Physical Sciences and Mathematics Commons^™

Product Authentication Using Hash Chains And Printed Qr Codes, Harshith R. Keni

Electronic Theses and Dissertations

This thesis explores the usage of simple printed tags for authenticating products. Printed tags are a cheap alternative to RFID and other tag based systems and do not require specialized equipment. Due to the simplistic nature of such printed codes, many security issues like tag impersonation, server impersonation, reader impersonation, replay attacks and denial of service present in RFID based solutions need to be handled differently. An algorithm that utilizes hash chains to secure such simple tags while still keeping cost low is discussed. The security characteristics of this scheme as well as other product authentication schemes that use RFID …

Optical Fiber Sensors In Physical Intrusion Detection Systems: A Review, Gary Andrew Allwood, Graham Wild, Steven Hinkley

Research outputs 2014 to 2021

Fiber optic sensors have become a mainstream sensing technology within a large array of applications due to their inherent benefits. They are now used significantly in structural health monitoring, and are an essential solution for monitoring harsh environments. Since their first development over 30 years ago, they have also found promise in security applications. This paper reviews all of the optical fiber-based techniques used in physical intrusion detection systems. It details the different approaches used for sensing, interrogation, and networking, by research groups, attempting to secure both commercial and residential premises from physical security breaches. The advantages and the disadvantages …

Empirical Analysis Of Socio-Cognitive Factors Affecting Security Behaviors And Practices Of Smartphone Users, Joseph P. Simpson

CCE Theses and Dissertations

The overall security posture of information systems (IS) depends on the behaviors of the IS users. Several studies have shown that users are the greatest vulnerability to IS security. The proliferation of smartphones is introducing an entirely new set of risks, threats, and vulnerabilities. Smartphone devices amplify this data exposure problem by enabling instantaneous transmission and storage of personally identifiable information (PII) by smartphone users, which is becoming a major security risk. Moreover, companies are also capitalizing on the availability and powerful computing capabilities of these smartphone devices and developing a bring-your-own-device (BYOD) program, which makes companies susceptible to divulgence …

Understanding The Impact Of Hacker Innovation Upon Is Security Countermeasures, Sean M. Zadig

CCE Theses and Dissertations

Hackers external to the organization continue to wreak havoc upon the information systems infrastructure of firms through breaches of security defenses, despite constant development of and continual investment in new IS security countermeasures by security professionals and vendors. These breaches are exceedingly costly and damaging to the affected organizations. The continued success of hackers in the face of massive amounts of security investments suggests that the defenders are losing and that the hackers can innovate at a much faster pace.

Underground hacker communities have been shown to be an environment where attackers can learn new techniques and share tools pertaining …

Behavior-Based Detection Of Application Layer Distributed Denial Of Service Attacks During Flash Events, Renukadevi Saravanan, Saraswathi Shanmuganathan, Yogesh Palanichamy

Turkish Journal of Electrical Engineering and Computer Sciences

Distributed denial of service (DDoS) attacks are ever threatening to the developers and users of the Internet. DDoS attacks targeted at the application layer are especially difficult to be detected since they mimic the legitimate users' requests. The situation becomes more serious when they occur during flash events. A more sophisticated algorithm is required to detect such attacks during a flash crowd. A few existing works make use of flow similarity for differentiating flash crowds and DDoS, but flow characteristics alone cannot be used for effective detection. In this paper, we propose a novel mechanism for discriminating DDoS and flash …

An Extended Study On Addressing Defender Teamwork While Accounting For Uncertainty In Attacker Defender Games Using Iterative Dec-Mdps, Eric Shieh, Albert Xin Jiang, Amulya Yadav, Pradeep Varakantham, Milind Tambe

Research Collection School Of Computing and Information Systems

Multi-agent teamwork and defender-attacker security games are two areas that are currently receiving significant attention within multi-agent systems research. Unfortunately, despite the need for effective teamwork among multiple defenders, little has been done to harness the teamwork research in security games. The problem that this paper seeks to solve is the coordination of decentralized defender agents in the presence of uncertainty while securing targets against an observing adversary. To address this problem, we offer the following novel contributions in this paper: (i) New model of security games with defender teams that coordinate under uncertainty; (ii) New algorithm based on column …

An Empirical Assessment Of Employee Cyberslacking In The Public Sector, Wilnelia Hernández

CCE Theses and Dissertations

With the increasing use of the Internet, new challenges are presented to employees in the workplace. Employees spend time during work hours on non-work related activities including visiting e-commerce Websites, managing personal email accounts, and engaging in e-banking. These types of actions in the workplace are known as cyberslacking. Cyberslacking affects the employees’ productivity, presents legal concerns, and undermines the security of the organization’s network. This research study addressed the problem of cyberslacking in the public sector, by assessing the ethical severity of cyberslacking activities, as well as how employees perceived that the frequency of such activities occurred by their …

Applying Deep Learning Techniques To The Analysis Of Android Apks, Robin Andrew Nix

LSU Master's Theses

Malware targeting mobile devices is a pervasive problem in modern life and as such tools to detect and classify malware are of great value. This paper seeks to demonstrate the effectiveness of Deep Learning Techniques, specifically Convolutional Neural Networks, in detecting and classifying malware targeting the Android operating system. Unlike many current detection techniques, which require the use of relatively rigid features to aid in detection, deep neural networks are capable of automatically learning flexible features which may be more resilient to obfuscation. We present a parsing for extracting sequences of API calls which can be used to describe a …

Technetium: Productivity Tracking For Version Control Systems, David Leonard

Dissertations and Theses

In recent years, the City College of New York has seen its Computer Science program grow immensely, to the point of overcrowding. This has negative implications for both students and professors, particularly in introductory computer science courses in which constant feedback, iteration and collaboration with others is key to success. In this paper we propose various models for collaboration among students in all course levels using distributed version control systems and implement a secure and efficient tool for visualizing collaborative efforts by observing past work [5]. Lastly, we lay the foundation for future work around additional collaborative metrics, features and …

The Corporate Security Stratum Of Work: Identifying Levels Of Work In The Domain, Codee Roy Ludbey

Theses : Honours

Corporate security is a practicing domain and developing academic discipline that provides for the protection of people, information and assets, as well as the self-protection of organisations. Fayol (1949) articulated such an activity within organisations to be a core business function of significant importance; embedding security operations within all aspects of organisational work. This embedded nature of security within organisations has led to difficulty in the literature delineating roles and responsibilities of security practitioners; consequently leading to a nebulous understanding of security as a whole. Therefore, an investigation of the corporate security stratum of work has been undertaken to address …

Data Verifications For Online Social Networks, Mahmudur Rahman

FIU Electronic Theses and Dissertations

Social networks are popular platforms that simplify user interaction and encourage collaboration. They collect large amounts of media from their users, often reported from mobile devices. The value and impact of social media makes it however an attractive attack target. In this thesis, we focus on the following social media vulnerabilities. First, review centered social networks such as Yelp and Google Play have been shown to be the targets of significant search rank and malware proliferation attacks. Detecting fraudulent behaviors is thus paramount to prevent not only public opinion bias, but also to curb the distribution of malware. Second, the …

A Comparative Study Of Formal Verification Techniques For Authentication Protocols, Hernan Miguel Palombo

USF Tampa Graduate Theses and Dissertations

Protocol verification is an exciting area of network security that intersects engineering and formal methods. This thesis presents a comparison of formal verification tools for security protocols for their respective strengths and weaknesses supported by the results from several case studies. The formal verification tools considered are based on explicit model checking (SPIN), symbolic analysis (Proverif) and theorem proving (Coq). We formalize and provide models of several well-known authentication and key-establishment protocols in each of the specification languages, and use the tools to find attacks that show protocols insecurity. We contrast the modelling process on each of the tools by …

Developing A Compiler For A Regular Expression Based Policy Specification Language, Cory Michael Juhlin

USF Tampa Graduate Theses and Dissertations

Security policy specification languages are a response to today's complex and vulnerable software climate. These languages allow an individual or organization to restrict and modify the behavior of third-party applications such that they adhere to the rules specified in the policy. As software grows in complexity, so do the security policies that govern them. Existing policy specification languages have not adapted to the growing complexity of the software they govern and as a result do not scale well, often resulting in code that is overly complex or unreadable. Writing small, isolated policies as separate modules and combining them is known …

Blindcanseeql: Improved Blind Sql Injection For Db Schema Discovery Using A Predictive Dictionary From Web Scraped Word Based Lists, Ryan Wheeler

USF Tampa Graduate Theses and Dissertations

SQL Injections are still a prominent threat on the web. Using a custom built tool, BlindCanSeeQL (BCSQL), we will explore how to automate Blind SQL attacks to discover database schema using fewer requests than the standard methods, thus helping avoid detection from overloading a server with hits. This tool uses a web crawler to discover keywords that assist with autocompleting schema object names, along with improvements in ASCII bisection to lower the number of requests sent to the server. Along with this tool, we will discuss ways to prevent and protect against such attacks.

Implementing And Testing A Novel Chaotic Cryptosystem, Samuel Jackson, Scott Kerlin, Jeremy Straub

Jeremy Straub

Cryptography in the domain of small satellites is a relatively new area of research. Compared to typical desktop computers, small satellites have limited bandwidth, processing power, and battery power. Many of the current encryption schemes were developed for desktop computers and servers, and as such may be unsuitable for small satellites. In addition, most cryptographic research in the domain of small satellites focuses on hardware solutions, which can be problematic given the limited space requirements of small satellites.

This paper investigates potential software solutions that could be used to encrypt and decrypt data on small satellites and other devices with …

On Robust Image Spam Filtering Via Comprehensive Visual Modeling, Jialie Shen, Deng, Robert H., Zhiyong Cheng, Liqiang Nie, Shuicheng Yan

Research Collection School Of Computing and Information Systems

The Internet has brought about fundamental changes in the way peoples generate and exchange media information. Over the last decade, unsolicited message images (image spams) have become one of the most serious problems for Internet service providers (ISPs), business firms and general end users. In this paper, we report a novel system called RoBoTs (Robust BoosTrap based spam detector) to support accurate and robust image spam filtering. The system is developed based on multiple visual properties extracted from different levels of granularity, aiming to capture more discriminative contents for effective spam image identification. In addition, a resampling based learning framework …

Authentication Via Multiple Associated Devices, Jean-Baptiste Subils

USF Tampa Graduate Theses and Dissertations

This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device.

In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated …

Modeling Security And Resource Allocation For Mobile Multi-Hop Wireless Neworks Using Game Theory, Laurent L. Y. Njilla

FIU Electronic Theses and Dissertations

This dissertation presents novel approaches to modeling and analyzing security and resource allocation in mobile ad hoc networks (MANETs). The research involves the design, implementation and simulation of different models resulting in resource sharing and security’s strengthening of the network among mobile devices. Because of the mobility, the network topology may change quickly and unpredictably over time. Moreover, data-information sent from a source to a designated destination node, which is not nearby, has to route its information with the need of intermediary mobile nodes. However, not all intermediary nodes in the network are willing to participate in data-packet transfer of …

From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang

Research Collection School Of Computing and Information Systems

Security is a critical concern around the world. In many domains from cybersecurity to sustainability, limited security resources prevent complete security coverage at all times. Instead, these limited resources must be scheduled (or allocated or deployed), while simultaneously taking into account the importance of different targets, the responses of the adversaries to the security posture, and the potential uncertainties in adversary payoffs and observations, etc. Computational game theory can help generate such security schedules. Indeed, casting the problem as a Stackelberg game, we have developed new algorithms that are now deployed over multiple years in multiple applications for scheduling of …

Secure And Authenticated Data Communication In Wireless Sensor Networks, Omar Alfandi, Arne Bochem, Ansgar Kellner, Christian Göge, Dieter Hogrefe

All Works

© 2015 by the authors; licensee MDPI, Basel, Switzerland. Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory …

Intrusion Detection System Of Industrial Control Networks Using Network Telemetry, Stanislav Ponomarev

Doctoral Dissertations

Industrial Control Systems (ICSs) are designed, implemented, and deployed in most major spheres of production, business, and entertainment. ICSs are commonly split into two subsystems - Programmable Logic Controllers (PLCs) and Supervisory Control And Data Acquisition (SCADA) systems - to achieve high safety, allow engineers to observe states of an ICS, and perform various configuration updates. Before wide adoption of the Internet, ICSs used "air-gap" security measures, where the ICS network was isolated from other networks, including the Internet, by a physical disconnect [1]. This level of security allowed ICS protocol designers to concentrate on the availability and safety of …

Slides: Ag Water Sharing: Legal Challenges And Considerations, Peter D. Nichols

Innovations in Managing Western Water: New Approaches for Balancing Environmental, Social and Economic Outcomes (Martz Summer Conference, June 11-12)

Presenter: Peter D. Nichols, Esq., Partner, Berg, Hill, Greenleaf and Ruscitti, Boulder, CO

25 slides

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if …

Mobile Device Use: Increasing Privacy And Security Awareness For Nurse Practitioners, Lauren Storbrauck

Economic Crime Forensics Capstones

Nurse practitioners are increasingly using mobile devices to access electronic medical records, as the use of the devices increases so does the risk of a potential breach. This is a direct result of technological advances such as larger storage capacities, faster computing speeds, and better portability/connectivity (Torrieri, 2011). These devices include: mobile phones, tablets, and laptops. The use of these devices has greatly facilitated the work of Nurse Practitioners, by allowing them to have instant access to patient records, health history and recommended treatment plans (Ventola, 2014). However, seventy-three percent of all mobile users stated that they are not always …

Investigating Roles Of Information Security Strategy, Roger V. Seeholzer

CCE Theses and Dissertations

A fundamental understanding of the complexities comprising an information security strategy (ISS) in an organization is lacking. Most ISS implementations in government organizations equate anti-virus or installing a firewall to that of an ISS. While use of hardware and software forms a good defense; neither comprises the essence of an ISS. The ISS best integrates with business and information system strategies from the start, forming and shaping the direction of overall strategy synergistically within large government organizations. The researcher used grounded theory and investigated what a large government organization’s choices were with the differing roles an information security professional (ISP) …

Handling Human Hacking: Creating A Comprehensive Defensive Strategy Against Modern Social Engineering, Charles Snyder

Senior Honors Theses

Social engineering is one of the most devastating threats to any company or business. Rather than relying upon technical flaws in order to break into computer networks, social engineers utilize a suave personality in order to deceive individuals through clever conversation. These devious conversations frequently provide the attacker with sufficient information to compromise the company’s computer network. Unlike common technical attacks, social engineering attacks cannot be prevented by security tools and software. Instead of attacking a network directly, a social engineer exploits human psychology in order to coerce the victim to inadvertently divulge sensitive information. Further complicating the issue, the …

Usable Security Using Goms: A Study To Evaluate And Compare The Usability Of User Accounts On E-Government Websites, Amran Din

CCE Theses and Dissertations

The term e-Government refers to providing citizens a series of services that can be conveniently conducted over the Internet. However, the potential to redefine and transform e-Government increasingly relies on citizens successfully establishing and managing a user account profile online. E-Government has not adequately addressed user-centric designs for social inclusion of all citizens on e-Government websites. There is a lack of research on the usability of user account management, and a clear lack of innovation in incorporating user-friendly authentication interfaces to accommodate a diverse user population given the wealth of existing research in web authentication techniques within Identity Management. The …

Constructing Secure Mapreduce Framework In Cloud-Based Environment, Yongzhi Wang

FIU Electronic Theses and Dissertations

MapReduce, a parallel computing paradigm, has been gaining popularity in recent years as cloud vendors offer MapReduce computation services on their public clouds. However, companies are still reluctant to move their computations to the public cloud due to the following reason: In the current business model, the entire MapReduce cluster is deployed on the public cloud. If the public cloud is not properly protected, the integrity and the confidentiality of MapReduce applications can be compromised by attacks inside or outside of the public cloud. From the result integrity’s perspective, if any computation nodes on the public cloud are compromised,thosenodes can …

Trust Based Privacy Policy Enforcement In Cloud Computing, Karthick Ramachandran

Electronic Thesis and Dissertation Repository

Cloud computing offers opportunities for organizations to reduce IT costs by using the computation and storage of a remote provider. Despite the benefits offered by cloud computing paradigm, organizations are still wary of delegating their computation and storage to a cloud service provider due to trust concerns. The trust issues with the cloud can be addressed by a combination of regulatory frameworks and supporting technologies. Privacy Enhancing Technologies (PET) and remote attestation provide the technologies for addressing the trust concerns. PET provides proactive measures through cryptography and selective dissemination of data to the client. Remote attestation mechanisms provides reactive measures …

Role-Based Access Control Administration Of Security Policies And Policy Conflict Resolution In Distributed Systems, Stephen Sakawa Kibwage

CCE Theses and Dissertations

Security models using access control policies have over the years improved from Role-based access control (RBAC) to newer models which have added some features like support for distributed systems and solving problems in older security policy models such as identifying policy conflicts. Access control policies based on hierarchical roles provide more flexibility in controlling system resources for users. The policies allow for granularity when extended to have both allow and deny permissions as well as weighted priority attribute for the rules in the policies. Such flexibility allows administrators to succinctly specify access for their system resources but also prone to …