Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
Articles 1 - 7 of 7
Full-Text Articles in Physical Sciences and Mathematics
A Novel Malware Target Recognition Architecture For Enhanced Cyberspace Situation Awareness, Thomas E. Dube
A Novel Malware Target Recognition Architecture For Enhanced Cyberspace Situation Awareness, Thomas E. Dube
Theses and Dissertations
The rapid transition of critical business processes to computer networks potentially exposes organizations to digital theft or corruption by advanced competitors. One tool used for these tasks is malware, because it circumvents legitimate authentication mechanisms. Malware is an epidemic problem for organizations of all types. This research proposes and evaluates a novel Malware Target Recognition (MaTR) architecture for malware detection and identification of propagation methods and payloads to enhance situation awareness in tactical scenarios using non-instruction-based, static heuristic features. MaTR achieves a 99.92% detection accuracy on known malware with false positive and false negative rates of 8.73e-4 and 8.03e-4 respectively. …
Spear Phishing Attack Detection, David T. Merritt
Spear Phishing Attack Detection, David T. Merritt
Theses and Dissertations
This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, …
Evaluating Information Assurance Control Effectiveness On An Air Force Supervisory Control And Data Acquisition (Scada) System, Jason R. Nielsen
Evaluating Information Assurance Control Effectiveness On An Air Force Supervisory Control And Data Acquisition (Scada) System, Jason R. Nielsen
Theses and Dissertations
Supervisory Control and Data Acquisition (SCADA) systems are increasingly being connected to corporate networks which has dramatically expanded their attack surface to remote cyber attack. Adversaries are targeting these systems with increasing frequency and sophistication. This thesis seeks to answer the research question addressing which Information Assurance (IA) controls are most significant for network defenders and SCADA system managers/operators to focus on in order to increase the security of critical infrastructure systems against a Stuxnet-like cyber attack. This research applies the National Institute of Science and Technology (NIST) IA controls to an attack tree modeled on a remote Stuxnet-like cyber …
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
Theses and Dissertations
The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage …
Malicious And Malfunctioning Node Detection Via Observed Physical Layer Data, Tyler J. Hardy
Malicious And Malfunctioning Node Detection Via Observed Physical Layer Data, Tyler J. Hardy
Theses and Dissertations
There are many mechanisms that can cause inadequate or unreliable information in sensor networks. A user of the network might be interested in detecting and classifying specific sensors nodes causing these problems. Several network layer based trust methods have been developed in previous research to assess these issues; in contrast this work develops a trust protocol based on observations of physical layer data collected by the sensors. Observations of physical layer data are used for decisions and calculations, and are based on just the measurements collected by the sensors. Although this information is packaged and distributed on the network layer, …
Holistic Network Defense: Fusing Host And Network Features For Attack Classification, Jenny W. Ji
Holistic Network Defense: Fusing Host And Network Features For Attack Classification, Jenny W. Ji
Theses and Dissertations
This work presents a hybrid network-host monitoring strategy, which fuses data from both the network and the host to recognize malware infections. This work focuses on three categories: Normal, Scanning, and Infected. The network-host sensor fusion is accomplished by extracting 248 features from network traffic using the Fullstats Network Feature generator and from the host using text mining, looking at the frequency of the 500 most common strings and analyzing them as word vectors. Improvements to detection performance are made by synergistically fusing network features obtained from IP packet flows and host features, obtained from text mining port, processor, logon …
Polarimetric Enhancements To Electro-Optical Aided Navigation Techniques, Jeremiah D. Johnson
Polarimetric Enhancements To Electro-Optical Aided Navigation Techniques, Jeremiah D. Johnson
Theses and Dissertations
Navigation in indoor and urban environments by small unmanned systems is a topic of interest for the Air Force. The Advanced Navigation Technology Center at the Air Force Institute of Technology is continually looking for novel approaches to navigation in GPS deprived environments. Inertial sensors have been coupled with image aided concepts, such as feature tracking, with good results. However, feature density in areas with large, flat, smooth surfaces tends to be low. Polarimetric sensors have been used for surface reconstruction, surface characterization and outdoor navigation. This thesis combines aspects of some of these algorithms along with a realistic, micro-facet …