Spelling suggestions: "subject:"intrusion"" "subject:"intrusions""
1 |
Embedded monitors for detecting and preventing intrusions in cryptographic and application protocols.Joglekar, Sachin P. 12 1900 (has links)
There are two main approaches for intrusion detection: signature-based and anomaly-based. Signature-based detection employs pattern matching to match attack signatures with observed data making it ideal for detecting known attacks. However, it cannot detect unknown attacks for which there is no signature available. Anomaly-based detection builds a profile of normal system behavior to detect known and unknown attacks as behavioral deviations. However, it has a drawback of a high false alarm rate. In this thesis, we describe our anomaly-based IDS designed for detecting intrusions in cryptographic and application-level protocols. Our system has several unique characteristics, such as the ability to monitor cryptographic protocols and application-level protocols embedded in encrypted sessions, a very lightweight monitoring process, and the ability to react to protocol misuse by modifying protocol response directly.
|
2 |
Power Fingerprinting for Integrity Assessment of Embedded SystemsAguayo Gonzalez, Carlos R. 20 January 2012 (has links)
This dissertation introduces Power Fingerprinting (PFP), a novel technique for assessing the execution integrity of embedded devices. A PFP monitor is an external device that captures the dynamic power consumption of a processor using fine-grained measurements at the clock-cycle level and applies anomaly detection techniques to determine whether the integrity of the system has been compromised. PFP uses a set of trusted signatures from the target code that are extracted during a pre-characterization process. PFP provides significant visibility into the internal execution status, making it extremely robust against evasion. Because of its independence and physical separation, PFP prevents attacks on the monitor itself and introduces minimal overhead on platforms with resource constraints. Due to its anomaly detection operation, PFP is effective against unknown (zero-day) attacks.
This dissertation demonstrates the feasibility of PFP on different platforms with different configurations and architectural complexities. Experimental results demonstrate the feasibility of PFP in a basic deterministic embedded platform for radio applications in two different areas: security and regulatory certification. For more complex, non-deterministic platforms, this works presents feasibility results for monitoring the execution integrity of complex software on a high-performance Android platform, including the ability to detect a real privilege escalation attack. In addition, the dissertation develops several general techniques to implement and integrate PFP into embedded platforms such as a general monitoring architecture, a methodology to characterize software modules and extract signatures, and an approach to perform board characterization and improve monitoring sensitivity. / Ph. D.
|
3 |
Hydrogeophysical Characterization of Anisotropy in the Biscayne Aquifer Using Geophysical MethodsYeboah-Forson, Albert 13 June 2013 (has links)
The anisotropy of the Biscayne Aquifer which serves as the source of potable water for Miami-Dade County was investigated by applying geophysical methods. Electrical resistivity imaging, self potential and ground penetration radar techniques were employed in both regional and site specific studies. In the regional study, electrical anisotropy and resistivity variation with depth were investigated with azimuthal square array measurements at 13 sites. The observed coefficient of electrical anisotropy ranged from 1.01 to 1.36. The general direction of measured anisotropy is uniform for most sites and trends W-E or SE-NW irrespective of depth. Measured electrical properties were used to estimate anisotropic component of the secondary porosity and hydraulic anisotropy which ranged from 1 to 11% and 1.18 to 2.83 respectively. 1-D sounding analysis was used to models the variation of formation resistivity with depth. Resistivities decreased from NW (close to the margins of the everglades) to SE on the shores of Biscayne Bay. Porosity calculated from Archie's law, ranged from 18 to 61% with higher values found along the ridge. Higher anisotropy, porosities and hydraulic conductivities were on the Atlantic Coastal Ridge and lower values at low lying areas west of the ridge. The cause of higher anisotropy and porosity is attributed to higher dissolution rates of the oolitic facies of the Miami Formation composing the ridge. The direction of minimum resistivity from this study is similar to the predevelopment groundwater flow direction indicated in published modeling studies. Detailed investigations were carried out to evaluate higher anisotropy at West Perrine Park located on the ridge and Snapper Creek Municipal well field where the anisotropy trend changes with depth. The higher anisotropy is attributed to the presence of solution cavities oriented in the E-SE direction on the ridge. Similarly, the change in hydraulic anisotropy at the well field might be related to solution cavities, the surface canal and groundwater extraction wells.
|
Page generated in 0.1048 seconds