Engineering Commons^™

The Kerf Toolkit For Intrusion Analysis, Javed A. Aslam, Sergey Bratus, David Kotz, Ron Peterson, Brett Tofel, Daniela Rus

Javed A. Aslam

To aid system administrators with post-attack intrusion analysis, the Kerf toolkit provides an integrated front end and powerful correlation and data-representation tools, all in one package.

The Yemen Narrative: Cargo Cults And Cargo Security, Ibpp Editor

International Bulletin of Political Psychology

The author gives a psychological perspective on the security of aviation cargo shipments.

Cloud Computing:Strategies For Cloud Computing Adoption, Faith Shimba

Dissertations

The advent of cloud computing in recent years has sparked an interest from different organisations, institutions and users to take advantage of web applications. This is a result of the new economic model for the Information Technology (IT) department that cloud computing promises. The model promises a shift from an organisation required to invest heavily for limited IT resources that are internally managed, to a model where the organisation can buy or rent resources that are managed by a cloud provider, and pay per use. Cloud computing also promises scalability of resources and on-demand availability of resources.

Although, the adoption …

Event Study Method For Validating Agent-Based Trading Simulations, Shih-Fen Cheng

Research Collection School Of Computing and Information Systems

In this paper, we introduce how one can validate an event-centric trading simulation platform that is built with multi-agent technology. The issue of validation is extremely important for agent-based simulations, but unfortunately, so far there is no one universal method that would work in all domains. The primary contribution of this paper is a novel combination of event-centric simulation design and event study approach for market dynamics generation and validation. In our event-centric design, the simulation is progressed by announcing news events that affect market prices. Upon receiving these events, event-aware software agents would adjust their views on the market …

Spot Off: The Gao Takes On The Tsa’S Behavior Detection Program, Ibpp Editor

International Bulletin of Political Psychology

The United States Government Accountability Office (GAO) has recently Issued Efforts to Validate TSA’s Passenger Screening Behavior Detection Program Underway, but Opportunities Exist to Strengthen Validation and Address Operational Problems (May 2010, GAO-10-763). This IBPP article will describe and comment on the main GAO findings and additional data on which the findings are based. The article will end with some basic challenges to behavior detection as a useful security measure.

Autonomous Security Patrol System, Jake Erramouspe

Undergraduate Honors Capstone Projects

This project provides an efficient and cost-effective solution to building security and active monitoring. The security is monitored and controlled by autonomous patrol robots. Any indication of a security breach will result in an immediate alarm and activation of the robot group to subdue and tranquilize the intruder.

Secret Key Establishment Using Wireless Channels As Common Randomness In Time-Variant Mimo Systems, Chan Chen

Theses and Dissertations

Encryption of confidential data with a secret key has become a widespread technique for securing wireless transmissions. However, existing key distribution methods that either deliver the secret key with a key distribution center or exchange the secret key using public-key cryptosystems are unable to establish perfect secret keys necessary for symmetric encryption techniques. This research considers secret key establishment, under the broad research area of information theoretic security, using the reciprocal wireless channel as common randomness for the extraction of perfect secret keys in multiple-input multiple-output (MIMO)communication systems. The presentation discusses the fundamental characteristics of the time-variant MIMO wireless channel …

A Secure On-Line Credit Card Transaction Method Based On Kerberos Authentication Protocol, Jung Eun Kim

UNLV Theses, Dissertations, Professional Papers, and Capstones

Nowadays, electronic payment system is an essential part of modern business. Credit cards or debit cards have been widely used for on-site or remote transactions, greatly reducing the need for inconvenient cash transactions. However, there have been a huge number of incidents of credit card frauds over the Internet due to the security weakness of electronic payment system. A number of solutions have been proposed in the past to prevent this problem, but most of them were inconvenient and did not satisfy the needs of cardholders and merchants at the same time.

In this thesis, we present a new secure …

Dsfs: Decentralized Security For Large Parallel File Systems, Zhongying Niu, Hong Jiang, Ke Zhou, Dan Feng, Tianming Yang, Dongliang Lei, Anli Chen

CSE Technical Reports

This paper describes DSFS, a decentralized security system for large parallel file system. DSFS stores global access control lists (ACLs) in a centralized decisionmaking server and pushes pre-authorization lists (PALs) into storage devices. Thus DSFS allows users to flexibly set any access control policy for the global ACL or even change the global ACL system without having to upgrade the security code in their storage devices. With pre-authorization lists, DSFS enables a networkattached storage device to immediately authorize I/O, instead of demanding a client to acquire an authorization from a centralized authorization server at a crucial time. The client needs …

Operating Characteristics Of Passenger Screening Processes And The Development Of A Paced Inspection System, Geraldine Kelly Leone

Dissertations

The airport checkpoint security screening (ACSS) system is an important line of defense against the introduction of dangerous objects into the U.S. aviation system. Recently, there has been much interest in modeling these systems and to derive operating parameters which optimize performance. In general there are two performance measures of interest (i) the waiting time of the arriving entities, and (ii) the allocated screening resources and its utilization. Clearly, the traveling public would like a zero waiting time, while airports are limited both in terms of space and resource capital. The arrival and exit entity in the ACSS system are …

Enhanced Mccullagh-Barreto Identity-Based Key Exchange Protocols With Master Key Forward Security, Hua Guo, Yi Mu, Xiyong Zhang, Zhoujun Li

Faculty of Engineering - Papers (Archive)

Master key forward security is an important property for identity-based key exchange protocols. Unfortunately, most of existing identity-based key exchange protocols do not satisfy this property. In this paper, we firstly analyse Xie's modified protocol to show that signature is undesirable for an identity-based key agreement protocol with the master key forward secrecy. Then we present two improved protocols from McCullagh-Barreto identity-based key agreement protocol to capture the master key forward security. Our first protocol is efficient and its security can be proved with the help of a decisional oracle, while the second one achieves stronger security and its security …

The Changing Patterns Of Internet Usage, Christopher S. Yoo

All Faculty Scholarship

The Internet unquestionably represents one of the most important technological developments in recent history. It has revolutionized the way people communicate with one another and obtain information and created an unimaginable variety of commercial and leisure activities. Interestingly, many members of the engineering community often observe that the current network is ill-suited to handle the demands that end users are placing on it. Indeed, engineering researchers often describe the network as ossified and impervious to significant architectural change. As a result, both the U.S. and the European Commission are sponsoring “clean slate” projects to study how the Internet might be …

Privacy-Preserving Attribute-Based Access Control In A Grid, Sang Mork Park

Browse all Theses and Dissertations

A Grid community is composed of diverse stake holders, such as data resource providers, computing resource providers, service providers, and the users of the resources and services. In traditional security systems for Grids, most of the authentication and authorization mechanisms are based on the user's identity or the user's classification information. If the authorization mechanism is based on the user's identity, fine-grained access control policies can be implemented but the scalability of the security system would be limited. If the authorization mechanism is based on the user's classification, the scalability can be improved but the fine-grained access control policies may …

Defending Privacy: The Development And Deployment Of A Darknet, Conor Mcmanamon, Fredrick Mtenzi

Conference papers

New measures imposed by governments, Internet service providers and other third parties which threaten the state of privacy are also opening new avenues to protecting it. The unwarranted scrutiny of legitimate services such as file hosters and the BitTorrent protocol, once relatively unknown to the casual Internet user, is becoming more obvious. The darknet is a rising contender against these new measures and will preserve the default right to privacy of Internet users. A darknet is defined in the context of file sharing as a network which operates on top of another network such as the Internet for the purpose …