Physical Sciences and Mathematics Commons^™

Dds-Cerberus: Improving Security In Dds Middleware Using Kerberos Tickets, Andrew T. Park

Theses and Dissertations

The military deploys many IoT in battlefield operations to provide information on terrain and enemy combatants. It also deploys automated robots or UAVs where securing and trusting collected data is essential. Choosing the middleware that handles this message transfer is crucial for real-time operations. Networks with multiple entities, including IoT devices, UAVs, and small computers, require robust middleware facilitating message sending in real-time. Ideally, the middleware would provide QoS to handle lost packets and retransmissions in lossy environments, especially between low-power machines. DDS is a middleware that implements real-time and QoS capabilities by sending messages, not based on endpoints but …

Countering Internet Packet Classifiers To Improve User Online Privacy, Sina Fathi-Kazerooni

Dissertations

Internet traffic classification or packet classification is the act of classifying packets using the extracted statistical data from the transmitted packets on a computer network. Internet traffic classification is an essential tool for Internet service providers to manage network traffic, provide users with the intended quality of service (QoS), and perform surveillance. QoS measures prioritize a network's traffic type over other traffic based on preset criteria; for instance, it gives higher priority or bandwidth to video traffic over website browsing traffic. Internet packet classification methods are also used for automated intrusion detection. They analyze incoming traffic patterns and identify malicious …

Wrinkles In Time : An Exploration Of Non-Uniform Temporal Resolution In Network Data, Daniel John Ditursi

Legacy Theses & Dissertations (2009 - 2024)

The continued proliferation of timestamped network data demands increasing sophistication in the analysis of that data. In particular, the literature amply demonstrates that the choice of temporal resolution has a profound impact on the solutions produced by many different methods in this domain -- answers differ when data is viewed second-by-second as opposed to week-by-week. Additionally, research also shows quite clearly that the rates at which network events happen are not constant -- some times are "faster" or "slower" than others, and these variations are not necessarily predictable. Given the above, it is clear that there must be problem settings …

Inference In Networking Systems With Designed Measurements, Chang Liu

Doctoral Dissertations

Networking systems consist of network infrastructures and the end-hosts have been essential in supporting our daily communication, delivering huge amount of content and large number of services, and providing large scale distributed computing. To monitor and optimize the performance of such networking systems, or to provide flexible functionalities for the applications running on top of them, it is important to know the internal metrics of the networking systems such as link loss rates or path delays. The internal metrics are often not directly available due to the scale and complexity of the networking systems. This motivates the techniques of inference …

Network Pruning For Scaling Dynamic Community Detection, Gaurav Ghosh

Legacy Theses & Dissertations (2009 - 2024)

Local community detection is an important tool for the analysis of networks of different genres. The goal is to identify only the best communities in a network instance as opposed to computing a partitioning of the whole network. The majority of the work on local community detection has focused on static networks with less attention on networks that evolve over time. Given a trace of temporal interaction among nodes in a network, how can we detect a period of high interaction for a specific group of nodes? To help temporal community detection with the need to search in the time …

Synchronous Subgraphs In Networks, Navita Jain

Legacy Theses & Dissertations (2009 - 2024)

Community detection is a central problem in network analysis. The majority of existing work defines communities as subsets of nodes that are structurally well-connected and isolated from the rest of the network. Apart from their underlying connectivity, nodes in real-world networks exhibit temporal activity: user posts in social networks, browsing activity on web pages and neuron activations in brain networks to name a few. While edges encode potential for community interactions, participation in the community can be quantified by synchronized member activity. Given both the network structure and individual node activity, how can we detect communities that are both well-connected …

Efficient Execution Of Top-K Closeness Centrality Queries, Paul W. Olsen

Legacy Theses & Dissertations (2009 - 2024)

Many of today's applications can benefit from the discovery of the most central entities in real-world networks.

A Query-Oriented Approach To Graph Series Distribution And Replication : Dissertation, Alan G. Labouseur

Legacy Theses & Dissertations (2009 - 2024)

Most real-world networks evolve over time. We are surrounded by them: social networks, citation networks, transportation networks, the Web, and more.These evolving, dynamic networks can be modeled as series of graphs (graph snapshots) that represent those networks at different points in time. While many single-graph systems are available today, they lack support for efficiently managing series of large graph snapshots. Our G* system enables efficient storage and querying of these graph snapshots by taking advantage of their commonalities.

Gradebadge: Development Of A Cloud-Based Reward Application, Erwin Toni Soekianto

Theses Digitization Project

The purpose of this project is to investigate the use of cloud-based services to deliver cutting edge applications. For this purpose, a prototype of a reward application using badges, called Gradebadge, was developed to illustrate and explore this emerging paradigm.

Evaluation Of Traditional Security Solutions In The Scada Environment, Robert D. Larkin

Theses and Dissertations

Supervisory Control and Data Acquisition (SCADA) systems control and monitor the electric power grid, water treatment facilities, oil and gas pipelines, railways, and other Critical Infrastructure (CI). In recent years, organizations that own and operate these systems have increasingly interconnected them with their enterprise network to take advantage of cost savings and operational benefits. This trend, however, has introduced myriad vulnerabilities associated with the networking environment. As a result, the once isolated systems are now susceptible to a wide range of threats that previously did not exist. To help address the associated risks, security professionals seek to incorporate mitigation solutions …

Revision Of Remote (Recursively Estimating Multi-Threaded Observation Tool Enterprise) For Commercialization, Jeongtaek Hong

Theses Digitization Project

The purpose of this study is to have ReMoTe be commercialized or released as open source at some future date to the general public. ReMoTe will provide an enhanced user interface that will allow users easy to use functions and setup their projects and define their thread and phases. ReMoTe will have the ability to handle muliple projects, and specify any number of phases for any thread.

A Visualization Approach For Message Passing In Parallel Computing Systems, Arunkumar Sadasivan

UNLV Theses, Dissertations, Professional Papers, and Capstones

Information Visualization has been used as an effective method in transforming textual information into a visual form that enables users to effectively communicate and understand the information. MPI (Message Passing Interface) usually involves a large amount of data, which necessitates exploring innovative ideas to visualize such data effectively.

In this thesis, we implement a graph visualization tool called MPROV to effectively visualize communication patterns of message passing using log files from MPI applications. The tool provides several interaction techniques to effectively reduce the amount of data displayed on the screen. We have also developed protocol conformance checking, which verifies the …

A Distributed Network Logging Topology, Nicholas E. Fritts

Theses and Dissertations

Network logging is used to monitor computer systems for potential problems and threats by network administrators. Research has found that the more logging enabled, the more potential threats can be detected in the logs (Levoy, 2006). However, generally it is considered too costly to dedicate the manpower required to analyze the amount of logging data that it is possible to generate. Current research is working on different correlation and parsing techniques to help filter the data, but these methods function by having all of the data dumped in to a central repository. Central repositories are limited in the amount of …

Theory Of Entropic Security Decay: The Gradual Degradation In Effectiveness Of Commissioned Security Systems, Michael P. Coole

Theses: Doctorates and Masters

As a quantitative auditing tool for Physical Protection Systems (PPS) the Estimated Adversary Sequence Interruption (EASI) model has been available for many years. Nevertheless, once a systems macro-state measure has been commissioned (Pi) against its defined threat using EASI, there must be a means of articulating its continued efficacy (steady state) or its degradation over time. The purpose of this multi-phase study was to develop the concept and define the term entropic security decay. Phase one presented documentary benchmarks for security decay. This phase was broken into three stages; stage one presented General Systems Theory (GST) as a systems benchmark …

Development Of A Custom Call Management System For The Service Department Of Premiere Copier Inc., Markas Korotkovas

Regis University Student Publications (comprehensive collection)

Premiere Copier needs a system that will facilitate the functionality required by the current business process as well as being more robust, reliable and scalable. The new system has to mitigate all the problem areas mentioned in the section 1.2.3. The complete list of the requirements is presented in the Section 3.1.1. This project is the first real life experience for the one man developing team as well. Working through the whole development life cycle of the application, fulfilling the roles of project manager, developer and designer at the same time presents an excellent educational opportunity as well.

Development Of A Methodology For Customizing Insider Threat Auditing On A Microsoft Windows Xp® Operating System, Terry E. Levoy

Theses and Dissertations

Most organizations are aware that threats from trusted insiders pose a great risk to their organization and are very difficult to protect against. Auditing is recognized as an effective technique to detect malicious insider activities. However, current auditing methods are typically applied with a one-size-fits-all approach and may not be an appropriate mitigation strategy, especially towards insider threats. This research develops a 4-step methodology for designing a customized auditing template for a Microsoft Windows XP operating system. Two tailoring methods are presented which evaluate both by category and by configuration. Also developed are various metrics and weighting factors as a …

Mitigating Tcp Degradation Over Intermittent Link Failures Using Intermediate Buffers, M. Brent Reynolds

Theses and Dissertations

This thesis addresses the improvement of data transmission performance in a challenged network. It is well known that the popular Transmission Control Protocol degrades in environments where one or more of the links along the route is intermittently available. To avoid this degradation, this thesis proposes placing at least one node along the path of transmission to buffer and retransmit as needed to overcome the intermittent link. In the four-node, three-link testbed under particular conditions, file transmission time was reduced 20 fold in the case of an intermittent second link when the second node strategically buffers for retransmission opportunity.

Volunteer System Project: Regis University Networking Lab Practicum, Desirea Duarte Ulibarri

Regis University Student Publications (comprehensive collection)

The Regis University Networking Lab Practicum (NLP) allows MSCIT graduate students the opportunity to gain hands-on experience in IT topics in a controlled computer network environment. The NLP also introduces students to a wide range of external IT projects such as the Volunteer System Project. The Volunteer System Project was the construction of a database system for a non-profit organization. The Volunteer System captures all of the personnel data, work time and project affiliation information and is a critical tool in managing and maintaining a successful volunteer workforce. The performance of the original spreadsheet-based Volunteer System was declining and could …

Use Of Cross-Connect Clusters To Optimize Routing In Stm-64-Based Sdh Optical Network Systems, Bret William Durrett

Regis University Student Publications (comprehensive collection)

With the migration to Synchronous Digital Hierarchy, which uses the concept of logical rings, for backbone transmission systems, one of the major concerns that has been brought up repeatedly is a method in which to bring sub-rate circuits from one ring to another without having to decompose the entire backbone data stream to its individual circuits. This is critically important since the backbone data rate can be as high as 10 Gigabits per second or greater and may carry several thousand circuits, ranging in data rate from less than 2.4 Kilobits per second to 2.5 Gbps (STM-16). One potential means …

A Novel Distributed Denial-Of-Service Detection Algorithm, Brett Tsudama

Master's Theses

The applicability of implementing Ratio-based SYN Flood Detection (RSD) on a network processor is explored, and initial results are presented.

Discovering The Potential For Advancements In Intrusion Detection Systems, Kenneth J. Buonforte

Honors Theses

An intrusion detection system (IDS) is a collection of monitors strategically placed on a network or individual host in order to detect anomalous behavior. Since James Anderson introduced one of the first frameworks for an intrusion detection system in [1]. researchers have extended the capabilities of these systems. IDSs take many forms, from systems as basic as command line audit logs to those that emulate the defense mechanisms of the human immune system. However, as intrusion detection has evolved, scientists and administrators alike are beginning to question the need for this technology due to its lack of quantifiable performance and …

An Analysis Of The Performance And Security Of J2sdk 1.4 Jsse Implementation Of Ssl/Tls, Danny R. Bias

Theses and Dissertations

The Java SSL/TLS package distributed with the J2SE 1.4.2 runtime is a Java implementation of the SSLv3 and TLSv1 protocols. Java-based web services and other systems deployed by the DoD will depend on this implementation to provide confidentiality, integrity, and authentication. Security and performance assessment of this implementation is critical given the proliferation of web services within DoD channels. This research assessed the performance of the J2SE 1.4.2 SSL and TLS implementations, paying particular attention to identifying performance limitations given a very secure configuration. The performance metrics of this research were CPU utilization, network bandwidth, memory, and maximum number of …

A Heuristic On The Rearrangeability Of Shuffle-Exchange Networks, Katherine Yvette Alston

Theses Digitization Project

The algorithms which control network routing are specific to the network because the algorithms are designed to take advantage of that network's topology. The "goodness" of a network includes such criteria as a simple routing algorithm and a simple routing algorithm would increase the use of the shuffle-exchange network.

An Experimental Study On Network Intrusion Detection Systems, Peng Fu

Theses

A signature database is the key component of an elaborate intrusion detection system. The efficiency of signature generation for an intrusion detection system is a crucial requirement because of the rapid appearance of new attacks on the World Wide Web. However, in the commercial applications, signature generation is still a manual process, which requires professional skills and heavy human effort. Knowledge Discovery and Data Mining methods may be a solution to this problem. Data Mining and Machine Learning algorithms can be applied to the network traffic databases, in order to automatically generate signatures.

The purpose of this thesis and the …

A Multi-Agent Architecture For Internet Distributed Computing System, Rodelyn Reyes Samson

Theses Digitization Project

This thesis presents the developed taxonomy of the agent-based distributed computing systems. Based on this taxonomy, a design, implementation, analysis and distribution protocol of a multi-agent architecture for internet-based distributed computing system was developed. A prototype of the designed architecture was implemented on Spider III using the IBM Aglets software development kit (ASDK 2.0) and the language Java.

A Deception Based Framework For The Application Of Deceptive Countermeasures In 802.11b Wireless Networks, Suen Yek

Theses : Honours

The advance of 802.11 b wireless networking has been beset by inherent and in-built security problems. Network security tools that are freely available may intercept network transmissions readily and stealthily, making organisations highly vulnerable to attack. Therefore, it is incumbent upon defending organisations to take initiative and implement proactive defences against common network attacks. Deception is an essential element of effective security that has been widely used in networks to understand attack methods and intrusions. However, little thought has been given to the type and the effectiveness of the deception. Deceptions deployed in nature, the military and in cyberspace were …

Self-Similarity In Network Traffic, Francisco Chinchilla

Honors Theses

It is critical to properly understand the nature of network traffic in order to effectively design models describing network behavior. These models are usually used to simulate network traffic, which in turn are used to construct congestion control techniques, perform capacity planning studies, and/or evaluate the behavior of new protocols. Using the wrong models could lead to potentially serious problems such as delayed packet transmissions or an increase in packet drop rates.

Traditionally, packet arrivals were assumed to follow a Poisson arrival process. Although Poisson processes have several properties that make them easy to work with, they do not accurately …

Categorizing Network Attacks Using Pattern Classification Algorithms, George E. Noel Iii

Theses and Dissertations

The United States Air Force relies heavily on computer networks for many day-to-day activities. Many of these networks are affected by various types of attacks that can be launched from anywhere on the globe. The rising prominence of organizations such as the AFCERT and the MAJCOM NOSCs is evidence of an increasing realization among the Air Force leadership that protecting our computer networks is vitally important. A critical requirement for protecting our networks is the ability to detect attacks and intrusion attempts. This research is an effort to refine a portion of an AFIT-developed intrusion detection system known as the …

Multicast Algorithms For Mobile Satellite Communication Networks, Ryan W. Thomas

Theses and Dissertations

With the rise of mobile computing and an increasing need for ubiquitous high speed data connections, Internet-in-the-sky solutions are becoming increasingly viable. To reduce the network overhead of one-to-many transmissions, the multicast protocol has been devised. The implementation of multicast in these Low Earth Orbit (LEO) constellations is a critical component to achieving an omnipresent network environment. This research examines the system performance associated with two terrestrial-based multicast mobility solutions, Distance Vector Multicast Routing Protocol (DVMRP) with mobile IP and On Demand Multicast Routing Protocol (ODMRP). These protocols are implemented and simulated in a six plane, 66 satellite LEO constellation. …

Spider Ii: A Component-Based Distributed Computing System, Koping Wang

Theses Digitization Project

Spider II system is the second version implementation of the Spider project. This system is the first distributed computation research project in the Department of Computer Science at CSUSB. Spider II is a distributed virtual machine on top of the UNIX or LINUX operating system. Spider II features multi-tasking, load balancing and fault tolerance, which optimize the performance and stability of the system.