Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 9 of 9
Full-Text Articles in Information Security
Usability And Security Support Offered Through Adsl Router User Manuals, Patryk Szewczyk
Usability And Security Support Offered Through Adsl Router User Manuals, Patryk Szewczyk
Australian Information Security Management Conference
ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, end‐users typically lack the technical expertise to correctly configure and secure the device. Subsequently, end‐users are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical …
A Simulation-Based Study Of Server Location Selection Rules In Manets Utilising Threshold Cryptography, Alastair Nisbet
A Simulation-Based Study Of Server Location Selection Rules In Manets Utilising Threshold Cryptography, Alastair Nisbet
Australian Information Security Management Conference
Truly Ad Hoc wireless networks where a spontaneous formation of a network occurs and there is no prior knowledge of nodes to each other present significant security challenges, especially as entirely online configuration of nodes with encryption keys must be performed. Utilising threshold cryptography in this type of MANET can greatly increase the security by requiring servers to collaborate to form a single Certificate Authority (CA). In this type of CA responsibility for certificate services is shared between a threshold of servers, greatly increasing security and making attack against the CA considerably more difficult. Choosing which nodes to take on …
Exposing Potential Privacy Issues With Ipv6 Address Construction, Clinton Carpene, Andrew Woodward
Exposing Potential Privacy Issues With Ipv6 Address Construction, Clinton Carpene, Andrew Woodward
Australian Information Security Management Conference
The usage of 128 bit addresses with hexadecimal representation in IPv6 poses significant potential privacy issues. This paper discusses the means of allocating IPv6 addresses, along with the implications each method may have upon privacy in different usage scenarios. The division of address space amongst the global registries in a hierarchal fashion can provide geographical information about the location of an address, and its originating device. Many IPv6 address configuration methods are available, including DHCPv6, SLAAC (with or without privacy extensions), and Manual assignment. These assignment techniques are dissected to expose the identifying characteristics of each technique. It is seen …
A Survey Of Computer And Network Security Support From Computer Retailers To Consumers In Australia, Patryk Szewczyk
A Survey Of Computer And Network Security Support From Computer Retailers To Consumers In Australia, Patryk Szewczyk
Australian Information Security Management Conference
Previously undertaken research suggests that novice end-users rely on computer retailers for security advice and support during and after a sale has occurred. This paper documents the survey results of computer and network security support provided to consumers by retailers in Perth, Western Australia between 2011 and 2012. The conducted survey shows that in the majority of cases, computers retailers were favourable in providing support and recommendations. However, these views were found to be flawed, confusing and do little to ensure that end-users are not victimized by cyber crime.
Insecurity By Obscurity Continues: Are Adsl Router Manuals Putting End-Users At Risk, Kim Andersson, Patryk Szewczyk
Insecurity By Obscurity Continues: Are Adsl Router Manuals Putting End-Users At Risk, Kim Andersson, Patryk Szewczyk
Australian Information Security Management Conference
The quantity and sophistication of threats targeting ADSL routers is on a steady increase. There is a reliance on end-users to ensure that their ADSL router is secure by continually updating the firmware, using strong authentication credentials, and enabling the in-built firewall. However, to do this, the end-user must be presented with well written procedural instructions, and an explanation of why this is important. This paper examines the design quality and security content provided by vendors in ADSL router manuals. This paper reveals that the lack of security related content and poor overall design could impact on end-users’ interpretation and …
Network Security Isn’T All Fun And Games: An Analysis Of Information Transmitted While Playing Team Fortress 2, Brett Turner, Andrew Woodward
Network Security Isn’T All Fun And Games: An Analysis Of Information Transmitted While Playing Team Fortress 2, Brett Turner, Andrew Woodward
Australian Information Security Management Conference
In the world of online gaming, information is exchanged as a matter of course. What information is exchanged behind the scenes is something that is not obvious to the casual user. People who play these games trust that the applications they are using are securely written and in this case, communicate securely. This paper looks at the traffic that is transmitted by the game Team Fortress 2 and incidentally the supporting authentication traffic of the Steam network. It was discovered through packet analysis that there is quite a lot of information which should be kept private being broadcast in the …
Identifying Dos Attacks Using Data Pattern Analysis, Mohammed Salem, Helen Armstrong
Identifying Dos Attacks Using Data Pattern Analysis, Mohammed Salem, Helen Armstrong
Australian Information Security Management Conference
During a denial of service attack, it is difficult for a firewall to differentiate legitimate packets from rogue packets, particularly in large networks carrying substantial levels of traffic. Large networks commonly use network intrusion detection systems to identify such attacks, however new viruses and worms can escape detection until their signatures are known and classified as an attack. Commonly used IDS are rule based and static, and produce a high number of false positive alerts. The aim of this research was to determine if it is possible for a firewall to analyse its own traffic patterns to identify attempted denial …
Can Intrusion Detection Implementation Be Adapted To End-User Capabilities?, Patricia A. Williams, Renji J. Mathew
Can Intrusion Detection Implementation Be Adapted To End-User Capabilities?, Patricia A. Williams, Renji J. Mathew
Australian Information Security Management Conference
In an environment where technical solutions for securing networked systems are commonplace, there still exist problems in implementation of such solutions for home and small business users. One component of this protection is the use of intrusion detection systems. Intrusion detection monitors network traffic for suspicious activity, performs access blocking and alerts the system administrator or user of potential attacks. This paper reviews the basic function of intrusion detection systems and maps them to an existing end-user capability framework. Using this framework, implementation guidance and systematic improvement in implementation of this security measure are defined.
How Safe Is Azeroth, Or, Are Mmorpgs A Security Risk?, An Hilven, Andrew Woodward
How Safe Is Azeroth, Or, Are Mmorpgs A Security Risk?, An Hilven, Andrew Woodward
Australian Information Security Management Conference
Massive Multiplayer Online Role Playing Games (MMORPGs) are at a basic level a networked application. Blizzard’s World of Warcraft is currently the largest example of such a type of application, with over nine million subscribers at last count. Whilst the idea of researching a game for network security may sound trivial, nine million potential backdoors into home and business computers is not. The ports used by the game, as well as authentication methods and client update programs were examined using packet analysis software. No obvious vulnerabilities were discovered as a result of this analysis. In addition to this analysis, an …