• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 42
  • 12
  • 8
  • 8
  • 7
  • 2
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 120
  • 120
  • 41
  • 39
  • 29
  • 27
  • 23
  • 22
  • 21
  • 20
  • 18
  • 17
  • 16
  • 16
  • 15
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
91

<strong>Deep Learning-Based Anomaly  Detection in TLS Encrypted Traffic</strong>

Kehinde Ayano (16650471) 03 August 2023 (has links)
<p> The growing trend of encrypted network traffic is changing the cybersecurity threat scene. Most critical infrastructures and organizations enhance service delivery by embracing digital platforms and applications that use encryption to ensure that data and Information are moved across networks in an encrypted form to improve security. While this protects data confidentiality, hackers are also taking advantage of encrypted network traffic to hide malicious software known as malware that will easily bypass the conventional detection mechanisms on the system because the traffic is not transparent for the monitoring mechanism on the system to analyze. Cybercriminals leverage encryption using cryptographic protocols such as SSL/TLS to launch malicious attacks. This hidden threat exists because of the SSL encryption of benign traffic. Hence, there is a need for visibility in encrypted traffic. This research was conducted to detect malware in encrypted network traffic without decryption. The existing solution involves bulk decryption, analysis, and re-encryption. However, this method is prone to privacy issues, is not cost-efficient, and is time-consuming, creating huge overhead on the network. In addition, limited research exists on detecting malware in encrypted traffic without decryption. There is a need to strike a balance between security and privacy by building an intelligent framework that can detect malicious activity in encrypted network traffic without decrypting the traffic prior to inspection. With the payload still encrypted, the study focuses on extracting metadata from flow features to train the machine-learning model. It further deployed this set of features as input to an autoencoder, leveraging the construction error of the autoencoder for anomaly detection. </p>
92

Defeating Critical Threats to Cloud User Data in Trusted Execution Environments

Adil Ahmad (13150140) 26 July 2022 (has links)
<p>In today’s world, cloud machines store an ever-increasing amount of sensitive user data, but it remains challenging to guarantee the security of our data. This is because a cloud machine’s system software—critical components like the operating system and hypervisor that can access and thus leak user data—is subject to attacks by numerous other tenants and cloud administrators. Trusted execution environments (TEEs) like Intel SGX promise to alter this landscape by leveraging a trusted CPU to create execution contexts (or enclaves) where data cannot be directly accessed by system software. Unfortunately, the protection provided by TEEs cannot guarantee complete data security. In particular, our data remains unprotected if a third-party service (e.g., Yelp) running inside an enclave is adversarial. Moreover, data can be indirectly leaked from the enclave using traditional memory side-channels.</p> <p><br></p> <p>This dissertation takes a significant stride towards strong user data protection in cloud machines using TEEs by defeating the critical threats of adversarial cloud services and memory side-channels. To defeat these threats, we systematically explore both software and hardware designs. In general, we designed software solutions to avoid costly hardware changes and present faster hardware alternatives.</p> <p><br></p> <p>We designed 4 solutions for this dissertation. Our Chancel system prevents data leaks from adversarial services by restricting data access capabilities through robust and efficient compiler-enforced software sandboxing. Moreover, our Obliviate and Obfuscuro systems leverage strong cryptographic randomization and prevent information leakage through memory side-channels. We also propose minimal CPU extensions to Intel SGX called Reparo that directly close the threat of memory side-channels efficiently. Importantly, each designed solution provides principled protection by addressing the underlying root-cause of a problem, instead of enabling partial mitigation.</p> <p><br></p> <p>Finally, in addition to the stride made by our work, future research thrust is required to make TEEs ubiquitous for cloud usage. We propose several such research directions to pursue the essential goal of strong user data protection in cloud machines.</p>
93

Language-Based Techniques for Policy-Agnostic Oblivious Computation

Qianchuan Ye (18431691) 28 April 2024 (has links)
<p dir="ltr">Protecting personal information is growing increasingly important to the general public, to the point that major tech companies now advertise the privacy features of their products. Despite this, it remains challenging to implement applications that do not leak private information either directly or indirectly, through timing behavior, memory access patterns, or control flow side channels. Existing security and cryptographic techniques such as secure multiparty computation (MPC) provide solutions to privacy-preserving computation, but they can be difficult to use for non-experts and even experts.</p><p dir="ltr">This dissertation develops the design, theory and implementation of various language-based techniques that help programmers write privacy-critical applications under a strong threat model. The proposed languages support private structured data, such as trees, that may hide their structural information and complex policies that go beyond whether a particular field of a record is private. More crucially, the approaches described in this dissertation decouple privacy and programmatic concerns, allowing programmers to implement privacy-preserving applications modularly, i.e., to independently develop application logic and independently update and audit privacy policies. Secure-by-construction applications are derived automatically by combining a standard program with a separately specified security policy.</p><p><br></p>
94

New Theoretical Techniques For Analyzing And Mitigating Password Cracking Attacks

Peiyuan Liu (18431811) 26 April 2024 (has links)
<p dir="ltr">Brute force guessing attacks continue to pose a significant threat to user passwords. To protect user passwords against brute force attacks, many organizations impose restrictions aimed at forcing users to select stronger passwords. Organizations may also adopt stronger hashing functions in an effort to deter offline brute force guessing attacks. However, these defenses induce trade-offs between security, usability, and the resources an organization is willing to investigate to protect passwords. In order to make informed password policy decisions, it is crucial to understand the distribution over user passwords and how policy updates will impact this password distribution and/or the strategy of a brute force attacker.</p><p dir="ltr">This first part of this thesis focuses on developing rigorous statistical tools to analyze user password distributions and the behavior of brute force password attackers. In particular, we first develop several rigorous statistical techniques to upper and lower bound the guessing curve of an optimal attacker who knows the user password distribution and can order guesses accordingly. We apply these techniques to analyze eight password datasets and two PIN datasets. Our empirical analysis demonstrates that our statistical techniques can be used to evaluate password composition policies, compare the strength of different password distributions, quantify the impact of applying PIN blocklists, and help tune hash cost parameters. A real world attacker may not have perfect knowledge of the password distribution. Prior work introduced an efficient Monte Carlo technique to estimate the guessing number of a password under a particular password cracking model, i.e., the number of guesses an attacker would check before this particular password. This tool can also be used to generate password guessing curves, but there is no absolute guarantee that the guessing number and the resulting guessing curves are accurate. Thus, we propose a tool called Confident Monte Carlo that uses rigorous statistical techniques to upper and lower bound the guessing number of a particular password as well as the attacker's entire guessing curve. Our empirical analysis also demonstrate that this tool can be used to help inform password policy decisions, e.g., identifying and warning users with weaker passwords, or tuning hash cost parameters.</p><p dir="ltr">The second part of this thesis focuses on developing stronger password hashing algorithms to protect user passwords against offline brute force attacks. In particular, we establish that the memory hard function Scrypt, which has been widely deployed as password hash function, is maximally bandwidth hard. We also present new techniques to construct and analyze depth robust graph with improved concrete parameters. Depth robust graph play an essential rule in the design and analysis of memory hard functions.</p>
95

A Comprehensive and Comparative Examination of Healthcare Data Breaches: Assessing Security, Privacy, and Performance

Al Kinoon, Mohammed 01 January 2024 (has links) (PDF)
The healthcare sector is pivotal, offering life-saving services and enhancing well-being and community life quality, especially with the transition from paper-based to digital electronic health records (EHR). While improving efficiency and patient safety, this digital shift has also made healthcare a prime target for cybercriminals. The sector's sensitive data, including personal identification information, treatment records, and SSNs, are valuable for illegal financial gains. The resultant data breaches, increased by interconnected systems, cyber threats, and insider vulnerabilities, present ongoing and complex challenges. In this dissertation, we tackle a multi-faceted examination of these challenges. We conducted a detailed analysis of healthcare data breaches using the VERIS (Vocabulary for Event Recording and Incident Sharing) dataset. We delve into the trends of these breaches, investigate the attack vectors, and identify patterns to inform effective mitigation strategies. We conducted a spatiotemporal analysis of the VERIS and the Office of Civil Rights (OCR) datasets. We explored the geographical and temporal distribution of breaches and focused on the types of targeted assets to decipher the attackers' motives. Additionally, we conducted a detailed analysis of hospitals' online presence, focusing on their security and performance features. By comparing government, non-profit, and private hospitals in the U.S., we examined their security practices, content, and domain attributes to highlight the differences and similarities in the digital profiles of these hospital types. Furthermore, we expand our scope to include a comparative sector-based study investigating data breaches across various critical sectors. This broader view provides a contextual understanding of the healthcare sector's unique vulnerabilities compared to other sectors. Overall, this dissertation contributes fundamental insights into healthcare data breaches and hospitals' digital presence and underscores the urgent need for enhanced understanding and implementation of robust security measures in this vitally important sector, striving for a balance between technological advancement and data security.
96

Exploring individual privacy concerns in mixed reality use situations : A qualitative study

Ahmed, Hiwa January 2024 (has links)
This Master’s thesis explores the nuanced dimensions of privacy concerns in mixed reality (MR) environments. As MR technologies increasingly integrate into daily life, understanding how individuals perceive and navigate privacy within these contexts becomes crucial. This qualitative study employs semi structured interviews to gather insights from users actively engaged with MR, aiming to identify key privacy issues and the impact of social interactions on privacy dynamics. The research reveals that privacy concerns in MR are influenced by a complex interplay of technology features, user interactions, and contextual settings. Participants ex pressed apprehensions about data security, unauthorized information access, and a lack of control over personal data shared within MR environments. The findings highlight the need for enhanced privacy safeguards and transparent data management practices to foster trust and security in MR applications. This study contributes to the growing discourse on privacy in immersive technologies by providing empirical evidence and proposing recommendations for designing privacy aware MR systems. It aims to inform developers and policy- makers in the development of robust privacy frameworks that align with user expectations and legal standards, thereby enhancing user engagement and trust in MR technology.
97

Investigating Security Measures in Common Data Environments: Insights from AEC Industry Case Studies

Abegaz, Kaleab January 2024 (has links)
Data exchange is a vital aspect of the construction industry, which means there is need for a consistent platform to manage documents that can be relied on. An important digital information management system in the Architectural, Engineering, and Construction (AEC) sector is Building Information Modeling (BIM). However, problems exist regarding secure and compatible systems for data sharing. The study explores why adaptable and tailored security measures are needed to suit project specifications. Through this examination of centralized versus decentralized Common Data Environments (CDEs), it emerges that open BIM systems are impractical when compared to closed ones. The findings highlight the crucial role that standardization and customization play towards efficient, safe and flexible BIM implementations. It also recommends further research for future studies as well as emphasizes transparency in implementing CDE-based security protocols.
98

Relax the Reliance on Honesty in Distributed Cryptographic Protocols

Tiantian Gong (19838595) 14 October 2024 (has links)
<p dir="ltr">Distributed cryptographic protocols typically assume a bounded number of malicious parties (who behave arbitrarily) in the system---and in turn, a lower bound on the number of <i>honest</i> parties (who follow and only follow a protocol faithfully/honestly without performing unspecified computations)---for their respective security guarantees to hold. However, when deploying these protocols in practice, the nature of computing parties does not necessarily align nicely with the protocols' assumptions. Specifically, there may be only a few honest/compliant parties, or none exists. Instead, non-malicious parties may be <i>semi-honest</i> (who follow the protocol specifications but are curious to learn as much information as possible from semi-honest parties' transcripts) or <i>rational</i> (who take actions that maximize their utilities instead of actions benefiting the protocol the most, e.g., performing extra computations or not following protocols). In such cases, the security guarantees of such protocols may deviate greatly in real life from what is theoretically promised, leaving a huge gap between theory and practice. </p><p dir="ltr">In this thesis, I bridge such a gap by enhancing the fault tolerance of various distributed cryptographic primitives by <i>relaxing the assumption on the existence of honest parties</i>.</p><p dir="ltr">First, in the context of <b>secure multi-party computations</b>, without honest parties, my goal is to induce honest (i.e., not compromising correctness) and non-curious (i.e., not harming privacy) behaviors from rational participants via game theoretic and cryptographic techniques. In particular, I first demonstrate how to ensure protocol correctness and deter collusion among parties to recover secrets---which also breaks privacy---in multiserver private information retrieval with a singleton access structure. Then for primitives with more general (non-singleton) access structures, I introduce a distinct treatment through the lens of verifiable secret sharing. The two solutions are designed with a public bulletin board, commitment schemes, digital signature schemes, zkSNARKs (zero-knowledge succinct non-interactive arguments of knowledge), and distinct incentive structures tailored for varying access structures underlying the schemes.</p><p dir="ltr">Second, in <b>permissionless blockchain systems</b>, for protocols without privacy guarantees like computation outsourcing and consensus, my goal is to incentivize rational parties to behave correctly. This means to act according to the protocol specifications or as implied by the security requirements of the primitive, e.g., fairly distribute rewards to participants based on contributions in proof-of-work (PoW) blockchains. Specifically, I present a defense against an undercutting attack in PoW blockchains from a game theory perspective and propose a decentralized computation outsourcing protocol built on permissionless blockchain systems based on multi-unit auctions.</p>
99

Improving the adoption of cloud computing by Small & Medium Scale Enterprise (SMEs in Nigeria

Young, Destiny Assian 08 1900 (has links)
In a traditional business environment, companies set up their organisation’s IT data infrastructure, install their applications and carry out the maintenance and management of their infrastructures. Whereas Cloud computing removes the need for companies to set up own data centers and run enterprise applications. Cloud computing technology provides businesses with the advantage of on-demand access, agility, scalability, flexibility and reduced cost of computing. An appreciable increase is being observed in the acceptance and migration to this new IT model in developing economies. In Nigeria, it has been observed that there is a somewhat unimpressive rate of adoption of Cloud computing by the microfinance operators. This research investigates the reason for the slow adoption of Cloud computing by SMEs in Nigeria with special consideration to the Microfinance subsector and to develop a model for improving the adoption of cloud computing by microfinance organisations. The research was conducted using a qualitative research design method. Interview was the main data collection instrument and data collected was analysed using thematic content analysis method. The analysis of the study revealed that SMEs in Nigeria, with particular reference to microfinance subsector in Akwa Ibom State are yet fully to embrace cloud technology. It was discovered that most of the SMEs studied, has some level of reservation about cloud computing arising from not having appropriate education and enlightenment about the cloud economic offerings and potentials. From the outcome of the research, the researcher identified that most people’s concerns are as a result of lack of knowledge about cloud computing and so the researcher concluded that appropriate enlightenment by industry stakeholders, cloud service providers, cloud enthusiasts and even the government on the risks and overwhelming economic incentives of cloud computing as well as the provision of a monitored free trial services will encourage the adoption of cloud computing by SMEs. / College of Engineering, Science and Technology / M.Tech. (Information Technology)
100

Vierter Deutscher IPv6 Gipfel 2011

January 2012 (has links)
Am 1. und 2. Dezember 2011 fand am Hasso-Plattner-Institut für Softwaresystemtechnik GmbH in Potsdam der 4. Deutsche IPv6 Gipfel 2011 statt, dessen Dokumentation der vorliegende technische Report dient. Wie mit den vorhergegangenen nationalen IPv6-Gipfeln verfolgte der Deutsche IPv6-Rat auch mit dem 4. Gipfel, der unter dem Motto „Online on the Road - Der neue Standard IPv6 als Treiber der mobilen Kommunikation” stand, das Ziel, Einblicke in aktuelle Entwicklungen rund um den Einsatz von IPv6 diesmal mit einem Fokus auf die automobile Vernetzung zu geben. Gleichzeitig wurde betont, den effizienten und flächendeckenden Umstieg auf IPv6 voranzutreiben, Erfahrungen mit dem Umstieg auf und dem Einsatz von IPv6 auszutauschen, Wirtschaft und öffentliche Verwaltung zu ermutigen und motivieren, IPv6-basierte Lösungen einzusetzen und das öffentliche Problembewusstsein für die Notwendigkeit des Umstiegs auf IPv6 zu erhöhen. Ehrengast war in diesem Jahr die EU-Kommissarin für die Digitale Agenda, Neelie Kroes deren Vortrag von weiteren Beiträgen hochrangiger Vertretern aus Politik, Wissenschaft und Wirtschaft ergänzt wurde. / This technical report is summarizing the talks and presentations of the 4th German IPv6 Summit 2011 at the Hasso Plattner Institute for Software System Engineering in Potsdam on December 1./2. 2011. The goal of this summit was to present current developments concerning the implementation of the new IPv6 technology from political and economic perspectives, as well as from a technological point of view. According to the motto 'Online on the Road - The New Technology Standard IPv6 as Driving Force for Mobile Communications" this year's focus was on automobile networking and communication. This year's guest of honor was EU commissioner for Digital Agenda Neelie Kroes. Besides her, the conference was complemented by talks and presentations of high-ranking representatives from industry, government, and research.

Page generated in 0.0497 seconds