Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 6 of 6
Full-Text Articles in Entire DC Network
A Framework For Analyzing And Mitigating The Vulnerabilities Of Complex Systems Via Attack And Protection Trees, Kenneth S. Edge
A Framework For Analyzing And Mitigating The Vulnerabilities Of Complex Systems Via Attack And Protection Trees, Kenneth S. Edge
Theses and Dissertations
Attack trees have been developed to describe processes by which malicious users attempt to exploit or break complex systems. Attack trees offer a method of decomposing, visualizing, and determining the cost or likelihood of attacks. Attack trees by themselves do not provide enough decision support to system defenders. This research develops the concept of using protection trees to offer a detailed risk analysis of a system. In addition to developing protection trees, this research improves the existing concept of attack trees and develops rule sets for the manipulation of metrics used in the security of complex systems. This research specifically …
Internet Protocol Geolocation: Development Of A Delay-Based Hybrid Methodology For Locating The Geographic Location Of A Network Node, John M. Roehl
Internet Protocol Geolocation: Development Of A Delay-Based Hybrid Methodology For Locating The Geographic Location Of A Network Node, John M. Roehl
Theses and Dissertations
Internet Protocol Geolocation (IP Geolocation), the process of determining the approximate geographic location of an IP addressable node, has proven useful in a wide variety of commercial applications. Commercial applications of IP Geolocation include market research, redirection for performance enhancement, restricting content, and combating fraud. The potential for military applications include securing remote access via geographic authentication, intelligence collection, and cyber attack attribution. IP Geolocation methods can be divided into three basic categories based upon what information is used to determine the geographic location of the given IP address: 1) Information contained in databases, 2) information that is leaked during …
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Theses and Dissertations
The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of security processing. These primitives are tightly coupled to the CPU giving them access to critical state information such as the current instruction(s) in execution, the next instruction, registers, and processor state information. By monitoring these hardware elements, APHID is able to determine when an anomalous action occurs within one clock cycle. Upon detection, APHID can force the processor into a corrective state, or a …
Beyond Passswords: Usage And Policy Transformation, Alan S. Alsop
Beyond Passswords: Usage And Policy Transformation, Alan S. Alsop
Theses and Dissertations
The purpose of this research is to determine whether the transition to a two-factor authentication system is more secure than a system that relied only on what users “know” for authentication. While we found that factors that made passwords inherently vulnerable did not transfer to the PIN portion of a two-factor authentication system, we did find significant problems relating to usability, worker productivity, and the loss and theft of smart cards. The new authentication method has disrupted our ability to stay connected to ongoing mission issues, forced some installations to cut off remote access for their users and in one …
Developing A Framwork For Evaluating Organizational Information Assurance Metrics Programs, Adam R. Bryant
Developing A Framwork For Evaluating Organizational Information Assurance Metrics Programs, Adam R. Bryant
Theses and Dissertations
The push to secure organizational information has brought about the need to develop better metrics for understanding the state of the organization’s security capability. This thesis utilizes case studies of information security metrics programs within Department of Defense organizations, the United States Air Force (USAF), and the National Aeronautics and Space Administration’s (NASA’s) Jet Propulsion Lab to discover how these organizations make decisions about how the measurement program is designed, how information is collected and disseminated, and how the collected information supports decision making. This research finds that both the DOD and USAF have highly complex information security programs that …
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Theses and Dissertations
This research effort examines the idea of applying virtualization hardware to enhance operating system security against rootkits. Rootkits are sets of tools used to hide code and/or functionality from the user and operating system. Rootkits can accomplish this feat through using access to one part of an operating system to change another part that resides at the same privilege level. Hardware assisted virtualization (HAV) provides an opportunity to defeat this tactic through the introduction of a new operating mode. Created to aid operating system virtualization, HAV provides hardware support for managing and saving multiple states of the processor. This hardware …