Open Access. Powered by Scholars. Published by Universities.®
- Keyword
Articles 1 - 10 of 10
Full-Text Articles in Engineering
Twitter Malware Collection System: An Automated Url Extraction And Examination Platform, Benjamin B. Kuhar
Twitter Malware Collection System: An Automated Url Extraction And Examination Platform, Benjamin B. Kuhar
Theses and Dissertations
As the world becomes more interconnected through various technological services and methods, the threat of malware is increasingly looming overhead. One avenue in particular that is examined in this research is the social networking service Twitter. This research develops the Twitter Malware Collection System (TMCS). This system gathers Uniform Resource Locators (URLs) posted on Twitter and scans them to determine if any are hosting malware. This scanning process is performed by a cluster of Virtual Machines (VMs) running a specified software configuration and the execution prevention system known as ESCAPE, which detects malicious code. When a URL is detected by …
Host-Based Systemic Network Obfuscation System For Windows, Kevin E. Huber
Host-Based Systemic Network Obfuscation System For Windows, Kevin E. Huber
Theses and Dissertations
Network traffic identifies the operating system and services of the host that created the traffic. Current obfuscation programs focus solely on the Transport and Internet layer protocols of the TCP/IP model. Few obfuscation programs were developed to run on a Windows operating system to provide host-based obfuscation. Systemic Network Obfuscation System (SNOS) was developed to provide a thorough obfuscation process for network traffic on the Windows operating system. SNOS modifies the protocols found at all layers of the TCP/IP model to effectively obfuscate the Windows operating system and services running on the host.
Adaptive Quality Of Service Engine With Dynamic Queue Control, James D. Haught
Adaptive Quality Of Service Engine With Dynamic Queue Control, James D. Haught
Theses and Dissertations
While the current routing and congestion control algorithms in use today are often sufficient for networks with relatively static topology, these algorithms may not be sufficient for military networks where a certain level of quality of service (QoS) needs to be achieved to complete a mission. Current networking technology limits a network's ability to adapt to changes and interactions in the network, often resulting in sub-optimal performance. This research investigates the use of queue size predictions to create a network controller to optimize computer networks. These queue size predictions are made possible through the use of Kalman filters to detect …
Covert Channels Within Irc, Wayne C. Henry
Covert Channels Within Irc, Wayne C. Henry
Theses and Dissertations
The exploration of advanced information hiding techniques is important to understand and defend against illicit data extractions over networks. Many techniques have been developed to covertly transmit data over networks, each differing in their capabilities, methods, and levels of complexity. This research introduces a new class of information hiding techniques for use over Internet Relay Chat (IRC), called the Variable Advanced Network IRC Stealth Handler (VANISH) system. Three methods for concealing information are developed under this framework to suit the needs of an attacker. These methods are referred to as the Throughput, Stealth, and Baseline scenarios. Each is designed for …
An Architecture For Improving Timeliness And Relevance Of Cyber Incident Notifications, James L. Miller
An Architecture For Improving Timeliness And Relevance Of Cyber Incident Notifications, James L. Miller
Theses and Dissertations
This research proposes a communications architecture to deliver timely and relevant cyber incident notifications to dependent mission stakeholders. This architecture, modeled in Unified Modeling Language (UML), eschews the traditional method of pushing notifications via message as dictated in Air Force Instruction 33-138. It instead shifts to a pull or publish and subscribe method of making notifications. Shifting this paradigm improves the notification process by empowering mission owners to identify those resources on which they depend for mission accomplishment, provides a direct conduit between providing and dependent mission owners for notifications when an incident occurs, and provides a shared representation for …
Trust Management And Security In Satellite Telecommand Processing, Mark C. Duncan
Trust Management And Security In Satellite Telecommand Processing, Mark C. Duncan
Theses and Dissertations
New standards and initiatives in satellite system architecture are moving the space industry to more open and efficient mission operations. Primarily, these standards allow multiple missions to share standard ground and space based resources to reduce mission development and sustainment costs. With the benefits of these new concepts comes added risk associated with threats to the security of our critical space assets in a contested space and cyberspace domain. As one method to mitigate threats to space missions, this research develops, implements, and tests the Consolidated Trust Management System (CTMS) for satellite flight software. The CTMS architecture was developed using …
Dynamic Polymorphic Reconfiguration To Effectively “Cloak” A Circuit’S Function, Jeffrey L. Falkinburg
Dynamic Polymorphic Reconfiguration To Effectively “Cloak” A Circuit’S Function, Jeffrey L. Falkinburg
Theses and Dissertations
Today's society has become more dependent on the integrity and protection of digital information used in daily transactions resulting in an ever increasing need for information security. Additionally, the need for faster and more secure cryptographic algorithms to provide this information security has become paramount. Hardware implementations of cryptographic algorithms provide the necessary increase in throughput, but at a cost of leaking critical information. Side Channel Analysis (SCA) attacks allow an attacker to exploit the regular and predictable power signatures leaked by cryptographic functions used in algorithms such as RSA. In this research the focus on a means to counteract …
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
Theses and Dissertations
The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage …
Spear Phishing Attack Detection, David T. Merritt
Spear Phishing Attack Detection, David T. Merritt
Theses and Dissertations
This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, …
Defensive Cyber Battle Damage Assessment Through Attack Methodology Modeling, Ryan T. Ostler
Defensive Cyber Battle Damage Assessment Through Attack Methodology Modeling, Ryan T. Ostler
Theses and Dissertations
Due to the growing sophisticated capabilities of advanced persistent cyber threats, it is necessary to understand and accurately assess cyber attack damage to digital assets. This thesis proposes a Defensive Cyber Battle Damage Assessment (DCBDA) process which utilizes the comprehensive understanding of all possible cyber attack methodologies captured in a Cyber Attack Methodology Exhaustive List (CAMEL). This research proposes CAMEL to provide detailed knowledge of cyber attack actions, methods, capabilities, forensic evidence and evidence collection methods. This product is modeled as an attack tree called the Cyber Attack Methodology Attack Tree (CAMAT). The proposed DCBDA process uses CAMAT to analyze …