Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Keyword
-
- Computer networks--Security measures (11)
- #antcenter (7)
- Center_CCR (3)
- Computer security (3)
- Internet (3)
-
- Software-Defined Networking (3)
- Blockchain (2)
- Bluetooth (2)
- Computer networks (2)
- Computerized simulation (2)
- Cybersecurity (2)
- Cyberterrorism--Prevention (2)
- Data protection (2)
- Decision confidence (2)
- Electronic data processing--Distributed processing (2)
- Laser communication systems (2)
- Machine learning (2)
- Mobile computing (2)
- Wireless LANs (2)
- 3D printing (1)
- Ad hoc networks (Computer networks) (1)
- Ad hoc networks (Computer networks)--Security measures (1)
- Adaptive control systems (1)
- Adaptive optics (1)
- Algorithms (1)
- BLE (1)
- Behavior patterns (1)
- CRISP (Computer file) (1)
- Cbench (1)
- Client/server computing--Design (1)
Articles 1 - 30 of 54
Full-Text Articles in Physical Sciences and Mathematics
Exploiting The Iot Through Network-Based Covert Channels, Kyle S. Harris
Exploiting The Iot Through Network-Based Covert Channels, Kyle S. Harris
Theses and Dissertations
Information leaks are a top concern to industry and government leaders. The IoT is a technology capable of sensing real-world events. A method for exfiltrating data from these devices is by covert channel. This research designs a novel IoT CTC without the need for inter-packet delays to encode data. Instead, it encodes data within preexisting network information, namely ports or addresses. Additionally, the CTC can be implemented in two different modes: Stealth and Bandwidth. Performance is measured using throughput and detectability. The Stealth methods mimic legitimate traffic captures while the Bandwidth methods forgo this approach for maximum throughput. Detection results …
Stock Markets Performance During A Pandemic: How Contagious Is Covid-19?, Yara Abushahba
Stock Markets Performance During A Pandemic: How Contagious Is Covid-19?, Yara Abushahba
Theses and Dissertations
Background and Motivation: The coronavirus (“COVID-19”) pandemic, the subsequent policies and lockdowns have unarguably led to an unprecedented fluid circumstance worldwide. The panic and fluctuations in the stock markets were unparalleled. It is inarguable that real-time availability of news and social media platforms like Twitter played a vital role in driving the investors’ sentiment during such global shock.
Purpose:The purpose of this thesis is to study how the investor sentiment in relation to COVID-19 pandemic influenced stock markets globally and how stock markets globally are integrated and contagious. We analyze COVID-19 sentiment through the Twitter posts and investigate its …
Long Distance Bluetooth Low Energy Exploitation On A Wireless Attack Platform, Stephanie L. Long
Long Distance Bluetooth Low Energy Exploitation On A Wireless Attack Platform, Stephanie L. Long
Theses and Dissertations
In the past decade, embedded technology, known as the Internet of Things, has expanded for many uses. The smart home infrastructure has drastically grown to include networked refrigerators, lighting systems, speakers, watches, and more. This increase in the use of wireless protocols provides a larger attack surface for cyber actors than ever before. Wireless loT traffic is susceptible for sniffing by an attacker. The attack platform skypie is upgraded to incorporate Bluetooth Low Energy (BLE) beacon collection for pattern-of-life data, as well as device characteristic enumeration and potential characteristic modification. This platform allows an attacker to mount the skypie to …
Enumerating And Locating Bluetooth Devices For Casualty Recovery In A First-Responder Environment, Justin M. Durham
Enumerating And Locating Bluetooth Devices For Casualty Recovery In A First-Responder Environment, Justin M. Durham
Theses and Dissertations
It is difficult for first-responders to quickly locate casualties in an emergency environment such as an explosion or natural disaster. In order to provide another tool to locate individuals, this research attempts to identify and estimate the location of devices that would likely be located on or with a person. A variety of devices, such as phones, smartwatches, and Bluetooth-enabled locks, are tested in multiple environments and at various heights to determine the impact that placement and interference played in locating the devices. The hypothesis is that most Bluetooth devices can be successfully enumerated quickly, but cannot be accurately located …
Joint 1d And 2d Neural Networks For Automatic Modulation Recognition, Luis M. Rosario Morel
Joint 1d And 2d Neural Networks For Automatic Modulation Recognition, Luis M. Rosario Morel
Theses and Dissertations
The digital communication and radar community has recently manifested more interest in using data-driven approaches for tasks such as modulation recognition, channel estimation and distortion correction. In this research we seek to apply an object detector for parameter estimation to perform waveform separation in the time and frequency domain prior to classification. This enables the full automation of detecting and classifying simultaneously occurring waveforms. We leverage a lD ResNet implemented by O'Shea et al. in [1] and the YOLO v3 object detector designed by Redmon et al. in [2]. We conducted an in depth study of the performance of these …
Direct Digital Synthesis: A Flexible Architecture For Advanced Signals Research For Future Satellite Navigation Payloads, Pranav R. Patel
Direct Digital Synthesis: A Flexible Architecture For Advanced Signals Research For Future Satellite Navigation Payloads, Pranav R. Patel
Theses and Dissertations
In legacy Global Positioning System (GPS) Satellite Navigation (SatNav) payloads, the architecture does not provide the flexibility to adapt to changing circumstances and environments. GPS SatNav payloads have largely remained unchanged since the system became fully operational in April 1995. Since then, the use of GPS has become ubiquitous in our day-to-day lives. GPS availability is now a basic assumption for distributed infrastructure; it has become inextricably tied to our national power grids, cellular networks, and global financial systems. Emerging advancements of easy to use radio technologies, such as software-defined radios (SDRs), have greatly lowered the difficulty of discovery and …
Interoperable Ads-B Confidentiality, Brandon C. Burfeind
Interoperable Ads-B Confidentiality, Brandon C. Burfeind
Theses and Dissertations
The worldwide air traffic infrastructure is in the late stages of transition from legacy transponder systems to Automatic Dependent Surveillance - Broadcast (ADS-B) based systems. ADS-B relies on position information from GNSS and requires aircraft to transmit their identification, state, and position. ADS-B promises the availability of high-fidelity air traffic information; however, position and identification data are not secured via authentication or encryption. This lack of security for ADS-B allows non-participants to observe and collect data on both government and private flight activity. This is a proposal for a lightweight, interoperable ADS-B confidentiality protocol which uses existing format preserving encryption …
Leveraging Peer-To-Peer Energy Sharing For Resource Optimization In Mobile Social Networks, Aashish Dhungana
Leveraging Peer-To-Peer Energy Sharing For Resource Optimization In Mobile Social Networks, Aashish Dhungana
Theses and Dissertations
Mobile Opportunistic Networks (MSNs) enable the interaction of mobile users in the vicinity through various short-range wireless communication technologies (e.g., Bluetooth, WiFi) and let them discover and exchange information directly or in ad hoc manner. Despite their promise to enable many exciting applications, limited battery capacity of mobile devices has become the biggest impediment to these appli- cations. The recent breakthroughs in the areas of wireless power transfer (WPT) and rechargeable lithium batteries promise the use of peer-to-peer (P2P) energy sharing (i.e., the transfer of energy from the battery of one member of the mobile network to the battery of …
The Trust-Based Interactive Partially Observable Markov Decision Process, Richard S. Seymour
The Trust-Based Interactive Partially Observable Markov Decision Process, Richard S. Seymour
Theses and Dissertations
Cooperative agent and robot systems are designed so that each is working toward the same common good. The problem is that the software systems are extremely complex and can be subverted by an adversary to either break the system or potentially worse, create sneaky agents who are willing to cooperate when the stakes are low and take selfish, greedy actions when the rewards rise. This research focuses on the ability of a group of agents to reason about the trustworthiness of each other and make decisions about whether to cooperate. A trust-based interactive partially observable Markov decision process (TI-POMDP) is …
Confidence Inference In Defensive Cyber Operator Decision Making, Graig S. Ganitano
Confidence Inference In Defensive Cyber Operator Decision Making, Graig S. Ganitano
Theses and Dissertations
Cyber defense analysts face the challenge of validating machine generated alerts regarding network-based security threats. Operations tempo and systematic manpower issues have increased the importance of these individual analyst decisions, since they typically are not reviewed or changed. Analysts may not always be confident in their decisions. If confidence can be accurately assessed, then analyst decisions made under low confidence can be independently reviewed and analysts can be offered decision assistance or additional training. This work investigates the utility of using neurophysiological and behavioral correlates of decision confidence to train machine learning models to infer confidence in analyst decisions. Electroencephalography …
Near Real-Time Rf-Dna Fingerprinting For Zigbee Devices Using Software Defined Radios, Frankie A. Cruz
Near Real-Time Rf-Dna Fingerprinting For Zigbee Devices Using Software Defined Radios, Frankie A. Cruz
Theses and Dissertations
Low-Rate Wireless Personal Area Network(s) (LR-WPAN) usage has increased as more consumers embrace Internet of Things (IoT) devices. ZigBee Physical Layer (PHY) is based on the Institute of Electrical and Electronics Engineers (IEEE) 802.15.4 specification designed to provide a low-cost, low-power, and low-complexity solution for Wireless Sensor Network(s) (WSN). The standard’s extended battery life and reliability makes ZigBee WSN a popular choice for home automation, transportation, traffic management, Industrial Control Systems (ICS), and cyber-physical systems. As robust and versatile as the standard is, ZigBee remains vulnerable to a myriad of common network attacks. Previous research involving Radio Frequency-Distinct Native Attribute …
A Blockchain-Based Anomalous Detection System For Internet Of Things Devices, Joshua K. Mosby
A Blockchain-Based Anomalous Detection System For Internet Of Things Devices, Joshua K. Mosby
Theses and Dissertations
Internet of Things devices are highly susceptible to attack, and owners often fail to realize they have been compromised. This thesis describes an anomalous-based intrusion detection system that operates directly on Internet of Things devices utilizing a custom-built Blockchain. In this approach, an agent on each node compares the node's behavior to that of its peers, generating an alert if they are behaving differently. An experiment is conducted to determine the effectiveness at detecting malware. Three different code samples simulating common malware are deployed against a testbed of 12 Raspberry Pi devices. Increasing numbers are infected until two-thirds of the …
Progressive Network Deployment, Performance, And Control With Software-Defined Networking, Daniel J. Casey
Progressive Network Deployment, Performance, And Control With Software-Defined Networking, Daniel J. Casey
Theses and Dissertations
The inflexible nature of traditional computer networks has led to tightly-integrated systems that are inherently difficult to manage and secure. New designs move low-level network control into software creating software-defined networks (SDN). Augmenting an existing network with these enhancements can be expensive and complex. This research investigates solutions to these problems. It is hypothesized that an add-on device, or "shim" could be used to make a traditional switch behave as an OpenFlow SDN switch while maintaining reasonable performance. A design prototype is found to cause approximately 1.5% reduction in throughput for one ow and less than double increase in latency, …
Estimating Defensive Cyber Operator Decision Confidence, Markus M. Borneman
Estimating Defensive Cyber Operator Decision Confidence, Markus M. Borneman
Theses and Dissertations
As technology continues to advance the domain of cyber defense, signature and heuristic detection mechanisms continue to require human operators to make judgements about the correctness of machine decisions. Human cyber defense operators rely on their experience, expertise, and understanding of network security, when conducting cyber-based investigations, in order to detect and respond to cyber alerts. Ever growing quantities of cyber alerts and network traffic, coupled with systemic manpower issues, mean no one has the time to review or change decisions made by operators. Since these cyber alert decisions ultimately do not get reviewed again, an inaccurate decision could cause …
Quality Of Service Impacts Of A Moving Target Defense With Software-Defined Networking, Samuel A. Mayer
Quality Of Service Impacts Of A Moving Target Defense With Software-Defined Networking, Samuel A. Mayer
Theses and Dissertations
An analysis of the impact a defensive network technique implemented with software-defined networking has upon quality of service experienced by legitimate users. The research validates previous work conducted at AFIT to verify claims of defensive efficacy and then tests network protocols in common use (FTP, HTTP, IMAP, POP, RTP, SMTP, and SSH) on a network that uses this technique. Metrics that indicate the performance of the protocols under test are reported with respect to data gathered in a control network. The conclusions of these experiments enable network engineers to determine if this defensive technique is appropriate for the quality of …
Consuming Digital Debris In The Plasticene, Stephen R. Parks
Consuming Digital Debris In The Plasticene, Stephen R. Parks
Theses and Dissertations
Claims of customization and control by socio-technical industries are altering the role of consumer and producer. These narratives are often misleading attempts to engage consumers with new forms of technology. By addressing capitalist intent, material, and the reproduction limits of 3-D printed objects’, I observe the aspirational promise of becoming a producer of my own belongings through new networks of production. I am interested in gaining a better understanding of the data consumed that perpetuates hyper-consumptive tendencies for new technological apparatuses. My role as a designer focuses on the resolution of not only the surface of the object through 3-D …
Applying Cyber Threat Intelligence To Industrial Control Systems, Matthew P. Sibiga
Applying Cyber Threat Intelligence To Industrial Control Systems, Matthew P. Sibiga
Theses and Dissertations
A cybersecurity initiative known as cyber threat intelligence (CTI) has recently been developed and deployed. The overall goal of this new technology is to help protect network infrastructures. Threat intelligence platforms (TIPs) have also been created to help facilitate CTI effectiveness within organizations. There are many benefits that both can achieve within the information technology (IT) sector. The industrial control system (ICS) sector can also benefit from these technologies as most ICS networks are connected to IT networks. CTI and TIPs become resourceful when using indicators of compromise (IOCs) from known ICS malware attacks and an open source intrusion detection …
A Framework For Categorization Of Industrial Control System Cyber Training Environments, Evan G. Plumley
A Framework For Categorization Of Industrial Control System Cyber Training Environments, Evan G. Plumley
Theses and Dissertations
First responders and professionals in hazardous occupations undergo training and evaluations for the purpose of mitigating risk and damage. For example, helicopter pilots train with multiple categorized simulations that increase in complexity before flying a real aircraft. However in the industrial control cyber incident response domain, where incident response professionals help detect, respond and recover from cyber incidents, no official categorization of training environments exist. To address this gap, this thesis provides a categorization of industrial control training environments based on realism. Four levels of environments are proposed and mapped to Blooms Taxonomy. This categorization will help organizations determine which …
Active Response Using Host-Based Intrusion Detection System And Software-Defined Networking, Jonathon S. Goodgion
Active Response Using Host-Based Intrusion Detection System And Software-Defined Networking, Jonathon S. Goodgion
Theses and Dissertations
This research proposes AHNSR: Active Host-based Network Security Response by utilizing Host-based Intrusion Detection Systems (HIDS) with Software-Defined Networking (SDN) to enhance system security by allowing dynamic active response and reconstruction from a global network topology perspective. Responses include traffic redirection, host quarantining, filtering, and more. A testable SDN-controlled network is constructed with multiple hosts, OpenFlow enabled switches, and a Floodlight controller, all linked to a custom, novel interface for the Open-Source SECurity (OSSEC) HIDS framework. OSSEC is implemented in a server-agent architecture, allowing scalability and OS independence. System effectiveness is evaluated against the following factors: alert density and a …
Applied Hypergame Theory For Network Defense, Alan S. Gibson
Applied Hypergame Theory For Network Defense, Alan S. Gibson
Theses and Dissertations
Cyber operations are the most important aspect of military conflicts in the 21st century, but unfortunately they are also among the least understood. The continual battle for network dominance between attackers and defenders is considered to be a complex game. Hypergame theory is an extension of game theory that addresses the kind of games where misperception exists, as is often the case in military engagements. Hypergame theory, like game theory, uses a game model to determine strategy selection, but goes beyond game theory by examining subgames that exist within the full game. The inclusion of misperception and misinformation in the …
Mobile Network Defense Interface For Cyber Defense And Situational Awareness, James C. Hannan
Mobile Network Defense Interface For Cyber Defense And Situational Awareness, James C. Hannan
Theses and Dissertations
Today's computer networks are under constant attack. In order to deal with this constant threat, network administrators rely on intrusion detection and prevention services (IDS) (IPS). Most IDS and IPS implement static rule sets to automatically alert administrators and resolve intrusions. Network administrators face a difficult challenge, identifying attacks against a vast number of benign network transactions. Also after a threat is identified making even the smallest policy change to the security software potentially has far-reaching and unanticipated consequences. Finally, because the administrator is primarily responding to alerts they may lose situational awareness of the network. During this research a …
Rootkit Detection Using A Cross-View Clean Boot Method, Bridget N. Flatley
Rootkit Detection Using A Cross-View Clean Boot Method, Bridget N. Flatley
Theses and Dissertations
In cyberspace, attackers commonly infect computer systems with malware to gain capabilities such as remote access, keylogging, and stealth. Many malware samples include rootkit functionality to hide attacker activities on the target system. After detection, users can remove the rootkit and associated malware from the system with commercial tools. This research describes, implements, and evaluates a clean boot method using two partitions to detect rootkits on a system. One partition is potentially infected with a rootkit while the other is clean. The method obtains directory listings of the potentially infected operating system from each partition and compares the lists to …
A Novel Malware Target Recognition Architecture For Enhanced Cyberspace Situation Awareness, Thomas E. Dube
A Novel Malware Target Recognition Architecture For Enhanced Cyberspace Situation Awareness, Thomas E. Dube
Theses and Dissertations
The rapid transition of critical business processes to computer networks potentially exposes organizations to digital theft or corruption by advanced competitors. One tool used for these tasks is malware, because it circumvents legitimate authentication mechanisms. Malware is an epidemic problem for organizations of all types. This research proposes and evaluates a novel Malware Target Recognition (MaTR) architecture for malware detection and identification of propagation methods and payloads to enhance situation awareness in tactical scenarios using non-instruction-based, static heuristic features. MaTR achieves a 99.92% detection accuracy on known malware with false positive and false negative rates of 8.73e-4 and 8.03e-4 respectively. …
Evaluating Information Assurance Control Effectiveness On An Air Force Supervisory Control And Data Acquisition (Scada) System, Jason R. Nielsen
Evaluating Information Assurance Control Effectiveness On An Air Force Supervisory Control And Data Acquisition (Scada) System, Jason R. Nielsen
Theses and Dissertations
Supervisory Control and Data Acquisition (SCADA) systems are increasingly being connected to corporate networks which has dramatically expanded their attack surface to remote cyber attack. Adversaries are targeting these systems with increasing frequency and sophistication. This thesis seeks to answer the research question addressing which Information Assurance (IA) controls are most significant for network defenders and SCADA system managers/operators to focus on in order to increase the security of critical infrastructure systems against a Stuxnet-like cyber attack. This research applies the National Institute of Science and Technology (NIST) IA controls to an attack tree modeled on a remote Stuxnet-like cyber …
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock
Theses and Dissertations
The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage …
Malicious And Malfunctioning Node Detection Via Observed Physical Layer Data, Tyler J. Hardy
Malicious And Malfunctioning Node Detection Via Observed Physical Layer Data, Tyler J. Hardy
Theses and Dissertations
There are many mechanisms that can cause inadequate or unreliable information in sensor networks. A user of the network might be interested in detecting and classifying specific sensors nodes causing these problems. Several network layer based trust methods have been developed in previous research to assess these issues; in contrast this work develops a trust protocol based on observations of physical layer data collected by the sensors. Observations of physical layer data are used for decisions and calculations, and are based on just the measurements collected by the sensors. Although this information is packaged and distributed on the network layer, …
Holistic Network Defense: Fusing Host And Network Features For Attack Classification, Jenny W. Ji
Holistic Network Defense: Fusing Host And Network Features For Attack Classification, Jenny W. Ji
Theses and Dissertations
This work presents a hybrid network-host monitoring strategy, which fuses data from both the network and the host to recognize malware infections. This work focuses on three categories: Normal, Scanning, and Infected. The network-host sensor fusion is accomplished by extracting 248 features from network traffic using the Fullstats Network Feature generator and from the host using text mining, looking at the frequency of the 500 most common strings and analyzing them as word vectors. Improvements to detection performance are made by synergistically fusing network features obtained from IP packet flows and host features, obtained from text mining port, processor, logon …
Polarimetric Enhancements To Electro-Optical Aided Navigation Techniques, Jeremiah D. Johnson
Polarimetric Enhancements To Electro-Optical Aided Navigation Techniques, Jeremiah D. Johnson
Theses and Dissertations
Navigation in indoor and urban environments by small unmanned systems is a topic of interest for the Air Force. The Advanced Navigation Technology Center at the Air Force Institute of Technology is continually looking for novel approaches to navigation in GPS deprived environments. Inertial sensors have been coupled with image aided concepts, such as feature tracking, with good results. However, feature density in areas with large, flat, smooth surfaces tends to be low. Polarimetric sensors have been used for surface reconstruction, surface characterization and outdoor navigation. This thesis combines aspects of some of these algorithms along with a realistic, micro-facet …
Spear Phishing Attack Detection, David T. Merritt
Spear Phishing Attack Detection, David T. Merritt
Theses and Dissertations
This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, …
Reputation-Based Internet Protocol Security: A Multilayer Security Framework For Mobil Ad Hoc Networks, Timothy H. Lacey
Reputation-Based Internet Protocol Security: A Multilayer Security Framework For Mobil Ad Hoc Networks, Timothy H. Lacey
Theses and Dissertations
This research effort examines the theory, application, and results for a Reputation-based Internet Protocol Security (RIPSec) framework that provides security for an ad-hoc network operating in a hostile environment. In RIPSec, protection from external threats is provided in the form of encrypted communication links and encryption-wrapped nodes while internal threats are mitigated by behavior grading that assigns reputations to nodes based on their demonstrated participation in the routing process. Network availability is provided by behavior grading and round-robin multipath routing. If a node behaves faithfully, it earns a positive reputation over time. If a node misbehaves (for any number of …