Engineering Commons^™

Threat Analysis, Countermeaures And Design Strategies For Secure Computation In Nanometer Cmos Regime, Raghavan Kumar

Doctoral Dissertations

Advancements in CMOS technologies have led to an era of Internet Of Things (IOT), where the devices have the ability to communicate with each other apart from their computational power. As more and more sensitive data is processed by embedded devices, the trend towards lightweight and efficient cryptographic primitives has gained significant momentum. Achieving a perfect security in silicon is extremely difficult, as the traditional cryptographic implementations are vulnerable to various active and passive attacks. There is also a threat in the form of "hardware Trojans" inserted into the supply chain by the untrusted third-party manufacturers for economic incentives. Apart …

Real-Time Detection System For Suspicious Urls, Krishna Prasad Chouty, Anup Chandra Thogiti, Kranthi Sudha Vudatha

All Capstone Projects

Twitter is prone to malicious tweets containing URLs for spam, phishing, and malware distribution. Conventional Twitter spam detection schemes utilize account features such as the ratio of tweets containing URLs and the account creation date, or relation features in the Twitter graph. These detection schemes are ineffective against feature fabrications or consume much time and resources. Conventional suspicious URL detection schemes utilize several features including lexical features of URLs, URL redirection, HTML content, and dynamic behavior. However, evading techniques such as time-based evasion and crawler evasion exist. In this paper, we propose WARNINGBIRD, a suspicious Real-Time URL detection system for …

Api-Based Acquisition Of Evidence From Cloud Storage Providers, Andres E. Barreto

University of New Orleans Theses and Dissertations

Cloud computing and cloud storage services, in particular, pose a new challenge to digital forensic investigations. Currently, evidence acquisition for such services still follows the traditional approach of collecting artifacts on a client device. In this work, we show that such an approach not only requires upfront substantial investment in reverse engineering each service, but is also inherently incomplete as it misses prior versions of the artifacts, as well as cloud-only artifacts that do not have standard serialized representations on the client.

In this work, we introduce the concept of API-based evidence acquisition for cloud services, which addresses these concerns …

Design And Implementation Of Digital Information Security For Physical Documents, Pengcheng Wang

Masters Theses

The objective of this thesis is to improve the security for physical paper documents. Providing information security has been difficult in environments that rely on physical paper documents to implement business processes. Our work presents the design of a digital information security system for paper documents, called "CryptoPaper", that uses 2-dimensional codes to represent data and its security properties on paper. A special scanner system is designed for "CryptoPaper" which uses image recognition techniques and cloud-based access control to display plaintext of encrypted and encoded data to authorized users.

Panorama: Multi-Path Ssl Authentication Using Peer Network Perspectives, William P. Harris

Computer Engineering

SSL currently uses certificates signed by Certificate Authorities (CAs) to authenticate connections. e.g. Google will pay a CA to sign a certificate for them, so that they can prove that they're not someone pretending to be Google. Unfortunately, this system has had multiple problems, and many believe that an alternative needs to be found.

One of the ideas for alternatives is using multiple "network perspectives" to authenticate a server. The idea behind this is that, though playing man-in-the-middle (MITM) with one connection is easy, it should be difficult for an adversary to do so with many connections, especially if they …

Classifying System Call Traces Using Anomalous Detection, William Doyle

Honors Theses

We used data mining techniques to detect intrusions among system call traces and have outlined our results. Recent work at the intersection of security and machine learning has lead to better understanding of anomalous intrusion detection. There is a need to more thoroughly understand how anomaly detection can be used because of its potential applications and advantages over current standard methods. In this thesis, we report on a new approach of anomalous detection using system call traces. Our goal is to be able to create a system that can accurately detect hacking attacks by analyzing the sequences of system calls …

Secure And Reliable Routing Protocol For Transmission Data In Wireless Sensor Mesh Networks, Nooh Adel Bany Muhammad

Dissertations

Abstract

Sensor nodes collect data from the physical world then exchange it until it reaches the intended destination. This information can be sensitive, such as battlefield surveillance. Therefore, providing secure and continuous data transmissions among sensor nodes in wireless network environments is crucial. Wireless sensor networks (WSN) have limited resources, limited computation capabilities, and the exchange of data through the air and deployment in accessible areas makes the energy, security, and routing major concerns in WSN. In this research we are looking at security issues for the above reasons. WSN is susceptible to malicious activities such as hacking and physical …

Intelligent Network Intrusion Detection Using An Evolutionary Computation Approach, Samaneh Rastegari

Theses: Doctorates and Masters

With the enormous growth of users' reliance on the Internet, the need for secure and reliable computer networks also increases. Availability of effective automatic tools for carrying out different types of network attacks raises the need for effective intrusion detection systems.

Generally, a comprehensive defence mechanism consists of three phases, namely, preparation, detection and reaction. In the preparation phase, network administrators aim to find and fix security vulnerabilities (e.g., insecure protocol and vulnerable computer systems or firewalls), that can be exploited to launch attacks. Although the preparation phase increases the level of security in a network, this will never completely …