Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 9 of 9
Full-Text Articles in Entire DC Network
Developing Network Situational Awareness Through Visualization Of Fused Intrusion Detection System Alerts, Serafin A. Avitia V
Developing Network Situational Awareness Through Visualization Of Fused Intrusion Detection System Alerts, Serafin A. Avitia V
Theses and Dissertations
With networks increasing in physical size, bandwidth, traffic volume, and malicious activity, network analysts are experiencing greater difficulty in developing network situational awareness. Traditionally, network analysts have used Intrusion Detection Systems to gain awareness but this method is outdated when analysts are unable to process the alerts at the rate they are being generated. Analysts are unwittingly placing the computer assets they are charged to protect at risk when they are unable to detect these network attacks. This research effort examines the theory, application, and results of using visualizations of fused alert data to develop network situational awareness. The fused …
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
Theses and Dissertations
Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.
Using Hierarchical Temporal Memory For Detecting Anomalous Network Activity, Gerod M. Bonhoff
Using Hierarchical Temporal Memory For Detecting Anomalous Network Activity, Gerod M. Bonhoff
Theses and Dissertations
This thesis explores the nature of cyberspace and forms an argument for it as an intangible world. This research is motivated by the notion of creating intelligently autonomous cybercraft to reside in that environment and maintain domain superiority. Specifically, this paper offers 7 challenges associated with development of intelligent, autonomous cybercraft. The primary focus is an analysis of the claims of a machine learning language called Hierarchical Temporal Memory (HTM). In particular, HTM theory claims to facilitate intelligence in machines via accurate predictions. It further claims to be able to make accurate predictions of unusual worlds, like cyberspace. The research …
What Constitutes An Act Of War In Cyberspace, Kelli S. Kinley
What Constitutes An Act Of War In Cyberspace, Kelli S. Kinley
Theses and Dissertations
In December 2005 a new mission statement was released by the Air Force Leadership, "to deliver sovereign options for the defense of the United States of America and its global interests...to fly and fight in Air, Space and Cyberspace." (Wynne & Mosley, 2005) With the stand up of the AFCYBER command and the use of cyberspace to carry out our daily mission the U.S. needs to have a clear understanding of what war in cyberspace looks like and what the laws are governing war in cyberspace. This research and it's resulting data analysis is intended to provide a better understanding …
Suspicion Modeling In Support Of Cyber-Influence Operations/Tactics, Henry G. Paguirigan
Suspicion Modeling In Support Of Cyber-Influence Operations/Tactics, Henry G. Paguirigan
Theses and Dissertations
Understanding the cognitive process of IT user suspicion may assist organizations in development of network protection plans, personnel training, and tools necessary to identify and mitigate nefarious intrusions of IT systems. Exploration of a conceptual common ground between psycho-social and technology-related concepts of suspicion are the heart of this investigation. The complexities involved in merging these perspectives led to the overall research question: What is the nature of user suspicion toward IT: The research problem/phenomenon was addressed via extensive literature review, and use of the Interactive Qualitative Analysis problem/phenomenon. Analysis of the system led to the development of a model …
Software Assurance Best Practices For Air Force Weapon And Information Technology Systems - Are We Bleeding?, Ryan A. Maxon
Software Assurance Best Practices For Air Force Weapon And Information Technology Systems - Are We Bleeding?, Ryan A. Maxon
Theses and Dissertations
In the corporate world, "bits mean money," and as the Department of Defense (DoD) becomes more and more reliant on net-centric warfare, bits mean national security. Software security threats are very real, as demonstrated by the constant barrage of Internet viruses, worms, Trojans, and hackers seeking to exploit the latest vulnerability. Most organizations focus their resources on reactive defenses such as firewalls, antivirus software, and encryption, however as demonstrated by the numerous attacks that are successful, those post facto measures are not enough to stop the bleeding. The DoD defines software assurance (SwA) as the "level of confidence that software …
Establishing The Human Firewall: Reducing An Individual's Vulnerability To Social Engineering Attacks, Jamison W. Scheeres
Establishing The Human Firewall: Reducing An Individual's Vulnerability To Social Engineering Attacks, Jamison W. Scheeres
Theses and Dissertations
Hackers frequently use social engineering attacks to gain a foothold into a target network. This type of attack is a tremendous challenge to defend against, as the weakness lies in the human users, not in the technology. Thus far, methods for dealing with this threat have included establishing better security policies and educating users on the threat that exists. Existing techniques aren’t working as evidenced by the fact that auditing agencies consider it a given that will be able to gain access via social engineering. The purpose of this research is to propose a better method of reducing an individual’s …
Software Obfuscation With Symmetric Cryptography, Alan C. Lin
Software Obfuscation With Symmetric Cryptography, Alan C. Lin
Theses and Dissertations
Software protection is of great interest to commercial industry. Millions of dollars and years of research are invested in the development of proprietary algorithms used in software programs. A reverse engineer that successfully reverses another company‘s proprietary algorithms can develop a competing product to market in less time and with less money. The threat is even greater in military applications where adversarial reversers can use reverse engineering on unprotected military software to compromise capabilities on the field or develop their own capabilities with significantly less resources. Thus, it is vital to protect software, especially the software’s sensitive internal algorithms, from …
Digital Signal Processing Leveraged For Intrusion Detection, Theodore J. Erickson
Digital Signal Processing Leveraged For Intrusion Detection, Theodore J. Erickson
Theses and Dissertations
This thesis describes the development and evaluation of a novel system called the Network Attack Characterization Tool (NACT). The NACT employs digital signal processing to detect network intrusions, by exploiting the Lomb-Scargle periodogram method to obtain a spectrum for sampled network traffic. The Lomb-Scargle method for generating a periodogram allows for the processing of unevenly sampled network data. This method for determining a periodogram has not yet been used for intrusion detection. The spectrum is examined to determine if features exist above a significance level chosen by the user. These features are considered an attack, triggering an alarm. Two traffic …