Open Access. Powered by Scholars. Published by Universities.®
- Discipline
Articles 1 - 13 of 13
Full-Text Articles in Computer Engineering
Dynamic Network Security Control Using Software Defined Networking, Michael C. Todd
Dynamic Network Security Control Using Software Defined Networking, Michael C. Todd
Theses and Dissertations
This thesis develops and implements a process to rapidly respond to host level security events using a host agent, Software Defined Networking and OpenFlow updates, role based flow classes, and Advanced Messaging Queuing Protocol to automatically update configuration of switching devices and block malicious traffic. Results show flow table updates are made for all tested levels in less than 5.27 milliseconds and event completion time increased with treatment level as expected. As the number of events increases from 1,000 to 50,000, the design scales logarithmically caused mainly by message delivery time. Event processing throughput is limited primarily by the message …
Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel
Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel
Theses and Dissertations
Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem's operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under …
Static And Dynamic Component Obfuscation On Reconfigurable Devices, Camdon R. Cady
Static And Dynamic Component Obfuscation On Reconfigurable Devices, Camdon R. Cady
Theses and Dissertations
Computing systems are used in virtually every aspect of our lives. Technology such as smart phones and electronically controlled subsystems in cars is becoming so commonly used that it is virtually ubiquitous. Sometimes, this technology can be exploited to perform functions that it was never intended to perform, or fail to provide information that it is supposed to protect. X-HIA was shown to be effective at identifying several circuit components in a significantly shorter time than previous identification methods. Instead of requiring a number of input/output pairings that grows factorially or exponentially as the circuit size grows, it requires only …
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Theses and Dissertations
Current intrusion detection systems generate a large number of specific alerts, but do not provide actionable information. Many times, these alerts must be analyzed by a network defender, a time consuming and tedious task which can occur hours or days after an attack occurs. Improved understanding of the cyberspace domain can lead to great advancements in Cyberspace situational awareness research and development. This thesis applies the Cross Industry Standard Process for Data Mining (CRISP-DM) to develop an understanding about a host system under attack. Data is generated by launching scans and exploits at a machine outfitted with a set of …
The Evaluation Of Rekeying Protocols Within The Hubenko Architecture As Applied To Wireless Sensor Networks, Cory J. Antosh
The Evaluation Of Rekeying Protocols Within The Hubenko Architecture As Applied To Wireless Sensor Networks, Cory J. Antosh
Theses and Dissertations
This thesis investigates the impact of using three different rekeying protocols–pair-wise, hierarchical, and Secure Lock within a wireless sensor network (WSN) under the Hubenko architecture. Using a Matlab computer simulation, the impact of the three rekeying protocols on the number of bits transmitted across the network and the amount of battery power consumed in WSN nodes during rekey operations is investigated. Baseline pair-wise rekeying performance can be improved by using either Secure Lock or hierarchical rekeying. The best choice depends on the size of the WSN and the size of the key used. Hierarchical rekeying is the best choice for …
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Theses and Dissertations
This thesis examines techniques to automate configuration of an intrusion detection system utilizing hardware-assisted virtualization. These techniques are used to detect the version of a running guest operating system, automatically configure version-specific operating system information needed by the introspection library, and to locate and monitor important operating system data structures. This research simplifies introspection library configuration and is a step toward operating system independent introspection. An operating system detection algorithm and Windows virtual machine system service dispatch table monitor are implemented using the Xen hypervisor and a modified version of the XenAccess library. All detection and monitoring is implemented from …
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
Theses and Dissertations
Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.
Shi(El)Ds: A Novel Hardware-Based Security Backplane To Enhance Security With Minimal Impact To System Operation, Matthew G. Judge
Shi(El)Ds: A Novel Hardware-Based Security Backplane To Enhance Security With Minimal Impact To System Operation, Matthew G. Judge
Theses and Dissertations
Computer security continues to increase in importance both in the commercial world and within the Air Force. Dedicated hardware for security purposes presents and enhances a number of security capabilities. Hardware enhances both the security of the security system and the quality and trustworthiness of the information being gathered by the security monitors. Hardware reduces avenues of attack on the security system and ensures the trustworthiness of information only through proper design and placement. Without careful system design, security hardware leaves itself vulnerable to many attacks that it is capable of defending against. Our SHI(EL)DS architecture combines these insights into …
Evaluating Security And Quality Of Service Considerations In Critical Infrastructure Communication Networks, Gregory R. Roberts
Evaluating Security And Quality Of Service Considerations In Critical Infrastructure Communication Networks, Gregory R. Roberts
Theses and Dissertations
This thesis demonstrates the benefits of utility communication based on Internet technology, some dangers in using Internet technology in establishing a utility intranet connecting protection and control systems, and compares three different approaches to making reservations for routing traffic in the utility intranet based on different levels of background traffic. A model of expected background traffic on a national utility intranet is presented. The Utility Communication Architecture 2.0 and the International Electrotechnical Commission (IEC) 61850 began laying the groundwork in 2002 in establishing an infrastructure allowing power substations, program logic controllers, remote terminal units, intelligent electronic devices, and other devices …
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Theses and Dissertations
The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of security processing. These primitives are tightly coupled to the CPU giving them access to critical state information such as the current instruction(s) in execution, the next instruction, registers, and processor state information. By monitoring these hardware elements, APHID is able to determine when an anomalous action occurs within one clock cycle. Upon detection, APHID can force the processor into a corrective state, or a …
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Theses and Dissertations
This research effort examines the idea of applying virtualization hardware to enhance operating system security against rootkits. Rootkits are sets of tools used to hide code and/or functionality from the user and operating system. Rootkits can accomplish this feat through using access to one part of an operating system to change another part that resides at the same privilege level. Hardware assisted virtualization (HAV) provides an opportunity to defeat this tactic through the introduction of a new operating mode. Created to aid operating system virtualization, HAV provides hardware support for managing and saving multiple states of the processor. This hardware …
Exploring Hardware Based Primitives To Enhance Parallel Security Monitoring In A Novel Computing Architecture, Stephen D. Mott
Exploring Hardware Based Primitives To Enhance Parallel Security Monitoring In A Novel Computing Architecture, Stephen D. Mott
Theses and Dissertations
This research explores how hardware-based primitives can be implemented to perform security-related monitoring in real-time, offer better security, and increase performance compared to software-based approaches. In doing this, we propose a novel computing architecture, derived from a contemporary shared memory architecture, that facilitates efficient security-related monitoring in real-time, while keeping the monitoring hardware itself safe from attack. This architecture is flexible, allowing security to be tailored based on the needs of the system. We have developed a number of hardware-based primitives that fit into this architecture to provide a wide array of monitoring capabilities. A number of these primitives provide …
A Distributed Agent Architecture For A Computer Virus Immune System, Paul K. Harmer
A Distributed Agent Architecture For A Computer Virus Immune System, Paul K. Harmer
Theses and Dissertations
Information superiority is identified as an Air Force core competency and is recognized as a key enabler for the success of future missions. Information protection and information assurance are vital components required for achieving superiority in the Infosphere, but these goals are threatened by the exponential birth rate of new computer viruses. The increased global interconnectivity that is empowering advanced information systems is also increasing the spread of malicious code and current anti-virus solutions are quickly becoming overwhelmed by the burden of capturing and classifying new viral stains. To overcome this problem, a distributed computer virus immune system (CVIS) based …