Metric methodology for the creation of environments and processes to certify a component : specifically the Naval Research Laboratory Pump

Rich, Ronald P., Holmgren, Jonathan S.

03 1900

This thesis was completed in cooperation with the Cebrowski Institute for Information Innovation and Superiority. / Approved for public release; distribution is unlimited / A of the NP, but the key requirement for Certification and Accreditation is the creation of a Protection Profile and an understanding of the DITSCAP requirements and process. This thesis creates a Protection Profile for the NP along with a draft Type SSAA for Certification and Accreditation of the NP. / Lieutenant, United States Navy / Lieutenant, United States Navy

Computer security

United States

Fitting an information security architecture to an enterprise architecture

19 May 2009

M.Phil. (Computer Science) / Despite the efforts at international and national level, security continues to pose challenging problems. Firstly, attacks on information systems are increasingly motivated by profit rather than by the desire to create disruption for its own sake. Data are illegally mined, increasingly without the user’s knowledge, while the number of variants (and the rate of evolution) of malicious software (malware) is increasing rapidly. Spam is a good example of this evolution. It is becoming a vehicle for viruses and fraudulent and criminal activities, such as spyware, phishing and other forms of malware. Its widespread distribution increasingly relies on botnets, i.e. compromised servers and PCs used as relays without the knowledge of their owners. The increasing deployment of mobile devices (including 3G mobile phones, portable videogames, etc.) and mobile-based network services will pose new challenges, as IP-based services develop rapidly. These could eventually prove to be a more common route for attacks than personal computers since the latter already deploy a significant level of security. Indeed, all new forms of communication platforms and information systems inevitably provide new windows of opportunity for malicious attacks. In order to successfully tackle the problems described above, a strategic approach to information security is required, rather than the implementation of ad hoc solutions and controls. The strategic approach requires the development of an Information Security Architecture. To be effective, an Information Security Architecture that is developed must be aligned with the organisation’s Enterprise Architecture and must be able to incorporate security into each domain of the Enterprise Architecture. This mini dissertation evaluates two current Information Security Architecture models and frameworks to find an Information Security Architecture that aligns with Eskom’s Enterprise Architecture.

Computer security

Computer architecture

Anomaly detection with applications in environmental and cyber security

Locke, Ronald Taylor

January 2012

Thesis (Ph.D.)--Boston University / PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and would like to request open access for it, please contact us at open-help@bu.edu. Thank you. / Two approaches to detecting anomalous behavior within a sequence of random observations are presented. One approach is stochastic in nature, using large deviations techniques to form a Hoeffding decision test. Scenarios in which sequential observations can be considered independent and identically distributed (iid) or adhere to a first-order Markov chain are both considered. The Markovian case is explored further and asymptotic performance results are developed for using the generalized likelihood ratio test (GLRT) to identify a Markov source. After a presentation of binary and multi-class Support Vector Machines (SVM), a deterministic anomaly detection method based on the so-called one-class SVM is also presented. The presented methodologies are then applied to detection and localization of Chemical, Biological, Radiological, or Nuclear (CBRN) events in an urban area using a network of sensors. In contrast to earlier work, these approaches do not solve an inverse dispersion problem but rely on data obtained from a simulation of the CBRN dispersion to obtain descriptors of sensor measurements under a variety of CBRN release scenarios. To assess the problem of environmental monitoring, CBRN event-free conditions are assumed to be iid and a corresponding stochastic anomaly detector is relied on to detect a CBRN event. Conditional on such an event, subsequent sensor observations are assumed to follow a Markov process. Accordingly, the presented Markov source identification methodology is used to map sensor observations to a source location chosen out of a discrete set of possible locations. A multi-class SVM approach to CBRN localization is also developed, and the two techniques are compared using three-dimensional CBRN release simulations. Also addressed is the problem of optimally placing sensors to minimize the localization probability of error. The anomaly detection approaches are then applied to detection of data exfiltration-style attempts on a network server. Two one-class SVM approaches are presented. In both, data packet transmissions are captured and compiled into network flows. In a flow-by-flow network anomaly detector, features are extracted from individual flows and their novelty is tested. If a flows features differ too greatly from nominal flow features, as determined by the SVM, that flow is declared an anomaly. In a network-wide anomaly detector, the novelty of a time sequence of flows is tested. The stochastic anomaly detectors are applied to sequences of flows as well, under the contexts of subsequent network flows either being iid or following a Markov process. These techniques are evaluated on simulated network traffic. / 2031-01-01

Computer security

Cybersecurity

Spontaneous anonymous group cryptography and its applications.

January 2004

Fung Kar-Yin. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2004. / Includes bibliographical references (leaves 72-81). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Development of Cryptography --- p.1 / Chapter 1.2 --- Group Cryptography --- p.3 / Chapter 1.3 --- Spontaneous Anonymous Group Signature --- p.4 / Chapter 1.4 --- Blind Signature --- p.5 / Chapter 1.5 --- Blind SAG Signature --- p.6 / Chapter 1.6 --- Organization of This Thesis --- p.6 / Chapter 2 --- Background Study --- p.7 / Chapter 2.1 --- Six Primitives in Cryptography --- p.7 / Chapter 2.1.1 --- Symmetric Encryption --- p.8 / Chapter 2.1.2 --- Asymmetric Encryption --- p.8 / Chapter 2.1.3 --- Digital Signature --- p.9 / Chapter 2.1.4 --- Hash Function --- p.9 / Chapter 2.1.5 --- Digital Certificate --- p.10 / Chapter 2.1.6 --- Proof of Knowledge --- p.10 / Chapter 2.2 --- Euler Totient Function --- p.11 / Chapter 2.3 --- One-Way Function --- p.12 / Chapter 2.3.1 --- One-Way Trapdoor Function --- p.13 / Chapter 2.3.2 --- Discrete Logarithm Problem --- p.13 / Chapter 2.3.3 --- RSA Problem --- p.14 / Chapter 2.3.4 --- Integer Factorization Problem --- p.15 / Chapter 2.3.5 --- Quadratic Residuosity Problem --- p.15 / Chapter 2.3.6 --- Schnorr's ROS assumption --- p.16 / Chapter 2.4 --- Bilinear Pairing --- p.16 / Chapter 2.4.1 --- Weil Pairing --- p.18 / Chapter 2.4.2 --- Tate Pairing --- p.18 / Chapter 2.5 --- Gap Diffie-Hellman Group --- p.19 / Chapter 2.5.1 --- GDH --- p.19 / Chapter 2.5.2 --- Co-GDH --- p.20 / Chapter 2.6 --- Random Oracle Model --- p.21 / Chapter 2.6.1 --- Random Permutation --- p.23 / Chapter 2.6.2 --- Lunchtime Attack --- p.23 / Chapter 2.6.3 --- Back Patch --- p.23 / Chapter 2.6.4 --- Rewind Simulation --- p.24 / Chapter 2.7 --- Generic Group Model --- p.24 / Chapter 3 --- Digital and Threshold Signatures --- p.26 / Chapter 3.1 --- Introduction --- p.26 / Chapter 3.2 --- Notion of Attacks and Security in Signature --- p.28 / Chapter 3.2.1 --- Types of Signatures --- p.29 / Chapter 3.3 --- Threshold Signature --- p.31 / Chapter 3.4 --- Properties in Threshold Signatures --- p.31 / Chapter 4 --- Blind Signature --- p.33 / Chapter 4.1 --- Introduction --- p.33 / Chapter 4.1.1 --- Security Requirements --- p.35 / Chapter 4.2 --- Transferred Proof of Knowledge --- p.36 / Chapter 4.3 --- RSA Based Schemes --- p.37 / Chapter 4.3.1 --- Chaum's RSA Scheme --- p.37 / Chapter 4.3.2 --- Abe's RSA Scheme --- p.38 / Chapter 4.4 --- Discrete Logarithm Based Schemes --- p.39 / Chapter 4.4.1 --- Schnorr Blind Signature --- p.39 / Chapter 4.4.2 --- Okamoto-Schnorr Blind Signature --- p.40 / Chapter 4.5 --- Bilinear Mapping Based Schemes --- p.40 / Chapter 5 --- Spontaneous Anonymous Group Signature --- p.42 / Chapter 5.1 --- Introduction --- p.42 / Chapter 5.2 --- Cramer-Damgard-Schoemaker (CDS) SAG Signature --- p.44 / Chapter 5.2.1 --- (1´ةn)-CDS type SAG Signature --- p.44 / Chapter 5.2.2 --- "(t, n)-CDS type SAG Signature" --- p.45 / Chapter 5.3 --- Ring-type SAG Signature Schemes --- p.46 / Chapter 5.3.1 --- Rivest-Shamir-Tauman --- p.46 / Chapter 5.3.2 --- Abe's 1-out-of-n Ring Signature --- p.49 / Chapter 5.4 --- Discussions --- p.51 / Chapter 6 --- Blind SAG Signature --- p.53 / Chapter 6.1 --- Introduction --- p.53 / Chapter 6.2 --- Security Definitions --- p.54 / Chapter 6.2.1 --- Security Model --- p.55 / Chapter 6.3 --- "(1,n)-Ring Structured Blind SAG Signature" --- p.57 / Chapter 6.3.1 --- Signing Protocol --- p.58 / Chapter 6.3.2 --- Verification Algorithm --- p.58 / Chapter 6.4 --- CDS-type Blind SAG Signature --- p.59 / Chapter 6.4.1 --- "(l,n)-CDS-type" --- p.59 / Chapter 6.5 --- "(t,n)-CDS-type" --- p.60 / Chapter 6.5.1 --- Signing Protocol --- p.61 / Chapter 6.5.2 --- Verification Algorithm --- p.61 / Chapter 6.6 --- Security Analysis --- p.62 / Chapter 6.7 --- Applications to Credential System --- p.67 / Chapter 7 --- Conclusion --- p.69 / A --- p.71 / Bibliography --- p.81

Cryptography

Computer security

Spontaneous anonymous group cryptography. / CUHK electronic theses & dissertations collection

January 2004

Liu Kai-Sui. / "May 2004." / Thesis (Ph.D.)--Chinese University of Hong Kong, 2004. / Includes bibliographical references (p. 107-116). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Mode of access: World Wide Web. / Abstracts in English and Chinese.

Cryptography

Computer security

A new approach for improving transparency of audio watermarking.

January 2003

Chen Benrong. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2003. / Includes bibliographical references (leaves 125-130). / Abstracts in English and Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- What' s Watermarking --- p.1 / Chapter 1.2 --- "Information Hiding, Steganography, and Watermarking" --- p.3 / Chapter 1.3 --- History of Watermarking --- p.5 / Chapter 1.4 --- Importance of Digital Watermarking --- p.8 / Chapter 1.5 --- Objectives of the Thesis --- p.9 / Chapter 1.6 --- Thesis Outline --- p.10 / Chapter 2 --- Applications and Properties of Audio Watermarking --- p.12 / Chapter 2.1 --- Applications --- p.13 / Chapter 2.1.1 --- Ownership Identification and Proof --- p.13 / Chapter 2.1.2 --- Broadcast Monitoring --- p.16 / Chapter 2.1.3 --- Other Applications --- p.18 / Chapter 2.2 --- Properties --- p.19 / Chapter 2.2.1 --- Transparency --- p.20 / Chapter 2.2.2 --- Robustness --- p.20 / Chapter 2.2.3 --- Other Properties --- p.21 / Chapter 3 --- Possible Methods for Audio Watermarking --- p.24 / Chapter 3.1 --- Overview of Digital Audio Watermarking System --- p.25 / Chapter 3.2 --- Review of Current Methods --- p.27 / Chapter 3.2.1 --- Low Bit Coding --- p.27 / Chapter 3.2.2 --- Phase Coding --- p.28 / Chapter 3.2.3 --- Echo Coding --- p.29 / Chapter 3.2.4 --- Spread Spectrum Watermarking --- p.30 / Chapter 3.3 --- Other Related Approaches --- p.31 / Chapter 3.4 --- Outline of Proposed New Method --- p.33 / Chapter 4 --- Audio Watermarking System Based on Spread Spectrum --- p.36 / Chapter 4.1 --- Introduction --- p.36 / Chapter 4.2 --- Embedding and Detecting Information Bit --- p.39 / Chapter 4.2.1 --- General Embedding Process --- p.39 / Chapter 4.2.2 --- General Detection Process --- p.43 / Chapter 4.2.3 --- Pseudorandom Bit Sequences (PRBS) --- p.45 / Chapter 4.3 --- An Optimal Embedding Process --- p.48 / Chapter 4.3.1 --- Objective Metrics for Embedding Process --- p.48 / Chapter 4.3.2 --- Content Adaptive Embedding --- p.52 / Chapter 4.3.3 --- Determination of Frame Length L --- p.57 / Chapter 4.4 --- Requirement For Transparency Improvement --- p.58 / Chapter 5 --- Sample and Frame Selection For Transparency Improvement --- p.60 / Chapter 5.1 --- Introduction --- p.60 / Chapter 5.2 --- Sample Selection --- p.61 / Chapter 5.2.1 --- General Sample Selection --- p.62 / Chapter 5.2.2 --- Objective Evaluation Metrics --- p.65 / Chapter 5.2.3 --- Sample Selection For Transparency Improvement --- p.66 / Chapter 5.2.4 --- Theoretical Analysis of Sample Selection --- p.87 / Chapter 5.3 --- Frame Sclcction --- p.90 / Chapter 5.3.1 --- General Frame Selection --- p.91 / Chapter 5.3.2 --- Frame Selection For Transparency Improvement --- p.94 / Chapter 5.4 --- Watermark Information Retrieve --- p.103 / Chapter 6 --- Psychoacoustic Model For Robustness Verification --- p.105 / Chapter 6.1 --- Introduction of Human Auditory System --- p.106 / Chapter 6.1.1 --- Absolute Hearing Threshold --- p.106 / Chapter 6.1.2 --- Critical Bands --- p.108 / Chapter 6.1.3 --- Masking Effect --- p.111 / Chapter 6.2 --- Psychoacoustic Model of Human Auditory System --- p.112 / Chapter 6.3 --- Robustness Verification by Psychoacoustic Model Analysis --- p.117 / Chapter 7 --- Conclusions and Suggestions For Future Research --- p.121 / Chapter 7.1 --- Conclusions --- p.121 / Chapter 7.2 --- Suggestions For Future Research --- p.123 / Bibliography --- p.125

Computer security

Digital watermarking

The characteristics of user-generated passwords /

Sawyer, Darren A.

January 1990

Thesis (M.S. in Information Systems)--Naval Postgraduate School, March 1990. / Thesis Advisor(s): Zviran, Moshe ; Haga, William J. "March 1990." Description based on signature page as viewed on October 21, 2009. DTIC identifier(s): Access control, passwords, computer security, identification verification. Author(s) subject terms: Passwords, computer security, user-generated passwords, informaiton system security. Includes bibliographical references (p. 98-99). Also available online.

Data protection. Computer security.

Time-variant normal profiling for anomaly detection systems

Kim, Jung Yeop.

January 2008

Thesis (Ph.D.)--University of Wyoming, 2008. / Title from PDF title page (viewed on August 3, 2009). Includes bibliographical references (p. 73-84).

Anomaly detection (Computer security)

Research in computer forensics /

Wai, Hor Cheong.

January 2002

Thesis (M.S.)--Naval Postgraduate School, 2002. / Thesis advisor(s): Daniel F. Warren, Dan C. Boger. Includes bibliographical references (p. 191). Also available online.

Computer security. Computer crimes

A computational model and multi-agent simulation for information assurance /

VanPutte, Michael A.

January 2002

Thesis (Ph. D.)--Naval Postgraduate School, 2002. / Dissertation supervisor: Cynthia Irvine. Includes bibliographical references (p. 155-164). Also available online.

Computer security. Computer networks