrusion Detection Systems under Normal and Adversarial Settings Pujari, Medha Rani 15 June 2023 (has links) No description available. Computer Science Intrusion detection systems machine learning contemporary research datasets UNSW-NB15 Bot-IoT CSE-CIC-IDS2018 adversarial machine learning white-box attacks black-box attacks defense mechanism
208	Literature review on trustworthiness of Signature-Based and Anomaly detection in Wireless Networks Spångberg, Josephine, Mikelinskas, Vainius January 2023 (has links) The internet has become an essential part of most people's daily lives in recent years, and as more devices connect to the internet, the risk of cyber threats increases dramatically. As malware becomes more sophisticated, traditional security prevention measures are becoming less effective at defending from cyber attacks. As a result, Signature Based Detection and Anomaly Detection are two of many advanced techniques that have become crucial to defend against cyber threats such as malware, but even these are sometimes not enough to stop modern cyberattacks. In this literature review the goal is to discuss how trustworthy each of the mentioned malware detection techniques are at detecting malware in wireless networks. The study will measure trustworthiness by looking further into scalability, adaptability and robustness and resource consumption. This study concludes that both anomaly and signature-based malware detection methods exhibit strengths and weaknesses in scalability, robustness, adaptability, and resource consumption. Furthermore, more research is needed and as malware becomes more sophisticated and an increased threat to the world it is an area that is highly relevant. Cyber threats Malware Cyber attacks Signature Based Detection Anomaly Detection Cyber defense Sophisticated attacks Modern cyberattacks malware detection in wireless network IoT Computer Sciences Datavetenskap (datalogi)
209	Deep Reinforcement Learning for Temperature Control in Buildings and Adversarial Attacks Ammouri, Kevin January 2021 (has links) Heating, Ventilation and Air Conditioning (HVAC) systems in buildings are energy consuming and traditional methods used for building control results in energy losses. The methods cannot account for non-linear dependencies in the thermal behaviour. Deep Reinforcement Learning (DRL) is a powerful method for reaching optimal control in many different control environments. DRL utilizes neural networks to approximate the optimal actions to take given that the system is in a given state. Therefore, DRL is a promising method for building control and this fact is highlighted by several studies. However, neural network polices are known to be vulnerable to adversarial attacks, which are small, indistinguishable changes to the input, which make the network choose a sub-optimal action. Two of the main approaches to attack DRL policies are: (1) the Fast Gradient Sign Method, which uses the gradients of the control agent’s network to conduct the attack; (2) to train a a DRL-agent with the goal to minimize performance of control agents. The aim of this thesis is to investigate different strategies for solving the building control problem with DRL using the building simulator IDA ICE. This thesis is also going to use the concept of adversarial machine learning by applying the attacks on the agents controlling the temperature inside the building. We first built a DRL architecture to learn how to efficiently control temperature in a building. Experiments demonstrate that exploration of the agent plays a crucial role in the training of the building control agent, and one needs to fine-tune the exploration strategy in order to achieve satisfactory performance. Finally, we tested the susceptibility of the trained DRL controllers to adversarial attacks. These tests showed, on average, that attacks trained using DRL methods have a larger impact on building control than those using FGSM, while random perturbation have almost null impact. / Ventilationssystem i byggnader är energiförbrukande och traditionella metoder som används för byggnadskontroll resulterar i förlust av energisparande. Dessa metoder kan inte ta hänsyn till icke-linjära beroenden i termisk beteenden. Djup förstärkande inlärning (DRL) är en kraftfull metod för att uppnå optimal kontroll i många kontrollmiljöer. DRL använder sig av neurala nätverk för att approximera optimala val som kan tas givet att systemet befinner sig i en viss stadie. Därför är DRL en lovande metod för byggnadskontroll och detta faktumet är markerat av flera studier. Likväl, neurala nätverk i allmänhet är kända för att vara svaga mot adversarial attacker, vilket är små ändringar i inmatningen, som gör att neurala nätverket väljer en åtgärd som är suboptimal. Syftet med denna anvhandling är att undersöka olika strategier för att lösa byggnadskontroll-problemet med DRL genom att använda sig av byggnadssimulatorn IDA ICE. Denna avhandling kommer också att använda konceptet av adversarial machine learning för att attackera agenterna som kontrollerar temperaturen i byggnaden. Det finns två olika sätt att attackera neurala nätverk: (1) Fast Gradient Sign Method, som använder gradienterna av kontrollagentens nätverk för att utföra sin attack; (2) träna en inlärningsagent med DRL med målet att minimera kontrollagenternas prestanda. Först byggde vi en DRL-arkitektur som lärde sig kontrollera temperaturen i en byggad. Experimenten visar att utforskning av agenten är en grundläggande faktor för träningen av kontrollagenten och man måste finjustera utforskningen av agenten för att nå tillfredsställande prestanda. Slutligen testade vi känsligheten av de tränade DRL-agenterna till adversarial attacker. Dessa test visade att i genomsnitt har det större påverkan på kontrollagenterna att använda DRL metoder än att använda sig av FGSM medans att attackera helt slumpmässigt har nästan ingen påverkan. Deep Reinforcement Learning Adversarial Attacks Optimal Attacks Building Control Optimal Control Energy Efficiency Djup förstärkande inlärning Adversarial Attacker Optimala Attacker Byggnadskontroll Optimal Kontroll Energieffektivitet Computer Sciences Datavetenskap (datalogi)
210	Design of a Hardware Security PUF Immune to Machine Learning Attacks Pundir, Nitin K., Pundir January 2017 (has links) No description available. Electrical Engineering Engineering Arbiter PUF Ring Oscillator PUF Uniqueness Randomness Modeling Attacks Machine Learning Attacks NIST Physical Unclonable Functions Hardware Security

Search results