Digital Commons Network^™

Application Of Ntru Cryptographic Algorithm For Securing Scada Communication, Amritha Puliadi Premnath

UNLV Theses, Dissertations, Professional Papers, and Capstones

Supervisory Control and Data Acquisition (SCADA) system is a control system which is widely used in Critical Infrastructure System to monitor and control industrial processes autonomously. Most of the SCADA communication protocols are vulnerable to various types of cyber-related attacks. The currently used security standards for SCADA communication specify the use of asymmetric cryptographic algorithms like RSA or ECC for securing SCADA communications. There are certain performance issues with cryptographic solutions of these specifications when applied to SCADA system with real-time constraints and hardware limitations. To overcome this issue, in this thesis we propose the use of a faster and …

Physical Security Assessment Of A Regional University Computer Network, Nathan H. Timbs

Electronic Theses and Dissertations

Assessing a network's physical security is an essential step in securing its data. This document describes the design, implementation, and validation of PSATool, a prototype application for assessing the physical security of a network's intermediate distribution frames, or IDFs (a.k.a. "wiring closets"). PSATool was created to address a lack of tools for IDF assessment. It implements a checklist-based protocol for assessing compliance with 52 security requirements compiled from federal and international standards. This checklist can be extended according to organizational needs.

PSATool was validated by using it to assess physical security at 135 IDFs at East Tennessee State University. …

A Novel Defense Mechanism Against Web Crawler Intrusion, Alireza Aghamohammadi

Master's Theses and Doctoral Dissertations

Web robots also known as crawlers or spiders are used by search engines, hackers and spammers to gather information about web pages. Timely detection and prevention of unwanted crawlers increases privacy and security of websites. In this research, a novel method to identify web crawlers is proposed to prevent unwanted crawler to access websites. The proposed method suggests a five-factor identification process to detect unwanted crawlers. This study provides the pretest and posttest results along with a systematic evaluation of web pages with the proposed identification technique versus web pages without the proposed identification process. An experiment was performed with …

Analiza Forenzike E Regjistrit Të Windows-It, Avdush Jashari

Theses and Dissertations

Kjo temë do të prezantoj data bazën e Windows Regjistrit dhe do të shpjegojë se sa është e rëndësishme në ekzaminimet forenzike kjo data bazë për ekzaminuesit e fushës së forenzikës digjitale. Në esencë tema do të diskutoj disa lloje të ndryshme të gjurmëve të regjistrit dhe do të hulumtojmë se çfarë informacione të rëndësishme mund të marrim duke bërë një ekzaminim forenzik.

Gjithashtu do të diskutohet edhe për shumë çelësa të regjistrit (Registry KEY) të cilët janë shumë të domosdoshëm në një ekzaminim. Forenzika Kompjuterike (Forenzika Digjitale) është aplikimi i teknikave të hetimit dhe analizimit për të mbledhur dhe …

Access Control In And For The Real World, Sara Sinclair

Dartmouth College Ph.D Dissertations

Access control is a core component of any information-security strategy. Researchers have spent tremendous energy over the past forty years defining abstract access-control models and proving various properties about them. However, surprisingly little attention has been paid to how well these models work in real socio-technical systems (i.e., real human organizations). This dissertation describes the results of two qualitative studies (involving 52 participants from four companies, drawn from the financial, software, and healthcare sectors) and observes that the current practice of access control is dysfunctional at best. It diagnoses the broken assumptions that are at the heart of this dysfunction, …

Use Of Immersive Visualization For The Control Of Dental Anxiety During Dental Hygiene Treatment, Carmelo Padrino-Barrios

Dental Hygiene Theses & Dissertations

Purpose: The purpose of this study was to determine the effectiveness of immersive visualization (IV) therapy, a technique that provides visual and stereoscopic display through the use of eyewear, in anxious patients during an oral prophylaxis. Methods: A convenience sample of thirty adults was enrolled. A split mouth design was utilized. Subjects were randomly divided into two groups: group A (use of IV for the right side of the mouth), and group B (use of IV for the left side of the mouth). Subjects received a full mouth oral prophylaxis (removal of supra and subgingival calculus and selective polishing), always …

Metamorphic Detection Using Singular Value Decomposition, Ranjith Kumar Jidigam

Master's Projects

Metamorphic malware changes its internal structure with each infection, while maintaining its original functionality. Such malware can be difficult to detect using static techniques, since there may be no common signature across infections. In this research we apply a score based on Singular Value Decomposition (SVD) to the problem of metamorphic detection. SVD is a linear algebraic technique which is applicable to a wide range of problems, including facial recognition. Previous research has shown that a similar facial recognition technique yields good results when applied to metamorphic malware detection. We present experimental results and we analyze the effectiveness and efficiency …

Distributed Agent Cloud-Sourced Malware Reporting Framework, Kellie Elizabeth Kercher

Theses and Dissertations

Malware is a fast growing threat that consists of a malicious script or piece of software that is used to disrupt the integrity of a user's experience. Antivirus software can help protect a user against these threats and there are numerous vendors users can choose from for their antivirus protection. However, each vendor has their own set of virus definitions varying in resources and capabilities in recognizing new threats. Currently, a persistent system is not in place that measures and displays data on the performance of antivirus vendors in responding to new malware over a continuous period of time. There …

Segmentation And Model Generation For Large-Scale Cyber Attacks, Steven E. Strapp

Theses

Raw Cyber attack traffic can present more questions than answers to security analysts. Especially with large-scale observables it is difficult to identify which packets are relevant and what attack behaviors are present. Many existing works in Host or Flow Clustering attempt to group similar behaviors to expedite analysis; these works often phrase the problem directly as offline unsupervised machine learning. This work proposes online processing to simultaneously model coordinating actors and segment traffic that is relevant to a target of interest, all while it is being received. The goal is not just to aggregate similar attack behaviors, but to provide …

Innovation-Ict-Cybersecurity: The Triad Relationship And Its Impact On Growth Competitiveness, Manal M. Yunis

Theses and Dissertations - UTB/UTPA

This study examines the global growth competitiveness of countries using the dynamics of growth, ICT, and innovation. It also introduces a new dynamic, cybersecurity, and argues that within a growth competitiveness framework, ICT, innovation, and cybersecurity mechanisms allow some countries to achieve higher ranks on the competitiveness ladder than others. Based on a theoretical framework that encompasses the economic growth model, the complementarity theory, and the international law theory, a model that integrates ICT, innovation, and cybersecurity, depicts the relationships amongst them and with growth competitiveness, and incorporates complementary factors with possible moderating effect is presented. The model proposed relationships …

Predicting Threat Potential Using Cyber Sensors, Mark Anthony Thompson

Doctoral Dissertations

The proliferation of the Internet has created a culture of a connected society dependent upon technology for communication and information sharing needs. In this dissertation, we hypothesize that attackers are increasingly using electronic resources that are capable of leaving a digital footprint, such as social media services, e-mail, text messages, blogs, and websites for the communication, planning, and coordination of attacks. In its current form, however, traffic analysis is primarily concerned with using communications volume to extract intelligence information, but largely ignores the content of communications transmissions that is needed to meet the security challenges and demands of continually emerging …

Applied Hypergame Theory For Network Defense, Alan S. Gibson

Theses and Dissertations

Cyber operations are the most important aspect of military conflicts in the 21st century, but unfortunately they are also among the least understood. The continual battle for network dominance between attackers and defenders is considered to be a complex game. Hypergame theory is an extension of game theory that addresses the kind of games where misperception exists, as is often the case in military engagements. Hypergame theory, like game theory, uses a game model to determine strategy selection, but goes beyond game theory by examining subgames that exist within the full game. The inclusion of misperception and misinformation in the …

A Qualitative And Evaluative Study On Recruiting And Retaining Students In College Computer Science Programs, Matthew Gardner

All Graduate Theses and Dissertations, Spring 1920 to Summer 2023

Computer science is a discipline that is increasing in importance and value in our society, yet we are still failing to graduate a sufficient number of students to keep up with the demand required in the United States economy. We research several ways to retain students. We also discuss ways to increase students’ interest in the major, i.e., those who normally would not know about computer science. We discuss ways to increase female participation as well as overall participation in the major.

Gesture Based Home Automation For The Physically Disabled, Alexander Hugh Nelson

Graduate Theses and Dissertations

Paralysis and motor-impairments can greatly reduce the autonomy and quality of life of a patient while presenting a major recurring cost in home-healthcare. Augmented with a non-invasive wearable sensor system and home-automation equipment, the patient can regain a level of autonomy at a fraction of the cost of home nurses. A system which utilizes sensor fusion, low-power digital components, and smartphone cellular capabilities can extend the usefulness of such a system to allow greater adaptivity for patients with various needs. This thesis develops such a system as a Bluetooth enabled glove device which communicates with a remote web server to …

Number Theory Applications In Cryptography, Francesca Pizzigoni

Theses, Dissertations and Culminating Projects

This thesis provides a unique cryptosystem comprised of different number theory applications. We first consider the well-known Knapsack Problem and the resulting Knapsack Cryptosystem. It is known that when the Knapsack Problem involves a superincreasing sequence, the solution is easy to find. Two cryptosystems are designed and displayed in this thesis that allow two parties often called Alice and Bob use a common superincreasing sequence in the encryption and decryption process. They use this sequence and a variation of the Knapsack Cryptosystem to send and receive binary messages. The first cryptosystem assumes that Alice and Bob agree on a shared …

Plasmonic Nanostructures For The Absorption Enhancement Of Silicon Solar Cells, Nathan Matthias Burford

Graduate Theses and Dissertations

In this work, computational investigation of plasmonic nanostructures was conducted using the commercial finite element electromagnetics solver Ansys® HFSS. Arrays of silver toroid nanoparticles located on the surface of an amorphous silicon thin-film absorbing layer were studied for particle sizes ranging from 20 nm to 200 nm in outer diameter. Parametric optimization by calculating an approximation of the photocurrent enhancement due to the nanoparticles was performed to determine optimal surface coverage of the nanoparticles. A comparison was made between these optimized nanotoroid arrays and optimized nanosphere arrays based on spectral absorption enhancement and potential photocurrent enhancement in an amorphous silicon …

The Chain-Link Fence Model: A Framework For Creating Security Procedures, Robert F. Houghton

All Graduate Theses and Dissertations, Spring 1920 to Summer 2023

Information technology security professionals are facing an ever growing threat to the networks that they defend. The process for creating procedures to help stem this threat is very difficult for security professionals. The Chain-Link Fence Model helps security professionals by guiding them through the process of creating and implementing new security procedures.

Exploiting Rogue Signals To Attack Trust-Based Cooperative Spectrum Sensing In Cognitive Radio Networks, David Jackson

Theses and Dissertations

Cognitive radios are currently presented as the solution to the ever-increasing spectrum shortage problem. However, their increased capabilities over traditional radios introduce a new dimension of security threats. Cooperative Spectrum Sensing (CSS) has been proposed as a means to protect cognitive radio networks from the well known security threats: Primary User Emulation (PUE) and Spectrum Sensing Data Falsification (SSDF). I demonstrate a new threat to trust-based CSS protocols, called the Rogue Signal Framing (RSF) intrusion. Rogue signals can be exploited to create the illusion of malicious sensors which leads to the framing of innocent sensors and consequently, their removal from …

Virtualized Educational Lab Setup Project Plan And Supporting Project Documentation, Aaron Napierala

Masters Theses & Doctoral Dissertations

The current infrastructure being used for IT courses at the University of Northwestern Ohio is not adequate for students. In addition, hands-on components of courses are difficult to test over, faculty administration of class resources was minimal, and students did not have access to enterprise level systems. The solution was to implement a lab environment to accomplish all of these concerns. This project closely mirrors how a real world project would function using the knowledge acquired during coursework completed at DSU. Documentation submitted for coursework at DSU was used as templates during this project. Not only was this project designed …

Http Attack Detection Using N-Gram Analysis, Adityaram Oza

Master's Projects

Previous research has shown that byte level analysis of HTTP traffic offers a practical solution to the problem of network intrusion detection and traffic analysis. Such an approach does not require any knowledge of applications running on web servers or any pre-processing of incoming data. In this project, we apply three n- gram based techniques to the problem of HTTP attack detection. The goal of such techniques is to provide a first line of defense by filtering out the vast majority of benign HTTP traffic. We analyze our techniques in terms of accuracy of attack detection and performance. We show …

User Profiling In Gui Based Windows Systems For Intrusion Detection, Arshi Agrawal

Master's Projects

Intrusion detection is the process of identifying any unauthorized access to a sys- tem. This process inspects user behavior to identify any possible attack or intrusion. There exists two type of intrusion detection systems (IDSs): signature-based IDS and anomaly-based IDS. This project concentrates on anomaly-based intrusion detection technique. This technique is based on the deviation of intruder’s actions from the authenticated user’s actions. Much previous research has focused on the deviation of command line input in UNIX systems. However, these techniques fail to detect attacks on modern GUI- based systems, where typical user activities include mouse movements and keystrokes. Our …

Mobile Network Defense Interface For Cyber Defense And Situational Awareness, James C. Hannan

Theses and Dissertations

Today's computer networks are under constant attack. In order to deal with this constant threat, network administrators rely on intrusion detection and prevention services (IDS) (IPS). Most IDS and IPS implement static rule sets to automatically alert administrators and resolve intrusions. Network administrators face a difficult challenge, identifying attacks against a vast number of benign network transactions. Also after a threat is identified making even the smallest policy change to the security software potentially has far-reaching and unanticipated consequences. Finally, because the administrator is primarily responding to alerts they may lose situational awareness of the network. During this research a …

Security-Policy Analysis With Extended Unix Tools, Gabriel A. Weaver

Dartmouth College Ph.D Dissertations

During our fieldwork with real-world organizations---including those in Public Key Infrastructure (PKI), network configuration management, and the electrical power grid---we repeatedly noticed that security policies and related security artifacts are hard to manage. We observed three core limitations of security policy analysis that contribute to this difficulty. First, there is a gap between policy languages and the tools available to practitioners. Traditional Unix text-processing tools are useful, but practitioners cannot use these tools to operate on the high-level languages in which security policies are expressed and implemented. Second, practitioners cannot process policy at multiple levels of abstraction but they need …

On Different Techniques For The Calculation Of Bouguer Gravity Anomalies For Joint Inversion And Model Fusion Of Geophysical Data In The Rio Grande Rift, Azucena Zamora

Open Access Theses & Dissertations

Density variations in the Earth result from different material properties, which reflect the tectonic processes attributed to a region. Density variations can be identified through measurable material properties, such as seismic velocities, gravity field, magnetic field, etc. Gravity anomaly inversions are particularly sensitive to density variations but suffer from significant non-uniqueness. However, using inverse models with gravity Bouguer anomalies and other geophysical data, we can determine three dimensional structural and geological properties of the given area. We explore different techniques for the calculation of Bouguer gravity anomalies for their use in joint inversion of multiple geophysical data sets and a …

Utilizing Cyber Espionage To Combat Terrorism, Gary Adkins

Open Access Theses & Dissertations

The world has effectively exited the Industrial Age and is firmly planted in the Information Age. Global communication at the speed of light has been a great asset to both businesses and private citizens. However, there is a dark side to the age we live in, where terrorist groups are able to communicate, plan, fund, recruit, and spread their message to the world. The relative anonymity the internet provides hinders law enforcement and security agencies in not only locating would-be terrorists but also in disrupting their operations. The internet is a loosely knit group of computers and routers and is …

A Semantic Web-Based Methodology For Describing Scientific Research Efforts, Aida Gandara

Open Access Theses & Dissertations

Scientists produce research resources that are useful to future research and innovative efforts. In a typical scientific scenario, the results created by a collaborative team often include numerous artifacts, observations and relationships relevant to research findings, such as programs that generate data, parameters that impact outputs, workflows that describe processes, and publications, posters and presentations that explain results and findings. Scientists have options in what results to share and how to share them, however, there is no systematic approach to documenting scientific research and sharing it on the Web.

The goal of this research is to define a systematic approach …

An Examination Of Internet Filtering And Safety Policy Trends And Issues In South Carolina's K-12 Public Schools, Mary E. Vicks

CCE Theses and Dissertations

School districts have implemented filtering and safety policies in response to legislative and social mandates to protect students from the proliferation of objectionable online content. Subject related literature suggests these policies are more restrictive than legal mandates require and are adversely affecting information access and instruction. There is limited understanding of how filtering and safety policies are affecting teaching and learning because no comprehensive studies have investigated the issues and trends surrounding filtering and safety policy implementation. In order to improve existing safety policies, policymakers need research-based data identifying end user access issues that limit technology integration in the kindergarten-12th …

Developing Focused Auditing Tools: A Practical Framework For Creating Formalized Multi-Level Security Policy Specifications, Barbara Ann Brough

Theses Digitization Project

The purpose of this study is that formalized policy specifications and focused penetration testing are needed to effectively audit any information system. Designing and maintaining the security system information is the primary duty of the cyber security professional. In today's world, nearly all government agencies manage some form of financial, defense, national security, and/or privacy information security policies. It is also necessary in this environment that agencies are accountable for auditing the security systems that protect this information.

Location Based Services In Wireless Ad Hoc Networks, Neelanjana Dutta

Doctoral Dissertations

"In this dissertation, we investigate location based services in wireless ad hoc networks from four different aspects - i) location privacy in wireless sensor networks (privacy), ii) end-to-end secure communication in randomly deployed wireless sensor networks (security), iii) quality versus latency trade-off in content retrieval under ad hoc node mobility (performance) and iv) location clustering based Sybil attack detection in vehicular ad hoc networks (trust). The first contribution of this dissertation is in addressing location privacy in wireless sensor networks. We propose a non-cooperative sensor localization algorithm showing how an external entity can stealthily invade into the location privacy of …

Text-Based Phishing Detection Using A Simulation Model, Gilchan Park

Open Access Theses

Phishing is one of the most potentially disruptive actions that can be performed on the Internet. Intellectual property and other pertinent business information could potentially be at risk if a user falls for a phishing attack. The most common way of carrying out a phishing attack is through email. The adversary sends an email with a link to a fraudulent site to lure consumers into divulging their confidential information. While such attacks may be easily identifiable for those well-versed in technology, it may be difficult for the typical Internet user to spot a fraudulent email.

The emphasis of this research …