Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
Articles 1 - 4 of 4
Full-Text Articles in Physical Sciences and Mathematics
An Architecture For Improving Timeliness And Relevance Of Cyber Incident Notifications, James L. Miller
An Architecture For Improving Timeliness And Relevance Of Cyber Incident Notifications, James L. Miller
Theses and Dissertations
This research proposes a communications architecture to deliver timely and relevant cyber incident notifications to dependent mission stakeholders. This architecture, modeled in Unified Modeling Language (UML), eschews the traditional method of pushing notifications via message as dictated in Air Force Instruction 33-138. It instead shifts to a pull or publish and subscribe method of making notifications. Shifting this paradigm improves the notification process by empowering mission owners to identify those resources on which they depend for mission accomplishment, provides a direct conduit between providing and dependent mission owners for notifications when an incident occurs, and provides a shared representation for …
Defensive Cyber Battle Damage Assessment Through Attack Methodology Modeling, Ryan T. Ostler
Defensive Cyber Battle Damage Assessment Through Attack Methodology Modeling, Ryan T. Ostler
Theses and Dissertations
Due to the growing sophisticated capabilities of advanced persistent cyber threats, it is necessary to understand and accurately assess cyber attack damage to digital assets. This thesis proposes a Defensive Cyber Battle Damage Assessment (DCBDA) process which utilizes the comprehensive understanding of all possible cyber attack methodologies captured in a Cyber Attack Methodology Exhaustive List (CAMEL). This research proposes CAMEL to provide detailed knowledge of cyber attack actions, methods, capabilities, forensic evidence and evidence collection methods. This product is modeled as an attack tree called the Cyber Attack Methodology Attack Tree (CAMAT). The proposed DCBDA process uses CAMAT to analyze …
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
Theses and Dissertations
The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage …
Spear Phishing Attack Detection, David T. Merritt
Spear Phishing Attack Detection, David T. Merritt
Theses and Dissertations
This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, …