Physical Sciences and Mathematics Commons^™

Intrusion-Tolerant Order-Preserving Encryption, John Huson

Masters Theses, 2010-2019

Traditional encryption schemes such as AES and RSA aim to achieve the highest level of security, often indistinguishable security under the adaptive chosen-ciphertext attack. Ciphertexts generated by such encryption schemes do not leak useful information. As a result, such ciphertexts do not support efficient searchability nor range queries.

Order-preserving encryption is a relatively new encryption paradigm that allows for efficient queries on ciphertexts. In order-preserving encryption, the data-encrypting key is a long-term symmetric key that needs to stay online for insertion, query and deletion operations, making it an attractive target for attacks.

In this thesis, an intrusion-tolerant order-preserving encryption system …

Analysis Of Real-World Passwords For Social Media Sites, Mark J. Quinn

Masters Theses, 2010-2019

Textual passwords have dominated all other entity authentication mechanisms since they were introduced in the early 1960’s. Despite an inherent weakness against social engineering, keylogging, shoulder surfing, dictionary, and brute-force attacks, password authentication continues to grow as the Internet expands. Existing research on password authentication proves that dictionary attacks are successful because users make poor choices when creating passwords. To make passwords easier to remember, users select character strings that are shorter in length and contain memorable content, like personal identity information, common words found in a dictionary, backward spellings of common words, recognizable sequences, and easily guessed mnemonic phrases. …

Automated Snort Signature Generation, Brandon Rice

Masters Theses, 2010-2019

Network intrusion systems work on many models, but at their core they rely on algorithms to process data and determine if the network traffic is malicious in nature. Snort is the most widely-used open source network based Intrusion Prevention System / Intrusion Detection System (IPS/IDS) system. It works by comparing network traffic to a list or lists of rules to determine if and what action should be taken. These rules are referred to as signatures, since they are intended to identify a single pattern of network traffic just like a physical signature identifies a single author. I have developed an …

Electronic Voting: Methods And Protocols, Christopher Andrew Collord

Masters Theses, 2010-2019

The act of casting a ballot during an election cycle has been plagued by a number of problems, both intrinsic and extraneous. The old-fashioned paper ballot solves a number of problems, but creates its own. The clear 21st Century solution is the use of an automated electronic system for collection and tallying of votes, but the attitude of the general populace towards these systems has been overwhelmingly negative, supported in some cases by fraud and abuse. The purpose of this thesis is to do a broad survey of systems available on the market now (both in industry and academia) and …

Class Control: An Adaptable And Self Configuring Classroom Control System, Thomas Grimes

Masters Theses, 2010-2019

Class Control is a tool that was created at the University of St Andrews to allow a teacher to not only view all of the screens in a classroom at once but also take control of them and broadcast the teacher’s screen to them. Existing software wouldn’t allow the scalability to meet the demands of the size of the classroom so Class Control was developed and is still used by the school today.%0d%0aHowever, this tool was created to be used in one classroom just running the Mac OS. This thesis project aimed to add the ability to move this tool …

Data Carving Parser Generation, Benjamin Nathaniel Kelley

Masters Theses, 2010-2019

As our day to day interaction with technology continues to grow, so does the amount of data created through this interaction. The science of digital forensics grew out of the need for specialists to recover, analyze, and interpret this data. When events or actions, either by accident or with criminal intent create, delete or manipulate data, it is the role of a digital forensics analyst to acquire this data and draw conclusions about the discovered facts about who or what is responsible for the event. This thesisidentifies a gap in the research between data analysis and interpretation. Current research and …

Fingerprint Fuzzy Vault: Security Analysis And A New Scheme, Patrick J.B. Perry

Masters Theses, 2010-2019

A fingerprint fuzzy vault uses a fingerprint A to lock a strong secret k and only a close fingerprint from the same finger can be used to unlock k. An attacker who has stolen the vault will not be able to get useful information about A or k.%0d%0a In this research, we shall study the security of a major fingerprint fuzzy vault developed by Nandakumar et al. through investigating the security implication of helper data, which are stored in the fuzzy vault for fingerprint alignment. We will show that helper data leak information about fingerprints and thus compromise the security …

Methodology And Automated Metadata Extraction From Multiple Volume Shadow Copies, Henri Michael Van Goethem

Masters Theses, 2010-2019

Modern day digital forensics investigations rely on timelines as a principal method for normalizing and chronologically categorizing artifacts recovered from computer systems. Timelines provide investigators with a chronological representation of digital evidence so they can depict altered and unaltered digital forensics data in-context to drive conclusions about system events and/or user activities. While investigators rely on many system artifacts such as file system time/date stamps, operating system artifacts, program artifacts, logs, and/or registry artifacts as input for deriving chronological representations, using only the available or most recent version of the artifacts may provide a limited picture of historical changes on …

Forensic Analysis Of Linux Physical Memory: Extraction And Resumption Of Running Processes., Ernest D. Mougoue

Masters Theses, 2010-2019

Traditional digital forensics’ procedures to recover and analyze digital data were focused on media-type storage devices like hard drives, hoping to acquire evidence or traces of malicious behavior in stored files. Usually, investigators would image the data and explore it in a somewhat “safe” environment; this is meant to reduce as much as possible the amount of loss and corruption that might occur when analysis tools are used. Unfortunately, techniques developed by intruders to attack machines without leaving files on the disks and the ever dramatically increasing size of hard drives make the discovery of evidence difficult. These increased interest …

Identity Management In A Public Iaas Cloud, William T. Skinner Iii

Masters Theses, 2010-2019

In this thesis the unique environment that is the public IaaS cloud along with its differences from a traditional data center environment has been considered. The Cloud Security Alliance (CSA), states that “Managing identities and access control for enterprise applications remains one of the greatest challenges facing IT today”. The CSA also points out that “there is a lack of consistent secure methods for extending identity management into the cloud and across the cloud” [1]. This thesis examines this challenge of managing identities in the cloud by developing a list of best practices for implementing identity management in the cloud. …

Impediment Sensitive-Role Based Access Control, Joseph Frederick Blumberg

Masters Theses, 2010-2019

This paper introduces a variation to the Role Based Access Control (RBAC) model called Impediment Sensitive RBAC (IS-RBAC) to be used for implantable and closely-worn medical devices. The IS-RBAC represents impediments including instrument failures, user failures, and environmental situations. IS-RBAC accommodates the impacts that the three types of impediments convey on two foundation set definitions, namely, the data set and the set of user role assignments. With these new definitions, IS-RBAC model strengthens the weaknesses caused to the protection of data from user and instrument failures and environmental situations, mitigates threats from users with elevated user role privileges, and ultimately …

Security Analysis Of A Fingerprint-Secured Usb Drive, Benjamin David Rodes

Masters Theses, 2010-2019

In response to user demands for mobile data security and maximum ease of use, fingerprint-secured mobile storage devices have been increasingly available for purchase. A fingerprint-secured Universal Serial Bus (USB) drive looks like a regular USB drive, except that it has an integrated optical scanner. When a fingerprint-secured USB drive is plugged into a computer running Windows, a program on this drive will run automatically to ask for fingerprint authentication. (When the program runs the very first time, it will ask for fingerprint enrollment). After a successful fingerprint authentication, a new private drive (for example, drive G:) will appear and …

Improving The Measurement Of System Time On Remote Hosts, Michael Christopher Smith

Masters Theses, 2010-2019

The tools and techniques of digital forensics are useful in investigating system failures, gathering evidence of illegal activities, and analyzing computer systems after cyber attacks. Constructing an accurate timeline of digital events is essential to forensic analysis, and developing a correlation between a computer’s system time and a standard time such as Coordinated Universal Time (UTC) is key to building such a timeline. In addition to local temporal data, such as file MAC (Modified, Accessed, and Changed/Created) times and event logs, a computer may hold timestamps from other machines, such as email headers, HTTP cookies, and downloaded files. To fully …