Engineering Commons^™

Secure Entity Authentication, Zuochao Dou

Dissertations

According to Wikipedia, authentication is the act of confirming the truth of an attribute of a single piece of a datum claimed true by an entity. Specifically, entity authentication is the process by which an agent in a distributed system gains confidence in the identity of a communicating partner (Bellare et al.). Legacy password authentication is still the most popular one, however, it suffers from many limitations, such as hacking through social engineering techniques, dictionary attack or database leak. To address the security concerns in legacy password-based authentication, many new authentication factors are introduced, such as PINs (Personal Identification Numbers) …

Adaptive Security-Aware Scheduling For Packet Switched Networks Using Real-Time Multi-Agent Systems, Ma'en Saleh Saleh

Dissertations

Conventional real-time scheduling algorithms are in care of timing constraints; they don’t pay any attention to enhance or optimize the real-time packet’s security performance. In this work, we propose an adaptive security-aware scheduling with congestion control mechanism for packet switching networks using real-time agentbased systems. The proposed system combines the functionality of real-time scheduling with the security service enhancement, where the real-time scheduling unit uses the differentiated-earliest-deadline-first (Diff-EDF) scheduler, while the security service enhancement scheme adopts a congestion control mechanism based on a resource estimation methodology.

The security service enhancement unit was designed based on two models: singlelayer and weighted …

Adaptive Trust And Reputation System As A Security Service In Group Communications, Pitipatana Sakarindr

Dissertations

Group communications has been facilitating many emerging applications which require packet delivery from one or more sender(s) to multiple receivers. Owing to the multicasting and broadcasting nature, group communications are susceptible to various kinds of attacks. Though a number of proposals have been reported to secure group communications, provisioning security in group communications remains a critical and challenging issue.

This work first presents a survey on recent advances in security requirements and services in group communications in wireless and wired networks, and discusses challenges in designing secure group communications in these networks. Effective security services to secure group communications are …

On Mitigating Distributed Denial Of Service Attacks, Zhiqiang Gao

Dissertations

Denial of service (DoS) attacks and distributed denial of service (DDoS) attacks are probably the most ferocious threats in the Internet, resulting in tremendous economic and social implications/impacts on our daily lives that are increasingly depending on the wellbeing of the Internet. How to mitigate these attacks effectively and efficiently has become an active research area. The critical issues here include 1) IP spoofing, i.e., forged source lIP addresses are routinely employed to conceal the identities of the attack sources and deter the efforts of detection, defense, and tracing; 2) the distributed nature, that is, hundreds or thousands of compromised …

Unified Architecture Of Mobile Ad Hoc Network Security (Mans) System, Li Ling

Dissertations

In this dissertation, a unified architecture of Mobile Ad-hoc Network Security (MANS) system is proposed, under which IDS agent, authentication, recovery policy and other policies can be defined formally and explicitly, and are enforced by a uniform architecture. A new authentication model for high-value transactions in cluster-based MANET is also designed in MANS system. This model is motivated by previous works but try to use their beauties and avoid their shortcomings, by using threshold sharing of the certificate signing key within each cluster to distribute the certificate services, and using certificate chain and certificate repository to achieve better scalability, less …

Security Information Management With Frame-Based Attack Presentation And First-Order Reasoning, Wei Yan

Dissertations

Internet has grown by several orders of magnitude in recent years, and this growth has escalated the importance of computer security. Intrusion Detection System (IDS) is used to protect computer networks. However, the overwhelming flow of log data generated by IDS hamper security administrators from uncovering new insights and hidden attack scenarios. Security Information Management (SIM) is a new growing area of interest for intrusion detection. The research work in this dissertation explores the semantics of attack behaviors and designs Frame-based Attack Representation and First-order logic Automatic Reasoning (FAR-FAR) using linguistics and First-order Logic (FOL) based approaches. Techniques based on …

Ad Hoc Network Security And Modeling With Stochastic Petri Nets, Congzhe Zhang

Dissertations

Advances in wireless technology and portable computing along with demands for high user mobility have provided a major promotion toward the development of ad hoc networks. These networks feature dynamic topology, self-organization, limited bandwidth and battery power of a node. Unlike the existing commercial wireless systems and fixed infrastructure networks, they do not rely on specialized routers for path discovery and traffic routing. Security is an important issue in such networks. Typically, mobile nodes are significantly more susceptible to physical attacks than their wired counterparts.

This research intends to investigate the ad hoc network routing security by proposing a performance …