Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Computer Engineering (13)
- Computer Sciences (12)
- Physical Sciences and Mathematics (12)
- Information Security (11)
- Digital Communications and Networking (7)
-
- Electrical and Computer Engineering (7)
- Operations Research, Systems Engineering and Industrial Engineering (4)
- Operational Research (3)
- Computer and Systems Architecture (2)
- Electrical and Electronics (2)
- Hardware Systems (2)
- Systems and Communications (2)
- Other Operations Research, Systems Engineering and Industrial Engineering (1)
- Power and Energy (1)
- Risk Analysis (1)
- Software Engineering (1)
- VLSI and Circuits, Embedded and Hardware Systems (1)
Articles 1 - 23 of 23
Full-Text Articles in Engineering
Dynamic Network Security Control Using Software Defined Networking, Michael C. Todd
Dynamic Network Security Control Using Software Defined Networking, Michael C. Todd
Theses and Dissertations
This thesis develops and implements a process to rapidly respond to host level security events using a host agent, Software Defined Networking and OpenFlow updates, role based flow classes, and Advanced Messaging Queuing Protocol to automatically update configuration of switching devices and block malicious traffic. Results show flow table updates are made for all tested levels in less than 5.27 milliseconds and event completion time increased with treatment level as expected. As the number of events increases from 1,000 to 50,000, the design scales logarithmically caused mainly by message delivery time. Event processing throughput is limited primarily by the message …
Advances In Sca And Rf-Dna Fingerprinting Through Enhanced Linear Regression Attacks And Application Of Random Forest Classifiers, Hiren J. Patel
Advances In Sca And Rf-Dna Fingerprinting Through Enhanced Linear Regression Attacks And Application Of Random Forest Classifiers, Hiren J. Patel
Theses and Dissertations
Radio Frequency (RF) emissions from electronic devices expose security vulnerabilities that can be used by an attacker to extract otherwise unobtainable information. Two realms of study were investigated here, including the exploitation of 1) unintentional RF emissions in the field of Side Channel Analysis (SCA), and 2) intentional RF emissions from physical devices in the field of RF-Distinct Native Attribute (RF-DNA) fingerprinting. Statistical analysis on the linear model fit to measured SCA data in Linear Regression Attacks (LRA) improved performance, achieving 98% success rate for AES key-byte identification from unintentional emissions. However, the presence of non-Gaussian noise required the use …
Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel
Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel
Theses and Dissertations
Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem's operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under …
Measuring The Utility Of A Cyber Incident Mission Impact Assessment (Cimia) Process For Mission Assurance, Christy L. Peterson
Measuring The Utility Of A Cyber Incident Mission Impact Assessment (Cimia) Process For Mission Assurance, Christy L. Peterson
Theses and Dissertations
Information is a critical asset on which virtually all modern organizations depend upon to meet their operational mission objectives. Military organizations, in particular, have embedded Information and Communications Technologies (ICT) into their core mission processes as a means to increase their operational efficiency, exploit automation, improve decision quality, and shorten the kill chain. However, the extreme dependence upon ICT results in an environment where a cyber incident can result in severe mission degradation, or possibly failure, with catastrophic consequences to life, limb, and property. These consequences can be minimized by maintaining real-time situational awareness of mission critical resources so appropriate …
Static And Dynamic Component Obfuscation On Reconfigurable Devices, Camdon R. Cady
Static And Dynamic Component Obfuscation On Reconfigurable Devices, Camdon R. Cady
Theses and Dissertations
Computing systems are used in virtually every aspect of our lives. Technology such as smart phones and electronically controlled subsystems in cars is becoming so commonly used that it is virtually ubiquitous. Sometimes, this technology can be exploited to perform functions that it was never intended to perform, or fail to provide information that it is supposed to protect. X-HIA was shown to be effective at identifying several circuit components in a significantly shorter time than previous identification methods. Instead of requiring a number of input/output pairings that grows factorially or exponentially as the circuit size grows, it requires only …
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine
Theses and Dissertations
Current intrusion detection systems generate a large number of specific alerts, but do not provide actionable information. Many times, these alerts must be analyzed by a network defender, a time consuming and tedious task which can occur hours or days after an attack occurs. Improved understanding of the cyberspace domain can lead to great advancements in Cyberspace situational awareness research and development. This thesis applies the Cross Industry Standard Process for Data Mining (CRISP-DM) to develop an understanding about a host system under attack. Data is generated by launching scans and exploits at a machine outfitted with a set of …
An Efficient And Effective Implementation Of The Trust System For Power Grid Compartmentalization, Juan M. Carlos Gonzalez
An Efficient And Effective Implementation Of The Trust System For Power Grid Compartmentalization, Juan M. Carlos Gonzalez
Theses and Dissertations
As utility companies develop and incorporate new technologies, such as moving to utility Internet technology based architecture and standard; it is crucial that we do so with history in mind. We know that traditional utility protection and control systems were not designed with security in their top priorities. This presents a danger in an environment where near real-time responses are required to ensure safe operations. As a consequence, system security becomes a burden to the system rather than necessary protection. Unfortunately, technology implementation is not the only concern. The number of utility privately-owned companies has multiplied as the market has …
Removing Redundant Logic Pathways In Polymorphic Circuits, Hanseok Kim
Removing Redundant Logic Pathways In Polymorphic Circuits, Hanseok Kim
Theses and Dissertations
Evaluating the quality of software and circuit obfuscators is a research goal of great interest. However, there exists little research about evaluation of obfuscation effectiveness through analyzing and investigating redundancies found in the obfuscated variants. In this research, we consider programs represented as structural combinational circuits and then analyze obfuscated variants of those circuits through a tool that produces functionally equivalent variants based on subcircuit selection and replacement. We then consider how Boolean logic and reduction affects the size and levelization of circuit variants, giving us a concrete metric by which to consider obfuscation effectiveness. To accomplish these goals, we …
Host-Based Multivariate Statistical Computer Operating Process Anomaly Intrusion Detection System (Paids), Glen R. Shilland
Host-Based Multivariate Statistical Computer Operating Process Anomaly Intrusion Detection System (Paids), Glen R. Shilland
Theses and Dissertations
No abstract provided.
The Evaluation Of Rekeying Protocols Within The Hubenko Architecture As Applied To Wireless Sensor Networks, Cory J. Antosh
The Evaluation Of Rekeying Protocols Within The Hubenko Architecture As Applied To Wireless Sensor Networks, Cory J. Antosh
Theses and Dissertations
This thesis investigates the impact of using three different rekeying protocols–pair-wise, hierarchical, and Secure Lock within a wireless sensor network (WSN) under the Hubenko architecture. Using a Matlab computer simulation, the impact of the three rekeying protocols on the number of bits transmitted across the network and the amount of battery power consumed in WSN nodes during rekey operations is investigated. Baseline pair-wise rekeying performance can be improved by using either Secure Lock or hierarchical rekeying. The best choice depends on the size of the WSN and the size of the key used. Hierarchical rekeying is the best choice for …
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Automated Virtual Machine Introspection For Host-Based Intrusion Detection, Brett A. Pagel
Theses and Dissertations
This thesis examines techniques to automate configuration of an intrusion detection system utilizing hardware-assisted virtualization. These techniques are used to detect the version of a running guest operating system, automatically configure version-specific operating system information needed by the introspection library, and to locate and monitor important operating system data structures. This research simplifies introspection library configuration and is a step toward operating system independent introspection. An operating system detection algorithm and Windows virtual machine system service dispatch table monitor are implemented using the Xen hypervisor and a modified version of the XenAccess library. All detection and monitoring is implemented from …
Sub-Circuit Selection And Replacement Algorithms Modeled As Term Rewriting Systems, Eric D. Simonaire
Sub-Circuit Selection And Replacement Algorithms Modeled As Term Rewriting Systems, Eric D. Simonaire
Theses and Dissertations
Intent protection is a model of software obfuscation which, among other criteria, prevents an adversary from understanding the program’s function for use with contextual information. Relating this framework for obfuscation to malware detection, if a malware detector can perfectly normalize a program P and any obfuscation (variant) of the program O(P), the program is not intent protected. The problem of intent protection on programs can also be modeled as intent protection on combinational logic circuits. If a malware detector can perfectly normalize a circuit C and any obfuscation (variant) O(C) of the circuit, the circuit is not intent protected. In …
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
An Analysis Of Botnet Vulnerabilities, Sean W. Hudson
Theses and Dissertations
Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.
Shi(El)Ds: A Novel Hardware-Based Security Backplane To Enhance Security With Minimal Impact To System Operation, Matthew G. Judge
Shi(El)Ds: A Novel Hardware-Based Security Backplane To Enhance Security With Minimal Impact To System Operation, Matthew G. Judge
Theses and Dissertations
Computer security continues to increase in importance both in the commercial world and within the Air Force. Dedicated hardware for security purposes presents and enhances a number of security capabilities. Hardware enhances both the security of the security system and the quality and trustworthiness of the information being gathered by the security monitors. Hardware reduces avenues of attack on the security system and ensures the trustworthiness of information only through proper design and placement. Without careful system design, security hardware leaves itself vulnerable to many attacks that it is capable of defending against. Our SHI(EL)DS architecture combines these insights into …
Evaluating Security And Quality Of Service Considerations In Critical Infrastructure Communication Networks, Gregory R. Roberts
Evaluating Security And Quality Of Service Considerations In Critical Infrastructure Communication Networks, Gregory R. Roberts
Theses and Dissertations
This thesis demonstrates the benefits of utility communication based on Internet technology, some dangers in using Internet technology in establishing a utility intranet connecting protection and control systems, and compares three different approaches to making reservations for routing traffic in the utility intranet based on different levels of background traffic. A model of expected background traffic on a national utility intranet is presented. The Utility Communication Architecture 2.0 and the International Electrotechnical Commission (IEC) 61850 began laying the groundwork in 2002 in establishing an infrastructure allowing power substations, program logic controllers, remote terminal units, intelligent electronic devices, and other devices …
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Aphid: Anomaly Processor In Hardware For Intrusion Detection, Samuel A. Hart
Theses and Dissertations
The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of security processing. These primitives are tightly coupled to the CPU giving them access to critical state information such as the current instruction(s) in execution, the next instruction, registers, and processor state information. By monitoring these hardware elements, APHID is able to determine when an anomalous action occurs within one clock cycle. Upon detection, APHID can force the processor into a corrective state, or a …
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Hardware Virtualization Applied To Rootkit Defense, Douglas P. Medley
Theses and Dissertations
This research effort examines the idea of applying virtualization hardware to enhance operating system security against rootkits. Rootkits are sets of tools used to hide code and/or functionality from the user and operating system. Rootkits can accomplish this feat through using access to one part of an operating system to change another part that resides at the same privilege level. Hardware assisted virtualization (HAV) provides an opportunity to defeat this tactic through the introduction of a new operating mode. Created to aid operating system virtualization, HAV provides hardware support for managing and saving multiple states of the processor. This hardware …
Exploring Hardware Based Primitives To Enhance Parallel Security Monitoring In A Novel Computing Architecture, Stephen D. Mott
Exploring Hardware Based Primitives To Enhance Parallel Security Monitoring In A Novel Computing Architecture, Stephen D. Mott
Theses and Dissertations
This research explores how hardware-based primitives can be implemented to perform security-related monitoring in real-time, offer better security, and increase performance compared to software-based approaches. In doing this, we propose a novel computing architecture, derived from a contemporary shared memory architecture, that facilitates efficient security-related monitoring in real-time, while keeping the monitoring hardware itself safe from attack. This architecture is flexible, allowing security to be tailored based on the needs of the system. We have developed a number of hardware-based primitives that fit into this architecture to provide a wide array of monitoring capabilities. A number of these primitives provide …
Active Fpga Security Through Decoy Circuits, Bradley D. Christiansen
Active Fpga Security Through Decoy Circuits, Bradley D. Christiansen
Theses and Dissertations
Field Programmable Gate Arrays (FPGAs) based on Static Random Access Memory (SRAM) are vulnerable to tampering attacks such as readback and cloning attacks. Such attacks enable the reverse engineering of the design programmed into an FPGA. To counter such attacks, measures that protect the design with low performance penalties should be employed. This research proposes a method which employs the addition of active decoy circuits to protect SRAM FPGAs from reverse engineering. The effects of the protection method on security, execution time, power consumption, and FPGA resource usage are quantified. The method significantly increases the security of the design with …
An Historical Analysis Of Factors Contributing To The Emergence Of The Intrusion Detection Discipline And Its Role In Information Assurance, James L.M. Hart
An Historical Analysis Of Factors Contributing To The Emergence Of The Intrusion Detection Discipline And Its Role In Information Assurance, James L.M. Hart
Theses and Dissertations
In 2003, Gartner, Inc., predicted the inevitable demise of the intrusion detection (ID) market, a major player in the computer security technology industry. In light of this prediction, IT executives need to know if intrusion detection technologies serve a strategic purpose within the framework of information assurance (IA). This research investigated the historical background and circumstances that led to the birth of the intrusion detection field and explored the evolution of the discipline through current research in order to identify appropriate roles for IDS technology within an information assurance framework. The research identified factors contributing to the birth of ID …
Malicious Hackers: A Framework For Analysis And Case Study, Laura J. Kleen
Malicious Hackers: A Framework For Analysis And Case Study, Laura J. Kleen
Theses and Dissertations
Recent years have seen an increase in the number and severity of Information Operations (IO) attacks upon DoD resources. At a higher level, the US as a whole has come under cyber attack by individuals and groups seeking thrills, monetary gain, publicity for their causes, and myriad other goals. This effort develops a first cut model of individual hacker mentality that can be utilized to improve threat assessment, mitigate Information Assurance (IA) vulnerabilities, and improve risk assessment. Further, it is a first step toward automated characterization of Information Warfare (IW) attacks based upon hacker types. All hackers are not the …
Modeling Information Assurance, Joseph E. Beauregard
Modeling Information Assurance, Joseph E. Beauregard
Theses and Dissertations
The ever-increasing speed of information systems allows decision-makers around the world to gather, process, and disseminate information almost instantaneously. However, with this benefit there comes a price. Information is valuable and therefore a target to those who do not have it or wish to destroy it. The Internet has allowed information to flow freely, but it has also made information vulnerable to many forms of corruption. The U. S. military controls much of the world's most sensitive information, and since it cannot sacrifice losing the speed at which this information is currently processed and disseminated, it must find a way …
A Distributed Agent Architecture For A Computer Virus Immune System, Paul K. Harmer
A Distributed Agent Architecture For A Computer Virus Immune System, Paul K. Harmer
Theses and Dissertations
Information superiority is identified as an Air Force core competency and is recognized as a key enabler for the success of future missions. Information protection and information assurance are vital components required for achieving superiority in the Infosphere, but these goals are threatened by the exponential birth rate of new computer viruses. The increased global interconnectivity that is empowering advanced information systems is also increasing the spread of malicious code and current anti-virus solutions are quickly becoming overwhelmed by the burden of capturing and classifying new viral stains. To overcome this problem, a distributed computer virus immune system (CVIS) based …