Capturing and Analyzing Network Traffic from Common Mobile Devices for Security and Privacy

Overton, Billy

01 May 2014

Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the lab and procedures has been evaluated with the analysis of four common mobile devices. The data analyzed from the case studies indicates that, contrary to popular opinion, very little private information is transmitted in clear text by mobile devices without the user’s knowledge.

security

mobile

traffic analysis

traffic capture

Information Security

Systems Architecture

Security related self-protected networks: autonomous threat detection and response (ATDR)

Havenga, Wessel Johannes Jacobus

January 2021

Doctor Educationis / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human expert. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time. In this thesis, Autonomous Threat Detection and Response (ATDR) is a proposed general method aimed at contributing toward security related self-protected networks. Through a combination of unsupervised machine learning and Deep learning, ATDR is designed as an intelligent and autonomous decision-making system that uses big data processing requirements and data frame pattern identification layers to learn sequences of patterns and derive real-time data formations. This system enhances threat detection and response capabilities, accuracy and speed. Research provided a solid foundation for the proposed method around the scope of existing methods and the unanimous problem statements and findings by other authors.

(Distributed) denial of service attacks

Traffic capture and packet analysis

Queueing theory

Machine learning

Neural networking

Multi-vector attack detection