Global ETD Search

11	MITIGATION OF WEB-BASED PROGRAM SECURITY VULNERABILITY EXPLOITATIONS Shahriar, HOSSAIN 30 November 2011 (has links) Over the last few years, web-based attacks have caused significant harm to users. Many of these attacks occur through the exploitations of common security vulnerabilities in web-based programs. Given that, mitigation of these attacks is extremely crucial to reduce some of the harmful consequences. Web-based applications contain vulnerabilities that can be exploited by attackers at a client-side (browser) without the victim’s (browser user’s) knowledge. This thesis is intended to mitigate some exploitations due to the presence of security vulnerabilities in web applications while performing seemingly benign functionalities at the client-side. For example, visiting a webpage might result in JavaScript code execution (cross-site scripting), downloading a file might lead to the execution of JavaScript code (content sniffing), clicking on a hyperlink might result in sending unwanted legitimate requests to a trusted website (cross-site request forgery), and filling out a seemingly legitimate form may eventually lead to stealing of credential information (phishing). Existing web-based attack detection approaches suffer from several limitations such as (i) modification of both server and client-side environments, (ii) exchange of sensitive information between the server and client, and (iii) lack of detection of some attack types. This thesis addresses these limitations by mitigating four security vulnerabilities in web applications: cross-site scripting, content sniffing, cross-site request forgery, and phishing. We mitigate the exploitations of these vulnerabilities by developing automatic attack detection approaches at both server and client-sides. We develop server-side attack detection frameworks to detect attack symptoms within response pages before sending them to the client. The approaches are designed based on the assumption that the server-side program source is available for analysis, but we are not allowed to alter the program code and the runtime environments. Moreover, we develop client-side attack detection frameworks so that some level of protection is present when the source code of server websites (either trusted or untrusted) is not available. Our proposed solutions explore several techniques such as response page parsing and file content analysis, browser-level checking of requests and responses, and finite state machine-based behavior monitoring. The thesis evaluates the proposed attack detection approaches with real-world vulnerable programs. The evaluation results indicate that our approaches are effective and perform better than the related work. We also contribute to the development of benchmark suites for evaluating attack detection techniques. / Thesis (Ph.D, Computing) -- Queen's University, 2011-11-29 09:44:24.465 Security vulnerability Cross-site request forgery Phishing Content sniffing Parser-based analysis Browser-based checking Cross-site scripting Trustworthiness testing Web-based program
12	Importance des modifications de flairage dans l’acquisition d’une tâche de discrimination olfactive : approche comportementale et corrélats neuronaux / Significance of sniffing adjustments during the acquisition of an olfactory discrimination task : behavioral approach and neural correlates Lefevre, Laura 16 December 2016 (has links) Les modalités sensorielles ont un rôle essentiel dans la collecte des informations en provenance de l’environnement. En olfaction, l’échantillonnage actif des odeurs se fait via le flairage chez le rat (2-10 Hz). Chez l’animal qui se comporte, le flairage est un acte très dynamique, il varie en particulier en fréquence et en débit. Le flairage peut être modulé par des facteurs liés au stimulus, comme les propriétés physico-chimiques des odeurs ou leur concentration, ou par des facteurs plus « internes » comme l’attention, les émotions ou la motivation. Plusieurs auteurs ont également suggéré l’importance de la fréquence de flairage dans la performance. Dans une première partie de ma thèse, j’ai voulu caractériser l’impact d’un apprentissage olfactif sur la mise en place d’un pattern de flairage adapté à la discrimination. Pour cela, j’ai utilisé un système d’enregistrement de la respiration non invasif chez le rat (pléthysmographe) pendant que l’animal effectue une tâche de discrimination olfactive à double choix. Dans une seconde partie, j’ai cherché les corrélats neuronaux de l’acquisition de ce pattern de flairage en enregistrant simultanément l’activité respiratoire et les signaux neuronaux (potentiels de champ locaux) dans des aires olfactives, motrices et limbiques chez l’animal en comportement. J’ai cherché à caractériser les activités oscillatoires dans la bande bêta (15-30 Hz) et thêta (2-10 Hz). J’ai enfin discuté dans quelle mesure celles-ci pouvaient être reliées à l’apprentissage et/ou aux variations de l’activité respiratoire / Sensory modalities actively take part in collecting relevant information from the environment. In olfaction, active sampling amounts to sniffing in rodents (2-10 Hz). In behaving animals, sniffing is highly dynamic, notably in frequency and flow rate. Sniffing can be modulated by parameters related to the odorant stimulus, such as the physicochemical properties of the molecule or its concentration. It can also vary depending on “internal” parameters such as attention, emotions or motivation. Several studies highlighted the importance of the sniffing frequency in performance. First, I looked at the impact of olfactory learning on the acquisition of a specific sniffing pattern. For that purpose, I monitored sniffing activity in a non-invasive way, using a whole-body plethysmograph, on rats performing a two-alternative choice odor discrimination task. Second, I looked for neuronal correlates of the acquisition of such a sniffing pattern by simultaneously recording sniffing and neuronal activities (local field potentials) in olfactory, motor and limbic areas in behaving animals. I sought to characterize oscillatory activities in beta (15-30 Hz) and theta (2-10 Hz) ranges. I finally discussed to what extent they were related to learning and/or sniffing modulations Flairage Rat Apprentissage olfactif Discrimination Oscillations thêta et bêta Système olfactif Réseau dynamique Respiration Sniffing Rat Olfactory learning Discrimination Theta and beta oscillations Olfactory system Dynamical network Respiration 612.86
13	Analýza bezdrátové komunikace pomocí softwarově definovaného rádia / Wireless communication analysis using software defined radio Štrajt, Martin January 2020 (has links) The work deals with the use of software-defined radio as a probe for monitoring the operation of wireless communication according to the IEEE 802.11a/g standard. In the theoretical introduction, the concept of software-defined radio as a hardware device with software programmable circuits enabling the transmission or reception of signals in theoretically any frequency band is introduced. The introduction also contains adescription of selected devices and the IEEE 802.11 protocol with its most used additionsand modulations. In the first part of the practical part of the work, wireless communication is capturedusing a wireless network card in monitoring mode. The intercepted communication was decrypted and this decrypted traffic was compared with the data captured by the probe within the network. These results then served as acomparative basis for software-defined radio capturing. The focus of this work is to verify the capabilities of software-defined radio and its use for sniffing wireless communicationin the frequency band 2.4 GHz and 5 GHz. The attempt to use a software-defined radio here results from the scalability and adaptability that a wireless card cannot offer due to fixed hardware parameters. LimeSDR mini, LimeSDR and bladeRF 2.0 devices were used for capture. First, the configuration of the operating system, the installation of drivers and programs for control and work with selected devices are described. After verifying the functionality of the software-defined radio, a model of a signal decoder with the parameters of the IEEE 802.11g standard captured from the radio spectrum was put into operation. Finally, the data streams captured by the software-defined radio and the wireless network card were compared side by side. The results showed that the software-defined radio in the used configuration captures only a part of the total volume of transmitted frames.
14	Intrusion Detection systems : A comparison in configuration and implementation between OSSEC and Snort Stegeby, Peter January 2023 (has links) Hackare fortsätter att bli bättre på att få otillåten tillgång till våra datorer och kan undvika de mest grundläggande intrångsskyddade system och brandväggar på en standarddator. Då numren av intrång växer varje år och kostar företag miljoner av dollar, så verkar gapet mellan attackerare och försvarare att bli större. Frågan som då kan uppstå är, hur kan vi skydda oss själva? Kunskapen som blivit insamlad i detta arbete pekar tydligt på att det finns saker vi kan göra vilket svarar på frågan, hur kan vi upptäcka intrång? Studien visar att mer avancerade Intrusion Detection System (IDS) kan bli implementerad på hemdatorer (och i företag). Det finns många alternativ att välja mellan, men de valda IDSer – OSSEC och Snort – kan upptäcka säkerhetsbrister på enskilda host-maskiner (eller på nätverket) i realtid tack vare avancerad loggningshanterings och övervakning. Svårighetsgraden av att använda och implementera dessa IDSer var utmanande men tillfredställande och konfigurationen var flexibel vilket tillåter IDSerna att bli installerade på en ensam host-dator eller i ett nätverk. Om ett enkelt-att-följa grafiskt översikt av felmeddelanden är vad man önskar så har OSSEC IDS, tillsammans med att skicka e-mail över felmeddelandet, den funktionaliteten. Snort, på andra sidan, har en enkel konfiguration och flexibilitet i att skriva regler. Det borde framgå tydligt att implementera en IDS på ert system inte gör det ogenomträngligt, inte heller löser det alla säkerhetsrelaterade problem, men det som kommer att hända är att vi får en bättre förståelse av de hot som uppstår i våra system. / Hackers keeps getting better at gaining unauthorized access to our computers and can avoid some of the most basic intrusion detection systems and firewalls on a standard computer. The gap between attackers and defenders seem to grow as intrusions increase in numbers every year, costing companies millions of dollars, so the question is posed, how can we protect ourselves? The research done in this work clearly points to that there are things that can be done which answers the question, how can we detect intrusions? The study has shown that a more advanced intrusion detection system (IDS) can be implemented on home computers (and in businesses). There are many options to choose from but the chosen IDSs – OSSEC and Snort – can detect security issues on the host computer (or on the network) in real-time by advanced logging management and monitoring. The implementation and usage difficulties of these IDSs are challenging but satisfying and the configurations are flexible allowing the IDSs to be installed on a single host or in a larger network. If an easy-to-follow graphical overview of the alerts on your system is what you are looking for then that, and sending e-mails of the alert, is found in the OSSEC IDS. Snort, on the other hand, has easy configurations and flexible rule-writing and the options of sniffing packets on the network. It should be clear that implementing an IDS on your system does not make it impenetrable nor solve all the security issues but what it will do is to give you a better understanding of the threats on your system. Intrusion detection HIDS NIDS Signature-based Linux Windows Sniffing packets Upptäcka intrång HIDS NIDS Signatur-baserad Linux Windows Paketsniffing. Software Engineering Programvaruteknik
15	Analysis of radio surveillance in search of missing persons - An empirical study of Bluetooth Low Energy and Wi-Fi characteristics Fredriksson, Mikael January 2022 (has links) Development of technical and methodological support has been identified as a key area for future research and development within the search and rescue (SAR) of missing persons in Sweden. Previous studies have demonstrated the feasibility of using Wi-Fi signals to locate a missing person, and also developed hardware and software for SAR systems based around Unmanned Aerial Vehicles (UAV). This thesis empirically studies the actual transmission behaviour of three non-connected smartphones over Wi-Fi and Bluetooth Low Energy (BLE), under the assumption that a missing person could be carrying a smartphone with them. Furthermore, the thesis studies the range of relatively low-cost off-the-shelf Wi-Fi and BLE devices in a best-case scenario with free line-of-sight and a slightly elevated transmitter. Finally, the thesis studies how antennas and other factors impact range. The results show that all of the tested smartphones transmit so called Wi-Fi probe packets when Wi-Fi is enabled. Though, these probes are, in most cases, transmitted during short events separated by intervals of 5 to 9 minutes, depending on the smartphone. Furthermore, in most cases only a few packets are transmitted in each event. The interval lengths and scarce packets imply significant limitations to the usability of Wi-Fi in SAR. BLE broadcast transmissions, on the other hand, require that some kind of advertising service is enabled, but are transmitted at least every 10.5 seconds, due to the strict regulation in the Bluetooth standard. This was also demonstrated with the studied iPhone that continuously transmitted BLE packets every two seconds. Roughly 60 % of the smartphones in use in Sweden today are Apple devices, thus a significant portion of all the smartphones in use are likely to be detectable via BLE within brief time intervals. In the tested best-case scenario with free line-of-sight and a slightly elevated transmitter, at least 80 % of the transmitted Wi-Fi probes are detected up to 500-600 meters with a maximum range, with sparsely detected packets, of up to about 700 meters. Correspondingly, at least 80 % of the BLE advertisements are detected up to 60-110 meters with occasional packets detected up to a maximum range of approximately 210 meters. However, the ranges for both Wi-Fi and BLE are highly dependent on the receiving device. In addition to the receiver device and standard, it is found that the transmission power and antenna directivity of the transmitter have a potentially substantial impact on the range with a possible combined difference in directed transmitted power of up to 49 dB. This corresponds to the difference between a strong signal and no detected signal at all. In summary, there are clear differences between the properties of BLE and Wi-Fi, both in terms of range and how different devices transmit broadcast packets (transmission behaviour), resulting in both having advantages and disadvantages in SAR applications. There are also a number of factors on the transmitter and receiver devices that could have considerable impact on the possibility of detecting a device. Concludingly, both BLE and Wi-Fi could fill a role in SAR of missing persons, but both also have major drawbacks that are severely limiting their possible use. / <p>Examensarbetet är utfört vid Institutionen för teknik och naturvetenskap (ITN) vid Tekniska fakulteten, Linköpings universitet</p> Search and rescue Wi-Fi Bluetooth Low Energy Wi-Fi probes Bluetooth Low Energy advertisements wireless sniffing smartphones antenna directivity Övrig annan teknik
16	Functional and Security Testing of a Mobile Client-Server Application / Funktionell och säkerhetstestning av en mobilapplikation bestående av en klient- och serversida Holmberg, Daniel, Nyberg, Victor January 2018 (has links) Today’s massive usage of smartphones has put a high demand on all application developers in the matter of security. For us to be able to keep using all existing and new applications, a process that removes significant security vulnerabilities is essential. To remove these vulnerabilities, the applications have to be tested. In this thesis, we identify six methods for functional and security testing of client-server applications running Android and Python Flask. Regarding functional testing, we implement Espresso testing and RESTful API testing. In regards to the security testing of the system, we do not only implement fuzz testing, sniffing, reverse engineering and SQL injection testing on a system developed by a student group in a parallel project, but also discover a significant security vulnerability that directly affects the integrity and reliability of this system. Out of the six identified testing techniques, reverse engineering exposed the vulnerability. In conjunction with this, we verified that the system’s functionality works as it is supposed to. Security Android Mobile application Python Flask Server Software testing Functional testing Reverse engineering Fuzz testing Monkey testing RESTful API testing Sniffing SQL injection Confidentiality Integrity Availability Reliability Espresso Postman Wireshark dex2jar Apktool JD-GUI Computer and Information Sciences Data- och informationsvetenskap
17	Students’ Perception of Cyber Threat Severity : Investigating Alignment with Actual Risk Levels Erfani Torbaghani, Ramtin January 2023 (has links) This study aims to investigate the alignment between students’ perception of cyber threats and their actual risk levels. A mixed-method approach was used, where data was collected from Swedish university students through questionnaires, capturing their perception, familiarity, experience, and protective behaviors. Information regarding the actual risk levels of cyber attacks was obtained from interviews with cyber security professionals and other expert sources, such as cyber security reports. The results showed that students perceive malware, ransomware, phishing, and insecure passwords as the most dangerous threats to society, while denial of service (DoS) attacks and packet sniffing were considered less severe. These findings align somewhat with the suggested threat levels. However, notable proportions of students perceived these threats as moderately dangerous or less severe, suggesting room for improvement in their understanding. The results also showed that protective behaviors among students are generally low, particularly in regards to IoT security. Future work should therefore explore the public’s perception, protective behavior and knowledge of IoT security, but also attacks that are common against such devices. / Denna studie jämför universitetsstudenters uppfattning om hur farliga olika cyberhot är med de faktiska risknivåerna för dessa hot. Data på studenternas uppfattning, bekantskap, erfarenhet och beteenden samlades in genom frågeformulär, medans information om cyberhotens faktiska risknivåer inhämtades från intervjuer med cybersäkerhetsproffs och andra experskällor som cybersäkerhetsrapporter och artiklar. Resultaten visade att studenterna uppfattar malware, ransomware, phishing och osäkra lösenord som de farligaste hoten mot samhället, medan denial of service (DoS)-attacker och packet sniffing ansågs vara mindre allvarliga. Dessa fynd överensstämde något med de föreslagna risknivåerna. Dock ansåg en anmärkningsvärd andel av studenterna dessa hot som måttligt farliga eller mindre allvarliga, vilket tyder på utrymme för förbättringar i deras förståelse. Resultaten visade också att skyddande beteenden bland studenter generellt är låga, särskilt när det gäller IoT-säkerhet. Framtida studier bör därför utforska allmänhetens uppfattning, skyddsbeteende och kunskap om IoT-säkerhet, men även attacker som är vanliga mot sådana enheter. Cyber Security Cyber Threat Perception Cyber Attack Ransomware Malware Phishing Packet Sniffing Denial of Service Insecure Passwords IoT Vulnerability Scanning Brute Force Attacks Awareness Behaviour Familiarity University Students Computer and Information Sciences Data- och informationsvetenskap
18	Odposlech moderních šifrovaných protokolů / Interception of Modern Encrypted Protocols Marček, Ján January 2012 (has links) This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.

Search results