Open Access. Powered by Scholars. Published by Universities.®
Digital Communications and Networking Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 17 of 17
Full-Text Articles in Digital Communications and Networking
The Trust-Based Interactive Partially Observable Markov Decision Process, Richard S. Seymour
The Trust-Based Interactive Partially Observable Markov Decision Process, Richard S. Seymour
Theses and Dissertations
Cooperative agent and robot systems are designed so that each is working toward the same common good. The problem is that the software systems are extremely complex and can be subverted by an adversary to either break the system or potentially worse, create sneaky agents who are willing to cooperate when the stakes are low and take selfish, greedy actions when the rewards rise. This research focuses on the ability of a group of agents to reason about the trustworthiness of each other and make decisions about whether to cooperate. A trust-based interactive partially observable Markov decision process (TI-POMDP) is …
Hijacking User Uploads To Online Persistent Data Repositories For Covert Data Exfiltration, Curtis P. Barnard
Hijacking User Uploads To Online Persistent Data Repositories For Covert Data Exfiltration, Curtis P. Barnard
Theses and Dissertations
As malware has evolved over the years, it has gone from harmless programs that copy themselves into other executables to modern day botnets that perform bank fraud and identity theft. Modern malware often has a need to communicate back to the author, or other machines that are also infected. Several techniques for transmitting this data covertly have been developed over the years which vary significantly in their level of sophistication. This research creates a new covert channel technique for stealing information from a network by piggybacking on user-generated network traffic. Specifically, steganography drop boxes and passive covert channels are merged …
Reputation-Based Trust For A Cooperative, Agent-Based Backup Protection Scheme For Power Networks, John F. Borowski
Reputation-Based Trust For A Cooperative, Agent-Based Backup Protection Scheme For Power Networks, John F. Borowski
Theses and Dissertations
This thesis research explores integrating a reputation-based trust mechanism with an agent-based backup protection system to improve the performance of traditional backup relay methods that are currently in use in power transmission systems. Integrating agent technology into relay protection schemes has been previously proposed to clear faults more rapidly and to add precision by enabling the use of adaptive protection methods. A distributed, cooperative trust system such as that used in peer-to-peer file sharing networks has the potential to add an additional layer of defense in a protection system designed to operate with greater autonomy. This trust component enables agents …
Component Hiding Using Identification And Boundary Blurring Techniques, James D. Parham Jr.
Component Hiding Using Identification And Boundary Blurring Techniques, James D. Parham Jr.
Theses and Dissertations
Protecting software from adversarial attacks is extremely important for DoD technologies. When systems are compromised, the possibility exists for recovery costing millions of dollars and countless labor hours. Circuits implemented on embedded systems utilizing FPGA technology are the result of downloading software for instantiating circuits with specific functions or components. We consider the problem of component hiding a form of software protection. Component identification is a well studied problem. However, we use component identification as a metric for driving the cost of reverse engineering to an unreasonable level. We contribute to protection of software and circuitry by implementing a Java …
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Theses and Dissertations
Current intrusion detection systems generate a large number of specific alerts, but do not provide actionable information. Many times, these alerts must be analyzed by a network defender, a time consuming and tedious task which can occur hours or days after an attack occurs. Improved understanding of the cyberspace domain can lead to great advancements in Cyberspace situational awareness research and development. This thesis applies the Cross Industry Standard Process for Data Mining (CRISP-DM) to develop an understanding about a host system under attack. Data is generated by launching scans and exploits at a machine outfitted with a set of …
Synthesis, Interdiction, And Protection Of Layered Networks, Kevin T. Kennedy
Synthesis, Interdiction, And Protection Of Layered Networks, Kevin T. Kennedy
Theses and Dissertations
This research developed the foundation, theory, and framework for a set of analysis techniques to assist decision makers in analyzing questions regarding the synthesis, interdiction, and protection of infrastructure networks. This includes extension of traditional network interdiction to directly model nodal interdiction; new techniques to identify potential targets in social networks based on extensions of shortest path network interdiction; extension of traditional network interdiction to include layered network formulations; and develops models/techniques to design robust layered networks while considering trade-offs with cost. These approaches identify the maximum protection/disruption possible across layered networks with limited resources, find the most robust layered …
A Taxonomy For And Analysis Of Anonymous Communications Networks, Douglas J. Kelly
A Taxonomy For And Analysis Of Anonymous Communications Networks, Douglas J. Kelly
Theses and Dissertations
Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity …
Using Covert Means To Establish Cybercraft Command And Control, Bradley D. Sevy
Using Covert Means To Establish Cybercraft Command And Control, Bradley D. Sevy
Theses and Dissertations
With the increase in speed and availability of computers, our nation's computer and information systems are being attacked with increased sophistication. The Air Force Research Laboratory (AFRL) Information Directorate (RI) is researching a next generation network defense architecture, called Cybercraft, that provides automated and trusted cyber defense capabilities for AF network assets. This research we consider the issues to protect or obfuscate command and control aspects of Cybercraft. In particular, we present a methodology to hide aspects of Cybercraft platform initialization in context to formation of hierarchical, peer-to-peer groups that collectively form the Cybercraft network. Because malicious code networks (known …
Low Probability Of Intercept Waveforms Via Intersymbol Dither Performance Under Multipath Conditions, Jonathan K. Keen
Low Probability Of Intercept Waveforms Via Intersymbol Dither Performance Under Multipath Conditions, Jonathan K. Keen
Theses and Dissertations
This thesis examines the effects of multipath interference on Low Probability of Intercept (LPI) waveforms generated using intersymbol dither. LPI waveforms are designed to be difficult for non-cooperative receivers to detect and manipulate, and have many uses in secure communications applications. In prior research, such a waveform was designed using a dither algorithm to vary the time between the transmission of data symbols in a communication system. This work showed that such a method can be used to frustrate attempts to use non-cooperative receiver algorithms to recover the data. This thesis expands on prior work by examining the effects of …
Numerical Analysis For Relevant Features In Intrusion Detection (Narfid), Jose Andres Gonzalez
Numerical Analysis For Relevant Features In Intrusion Detection (Narfid), Jose Andres Gonzalez
Theses and Dissertations
Identification of cyber attacks and network services is a robust field of study in the machine learning community. Less effort has been focused on understanding the domain space of real network data in identifying important features for cyber attack and network service classification. Motivations for such work allow for anomaly detection systems with less requirements on data “sniffed” off the network, extraction of features from the traffic, reduced learning time of algorithms, and ideally increased classification performance of anomalous behavior. This thesis evaluates the usefulness of a good feature subset for the general classification task of identifying cyber attacks and …
Dynamic Interactions For Network Visualization And Simulation, Cigdem Yetisti
Dynamic Interactions For Network Visualization And Simulation, Cigdem Yetisti
Theses and Dissertations
Most network visualization suites do not interact with a simulator, as it executes. Nor do they provide an effective user interface that includes multiple visualization functions. The subject of this research is to improve the network visualization presented in the previous research [5] adding these capabilities to the framework. The previous network visualization did not have the capability of altering specific visualization characteristics, especially when detailed observations needed to be made for a small part of a large network. Searching for a network event in this topology might cause large delays leading to lower quality user interface. In addition to …
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Theses and Dissertations
This thesis examines techniques to automate configuration of an intrusion detection system utilizing hardware-assisted virtualization. These techniques are used to detect the version of a running guest operating system, automatically configure version-specific operating system information needed by the introspection library, and to locate and monitor important operating system data structures. This research simplifies introspection library configuration and is a step toward operating system independent introspection. An operating system detection algorithm and Windows virtual machine system service dispatch table monitor are implemented using the Xen hypervisor and a modified version of the XenAccess library. All detection and monitoring is implemented from …
An Fpga-Based System For Tracking Digital Information Transmitted Via Peer-To-Peer Protocols, Karl R. Schrader
An Fpga-Based System For Tracking Digital Information Transmitted Via Peer-To-Peer Protocols, Karl R. Schrader
Theses and Dissertations
This thesis addresses the problem of identifying and tracking digital information that is shared using peer-to-peer file transfer and Voice over IP (VoIP) protocols. The goal of the research is to develop a system for detecting and tracking the illicit dissemination of sensitive government information using file sharing applications within a target network, and tracking terrorist cells or criminal organizations that are covertly communicating using VoIP applications. A digital forensic tool is developed using an FPGA-based embedded software application. The tool is designed to process file transfers using the BitTorrent peer-to-peer protocol and VoIP phone calls made using the Session …
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
Theses and Dissertations
Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.
Network Visualization Design Using Prefuse Visualization Framework, John Mark Belue
Network Visualization Design Using Prefuse Visualization Framework, John Mark Belue
Theses and Dissertations
Visualization of network simulation events or network visualization is an effective and low cost method to evaluate the health and status of a network and analyze network designs, protocols, and network algorithms. This research designed and developed a network event visualization framework using an open source general visualization toolkit. This research achieved three major milestones during the development of this framework: A robust network simulator trace file parser, multiple network visualization layouts {including user-defined layouts, and precise visualization timing controls and integrated display of network statistics. The parser architecture is extensible to allow customization of simulator trace formats that are …
Characterizing Data Streams Over Ieee 802.11b Ad-Hoc Wireless Networks, John T. Wagnon
Characterizing Data Streams Over Ieee 802.11b Ad-Hoc Wireless Networks, John T. Wagnon
Theses and Dissertations
Soon, advancements in data encryption technology will make real-time decryption of the contents of network packets virtually impossible. This research anticipates this development and extracts useful information based on packet level characteristics. Distinguishing characteristics from e-mail, HTTP, print, and FTP applications are identified and analyzed. The analysis of collected data from an ad-hoc wireless network reveals that distinguishing characteristics of network traffic do indeed exist. These characteristics include packet size, packet frequency, inter-packet correlation, and channel utilization. Without knowing the contents of packets or the direction of the traffic flow, the applications accessing the wireless network can be determined.
Network Security Versus Network Connectivity: A Framework For Addressing The Issues Facing The Air Force Medical Community, Franklin E. Cunningham Jr.
Network Security Versus Network Connectivity: A Framework For Addressing The Issues Facing The Air Force Medical Community, Franklin E. Cunningham Jr.
Theses and Dissertations
The Air Force has instituted Barrier Reef to protect its networks. The Air Force medical community operates network connections that are incompatible with Barrier Reef. To overcome this problem, OASD(HA) directed the Tri-Service Management Program Office (TIMPO) to develop an architecture that protects all military health systems and allows them to link with all three services and outside partners. This research studied the underlying networking issues and formed a framework based on data from network experts from the Air Force's medical centers and their base network organizations. The findings were compared TIMPO and a composite framework was developed that more …