Open Access. Powered by Scholars. Published by Universities.®

Digital Commons Network

Open Access. Powered by Scholars. Published by Universities.®

Computer Sciences

Air Force Institute of Technology

Theses/Dissertations

2008

Articles 1 - 30 of 44

Full-Text Articles in Entire DC Network

Cyber Power In The 21st Century, Joseph M. Elbaum Dec 2008

Cyber Power In The 21st Century, Joseph M. Elbaum

Theses and Dissertations

Historically, the United States Congress has acknowledged that a separate branch of military service is required to exert supremacy over each of the recognized Domains of Operation. Throughout the evolution of modern warfare, leading minds in military theory have come to the conclusion that due to fundamental differences inherent in the theory and tactics that must be employed in order to successfully wage war within a domain’s associated environment, a specialized force was needed - until now. With the recent inclusion of Cyberspace as an operational domain by the Department of Defense, the case should be made that it, too, …

Go to article

Sub-Circuit Selection And Replacement Algorithms Modeled As Term Rewriting Systems, Eric D. Simonaire Dec 2008

Sub-Circuit Selection And Replacement Algorithms Modeled As Term Rewriting Systems, Eric D. Simonaire

Theses and Dissertations

Intent protection is a model of software obfuscation which, among other criteria, prevents an adversary from understanding the program’s function for use with contextual information. Relating this framework for obfuscation to malware detection, if a malware detector can perfectly normalize a program P and any obfuscation (variant) of the program O(P), the program is not intent protected. The problem of intent protection on programs can also be modeled as intent protection on combinational logic circuits. If a malware detector can perfectly normalize a circuit C and any obfuscation (variant) O(C) of the circuit, the circuit is not intent protected. In …

Go to article

Secureqemu: Emulation-Based Software Protection Providing Encrypted Code Execution And Page Granularity Code Signing, William B. Kimball Dec 2008

Secureqemu: Emulation-Based Software Protection Providing Encrypted Code Execution And Page Granularity Code Signing, William B. Kimball

Theses and Dissertations

This research presents an original emulation-based software protection scheme providing protection from reverse code engineering (RCE) and software exploitation using encrypted code execution and page-granularity code signing, respectively. Protection mechanisms execute in trusted emulators while remaining out-of-band of untrusted systems being emulated. This protection scheme is called SecureQEMU and is based on a modified version of Quick Emulator (QEMU) [5]. RCE is a process that uncovers the internal workings of a program. It is used during vulnerability and intellectual property (IP) discovery. To protect from RCE program code may have anti-disassembly, anti-debugging, and obfuscation techniques incorporated. These techniques slow the …

Go to article

Application Of Optimization Techniques To Spectrally Modulated, Spectrally Encoded Waveform Design, Todd W. Beard Sep 2008

Application Of Optimization Techniques To Spectrally Modulated, Spectrally Encoded Waveform Design, Todd W. Beard

Theses and Dissertations

A design process is demonstrated for a coexistent scenario containing Spectrally Modulated, Spectrally Encoded (SMSE) and Direct Sequence Spread Spectrum (DSSS) signals. Coexistent SMSE-DSSS designs are addressed under both perfect and imperfect DSSS code tracking conditions using a non-coherent delay-lock loop (DLL). Under both conditions, the number of SMSE subcarriers and subcarrier spacing are the optimization variables of interest. For perfect DLL code tracking conditions, the GA and RSM optimization processes are considered independently with the objective function being end-to-end DSSS bit error rate. A hybrid GA-RSM optimization process is used under more realistic imperfect DLL code tracking conditions. In …

Go to article

Multi-Class Classification For Identifying Jpeg Steganography Embedding Methods, Benjamin M. Rodriguez Ii Aug 2008

Multi-Class Classification For Identifying Jpeg Steganography Embedding Methods, Benjamin M. Rodriguez Ii

Theses and Dissertations

Over 725 steganography tools are available over the Internet, each providing a method for covert transmission of secret messages. This research presents four steganalysis advancements that result in an algorithm that identifies the steganalysis tool used to embed a secret message in a JPEG image file. The algorithm includes feature generation, feature preprocessing, multi-class classification and classifier fusion. The first contribution is a new feature generation method which is based on the decomposition of discrete cosine transform (DCT) coefficients used in the JPEG image encoder. The generated features are better suited to identifying discrepancies in each area of the decomposed …

Go to article

Hardware, Software And Data Analysis Techniques For Sram-Based Field Programmable Gate Array Circuits, Eugene B. Hockenberry Jun 2008

Hardware, Software And Data Analysis Techniques For Sram-Based Field Programmable Gate Array Circuits, Eugene B. Hockenberry

Theses and Dissertations

This work presents a built, tested, and demonstrated test structure that is low-cost, flexible, and re-usable for robust radiation experimentation, primarily to investigate memory, in this case SRAMs and SRAM-based FPGAs. The space environment can induce many kinds of failures due to radiation effects. These failures result in a loss of money, time, intelligence, and information. In order to evaluate technologies for potential failures, a detailed test methodology and associated structure are required. In this solution, an FPGA board was used as the controller platform, with multiple VHDL circuit controllers, data collection and reporting modules. The structure was demonstrated by …

Go to article

Developing Network Situational Awareness Through Visualization Of Fused Intrusion Detection System Alerts, Serafin A. Avitia V Jun 2008

Developing Network Situational Awareness Through Visualization Of Fused Intrusion Detection System Alerts, Serafin A. Avitia V

Theses and Dissertations

With networks increasing in physical size, bandwidth, traffic volume, and malicious activity, network analysts are experiencing greater difficulty in developing network situational awareness. Traditionally, network analysts have used Intrusion Detection Systems to gain awareness but this method is outdated when analysts are unable to process the alerts at the rate they are being generated. Analysts are unwittingly placing the computer assets they are charged to protect at risk when they are unable to detect these network attacks. This research effort examines the theory, application, and results of using visualizations of fused alert data to develop network situational awareness. The fused …

Go to article

A Secure And Efficient Communications Architecture For Global Information Grid Users Via Cooperating Space Assets, Victor P. Hubenko Jun 2008

A Secure And Efficient Communications Architecture For Global Information Grid Users Via Cooperating Space Assets, Victor P. Hubenko

Theses and Dissertations

With the Information Age in full and rapid development, users expect to have global, seamless, ubiquitous, secure, and efficient communications capable of providing access to real-time applications and collaboration. The United States Department of Defense’s (DoD) Network-Centric Enterprise Services initiative, along with the notion of pushing the “power to the edge,” aims to provide end-users with maximum situational awareness, a comprehensive view of the battlespace, all within a secure networking environment. Building from previous AFIT research efforts, this research developed a novel security framework architecture to address the lack of efficient and scalable secure multicasting in the low earth orbit …

Go to article

An Analysis Of Botnet Vulnerabilities, Sean W. Hudson Jun 2008

An Analysis Of Botnet Vulnerabilities, Sean W. Hudson

Theses and Dissertations

Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.

Go to article

Development Of A Night Vision Goggle Heads Up Display For Paratrooper Guidance, Fernando Ontiveros Jun 2008

Development Of A Night Vision Goggle Heads Up Display For Paratrooper Guidance, Fernando Ontiveros

Theses and Dissertations

This thesis provides the proof of concept for the development and implementation of a Global Positioning System (GPS) display via Night Vision Goggles (NVG) Heads-Up Display (HUD) for paratroopers. The system has been designed for soldiers who will be able to utilize the technology in the form of a processing system worn in an ammo pouch and displayed via NVG HUD as a tunnel in the sky. The tunnel in the sky display design is essentially a series of boxes displayed within the goggle's HUD leading the paratrooper to the desired Landing Zone (LZ). The algorithm developed receives GPS and …

Go to article

Mitigating Reversing Vulnerabilities In .Net Applications Using Virtualized Software Protection, Matthew A. Zimmerman Jun 2008

Mitigating Reversing Vulnerabilities In .Net Applications Using Virtualized Software Protection, Matthew A. Zimmerman

Theses and Dissertations

Protecting intellectual property contained in application source code and preventing tampering with application binaries are both major concerns for software developers. Simply by possessing an application binary, any user is able to attempt to reverse engineer valuable information or produce unanticipated execution results through tampering. As reverse engineering tools become more prevalent, and as the knowledge required to effectively use those tools decreases, applications come under increased attack from malicious users. Emerging development tools such as Microsoft's .NET Application Framework allow diverse source code composed of multiple programming languages to be integrated into a single application binary, but the potential …

Go to article

Using Hierarchical Temporal Memory For Detecting Anomalous Network Activity, Gerod M. Bonhoff Mar 2008

Using Hierarchical Temporal Memory For Detecting Anomalous Network Activity, Gerod M. Bonhoff

Theses and Dissertations

This thesis explores the nature of cyberspace and forms an argument for it as an intangible world. This research is motivated by the notion of creating intelligently autonomous cybercraft to reside in that environment and maintain domain superiority. Specifically, this paper offers 7 challenges associated with development of intelligent, autonomous cybercraft. The primary focus is an analysis of the claims of a machine learning language called Hierarchical Temporal Memory (HTM). In particular, HTM theory claims to facilitate intelligence in machines via accurate predictions. It further claims to be able to make accurate predictions of unusual worlds, like cyberspace. The research …

Go to article

What Constitutes An Act Of War In Cyberspace, Kelli S. Kinley Mar 2008

What Constitutes An Act Of War In Cyberspace, Kelli S. Kinley

Theses and Dissertations

In December 2005 a new mission statement was released by the Air Force Leadership, "to deliver sovereign options for the defense of the United States of America and its global interests...to fly and fight in Air, Space and Cyberspace." (Wynne & Mosley, 2005) With the stand up of the AFCYBER command and the use of cyberspace to carry out our daily mission the U.S. needs to have a clear understanding of what war in cyberspace looks like and what the laws are governing war in cyberspace. This research and it's resulting data analysis is intended to provide a better understanding …

Go to article

Comparing Information Assurance Awareness Training For End-Users: A Content Analysis Examination Of Air Force And Defense Information Systems Agency User Training Modules, John W. Frugé Mar 2008

Comparing Information Assurance Awareness Training For End-Users: A Content Analysis Examination Of Air Force And Defense Information Systems Agency User Training Modules, John W. Frugé

Theses and Dissertations

Today, the threats to information security and assurance are great. While there are many avenues for IT professionals to safeguard against these threats, many times these defenses prove useless against typical system users. Mandated by laws and regulations, all government agencies and most private companies have established information assurance (IA) awareness programs, most of which include user training. Much has been given in the existing literature to laying out the guidance for the roles and responsibilities of IT professionals and higher level managers, but less is specified for "everyday" users of information systems. This thesis attempts to determine the content …

Go to article

A Delphi Study Assessing Long-Term Access To Electronic Medical Records (Emr), Byron D. Nicholson Mar 2008

A Delphi Study Assessing Long-Term Access To Electronic Medical Records (Emr), Byron D. Nicholson

Theses and Dissertations

This research effort addressed the issue of long-term access to electronic medical records as technological generations become obsolete, thereby preventing the access to patient health information. Using the Delphi methodology, experts with experience in electronic medical records and applicable systems provided insight based on their years of hands-on experience managing and/or using records and these systems. The end result of this research was a collection of ideas that medical institutions and medical informaticians must consider to ensure that patients and hospitals do not lose long-term access to electronic medical records as electronic medical records and technology continually evolves. Results of …

Go to article

Suspicion Modeling In Support Of Cyber-Influence Operations/Tactics, Henry G. Paguirigan Mar 2008

Suspicion Modeling In Support Of Cyber-Influence Operations/Tactics, Henry G. Paguirigan

Theses and Dissertations

Understanding the cognitive process of IT user suspicion may assist organizations in development of network protection plans, personnel training, and tools necessary to identify and mitigate nefarious intrusions of IT systems. Exploration of a conceptual common ground between psycho-social and technology-related concepts of suspicion are the heart of this investigation. The complexities involved in merging these perspectives led to the overall research question: What is the nature of user suspicion toward IT: The research problem/phenomenon was addressed via extensive literature review, and use of the Interactive Qualitative Analysis problem/phenomenon. Analysis of the system led to the development of a model …

Go to article

Software Assurance Best Practices For Air Force Weapon And Information Technology Systems - Are We Bleeding?, Ryan A. Maxon Mar 2008

Software Assurance Best Practices For Air Force Weapon And Information Technology Systems - Are We Bleeding?, Ryan A. Maxon

Theses and Dissertations

In the corporate world, "bits mean money," and as the Department of Defense (DoD) becomes more and more reliant on net-centric warfare, bits mean national security. Software security threats are very real, as demonstrated by the constant barrage of Internet viruses, worms, Trojans, and hackers seeking to exploit the latest vulnerability. Most organizations focus their resources on reactive defenses such as firewalls, antivirus software, and encryption, however as demonstrated by the numerous attacks that are successful, those post facto measures are not enough to stop the bleeding. The DoD defines software assurance (SwA) as the "level of confidence that software …

Go to article

An Examination Into How Group Performance Is Influenced By Various Communication Channels, Jason C. Norgaard Mar 2008

An Examination Into How Group Performance Is Influenced By Various Communication Channels, Jason C. Norgaard

Theses and Dissertations

This purpose of this research was to look at the how group performance is influenced by various communication channels. Specifically, this research sought to determine what communication factors are affected when groups are forced to use different communications channels. The three communications channels tested were face-to-face communications, audio conferencing, and computer-mediated communications through an Internet chat program. Each channel was measured on accuracy, efficiency, and total number of ideas generated. The research found that the groups using computer-mediated communications had a difficult time completing the exercises in the allotted time. Additionally, the computer-mediated produced significantly fewer total words and total …

Go to article

Composable Distributed Access Control And Integrity Policies For Query-Based Wireless Sensor Networks, David W. Marsh Mar 2008

Composable Distributed Access Control And Integrity Policies For Query-Based Wireless Sensor Networks, David W. Marsh

Theses and Dissertations

An expected requirement of wireless sensor networks (WSN) is the support of a vast number of users while permitting limited access privileges. While WSN nodes have severe resource constraints, WSNs will need to restrict access to data, enforcing security policies to protect data within WSNs. To date, WSN security has largely been based on encryption and authentication schemes. WSN Authorization Specification Language (WASL) is specified and implemented using tools coded in JavaTM. WASL is a mechanism{independent policy language that can specify arbitrary, composable security policies. The construction, hybridization, and composition of well{known security models is demonstrated and shown to preserve …

Go to article

A Formal Specification And Proof Of System Safety Using The Schematic Protection Model, Raymond S. Way Mar 2008

A Formal Specification And Proof Of System Safety Using The Schematic Protection Model, Raymond S. Way

Theses and Dissertations

This research formally specifies the Schematic Protection Model (SPM) and provides a sound, flexible tool for reasoning formally about systems that implement a security model like SPM, to prove its ability to provide security services such as confidentiality and integrity. The theory described by the resultant model was logically proved in the Prototype Verification System (PVS), an automated prover. Each component of SPM was tested, as were several anomalous conditions, and each test produced results consistent with the model. The model is internally modular, and therefore easily extensible, yet cohesive since the theory to be proved encompasses the entire specification. …

Go to article

A Hybrid Communications Network Simulation-Independent Toolkit, David M. Dines Mar 2008

A Hybrid Communications Network Simulation-Independent Toolkit, David M. Dines

Theses and Dissertations

Net-centric warfare requires information superiority to enable decision superiority, culminating in insurmountable combat power against our enemies on the battlefield. Information superiority must be attained and retained for success in today’s joint/coalition battlespace. To accomplish this goal, our combat networks must reliably, expediently and completely deliver over a wide range of mobile and fixed assets. Furthermore, each asset must be given special consideration for the sensitivity, priority and volume of information required by the mission. Evolving a grand design of the enabling network will require a flexible evaluation platform to try and select the right combination of network strategies and …

Go to article

Developing A Reference Framework For Cybercraft Trust Evaluation, Shannon E. Hunt Mar 2008

Developing A Reference Framework For Cybercraft Trust Evaluation, Shannon E. Hunt

Theses and Dissertations

It should be no surprise that Department of Defense (DoD) and U.S. Air Force (USAF) networks are the target of constant attack. As a result, network defense remains a high priority for cyber warriors. On the technical side, trust issues for a comprehensive end-to-end network defense solution are abundant and involve multiple layers of complexity. The Air Force Research Labs (AFRL) is currently investigating the feasibility of a holistic approach to network defense, called Cybercraft. We envision Cybercraft to be trusted computer entities that cooperate with other Cybercraft to provide autonomous and responsive network defense services. A top research goal …

Go to article

Multi-Objective Uav Mission Planning Using Evolutionary Computation, Adam J. Pohl Mar 2008

Multi-Objective Uav Mission Planning Using Evolutionary Computation, Adam J. Pohl

Theses and Dissertations

This investigation purports to develop a new model for multiple autonomous aircraft mission routing. Previous research both related and unrelated to this endeavor have used classic combinatoric problems as models for Unmanned Aerial Vehicle (UAV) routing and mission planning. This document presents the concept of the Swarm Routing Problem (SRP) as a new combinatorics problem for use in modeling UAV swarm routing, developed as a variant of the Vehicle Routing Problem with Time Windows (VRPTW). The SRP removes the single vehicle per target restraint and changes the customer satisfaction requirement to one of vehicle on location volume. The impact of …

Go to article

Feasibility Study Of Encoding Operational Mission Metadata Into Ipv6 Packet Headers, Timothy R. Policarpio Mar 2008

Feasibility Study Of Encoding Operational Mission Metadata Into Ipv6 Packet Headers, Timothy R. Policarpio

Theses and Dissertations

The purpose of this research is to determine the feasibility of using the header fields and header extensions of IPv6 packets to encode mission metadata into computer network streams. Specifically, this thesis seeks to answer several research questions addressing the performance of different packet header encoding methods, specifically which method provides the least end-to-end delay of a file transfer over a hypothetical network as well as which method produces the least amount of additional network overhead during its operation in the hypothetical network. The research questions are answered through a comprehensive literature review and with the use of several network …

Go to article

Establishing The Human Firewall: Reducing An Individual's Vulnerability To Social Engineering Attacks, Jamison W. Scheeres Mar 2008

Establishing The Human Firewall: Reducing An Individual's Vulnerability To Social Engineering Attacks, Jamison W. Scheeres

Theses and Dissertations

Hackers frequently use social engineering attacks to gain a foothold into a target network. This type of attack is a tremendous challenge to defend against, as the weakness lies in the human users, not in the technology. Thus far, methods for dealing with this threat have included establishing better security policies and educating users on the threat that exists. Existing techniques aren’t working as evidenced by the fact that auditing agencies consider it a given that will be able to gain access via social engineering. The purpose of this research is to propose a better method of reducing an individual’s …

Go to article

Behavior-Based Power Management In Autonomous Mobile Robots, Charles A. Fetzek Mar 2008

Behavior-Based Power Management In Autonomous Mobile Robots, Charles A. Fetzek

Theses and Dissertations

Current attempts to prolong the life of a robot on a single battery charge focus on lowering the operating frequency of the onboard hardware, or allowing devices to go to sleep during idle states. These techniques have much overhead and do not come built in to the underlying robotic architecture. In this thesis, battery life is greatly extended through development of a behavior-based power management system, including a Markov decision process power planner, thereby allowing future robots increased time to operate and loiter in their required domain. Behavior-based power management examines sensors needed by the currently active behavior set and …

Go to article

Dynamic Behavior Sequencing In A Hybrid Robot Architecture, Jeffrey P. Duffy Mar 2008

Dynamic Behavior Sequencing In A Hybrid Robot Architecture, Jeffrey P. Duffy

Theses and Dissertations

Hybrid robot control architectures separate plans, coordination, and actions into separate processing layers to provide deliberative and reactive functionality. This approach promotes more complex systems that perform well in goal-oriented and dynamic environments. In various architectures, the connections and contents of the functional layers are tightly coupled so system updates and changes require major changes throughout the system. This work proposes an abstract behavior representation, a dynamic behavior hierarchy generation algorithm, and an architecture design to reduce this major change incorporation process. The behavior representation provides an abstract interface for loose coupling of behavior planning and execution components. The hierarchy …

Go to article

A Secure Group Communication Architecture For A Swarm Of Autonomous Unmanned Aerial Vehicles, Adrian N. Phillips Mar 2008

A Secure Group Communication Architecture For A Swarm Of Autonomous Unmanned Aerial Vehicles, Adrian N. Phillips

Theses and Dissertations

This thesis investigates the application of a secure group communication architecture to a swarm of autonomous unmanned aerial vehicles (UAVs). A multicast secure group communication architecture for the low earth orbit (LEO) satellite environment is evaluated to determine if it can be effectively adapted to a swarm of UAVs and provide secure, scalable, and efficient communications. The performance of the proposed security architecture is evaluated with two other commonly used architectures using a discrete event computer simulation developed using MatLab. Performance is evaluated in terms of the scalability and efficiency of the group key distribution and management scheme when the …

Go to article

Applying Automated Theorem Proving To Computer Security, Kelly K. Mcelroy Mar 2008

Applying Automated Theorem Proving To Computer Security, Kelly K. Mcelroy

Theses and Dissertations

While more and more data is stored and accessed electronically, better access control methods need to be implemented for computer security. Formal modelling and analysis have been successfully used in certain areas of computer systems, such as verifying the security properties of cryptographic and authentication protocols. However, formal models for computer systems in cyberspace, like networks, have hardly advanced. A highly regarded graduate textbook cites the Take-Grant model created in 1977 as one of the \current" examples of security modelling and analysis techniques. This model is rarely used in practice though. This research implements the Take-Grant Protection model's four de …

Go to article

Exploitation Of Self Organization In Uav Swarms For Optimization In Combat Environments, Dustin J. Nowak Mar 2008

Exploitation Of Self Organization In Uav Swarms For Optimization In Combat Environments, Dustin J. Nowak

Theses and Dissertations

This investigation focuses primarily on the development of effective target engagement for unmanned aerial vehicle (UAV) swarms using autonomous self-organized cooperative control. This development required the design of a new abstract UAV swarm control model which flows from an abstract Markov structure, a Partially Observable Markov Decision Process. Self-organization features, bio-inspired attack concepts, evolutionary computation (multi-objective genetic algorithms, differential evolution), and feedback from environmental awareness are instantiated within this model. The associated decomposition technique focuses on the iterative deconstruction of the problem domain state and dynamically building-up of self organizational rules as related to the problem domain environment. Resulting emergent …

Go to article

Next Last