Computer Sciences Commons^™

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Masthead

Journal of Digital Forensics, Security and Law

No abstract provided.

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Using Software-Based Decision Procedures To Control Instruction-Level Execution, William B. Kimball

AFIT Patents

An apparatus, method and program product are provided for securing a computer system. A digital signature of an application is checked, which is loaded into a memory of the computer system configured to contain memory pages. In response to finding a valid digital signature, memory pages containing instructions of the application are set as executable and memory pages other than those containing instructions of the application are set as non-executable. Instructions in executable memory pages are executed. Instructions in non-executable memory pages are prevented from being executed. A page fault is generated in response to an attempt to execute an …

Categorization Of Large Corpora Of Malicious Software, Deekshit Kura

University of New Orleans Theses and Dissertations

Malware is computer software written by someone with mischievous or, more usually, malicious and/or criminal intent and specifically designed to damage data, hosts or networks. The variety of malware is increasing proportionally with the increase in computers and we are not aware of newly emerging malware. Tools are needed to categorize families of malware, so that analysts can compare new malware samples to ones that have been previously analyzed and determine steps to detect and prevent malware infections.

In this thesis, I developed a technique to catalog and characterize the behavior of malware, so that malware families, the level of …

An Access Control Model For Nosql Databases, Motahera Shermin

Electronic Thesis and Dissertation Repository

Current development platforms are web scale, unlike recent platforms which were just network scale. There has been a rapid evolution in computing paradigm that has created the need for data storage as agile and scalable as the applications they support. Relational databases with their joins and locks influence performance in web scale systems negatively. Thus, various types of non-relational databases have emerged in recent years, commonly referred to as NoSQL databases. To fulfill the gaps created by their relational counter-part, they trade consistency and security for performance and scalability. With NoSQL databases being adopted by an increasing number of organizations, …

A Conceptual Model For Federated Authentication In The Cloud, Abdulwahid Al Abdulwahid, Nathan Clarke, Steven Furnell, Ingo Stengel

Australian Information Security Management Conference

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and …

A Comparison Of Information Security Curricula In China And The Usa, Huaying Chen, Sean B. Maynard, Atif Ahmad

Australian Information Security Management Conference

Information Security (InfoSec) education varies in its content, focus and level of technicality across the world. In this paper we investigate the differences between graduate InfoSec programs in top universities in China and in the United States of America (USA). In China, curriculum emphasises Telecommunication, Computer Science and InfoSec Technology, whilst in the USA in addition to Computer Science and InfoSec Technology the curriculum also emphasises Enterprise‐level Security Strategy and Policy, InfoSec Management, and Cyber Law. The differences are significant and will have a profound impact on both the perceptions and capabilities of future generations of information security professionals on …

The Effectiveness Of Internet Activity Erasure Tools To Protect Privacy, Brian Cusack, Andrew Woodward, Scott Butson, Benjamin Leber

Australian Information Security Management Conference

When most people go to the trouble of getting erasure tools to remove data from their hard drives they expect the job is done correctly. Using erasure tools is a step to protect privacy by assuming the applied tools erase data rather than simply delete data that may be recovered using forensic tools. In this research we tested the performance of the delete function on three web browsers against the performance of eight erasure tools with alarming results. It was found that the erasure tools had almost the same capability to delete data as the web browsers delete function; and …

A 2013 Study Of Wireless Network Security In New Zealand: Are We There Yet?, Alastair Nisbet

Australian Information Security Management Conference

This research examines the current level of security in wireless networks in New Zealand. A comprehensive wardrive covering the length of the country was made in January 2013 to ensure accurate comparisons from two previous wardrives as well as comparisons between the four main cities and the suburbs can be made. With 16 years since the introduction of the original IEEE 802.11 wireless standard having passed, an examination is made of the current state of wireless security of networks throughout New Zealand and the Auckland suburbs, and where possible compares these results with similar studies undertaken in 2004 and 2011. …

Privacy And Legal Issues In Cloud Computing - The Smme Position In South Africa, Mathias Mujinga

Australian Information Security Management Conference

Cloud computing (CC) brings substantial benefits to organizations and their clients. Information technology (IT) users in developing countries, especially those in underdeveloped communities, are gaining easy and cost‐effective access to a variety of services, from entertainment to banking. South Africa has outlined a national e‐strategy that aims to improve those communities, by providing frameworks for access to information and communications technology (ICT). The products and services of small‐, medium and micro‐sized enterprises (SMME) are now reaching a wider audience through the use of technology. CC can go a long way to help government realize the national e‐strategy. There are numerous …

Determining What Characteristics Constitute A Darknet, Symon Aked, Christopher Bolan, Murray Brand

Australian Information Security Management Conference

Privacy on the Internet has always been a concern, but monitoring of content by both private corporations and Government departments has pushed people to search for ways to communicate over the Internet in a more secure manner. This has given rise to the creations of Darknets, which are networks that operate “inside” the Internet, and allow anonymous participation via a de‐centralised, encrypted, peer‐to‐peer network topology. This research investigates some sources of known Internet content monitoring, and how they provided the template for the creation of a system to avoid such surveillance. It then highlights how communications on the Clearnet is …

Information Security Management: Factors That Influence Security Investments In Smes, Zhi Xian Ng, Atif Ahmad, Sean B. Maynard

Australian Information Security Management Conference

In the modern information economy, the security of information is critically important to organizations. Information‐security risk assessments (ISRAs) allow organizations to identify key information assets and security risks so security expenditure can be directed cost‐effectively. Unfortunately conducting ISRAs requires special expertise and tends to be complex and costly for small to medium sized organizations (SMEs). Therefore, it remains unclear in practice, and unknown in literature, how SMEs address information security imperatives without the benefit of an ISRA process. This research makes a contribution to theory in security management by identifying the factors that influence key decision-makers in SMEs to address …

Usability And Security Support Offered Through Adsl Router User Manuals, Patryk Szewczyk

Australian Information Security Management Conference

ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, end‐users typically lack the technical expertise to correctly configure and secure the device. Subsequently, end‐users are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical …

Exchanging Demands: Weaknesses In Ssl Implementations For Mobile Platforms, Peter Hannay, Clinton Carpene, Craig Valli, Andrew Woodward, Mike Johnstone

Australian Information Security Management Conference

The ActiveSync protocol’s implementation on some embedded devices leaves clients vulnerable to unauthorised remote policy enforcement. This paper discusses a proof of concept attack against the implementation of ActiveSync in common Smart phones including Android devices and iOS devices. A two‐phase approach to exploiting the ActiveSync protocol is introduced. Phase 1 details the usage of a man‐in‐the‐middle attack to gain a vantage point over the client device, whilst Phase 2 involves spoofing the server‐side ActiveSync responses to initiate the unauthorised policy enforcement. These vulnerabilities are demonstrated by experiment, highlighting how the system can be exploited to perform a remote factory …

A Simulation-Based Study Of Server Location Selection Rules In Manets Utilising Threshold Cryptography, Alastair Nisbet

Australian Information Security Management Conference

Truly Ad Hoc wireless networks where a spontaneous formation of a network occurs and there is no prior knowledge of nodes to each other present significant security challenges, especially as entirely online configuration of nodes with encryption keys must be performed. Utilising threshold cryptography in this type of MANET can greatly increase the security by requiring servers to collaborate to form a single Certificate Authority (CA). In this type of CA responsibility for certificate services is shared between a threshold of servers, greatly increasing security and making attack against the CA considerably more difficult. Choosing which nodes to take on …

Group Selection And Key Management Strategies For Ciphertext-Policy Attribute-Based Encryption, Russell F. Martin

Theses

Ciphertext-Policy Attribute-Based Encryption (CPABE) was introduced by Bethencourt, Sahai, and Waters, as an improvement of Identity Based Encryption, allowing fine grained control of access to encrypted files by restricting access to only users whose attributes match that of the monotonic access tree of the encrypted file. Through these modifications, encrypted files can be placed securely on an unsecure server, without fear of malicious users being able to access the files, while allowing each user to have a unique key, reducing the vulnerabilites associated with sharing a key between multiple users.

However, due to the fact that CPABE was designed for …

Efficient Routing For Wireless Mesh Networks Using A Backup Path, Amir Esmailpour, Nidal Nasser, Jehad Al Dallal

Electrical & Computer Engineering and Computer Science Faculty Publications

Wireless Mesh Network (WMN) has a proven record in providing viable solutions for some of the fundamental issues in wireless networks such as capacity and range limitations. WMN infrastructure includes clusters of Mobile Ad-Hoc Networks (MANETs) connected through a fixed backbone of mesh routers. The mesh network can be constrained severely due to various reasons, which could result in performance degradation such as a drop in throughput or long delays. Solutions to this problem often focus on multipath or multichannel extensions to the existing ad- hoc routing protocols. In this paper, we propose a novel solution by introducing an alternative …

A Survey On Detection And Defense Of Application Layer Ddos Attacks, Naga Shalini Vadlamani

UNLV Theses, Dissertations, Professional Papers, and Capstones

As the time is passing on, the effect of DDoS attacks on Internet security is growing tremendously. Within a very little span there is a huge increase in the size and frequency of DDoS attacks. With the new technologies and new techniques, the attackers are finding more sophisticated ways to attack the servers. In this situation, it is necessary to come up with various mechanisms to detect and defend these DDoS attacks and protect the servers from the attackers. Many researches have been carried out to detect the DDoS attack traffic in transport layer, which is more vulnerable to DDoS …

Application Of Ntru Cryptographic Algorithm For Securing Scada Communication, Amritha Puliadi Premnath

UNLV Theses, Dissertations, Professional Papers, and Capstones

Supervisory Control and Data Acquisition (SCADA) system is a control system which is widely used in Critical Infrastructure System to monitor and control industrial processes autonomously. Most of the SCADA communication protocols are vulnerable to various types of cyber-related attacks. The currently used security standards for SCADA communication specify the use of asymmetric cryptographic algorithms like RSA or ECC for securing SCADA communications. There are certain performance issues with cryptographic solutions of these specifications when applied to SCADA system with real-time constraints and hardware limitations. To overcome this issue, in this thesis we propose the use of a faster and …

Towards A Hybrid Framework For Detecting Input Manipulation Vulnerabilities, Sun Ding, Hee Beng Kuan Tan, Lwin Khin Shar, Bindu Madhavi Padmanabhuni

Research Collection School Of Computing and Information Systems

Input manipulation vulnerabilities such as SQL Injection, Cross-site scripting, Buffer Overflow vulnerabilities are highly prevalent and pose critical security risks. As a result, many methods have been proposed to apply static analysis, dynamic analysis or a combination of them, to detect such security vulnerabilities. Most of the existing methods classify vulnerabilities into safe and unsafe. They have both false-positive and false-negative cases. In general, security vulnerability can be classified into three cases: (1) provable safe, (2) provable unsafe, (3) unsure. In this paper, we propose a hybrid framework-Detecting Input Manipulation Vulnerabilities (DIMV), to verify the adequacy of security vulnerability defenses …

A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang

Research Collection School Of Computing and Information Systems

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …

Rule-Based Conditional Trust With Openpgp., Andrew Jackson

Theses

This thesis describes a new trust model for OpenPGP encryption. This trust model uses conditional rule-based trust to establish key validity and trust. This thesis describes "Trust Rules" that may be used to sort and categorize keys automatically without user interaction. "Trust Rules" are also capable of integrating key revocation status into its calculations so it too is automated. This thesis presents that conditional trust established through "Trust Rules" can enforce stricter security while reducing the burden of use and automating the process of key validity, trust, and revocation.

Defending Against Heap Overflow By Using Randomization In Nested Virtual Clusters, Chee Meng Tey, Debin Gao

Research Collection School Of Computing and Information Systems

Heap based buffer overflows are a dangerous class of vulnerability. One countermeasure is randomizing the location of heap memory blocks. Existing techniques segregate the address space into clusters, each of which is used exclusively for one block size. This approach requires a large amount of address space reservation, and results in lower location randomization for larger blocks.

Does Your Wireless Lan Have Criminal Intent?, Michael Crowley, Andrew Woodward

Michael Crowley

All of the literature relating to wireless network security has focused on the flaws, newer alternatives and suggestions for securing the network. There is much speculation and anecdotal statements in relation to what can happen if a breach occurs, but this is mostly from a computer security perspective, and mostly expressed in terms of potential for financial loss. This paper examines the potential legal ramifications of failing to properly secure a wireless network. Several scenarios are examined within based on usage of wireless on the various category of attack. Legal opinion, backed up with case law, is provided for each …

A Novel Defense Mechanism Against Web Crawler Intrusion, Alireza Aghamohammadi

Master's Theses and Doctoral Dissertations

Web robots also known as crawlers or spiders are used by search engines, hackers and spammers to gather information about web pages. Timely detection and prevention of unwanted crawlers increases privacy and security of websites. In this research, a novel method to identify web crawlers is proposed to prevent unwanted crawler to access websites. The proposed method suggests a five-factor identification process to detect unwanted crawlers. This study provides the pretest and posttest results along with a systematic evaluation of web pages with the proposed identification technique versus web pages without the proposed identification process. An experiment was performed with …

A Forensic Comparison: Windows 7 And Windows 8, Peter J. Wilson

Theses

Whenever a new operating system or new version of an operating system is released, forensic investigators must re-examine the new operating system or new version. They do so to determine if there are significant differences that will impact and change the way they perform their investigations. With the release of Microsoft's latest operating system, Windows 8, and its update, Windows 8.1, understanding the similarities and differences between Windows 8 and previous operating systems such as Windows 7 is critical. This paper forensically examines Windows 7 and Windows 8 to determine those similarities and differences.

Achieving Revocable Fine-Grained Cryptographic Access Control Over Cloud Data, Yanjiang Yang, Xuhua Ding, Haibing Lu, Zhiguo Wan, Jianying Zhou

Research Collection School Of Computing and Information Systems

Attribute-based encryption (ABE) is well suited for finegrained access control for data residing on a cloud server. However, existing approaches for user revocation are not satisfactory. In this work, we propose a new approach which works by splitting an authorized user’s decryption capability between the cloud and the user herself. User revocation is attained by simply nullifying the decryption ability at the cloud, requiring neither key update nor re-generation of cloud data. We propose a concrete scheme instantiating the approach, which features lightweight computation at the user side. This makes it possible for users to use resource-constrained devices such as …

Self-Blindable Credential: Towards Anonymous Entity Authentication Upon Resource-Constrained Devices, Yanjiang Yang, Xuhua Ding, Haibing Lu, Jian Weng, Jianying Zhou

Research Collection School Of Computing and Information Systems

We are witnessing the rapid expansion of smart devices in our daily life. The need for individual privacy protection calls for anonymous entity authentication techniques with affordable efficiency upon the resource-constrained smart devices. Towards this objective, in this paper we propose self-blindable credential, a lightweight anonymous entity authentication primitive.We provide a formulation of the primitive and present two concrete instantiations. The first scheme implements verifier-local revocation and the second scheme enhances the former with forward security. Our analytical performance results show that our schemes outperform relevant existing schemes.

Adaptable Ciphertext-Policy Attribute-Based Encryption, Junzuo Lai, Robert H. Deng, Yanjiang Yang, Jian Weng

Research Collection School Of Computing and Information Systems

In this paper, we introduce a new cryptographic primitive, called adaptable ciphertext-policy attribute-based encryption (CP-ABE). Adaptable CP-ABE extends the traditional CP-ABE by allowing a semi-trusted proxy to modify a ciphertext under one access policy into ciphertexts of the same plaintext under any other access policies; the proxy, however, learns nothing about the underlying plaintext. With such “adaptability” possessed by the proxy, adaptable CP-ABE has many real world applications, such as handling policy changes in CP-ABE encryption of cloud data and outsourcing of CP-ABE encryption. Specifically, we first specify a formal model of adaptable CP-ABE; then, based on the CP-ABE scheme …